Nokia's CTO Accuses Huawei of Both 'Sloppiness' and 'Real Obfuscation'
Published on June 30, 2019 at 08:04PM
Nokia's CTO Marcus Weldon "told the BBC that the UK should be wary of using the Chinese hardware" -- though Nokia rushed to assure the BBC that Weldon's remarks do "not reflect the official position of Nokia." Forbes reports: On the security front, Weldon referred to analysis suggesting Huawei equipment was far more likely to have vulnerabilities than technology from Nokia or Ericsson. "We read those reports and we think okay, we're doing a much better job than they are," Weldon said, describing Huawei's failings as serious and claiming Nokia's alternatives to be a safer bet. "Some of it seems to be just sloppiness, honestly, that they haven't patched things, they haven't upgraded. But some of it is real obfuscation, where they make it look like they have the secure version when they don't...." The comments from Nokia's CTO came in light of research from Finite State, which published a scathing report claiming that "Huawei devices quantitatively pose a high risk to their users. In virtually all categories we examined, Huawei devices were found to be less secure than those from other vendors making similar devices." And this included the potential backdoors that lie at the heart of the U.S. government's security case against the Chinese company. "Out of all the firmware images analyzed, 55% had at least one potential backdoor," Finite State found. "These backdoor access vulnerabilities allow an attacker with knowledge of the firmware and/or with a corresponding cryptographic key to log into the device." Nokia's later statement insisted that their company "is focused on the integrity of its own products and services and does not have its own assessment of any potential vulnerabilities associated with its competitors."
Published on June 30, 2019 at 08:04PM
Nokia's CTO Marcus Weldon "told the BBC that the UK should be wary of using the Chinese hardware" -- though Nokia rushed to assure the BBC that Weldon's remarks do "not reflect the official position of Nokia." Forbes reports: On the security front, Weldon referred to analysis suggesting Huawei equipment was far more likely to have vulnerabilities than technology from Nokia or Ericsson. "We read those reports and we think okay, we're doing a much better job than they are," Weldon said, describing Huawei's failings as serious and claiming Nokia's alternatives to be a safer bet. "Some of it seems to be just sloppiness, honestly, that they haven't patched things, they haven't upgraded. But some of it is real obfuscation, where they make it look like they have the secure version when they don't...." The comments from Nokia's CTO came in light of research from Finite State, which published a scathing report claiming that "Huawei devices quantitatively pose a high risk to their users. In virtually all categories we examined, Huawei devices were found to be less secure than those from other vendors making similar devices." And this included the potential backdoors that lie at the heart of the U.S. government's security case against the Chinese company. "Out of all the firmware images analyzed, 55% had at least one potential backdoor," Finite State found. "These backdoor access vulnerabilities allow an attacker with knowledge of the firmware and/or with a corresponding cryptographic key to log into the device." Nokia's later statement insisted that their company "is focused on the integrity of its own products and services and does not have its own assessment of any potential vulnerabilities associated with its competitors."
Read more of this story at Slashdot.
Comments
Post a Comment