Mailing List Archive

On 6/17/21 1:50 PM, Sean Donelan wrote:
> The Commission also seeks comment on whether it should revoke prior
> authorizations for any equipment on the Covered List

This would make any of the "Covered List" equipment illegal to use in the USA.
Almost everything needs to have a part 15 certification with the FCC, this
would then open up network operators to being fined for every device they
still have in operation.

https://www.fcc.gov/supplychain/coveredlist

--
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net

On Thu, Jun 17, 2021 at 10:51 AM Sean Donelan <sean@donelan.com> wrote:
> The NPRM seeks comment on a proposal to prohibit all future authorizations
> of communications equipment that has been determined to pose an
> unacceptable risk to U.S. national security, as identified on the Covered
> List published by the Public Safety and Homeland Security Bureau.

Translation: how should we generalize the Huawei rule so that we don't
specifically and illegally pick on the Chinese?

The short answer is: you shouldn't. The FCC is poorly equipped to
operate in the national security space and I think changing it's
footing to adequately operate in that space would likely impair its
core mission. Let security agencies decide when an import should be
banned and let them ban it independent of the FCC's activity.

Regards,
Bill Herrin


--
William Herrin
bill@herrin.us
https://bill.herrin.us/

On Fri, Jun 18, 2021 at 11:59 AM William Herrin <bill@herrin.us> wrote:

> On Thu, Jun 17, 2021 at 10:51 AM Sean Donelan <sean@donelan.com> wrote:
> > The NPRM seeks comment on a proposal to prohibit all future
> authorizations
> > of communications equipment that has been determined to pose an
> > unacceptable risk to U.S. national security, as identified on the Covered
> > List published by the Public Safety and Homeland Security Bureau.
>
> Translation: how should we generalize the Huawei rule so that we don't
> specifically and illegally pick on the Chinese?
>
>
more-over, aren't there lots of other folk making gear (even inside the
US!!!) which
are made up of components/software/etc which MAY be influenced/etc by
foreign actors?

This proposal and the previous version of this conversation/regulation seem
designed
to just be flame-bait in the political space. They can't really have merit
because
who says John Chambers wasn't paid by the Elboniese Ministry of Magics to
insert 'bad things' in all Cisco devices built during his tenure?
(clearly I'm making up the 'john could have inserted code', but
take that example for any employee at any of the potential vendors
or their suppliers)

Also, I wonder:
"can not use VENDOR in your network..."

does that mean: "only in the USA" or "Anywhere"...
the pedantic (there just aren't these folk in networking, I am assured) out
there could say:
"Ok, not in the USA.. so the ring around entry points is all VENDOR..
done!"

-chris

----- On Jun 18, 2021, at 10:56 AM, Christopher Morrow <morrowc.lists@gmail.com> wrote:

Hi,

> more-over, aren't there lots of other folk making gear (even inside the US!!!)
> which are made up of components/software/etc which MAY be influenced/etc by foreign
> actors?

Obligatory 37 second explanation: https://www.youtube.com/watch?v=bifOI4MbHVU

Thanks,

Sabri

On Fri, Jun 18, 2021 at 10:56 AM Christopher Morrow
<morrowc.lists@gmail.com> wrote:
> more-over, aren't there lots of other folk making gear (even inside the US!!!) which
> are made up of components/software/etc which MAY be influenced/etc by foreign actors?
>
> This proposal and the previous version of this conversation/regulation seem designed
> to just be flame-bait in the political space. They can't really have merit because
> who says John Chambers wasn't paid by the Elboniese Ministry of Magics to
> insert 'bad things' in all Cisco devices built during his tenure?

Hi Chris,

Here's what I'm thinking:

I'm thinking it costs less than five cents per unit to add a radio
receiver to any mass-produced VLSI or SoC chip whose sole purpose is
to blow an internal fuse on receipt of the right cryptographic
waveform. Pirate the mandatory voltage in line for a bad but usable
antenna. The fuse could do anything. Disable the chip. Switch to the
alternate firmware. Anything.

I'm thinking the FCC would assign itself the mission of protecting us
from such a threat and the authority to do so by speculatively banning
electronics which can't prove they don't contain such a circuit. Which
is practically impossible. And applies to all electronics. Everything.

Or worse, I'm thinking the FCC would assign itself the mission but
only enough authority to make itself a nuisance to legitimate vendors
while leaving massive holes in the attack surface.

This is a bad idea. This is one of the things we have intelligence
agencies for: to catch companies and nations who sneak clandestine
contaminants into their exports so that we can confront or if need be
embargo those imports in a comprehensive way. Contaminated electronics
is just the latest twist in a long shadow war where the FCC's amateur
interference would not be helpful.

I'm also thinking this would make a great plot for a science fiction /
spy novel. Any writers out there?


Regards,
Bill Herrin


--
William Herrin
bill@herrin.us
https://bill.herrin.us/

FCC will vote July 13 to put "finishing touches" on the proposed
$1.9-billion program to subsidize removal of Huawei and ZTE gear from U.S.
wireless networks.

https://www.fcc.gov/news-events/notes/2021/06/21/july-open-meeting-agenda

On Thu, 17 Jun 2021, Sean Donelan wrote:
> Today, June 17, 2021, the Federal Communications Commission voted to request
> comments on proposed rules that would protect against national security
> threats to the communications supply chain through the equipment
> authorization and competitive bidding programs.

I haven't listened yet, but this seems interesting and relevant:
https://pca.st/episode/6c78d419-4414-4b95-8107-057effc20478

"In this edition of the Communicators, Andy Purdy, Chief Security Officer
of Huawei Technologies USA, discussed how the Biden Administration's tech
policies may present new opportunities for Huawei, including 5G, innovation
and connectivity in the United States as U.S.-China relations evolve. He
also discussed the bans, past controversies and concerns about Huawei
products in the U.S."
*Brandon*



On Mon, Jun 21, 2021 at 2:41 PM Sean Donelan <sean@donelan.com> wrote:

>
> FCC will vote July 13 to put "finishing touches" on the proposed
> $1.9-billion program to subsidize removal of Huawei and ZTE gear from U.S.
> wireless networks.
>
> https://www.fcc.gov/news-events/notes/2021/06/21/july-open-meeting-agenda
>
> On Thu, 17 Jun 2021, Sean Donelan wrote:
> > Today, June 17, 2021, the Federal Communications Commission voted to
> request
> > comments on proposed rules that would protect against national security
> > threats to the communications supply chain through the equipment
> > authorization and competitive bidding programs.
>