Get the top HN stories in your inbox every day.
ChuckMcM
I wonder if this covers Baofeng radios. (I'm not sure who their parent company is so hard to tie them to the Covered List)
Trade barriers cloaked in National Security cloth are nothing new, they were common in the old Soviet Union (a lot of US made computers were forbidden from entering, and of course the US refused to sell more advanced computers based on National Security concerns), they have been active on and off with China as well.
But the interesting thing for me is the reversal, which is as good an endorsement that Chinese industry is legitimately reached parity on a development scale with US goods as any press release the PRC would push out to the news wires. What it says is that China can deliver compelling solutions in the communications and surveillance space with entirely organic (and thus not controllable) supply chains resulting in products that US customers want to buy and US security interests can't insure aren't compromising their buyers. Having the shoe on the other foot has got to feel a bit weird right?
themagician
Just going to get worse.
Banning China from having EUV today will just force them to double down. They’ll eventually get it and then surpass it. It should be obvious at this point that China will dominate the hardware space in the next 10-20 years.
rjbwork
Maybe. AFAIU, they've been pretty incapable of getting anywhere near high-end fabs working, and have relied a lot on western consultants to actually get what they do have up and running.
I don't think it's a foregone conclusion that they are going to dominate cutting edge computer hardware at all.
jolux
I would bet they'll figure it out eventually, but probably not as soon as they would have otherwise.
ashwagary
The US banning higher end devices also possibly means they are harder for the US to surveil. This may make them more valuable to people that are not Chinese and wont ever spend time in China.
killjoywashere
Wow, you'll have to provide some evidence of that in the past. I mean, sure, the US likes to surveil as much as the next state, but the US generally favors security over surveillance. Such a position would be wildly inconsistent. I just don't see that happening. Ever.
Keep in mind, a fair amount of overlap between US military and the US intelligence community. These are the people that build things like Cheyenne Mountain and Raven Rock and ARPAnet and fund lots and lots of computer security research. They are paranoid patriots. Some might be patriotic paranoids, but the general trend is "both". They don't want leaky machines inside their borders.
woodruffw
Based on the actual news release[1], this is the FCC's formal statement of rules for compliance with the Secure Equipment Act of 2021[2].
[1]: https://docs.fcc.gov/public/attachments/DOC-389524A1.pdf
[2]: https://www.congress.gov/bill/117th-congress/house-bill/3919
kryogen1c
Thanks for connecting the dots, I was doing this research before I found your comment. I knew I had searched for covered telecom equipment last year.
Also, I didn't know the covered list was being updated. Does anyone know what AO Kaspersky is? Is that the official corporate name for the anti-virus Kaspersky?
wsh
The prefix “AO” in the name of a Russian business entity is like the suffix “Co.” in English; it’s an abbreviation for aktsionernoye obshchestvo (акционерное общество), joint-stock company.
woodruffw
Yeah, I believe it's their corporate name. Their website lists their copyright as "AO Kaspersky Lab."
undefined
reversethread
In reality, Chinese manufactures will just ignore FCC licensing requirements. A good amount of cheap Chinese electronics on Amazon are already unlicensed, so I doubt any new changes will affect them. Online marketplaces like Amazon really need to crack down on products and make sure they are properly licensed.
jauer
and that's fine in the scheme of things. Random one-off imports by researchers or hobbyists via AliExpress? NBD.
Deployments at-scale where vendor support engineers could theoretically use cellular gear for passive collection? Major concern.
Hytera being used for commercial 2-way radio? Similar concerns on the repeater side, not to mention questions about encryption quality if they are used by governments.
You have to name the vendor for commercial 2-way radio licenses, for USDA RUS funding, etc. Lying on those forms brings far worse penalties than what a random individual buying a Hytera DMR for ham use off Amazon would face.
Hikvision is the odd name here. AFAIK they do not make cellular handsets or base stations and were already prohibited from being used on government contracts.
noasaservice
Regarding Hikvision: I have a wide assortment of radio gear, and found cameras in our trailer park running on channel 12 and 13 unencrypted Hikvision ip cams.
markles
Maybe someone should crack down on Amazon for allowing these sales to continue seemingly unabated.
theGnuMe
It’ll happen.
phpisthebest
I would rather Amazon focus on elimination of Counterfeits and Fraud, not enforcement of FCC protectionism
onlyrealcuzzo
I'd rather live in a society where businesses follow the law - and if the laws don't make sense - we change them.
phpisthebest
So you reject the idea of civil disobedience, and in reality reject the idea of case law and the entire legal system as most laws are written and challenged based on violations of the law.
Laws that everyone follows, 100% of the time NEVER get changed. For example Marijuana is only becoming legalized because of MASSIVE violations of the law and the public rejecting the idea that society should be punishing people for a plant, nor that tax payers should pay the costs to lock someone in a cage because they had a plant that was not approved by the government.
Further laws and regulations are only fleshed out, solidified, or invalidated via violations of the law. Rarely would have person even have standing to challenge a law unless they first violated... This is why you often see the government drop charges if they think the person will fight a law or regulation on constitutional grounds because they would rather take the single loss, then have their regulation ruled unconstitutional
catlifeonmars
That latter part is the one that breaks down in practice.
FpUser
The only government I would vote for is the one where politicians above some level are directly responsible for the living standard of their population except that 1% part and corps. This of course does not exist. If it did stupid laws or twisting of the normal ones would not be tolerated.
toss1
It IS a fraud and a counterfeit to illegally sell a device without a proper FCC license. They are either selling the device with a license ID for a different device (Counterfeit) or selling it without any license (Fraud).
Either way, it certainly has not gone through the required tests for not producing unacceptable levels of interference, and so could at the very least create problems in your environment and other devices.
phpisthebest
If would only be "fraud and a counterfeit" if they were to affix an FCC label on the device with out having it approved by the FCC.
However if they are simply selling a device that is not approved and registered with the FCC, they are violating FCC regulations but it is not "fraud and a counterfeit"
>so could at the very least create problems in your environment and other devices.
First that assumes facts not in evidence, there is nothing proving FCC provides any actual value to society in the realm of testing. Other standards bodies or even an international approval outside of the FCC can more than fill that void. Look at electrical safety, there is no governmental body that approves devices for electrical safety that is 2(?) private organizations the most famous being UL, but there are others
Second outside of regulatory requirements one would have to assume a consumer even cares if a device is "FCC Approved" I suspect most do not care at all.
dylan604
well, yes and no. Amazon most definitely has a counterfeit/stolen goods problem that they are deliberately (from outside perspectives) not doing anything about. however, if a "legit" vendor is selling devices that does not meet local regulations and it is known by the seller this is true, then the seller has blame as well.
deepsun
And also the seller cannot just say "oopsie I didn't know". Well, they must make an effort to "know your customer", instead of "better not ask".
azinman2
Why does this have to be either/or?
CoastalCoder
Perhaps another approach is FCC enforcement against Amazon.
erosenbe0
Amazon started requiring FCC information on RF devices this year. Late is better than never.
While Amazon -- given its vast resources -- has no excuse not be a good citizen, obviously the burden on retailers and marketplaces needs to be balanced.
The local mom and pop toy shop selling a few uncertified RF-controlled cars isn't exactly the ideal place to initiate enforcement actions. I'd suggest volume importers or facilitators of volume imports.
dylan604
at some point, knowingly selling banned equipment should bring down some form of punishment to be sure. it just seems that the gov't is scarred of public outcry for going after amazon and its ilk. it's like they don't want to spill the apple cart when the apple market is in "turmoil"?
reversethread
Not to mention Amazon's lobbying efforts.
bagels
Worse than unlicensed, they just lie and say they have certifications that they don't.
undefined
refurb
I just live the quote from the movie Heat:
”Assume they got our phones, assume they got our houses, assume they got us, right here, right now as we sit, everything. Assume it all.”
fredgrott
Note, did anyone see the US Congress tiktok hearing? Clearly even US Congress was not having the TikTok denials of the CCP accessing USA data.
remarkEon
Link?
greatjack613
This should not come as a surprise to anyone here. The fact that people on HN still defend china when they clearly got their success through espionage and cheating just shows how much influence XI has on american institutions and social media. I hope everyone just wakes up in time so we can stop this nightmare before we lose everything we hold dear.
colinsane
i’d like to hear more about how Xi is influencing the HN perception of these things. it seems a leap to go from “American HNers disagree with many actions by their own government” to “they disagree with this primarily because of foreign influence”. i think the simpler explanation is that there’s a lot of idealists here who take more of a moral absolutism view of things than is historically practical for a state to do: “this anti-China policy Y is silly because US also does terrible things relating to Y”, not caring (at least publicly) which of the two parties is a worse offender to Y.
mordae
You should read up on US history. Brits were not very happy about US ignoring their patents. Selfish people just like to kick off the ladder once they've used it to climb up.
