TECHNOLOGY
UK had little choice
THE UK’s decision not to ban China’s Huawei from being a supplier for its next-generation mobile network has caused ructions.
US politicians are outraged, with Newt Gingrich (former Speaker of the House of Representatives) calling it a “major defeat” for his country. In the UK, there could be a Tory rebellion against forthcoming legislation on the matter.
In truth, the government had little choice. When you look at the background, the decision is at least understandable – and more complex than just a security issue.
Mobile phone networks comprise two parts: the core and the radio access network or RAN. The core handles security-sensitive aspects such as user authentication, routing calls, data and so on. The radio network consists of base stations and other networking equipment across mast sites nationwide.
When a user makes a call or uses the internet, a signal from their phone is picked up by a base station and is passed across the radio network to the core, where it is routed to wherever it is supposed to reach. While your call or data is encrypted, it is decrypted on the base station before being passed on – the base station can therefore see its content.
In the UK, the 5G equipment roll-out is well underway, with more to come. It’s difficult to get figures for the outlay by the four network operators – Vodafone, O2, EE and Three – but the radio network upgrade is certainly most of what is required and is spread throughout the country.
Commercial realities
Huawei has been banned from supplying the network core, but is to be allowed to supply a maximum of 35 per cent of the radio network equipment. Let’s be clear here: the UK operators were lobbying hard for Huawei not to be excluded.
They are all using the Chinese company’s equipment to some extent in the 5G upgrades to their radio networks. Though they are still having to rethink their 5G plans because of the partial ban, they were facing huge costs and delays to rolling out 5G if the equipment had to be removed altogether.
This is partly because today’s 5G equipment piggybacks onto existing 4G base stations, and both the 4G and 5G kit tends to have to be supplied by one vendor. Banning Huawei would therefore mean replacing both 4G and 5G equipment. Vodafone alone said this would cost the company “hundreds of millions” of pounds.
Secondly, there are only three major radio suppliers: Huawei, Ericsson and Nokia (all of which manufacture in China). Excluding Huawei risked exposing operators to duopoly pricing. Partly for this reason, the government commissioned a review of the telecoms supply chain in 2018.
The resulting report last July said the government would develop a new security framework, and consult with industry on the best way forward. It also highlighted the need for more supplier competition, but there seems no easy solution.
The security issue
Without a doubt, the network operators’ commercial interests are potentially at odds with UK security interests over Huawei. People often worry about the threat of “backdoors” in Huawei equipment and software that would allow remote control from outside the UK, but the issue is more systematic security failings in the software that could be remotely exploited.
The 2019 report of the board that oversees the Huawei Cyber Security Evaluation Centre (HCSEC) said much of the software “lacks basic engineering competence” and “significantly increased risk to UK operators”. The board could only give “limited assurance” about managing the risks, and said Huawei’s coding practices make the “job of any code auditor exceptionally hard”. In other words, the verifiers could miss insertions or oversights that might enable security breaches.
Another risk is that equipment suppliers usually have authorised remote access to their hardware to provide support or fulfil a managed services contract, and the equipment needs regular software security updates and bug fixes. Security updates could be vetted by HCSEC, but this would probably be a difficult undertaking to scale. There is also a lot of outsourcing in this sector, including to Huawei, which opens up further potential for security breaches.
The UK National Cyber Security Centre, which advises the government, concedes the risks of admitting Huawei, but thinks they can be made “acceptable” by limiting access. This may be challenging with the changes 5G may bring to mobile networks. For example, connected and driverless vehicles needing to exchange information quickly won’t route all their data traffic via the network core.
Instead, many 5G core functions may take place in the radio network, making it increasingly harder to define Huawei’s permitted area. And with base stations inherently connected to the network core, there is a limit to the isolation which can be put in place anyway.
Risks and rewards
Overall, however, the government seems to have been caught between a rock and a hard place: faced with wounding the UK network operators and slowing the 5G roll-out, it has sought a compromise.
To some extent, this is the consequences of deciding too slowly. Had the UK banned Huawei in 2018 like the US and Australia, the mobile operators’ 5G roll-out plans would have been at an earlier stage. The US also compensated some of its networks for the costs of equipment removal.
The UK government is instead looking to the future. Nicky Morgan, the culture secretary, told the House of Lords on January 28 that the government wants to attract established equipment vendors to the UK who are not already present, to support new disruptive entrants, and reduce barriers to market entry.
On established vendors, she may be referring to companies that make radio network equipment but don’t compete aggressively in this space: Samsung, for example. As for new entrants, there may be a hope of enticing players who supply different types of networks, such as Cisco or Juniper. There is also significant potential to innovate in 5G networks. The UK’s Testbeds and Trials programme is enabling this and will continue to do so.
For the time being, the government can hardly be enjoying the fallout from its decision. To date, much focus has been on the confidentiality of communications over mobile networks, and risks of spying. A bigger issue is the need to keep the mobile phone network running. We are in an era where everything from Uber and Deliveroo to most credit card machines cannot function without it
The nightmare scenario is a hostile state-affiliated actor shutting down or damaging the mobile networks. It may have effectively been impossible for the UK to say no to Huawei, but the current compromise is far from ideal. – The conversation
US to work with UK over Huawei
US Secretary of State Mike Pompeo has said his country will help the UK reduce risks associated with involving Huawei in its 5G network.
