Why are Huawei phones a security risk?

Several news outlets in the past few weeks have reported that both AT&T and Verizon have stopped selling Huawei smartphones over concerns about spying. While there is very little concern that individual users have been affected, both companies are cutting ties with the Chinese manufacturer.

This isn’t the first time that this concern has come up with Huawei or other foreign telecommunications manufacturers, but it’s become a big story because of the currently poor relationship between the White House and the Chinese government, and because of the change in FCC leadership since last year.

Who is Huawei?

Huawei is probably the largest company you’ve never heard of. They’re a Chinese telecom company, started in 1987, with current revenues of $75 billion. They’re bigger than Apple and Samsung and are in fact the largest maker of consumer telecommunications equipment in the world. For decades, they’ve been supplying no-name phones to US carriers as people hungrily gobbled up “free phones.”

Why is Huawei a problem now?

There’s a lot of concern that Huawei’s tight involvement with the Chinese government has led them to put spyware or malware into devices headed for the US. For the record, it’s not just our government who is saying this, there’s plenty of independent concern as well. There have been cases where malware has been found on budget phones from ZTE and Huawei, although the two companies are hardly alone there. Even larger, more trusted companies have had security issues with their devices. The difference is, we tend to think that Huawei could be doing it on purpose.

Should you be concerned if you have a Huawei device? How would you even know?

Sometimes Huawei devices are labeled only as “AT&T” or “Verizon” but you can generally find information either on the inside of the battery panel (if there is one) or just through a Google search. If it turns out you do have a Huawei device, you’ll have to decide for yourself if you really think the Chinese government is interested in your instagram password. Personally I doubt they are.

That said, this opens up a very real and very disturbing conversation about overseas manufacturing in general. Basically every large company sources some component or other from China and if we are to start mistrusting those components, we’re basically talking about throwing out pretty much everything we have with a plug or computer chip and starting from scratch.

What’s a more reasonable approach?

The first thing you need to know is that our telecom companies already use a reasonable approach. The real concern here is not that your personal information will be stolen, it’s that the entire telecom network will be brought down in some way. That’s not likely to happen because if there’s any sort of government contract involved, then every part is scrutinized for security. When Softbank (a Japanese company) was looking to buy Sprint (a government contractor) years back, they had to make sure that none of the components they brought in to run their cell network were made by Huawei, and they did. In fact, all the really important telecommunications stuff is checked and rechecked for security. Of course that doesn’t mean there can’t still be a problem, but at least they are trying.

Should you be worried?

Personally I think this is all a bit of paranoia and saber rattling, but then that does seem to be the way our government does business these days. If you’re not worried about the way we treat China, I would not be worried about the way they treat us.