We should criticize China for human rights violations, not for copying useful ideas and trying to learn to build tech on their own.
IP should be abolished universaly.
gennarro
It’s actually very easy to browse fcc activations. It’s a fun thing to browse if you want to stay ahead of the tech news.
squarefoot
They seem to make a special case of modules by those brands, for example 4G or 5G modems that are contained in other manufacturers appliances, and these days employ self contained operating systems in theory perfectly capable of moving information back and forth without any intervention, or even knowledge, from the device employing them (cellphone, IoT device, industrial appliance, vehicle etc). The problem is: how do they certify them without obtaining the firmware source code along all the original design data?
erosenbe0
FCC doesn't necessarily concern itself primarily with device functionality and security, but rather enforcing the rules of the road, so to speak, for the electromagnetic spectrum.
For example, if you sell a microwave oven, you need to use the ISM band or whatever they deem appropriate, and they won't mind whatever EMF goo it puts out. If your microwave oven deviates from allowed parameters, it will fail cert. If it interferes with telecommunications or other equipment and you sell it anyway, you can get in big trouble with Uncle Sam.
If you sell a widget that is functionally insecure but you don't lie about it in a negligent or fraudulent way, that isn't necessarily a problem. If you have a backdoor for some nefarious purpose, that could run afoul of numerous criminal or civil statutes. Some of these statutes vary by state, too, so best practice is full disclosure, of course.
throwaway199956
Does it apply to consumer equipment like phones, tablets and smart watches?
jasonhansel
Is it just me, or does the full "report and order" spend way, way too much time responding to the comments of various telecom companies and trade groups? The tone seems far too deferential, as if they're apologizing to the industry they're trying to regulate.
snowwrestler
It is a good thing to have a government that is responsive and explanatory in its application of the law.
wsh
In “notice and comment” informal rule making under the Administrative Procedure Act, it’s standard for agencies to review the submitted comments in the final rule, to show that the data, views, and arguments of interested parties were considered as the law (5 U.S.C. § 553(c)) requires.
emodendroket
Hey, the national security hawks get another twist of the knife to China and the home telcos get fewer people horning in on their turf... win-win scenario for everyone concerned I guess.
fatneckbeardz
because the people in the government who write this stuff are going to go into industry in a few years trying to get jobs.
readme
in most cases, regulation in the US is basically a mouse trying to "regulate" the dinner of a lion by sneaking away a morsel or two
bilsbie
More like protecting the lions dinner from other mice.
undefined
flumpcakes
While I have no doubt than basically anything from China is probably backdoored (and to the fault of western countries outsourcing manufacturing for cheap labour), what exactly has Huawei done?
How do we know that the Cisco equipment also isn't backdoored and if I send a few malformed TCP packets it opens up its control plane on the receiving port?
Compared to the last few decades, it seems like a strong hand banning these companies. Personally I would like all electronics and products to be made in countries that respect some level of human rights I am comfortable with, but that doesn't really seem like an option currently.
blindriver
Huawei singlehandedly destroyed Canada's Nortel Networks through espionage and sabotage.
The CIA did an analysis and discovered that Huawei was dumping wireless equipment to small wireless providers in areas around US military basis at a loss. At the very least, the ability to disrupt communication of those military bases were easily achievable.
destitude
Look up the FuFeng project where a Chinese company is trying to purchase land in North Dakota for an agriculture project near a US Air Force base. The city of Grand Forks even approved it but people are still trying to fight it because of national security risk.
Dalewyn
Every time I see stories like this I can't help but feel a twisted sense of respect for China, because they know how to read the rulebooks and take advantage of it all for everything we're worth.
