How valid are the security concerns over Huawei and ZTE products?


Since the House Intelligence Committee released a report that warned against using network equipment from China due to security risks, and mentioned Huawei and ZTE by name. To be honest, I find it a little suspect because (1) it's October, just before the election, (2) it's a Republican ran committee, and (3) Mitt Romney has started criticizing Barak Obama as being "soft on China." The timing just seems a little too convenient.

That said, even a broken clock is right two times a day. Do they have a legitimate concern on this issue?  Would you be hesitant to use Huawei or ZTE products?  What are the alternatives anyway?

Topic: Security
Answer this Question


2 total
Vote Up (19)

I wouldn't touch either company's products with a ten foot pole. Why possibly expose your company to a security risk, if there are products available from other companies?

Even if the whole thing turns out to be hype, it's better to err on the side of caution with sensitive data. Can you imagine what would happen if you used those products and it came out later that those companies were, in fact, engaged in those activities?

Better safe than sorry.

Vote Up (14)

Very topical, there is an article on this issue on the landing page of IT World today.  The takeaway I got from that was that aside from security concerns, the issue for many companies is not that Huawei equipment is Chinese, the issue is that their network equipment is not as good as Cisco's.  Good point.


Aside from that, I think that the timing is blatantly political, but the concern is still valid, and that concern is not limited to a house committee trying to score political points.  Australia banned Huawai from contracts to build out the Australian National Broadband Network.  How can you be sure that there aren't ties to the China military with ZTE or Huawei - it's China after all.  And how would you tell if there are back doors anyway without a huge investment of time and effort? 


Just out of curiosity, I wonder if there will be any impact on either company's smartphone sales as a result of the bad publicity.  

Ask a question

Join Now or Sign In to ask a question.
Ping Identity has picked up another $35 million in venture funding to speed development of the next-generation of its identity and access management technology and expand the company's presence in Europe and Asia-Pacific.
Apple's new passcode-based encryption for the iPhone and iPad can be circumvented and provides only limited protection to data.
Google, Dropbox and the Open Technology Fund are supporting a new organization focused on making open-source security and privacy tools more user-friendly.
Among six major U.S. cities, CSOs are paid the most in San Francisco and New York, but factoring in the cost of living makes Denver and Chicago the best bang-for-the-buck places.
Apple's iOS 8 addresses a serious weakness that could allow attackers to hijack the wireless network authentication of Apple devices and gain access to enterprise networks.
Legislation introduced in the U.S. Senate on Thursday aims to place limits on access by U.S. law enforcement agencies to emails and other communications stored abroad.
Two online advertising networks, Google's DoubleClick and Zedo, have been delivering malicious advertisements that could install malware on a person's computer, according to the security vendor Malwarebytes.
Google is turning on data encryption by default in the next version of Android, a step that mirrors broad moves in the technology industry to ensure better data security.
CloudFlare said it has engineered a novel way to handle sensitive encryption keys that allows organizations such as financial institutions to still use its caching service to fend off cyberattacks.
Samsung on Thursday announced price reductions and updates for its Knox security and management software for IT shops and a free My Knox service that is directly available to professionals using ActiveSync.
Join us: