Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 
ObidiahSlope
259 posts

Ultimate Geek


  #2583513 13-Oct-2020 11:13
Send private message quote this post

From Radio NZ;

 

"New Zealand and its Five Eyes security partners have made another plea for social media companies like Facebook to allow governments to access their encrypted data."

 

I thought torture was CIA Director Bloody Gina's favorite method of extracting information.





Obsequious hypocrite

nztim
1001 posts

Uber Geek

Subscriber

  #2583515 13-Oct-2020 11:15
Send private message quote this post

This reminds me when the US Government tried to force apple to weaken its encryption to allow them to have a back door into the iPhone


BlinkyBill
1061 posts

Uber Geek


  #2583521 13-Oct-2020 11:31
Send private message quote this post

OK I’ve changed my mind on this, thanks to Salty’s links which helped me skill up. Thanks Salty.





BlinkyBill


SaltyNZ
5480 posts

Uber Geek

Trusted
Lifetime subscriber

  #2583522 13-Oct-2020 11:33
Send private message quote this post

BlinkyBill:

 

antonknee:

 

Now imagine that master key gets lost by the lock manufacturer. Imagine Bob the Burglar steals this master key. Imagine a couple of copies of the key are made (by the manufacturer just in case they need a spare, or a disgruntled employee who wants to damage their employer). Imagine the manufacturer decides to "check the master key works". Imagine an employee of the manufacturer is curious about your home and its contents.

 

Are you still comfortable that this access to your home exists?

 

 

 Imagine that the manufacturer is required to have appropriate controls in place to prevent inappropriate risks.

 

 

 

 

Huawei claims to have appropriate controls in place to prevent inappropriate risks. I think they're being unfairly dumped on personally.





iPad Pro 11" + iPhone XS + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.


SaltyNZ
5480 posts

Uber Geek

Trusted
Lifetime subscriber

  #2583523 13-Oct-2020 11:35
Send private message quote this post

BlinkyBill:

 

OK I’ve changed my mind on this, thanks to Salty’s links which helped me skill up. Thanks Salty.

 

 

 

 

I think that's first time I've ever convinced someone ... Nice!





iPad Pro 11" + iPhone XS + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.


antonknee
492 posts

Ultimate Geek


  #2583639 13-Oct-2020 12:57
Send private message quote this post

I think it's naive to think that appropriate controls would be a) sought, b) actually implemented, and c) reliable/bulletproof.

 

For the record I also think Huawei are also being dumped on unfairly, but again I'm reluctant to take any company at their word they should be trusted. Including Apple, as much as I think they may be the best of a bad bunch.





Ant  Reformed geek | Referral links: Electric Kiwi  Sharesies  Stake


rb99
1780 posts

Uber Geek

Subscriber

SaltyNZ
5480 posts

Uber Geek

Trusted
Lifetime subscriber

  #2583647 13-Oct-2020 13:10
Send private message quote this post

antonknee:

 

For the record I also think Huawei are also being dumped on unfairly, but again I'm reluctant to take any company at their word they should be trusted.

 

 

 

 

Oh yes, I'm not saying Huawei are perfect by any means. But we work with them here all the time and I've never seen anything to suggest they are any more or less professional than any other vendor, that's all.





iPad Pro 11" + iPhone XS + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.


Lias
4258 posts

Uber Geek

Trusted
Lifetime subscriber

  #2585618 14-Oct-2020 22:22
Send private message quote this post

SaltyNZ:

 

Oh yes, I'm not saying Huawei are perfect by any means. But we work with them here all the time and I've never seen anything to suggest they are any more or less professional than any other vendor, that's all.

 

 

 

 

Some years ago in a bid to woo Her Majesty's Government, Huawei setup a joint cybersecurity venture with GCHQ, who spend a lot of time reviewing Huawei kit, firmware, source code, etc. They publish annual reports, the latest of which just came out.. It's slightly less critical than last years one, but still pretty savage. Basically says they haven't found any deliberate backdoors, but widespread poor dev practices & lack of basic security mean most of their products have more holes than your average swiss cheese.

