Viewing a single comment thread. View all comments

feral_brick t1_ixtvlaq wrote

I can see your security engineers are working overtime covering for you.

There's tons of purpose built IC's without any code to review

2

art-love-social t1_ixtxhef wrote

Indeed there are, however wifi/transmitters and data acquisition would not fall into that category. Security is is excellence in box ticking, if the manufacture can't explain the purpose of a chip = device not approved .. and NEXT!

While Huawei were fighting their losing battle to show their kit was safe and OK, there is/was a facility in Leeds [UK] that went through their kit to validate claims. *Huawei kit is now being removed from the UK 5G network roll out. Large UK company I was doing work for got taken over by a US company in a worldwide shopping spree, and from this perspective - any huawei kit to be removed from network in a quick time scale, no huawei phones for business purposes ... and so on

1

feral_brick t1_ixv4mtc wrote

You can absolutely create a malicious microcontroller that does some malicious days transfer on the side, you have no idea what you're talking about

2

art-love-social t1_ixvkr8v wrote

Yup, exactly. which is why entities* exist that check the kit from the ground up. Any malicious code, unexplainable hardware, reluctance of manufactures to explain = device fails ...

eg the Huawei set up in Leeds UK

1