Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Mobile
    • Networking

    FCC Proposes Denying Federal Funds to Carriers That Use Chinese Gear

    By
    Wayne Rash
    -
    March 28, 2018
    Share
    Facebook
    Twitter
    Linkedin
      FCC Targets Chinese Networking Equipment

      The Chairman of the Federal Communications Commission has confirmed in a statement released on March 26 that the agency is moving forward with a plan to prevent carriers using equipment made in China from receiving funding from the Universal Service Fund. 

      The USF is a pool of about $8.5 Billion collected from communications users in the U.S. It’s used to help pay for communications services and infrastructure for poor, rural or otherwise disadvantaged communities. 

      Citing a set of security concerns including hidden back doors, Pai state that “Threats to national security posed by certain communications equipment providers are a matter of bipartisan concern. Hidden ‘back doors’ to our networks in routers, switches—and virtually any other type of telecommunications equipment—can provide an avenue for hostile governments to inject viruses, launch denial-of-service attacks, steal data, and more,” Pai stated. 

      His action comes in response to a letter received earlier in 2018 from the House Permanent Select Committee on Intelligence and the Senate Intelligence Committee. Attached to the letter is a 60-page report on the findings of an investigation conducted by the HPSCI in 2012 which detailed the risk. 

      The investigations found that it’s possible to embed covert code in communications infrastructure equipment that can disrupt communications or even forward communications from some users to unintended recipients. 

      While the statement by Pai didn’t mention Huawei nor ZTE by name, they are the two Chinese telecommunications vendors that operate in the U.S. The report does not call out other related equipment such as laptop computers, cell phones or tablets, perhaps because virtually all of those are made in China. 

      The order, if it’s adopted, would effectively cut off federal funding from communications providers such as cable and phone companies that use equipment from Huawei and ZTE. 

      While the major U.S. carriers don’t use Huawei or ZTE equipment, smaller networks frequently do. Partly this is because prices are lower and because those companies have aggressively marketed themselves to smaller carriers. As it happens, these same smaller carriers are the primary recipients of USF funds. The proposed FCC funding restriction would hit them especially hard. 

      Larger companies have already moved away from Huawei and ZTE. Both AT&T and Verizon were in the process of carrying mobile phones and other devices from those carriers until early in 2018, when both carriers dropped their plans. The intelligence community made no statements concerning risks from those phones, but apparently the carriers bowed to pressure from Congress and elsewhere and decided not to carry those devices. 

      The Congressional statement made that concern very clear. “We write today concerning the Chinese telecommunications equipment manufacturer Huawei and press reports that a major U.S. telecommunications provider will begin selling Huawei consumer products in the United States as early as next year, with little or no modifications to the products,” the statement began. 

      The letter went on to remind the FCC of the 2012 investigation report from the HPSCI, and to inquire whether the FCC used equipment from either of those Chinese companies or allowed its employees to do so. 

      The level of concern by the intelligence committees may seem a little paranoid by the uninitiated, but in fact it is possible to introduce functions into the ASICs (application specific integrated circuit) that operate most network equipment. Those ASICs contain hard coded instructions as well as the firmware that make up the devices operating system. 

      While it’s possible to see the code that is used for some of the operations of a network device, it’s completely possible to load hidden code into the device as well that can be triggered on command. Such code is actually quite common and it’s used by network equipment companies to provide an upgrade path for their products. 

      When service providers or equipment makers want to turn on a specific function, perhaps an advanced management capability, they can enter a license key into the device and the upgrade takes place automatically. The code was there all along, and the license key simply activated it. 

      But such code can be used for other purposes as well, including cheating during testing. Several years ago when I was testing an early version of a Gigabit Ethernet switch from a now-defunct vendor, we noticed that the switch performed unusually well in a test that involved transferring very short 64-byte packets at full line rate. Other packets did not transfer nearly as fast. 

      The reason, of course, is that at the time a popular piece of testing hardware depended on flooding the switch with 64-byte packets, so the device was designed to cheat when it saw that type of traffic, which could only be a test. 

      Other types of code can also be embedded in network hardware. In addition to the potential for back doors, it’s possible embed code that transfers copies of packets for specific IP addresses to a destination other than what’s intended, giving you the ability to siphon off traffic from a military installation for example. Some network engineers reportedly discovered Huawei switches doing just that 10 years ago. 

      So the concerns of the committees and the FCC may not be unfounded. The problem for Huawei and ZTE is that they would need to submit their products and the code that goes in them for review and so far neither company has cooperated with such investigations. 

      At this point, it appears that neither company has much of a future in selling network infrastructure equipment in the US. That could change, but not until they agree to a level of transparency that’s so far not been forthcoming.

      Avatar
      Wayne Rash
      Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and is Senior Columnist for eWEEK. He is the author of five books, including his most recent, "Politics on the Nets". Rash is a former Executive Editor of eWEEK and Ziff Davis Enterprise, and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center, and Editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×