He said officials would work together to “get this right” after the UK’s decision to give the Chinese firm a limited role in building its system.
Pompeo added that intelligence-sharing arrangements between the two countries would continue.
The US has long argued that Huawei’s equipment poses a spying risk.
But the UK government gave the green light to Huawei’s involvement in 5G on Tuesday, despite previous pressure from the US to block the firm.
The company will, however, be banned from supplying kit to “sensitive parts” of the network, known as the core.
Speaking at the Policy Exchange think-tank in London, Pompeo said his country considered that using the firm’s technology was “very difficult to mitigate” and was “not worth the candle”.
But he said US allies, including the UK, had to make their own “sovereign decision” about whether to involve the company.
Pompeo said: “The Chinese Communist Party presents the central threat of our times.”
He told the audience that Huawei was “deeply tied” to the party, and countries would be taking a risk in involving it in the construction of telecoms networks.
But he added: “I am very confident that our two nations will find a way to work together to resolve this difference.”
Pompeo had previously suggested Huawei’s equipment posed a spying risk, saying that “we won’t be able to share information” with nations that put it into their “critical information systems”.
Huawei will only be allowed to account for 35% of the kit in a network’s periphery, and will be excluded from areas near military bases and nuclear sites.
The company has always denied that it would help the Chinese government attack one of its clients.
Its founder has said he would “shut the company down” rather than assist “any spying activities”.
Speaking alongside Pompeo, Foreign Secretary Dominic Raab said the UK had taken a “targeted approach” towards involving the company.
He said the dominance of the Chinese company in the telecoms sector was the result of a “market failure” for which the government needed to take some responsibility. – BBC
Coronavirus: How apps tackle fake claims
SOCIAL media networks are taking steps to address false information about the coronavirus on their sites.
Facebook, Twitter and TikTok are among the firms working to provide links to accurate information.
The number of posts containing misinformation about the spread and alleged cures for the coronavirus has soared.
So far more than 250 people have died as a result of the outbreak and cases have been reported in 22 countries.
The World Health Organisation (WHO) has declared the coronavirus a public health emergency.
Most social media networks have rules banning the posting of hateful or defamatory information. But following a backlash against firms such as Facebook and Twitter for allowing fake news to spread during the 2016 US presidential election, networks began taking action.
False information on social media has led to mob violence in several counties and has also helped spread unfounded fears about the safety of vaccines.
Social networks are now facing pressure to ensure their platforms don’t incite panic or cause harm as authorities try to address the coronavirus outbreak.
So what are they doing?
Facebook
Facebook says it will limit the spread of false information about the coronavirus by removing “false claims or conspiracy theories”.
In a blog post, Facebook said it would use its existing fact-checkers to review and expose misinformation. The firm also said it would notify individuals who had shared or were trying to share information that had been flagged as false.
Facebook said it was focusing on “claims that are designed to discourage treatment” including posts about false cures.
One post from the Philippines advised Facebook users to “keep your throat moist” and avoid spicy food to avoid becoming infected with the coronavirus. That post was shared over 16,000 times and had over 400 comments.
Facebook-owned messaging site WhatsApp has had difficulties in combating false news in the past.
Last year it announced measures to prevent users from forwarding messages to more than five people or groups. It also adds a tag to heavily forwarded messages. In some places such messages have been linked to sparking mob-violence.
Twitter
Twitter said there have been over 15 million tweets about the coronavirus in the last four weeks.
It launched a prompt that appears when users search for coronavirus encouraging them to use official channels – the World Health Organization or Centres for Disease Control – for information.
When Twitter users search for coronavirus a large headline with the title “Know the facts” appears
Image copyright Twitter
Twitter said it had not seen “coordinated attempts” to spread false information but was remaining vigilant.
TikTok
Video sharing network TikTok has added a link to the WHO’s website and a reminder to users to report information they think might be harmful.
But to see the additional information users have the first search for “#coronavirus” and click to expand the information.
The platform is owned by Chinese firm ByteDance. It has recently been criticised for allowing doctors and nurses to post videos giving medical advice on other health issues.
TikTok said its guidelines prohibit posting information that could be harmful.
YouTube
False information alone doesn’t violate YouTube’s guideline for videos.
The streaming video site – which is owned by Google – has been investing to make sure accurate and authoritative information appears most often in searches.
Image copyright AFP/Getty
YouTube takes down videos when they contain hate speech, harassment, messages that incite violence or scams – all of which violate its community guidelines.
For coronavirus searches, YouTube said it was showing previews of text-based news articles along with a warning that developing stories can change quickly.
Reddit
Reddit is a platform made up of community-based discussion groups. Users can vote comments and links posted by other users up or down. Reddit says this design gives the platform protection from false information.
However on Friday Reddit put a banner at the top of its home page directing users to a thread addressing questions about the coronavirus. It contains authoritative resources and content for people concerned about the outbreak.
Reddit also “quarantined” one of its user communities because of the large amount of false and misleading information being posted on it. This means users are given a warning about the type of content on the site when they enter.
Snapchat
Snapchat also said the structure of its platforms protects it from the spread of false information.
Snapchat posts disappear after 24 hours, preventing them from being repeatedly shared or going viral.
The site doesn’t have a public news feed that anyone can post on.
That doesn’t mean individuals can’t share false information with their contacts on Snapchat. But those posts are likely to be seen only by a small number of people. – BBC