Defeating the biggest military and geopolitical superpower known to mankind is trivial if you understand you can just ignore all that and instead buy it all up, and it becomes even more trivial if your enemy straight up gives you the monies for it. Literally free real estate.
So kudos to China, they know how to play to win and they're playing to win at all costs while we keep hoisting our own petards.
Justin_K
What's amazing is the USA allows foreign land purchases to nations that strictly forbid it.
ej3
My father worked for what was basically a bootstrapped startup at the bleeding edge of computing in the late 80's. Eventually his company, through a series of exchanges was part of Nortel Networks.
He'll tell you a different story. When you mention the "espionage / sabotage" he doesn't laugh or shake his head, it actually just outright infuriates him. Such a naive narrative only angers him because it seems to absolve the people who managed the company of outright incompetence and corruption, which is how it should be remembered.
For example: one story I vividly recall because I could never fully fathom it involved a specific female executive who was traveling for business - first class overseas. She never made her intended engagement because she was immediately arrested upon disembarking the plane. She had got drunk and (although married) decided to perform overt sexual acts with the gentleman sitting adjacent to her. On the plane. In her seat.[1]
At some point the culture of the executive at Nortel, for whatever reason, became completely incompetent and outright immoral. Rather than Huawei underhandedly perpetrating the perfect crime, it was simply the people at the head of the organization that solicited the crime to pursue their own benefit above all else.
[1] https://www.theregister.com/2000/04/06/former_nortel_exec_fi...
blindriver
Sorry to point out, but your father had no special insight into Huawei's espionage at Nortel. I could say the exact same criticisms of my employer, but I wouldn't know anything about espionage going on.
Huawei's espionage was well documented at Nortel, it's not within any level of dispute.
flumpcakes
Nortel networks haven't been around for nearly a decade. I've seen lots of news about 5G/Huaewi and 'core networks' only in the recent years in western countries (UK/US mainly). However, I haven't seen anything published that really reflects new risks/major backdoored products.
I wouldn't 100% trust anything built in China, but there must be some reason people are only taking action now? Unless it's just "better late than never" response after years of this.
heavyset_go
People are taking action now because the West spent decades underestimating China, probably for xenophobic reasons. I'm willing to bet a lot of people assumed they weren't as capable as westerners and now it can't be denied.
IMO, it was a classic mistake of underestimating a potential rival while stroking our own egos about how smart, capable and powerful we are in comparison. Reality finally trumped hubris.
Spooky23
Assuming you are male, if someone walked up to you, kicked you in the nuts, took your work and used it to get you run out of business, would you be ok hiring that person a decade later to perform a critical function?
FpUser
>"but there must be some reason people are only taking action now?"
I am sure there are legitimate concerns as all countries spy on each other. But China has become a real industrial and scientific competitor to China and the US just simply would not tolerate a threat to their leading position. I think they are quite explicit about this. We hear all the time about "vital interests".
rapind
I hadn't heard of this before now. I will say though that Nortel had a lot of known issues, including fraudulent scheming by the executives, followed by completely screwing over the pensioners. Nortel leadership was rotten by the time it declared.
https://financialpost.com/news/fp-street/earnings-management...
https://en.wikipedia.org/wiki/Nortel_Retirees_and_former_emp...
unmole
> Huawei singlehandedly destroyed Canada's Nortel Networks through espionage and sabotage.
Riiiiight. The dotcom crash followed by the accounting scam had absolutely nothing to do with it. It's not like the management pretended that they wouldn't see a downturn and then faked the numbers so that they'd get their bonuses.
Oh, wait.
maxfurman
Do you have a source for this? A fascinating claim, I'd love to know more
vasac
Yeah, it's fascinating. Also it's not true.
Some people that worked at Nortel at that time already spoke on HN what happened - hint: it was internal Nortel's issues. Something similar happened to Nokia, better products appeared and company wasn't able to compete.
onethought
Pretty sure Nortel had a pile of its own issues unrelated to any hacks. Wasn’t the ceo fired for dodgey accounting around the same time?
Reds in the bed kind of fud here.
charleslmunger
>How do we know that the Cisco equipment also isn't backdoored and if I send a few malformed TCP packets it opens up its control plane on the receiving port?