 

https://www.theregister.com/2019/03/28/hcsec_huawei_oversight_board_savaging_annual_report/

 

https://www.theregister.com/2020/10/01/huawei_uk_security_code_review_panel/

 

https://www.gov.uk/government/publications/huawei-cyber-security-evaluation-centre-oversight-board-annual-report-2020

 

 

 

 

 

 





SaltyNZ
5480 posts

Uber Geek

Trusted
Lifetime subscriber

  #2585707 15-Oct-2020 08:54
Send private message quote this post

Lias:

 

Some years ago in a bid to woo Her Majesty's Government, Huawei setup a joint cybersecurity venture with GCHQ, who spend a lot of time reviewing Huawei kit, firmware, source code, etc. They publish annual reports, the latest of which just came out.. It's slightly less critical than last years one, but still pretty savage. Basically says they haven't found any deliberate backdoors, but widespread poor dev practices & lack of basic security mean most of their products have more holes than your average swiss cheese.

 

 

 

 

I'm 100% certain you'd find the same in other vendor's code too, if you put as much scrutiny on it as GCHQ have on Huawei's. I mean, go search for Cisco on the CVE list; they have far more entries than Huawei even if you ignore the fact that probably 80% of the Huawei ones are for smartphones.





iPad Pro 11" + iPhone XS + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.


antonknee
492 posts

Ultimate Geek


  #2585719 15-Oct-2020 09:29
Send private message quote this post

All vendors will have flaws and vulnerabilities - pobody's nerfect. Software and hardware are developed by humans after all.

 

This is exactly the reason it's naive to take a company's word that they're bulletproof, and naive to assume a backdoor would be sufficiently secure and appropriately managed.





Ant  Reformed geek | Referral links: Electric Kiwi  Sharesies  Stake


Earbanean
467 posts

Ultimate Geek


  #2585844 15-Oct-2020 11:22
Send private message quote this post

freitasm:

 

@BlinkyBill would you be happy for the local police station to have a copy of your house keys?

 

It's a simple yes or no question.

 

 

I think the better analogy is would you be happy for the police to be able to tap your phone?  Well, they can do that and have been able to do so for ages, but that didn't turn us into East Germany.  There are pretty strict processes involing court orders, search warrants etc in place. 

 

Jacinda Adern or Judith Collins don't just get to listen to your calls whenever they want, as some people have implied would happen with the internet equivalent.  


frankv
3935 posts

Uber Geek

Lifetime subscriber

  #2585895 15-Oct-2020 12:57
Send private message quote this post

Earbanean:

 

I think the better analogy is would you be happy for the police to be able to tap your phone?  Well, they can do that and have been able to do so for ages, but that didn't turn us into East Germany.  There are pretty strict processes involing court orders, search warrants etc in place. 

 

Jacinda Adern or Judith Collins don't just get to listen to your calls whenever they want, as some people have implied would happen with the internet equivalent.  

 

 

Whilst there are processes governing police access, we don't actually know who is listening in. One thing we do know is that sometimes the intelligence agencies act outside the law. We don't know whether the police do that too, but it is naive to assume they don't.

 

All the above applies to inside NZ, but your internet traffic will pass through many jurisdictions, some of which are effectively East Germany. And "East Germany" probably has the ability to harm you (illegally), even inside NZ.

 

 


freitasm

BDFL - Memuneh
68841 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2593830 30-Oct-2020 10:13
Send private message quote this post

Just this week, the NSA is trying hard to not answer to Congressional oversight - going as far as saying they can't find documents - "Spy agency ducks questions about 'back doors' in tech products"

 

"n at least one instance, a foreign adversary was able to take advantage of a back door invented by U.S. intelligence, according to Juniper Networks Inc, which said in 2015 its equipment had been compromised. In a previously unreported statement to members of Congress in July seen by Reuters, Juniper said an unnamed national government had converted the mechanism first created by the NSA. The NSA told Wyden staffers in 2018 that there was a “lessons learned” report about the Juniper incident and others, according to Wyden spokesman Keith Chu."

 

This case happened in 2015. Here are some links to it:

 

"Researchers Solve Juniper Backdoor Mystery; Signs Point to NSA"

 

"New Discovery Around Juniper Backdoor Raises More Questions About the Company"

 

Basically a backdoor created by a government agency with a private company was used by an enemy nation.

 

So much for the "security" and only some people have the keys.





 

 

These links are referral codes

 

Geekzone broadband switch | Eletcricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Coinbase | TheMarket | My technology disclosure


1 | 2 | 3 | 4 
View this topic in a long page with up to 500 replies per page Create new topic



News »

Vodafone enables 5G roaming - for when international travel comes
Posted 30-Oct-2020 15:03


Spark awards funding to Kiwi businesses in 5G funding initiative
Posted 30-Oct-2020 14:58


Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.