I don’t think anyone is saying they can’t purchase from someone other than Huawei. They’re saying that they aren’t purchasing from someone other than Huawei (at least for some proportion of the network which is, obviously, manufactured by Huawei).
Vendor lock-in is not the issue. If we get into conflict with China and it takes, say, 6 months to swap out all the now-compromised Huawei hardware (which is obviously insanely optimistic), that’s a problem. Wars have been won and lost with much less than 6 months of technological/infrastructural head start.
> If we get into conflict with China and it takes, say, 6 months to swap out all the now-compromised Huawei hardware
Do you think a nation-state like China will have great difficulty compromising non-Huawei hardware? This seems overblown because Huawei components will be a small fraction of the attack surface in very connected environment. The best defence would be vendor-agnostic, which might be what the UK government is planning on.
No matter how powerful a nation-state is, it would still be infinitely easier for them to exploit a known CVE by sanctioning a patch than it would be to find a zero day chain that works.
Also, it would afford them the additional political benefit of deniability in their attack.
Vendor lock-in is not the issue. If we get into conflict with China and it takes, say, 6 months to swap out all the now-compromised Huawei hardware (which is obviously insanely optimistic), that’s a problem. Wars have been won and lost with much less than 6 months of technological/infrastructural head start.
reply