Nothing so sophisticated is required. Look at the sheer number of "default credential" and "static credential" for a whole variety of products:
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Cisco+crede...
SEJeff
A few things to read:
https://www.engadget.com/huawei-contractor-pakistan-backdoor...
https://www.notebookcheck.net/Huawei-caught-red-handed-The-c...
https://www.bloomberg.com/news/articles/2019-04-30/vodafone-...
Knowing the absolute mess this would cause diplomatically, they still said there was a back door: https://apnews.com/article/a0031b16e3a511e431b1e0a5f20edbf9
https://www.scmagazine.com/news/apt/microsoft-defender-advan...
Etc.
mike_d
This one is good too: "A U.S. indictment alleges that Huawei and [CFO] Meng participated in a fraudulent scheme to obtain prohibited U.S. goods and technology for Huawei’s Iran-based business, and move money out of Iran by deceiving Western banks."
https://www.reuters.com/article/us-huawei-iran-sanctions-exc...
kube-system
> While I have no doubt than basically anything from China is probably backdoored (and to the fault of western countries outsourcing manufacturing for cheap labour), what exactly has Huawei done?
Some others have pointed out some Huawei incidents, but that’s not the big problem.
The big problem is, if you build your entire telecom infrastructure on Huawei gear, and then you go to war, it will then be weaponized. In the best case scenario, you have a telecom infrastructure for which you can’t get any parts, patches, or support. Replacing your entire telecom infrastructure is not something you want to do during the opening months of WWIII.
It’s the same reason why we don’t want to rely on Chinese parts for our missiles.
flumpcakes
I think this would also cover Cisco though, perhaps not so broadly. Our entire electronics industry is critically dependent on China for manufacturing.
Thankfully the truly advanced stuff exists in Taiwan, Japan, South Korea, and the EU. But for cheap mass manufacturing, all of these parts end up in China.
The west really needs to suck it up and have electronics designed and manufactured in the west. There are some good signs with the CHIPs act (if only the American companies were as patriotic instead of optimising for share price) and the EU are also making moves to be self sufficient for silicon. However, the entire electronics chain really needs local alternatives. It's crazy that I can get a prototype PCB manufactured and delivered from China faster and cheaper than anywhere local.
kube-system
The difference with Cisco is they’d want (/be required by shareholders) to continue to operate and shift production to other countries where electronics manufacturing does exist. And they have a management structure that is not beholden to CCP law.
Namidairo
A Chinese brand I looked at has most of their network equipment connect back via MQTT with TLS, for IoT things.
Except the agent had a pretty obvious command runner on one of the message handlers. I was a little afraid to ask them whether it was deliberate or just a really incompetently written backup update mechanism.
To be fair, I was looking for arbitrary command execution for my own purposes at the time...
I do get a decent chuckle when I see their OUI in scan results when out and about now. (About ~0.12% of the recorded results in Wigle it seems)
fragmede
We don't know that, because it's hard to prove a negative, but I'm also not sure if you chose Cisco on purpose, because a shortcoming by them was leaked: https://www.cnbc.com/2017/03/29/cisco-cyber-defense-flaws-ex...
Supply chain management is a thing. Devices aren't assumed to get from the factory to you without interference and there is a lot of work behind the scenes to make assert they aren't interfered with.
Spooky23
There’s a long history of telecom equipment being backdoored by the manufacturer or their national gov. You may recall everyone losing their shit on HN about the AT&T room in NYC where the fiber trunks were mirrored to a secret NSA room.
Regardless of the whataboutism argument in Internet forums, it’s not in the national interest to give a hostile foreign power the ability to do something like that.
flumpcakes
I agree. We should also force western companies to produce their products in the west too if they are needed for national security. A controller or motherboard in a switch or router being manufactured in China can have any number of bugs put in, up to and including making "fake" silicon that is backdoored.
737min
Very well put, esp when the government is known for unapologetic surveillance and repression.
fortuna86
> what exactly has Huawei done?
https://www.bloomberg.com/news/articles/2021-12-16/chinese-s...
Get the top HN stories in your inbox every day.
https://news.ycombinator.com/item?id=33753442