By Jeremy Wagstaff and Lee Chyen Yee
| NEW DELHI/HONG KONG
NEW DELHI/HONG KONG Oct 31 Under-fire Chinese
telecoms equipment vendor Huawei Technologies Co Ltd is
reaching out to one of its sternest critics: a hacker who
accused it of making shoddy products.
John Suffolk, the company's global cybersecurity chief, told
Reuters at a cybersecurity conference in New Delhi that he was
sending a team of engineers to talk to German security
researcher Felix Lindner, who has exposed vulnerabilities in the
company's routers, from its $100 home Internet devices to
multi-million dollar equipment run by telecommunications
companies.
"We've very much taken on board Felix's views and you'll see
over the coming period we've got a whole host of significant
operations to deal with these issues," he said.
The move is a departure of sorts for Huawei, which has been
battling critics on several fronts. It was last year blocked
from bidding for a multi-billion dollar national broadband
network contract in Australia over cyber-security fears.
A U.S. congressional committee recommended Washington to
similarly bar Huawei and its Chinese rival ZTE Corp
from being allowed to sell equipment to U.S. carriers.
INSPECTING HUAWEI'S CODE
Huawei has denied inserting deliberate backdoors in its
products to allow for spying, and has invited governments to
inspect its code.
In Britain, it set up a centre to test out whether its
products can withstand security threats, and has offered to set
up something similar in both the United States and Australia.
But it has so far been reluctant to engage security
researchers and hackers who challenge the company, something
that Suffolk said was now changing, in part because of Lindner's
allegations.
Suffolk, who was the British government's chief information
officer before joining the Chinese company, said the team's trip
to Germany had been slowed by visa issues, but would go ahead
soon.
Lindner told Reuters after a presentation at a hacker
conference in Kuala Lumpur earlier this month that, while he
could not be sure there were no deliberate backdoors in the
software, there was no evidence in the devices that he tested.
The problem, he said, was that the software was poorly
written and left the equipment vulnerable to hackers.
Lindner's views fitted with a White House investigation that
found no clear proof that Huawei was spying for the Chinese
government, sources told Reuters earlier this month.
SYSTEMIC CHANGE
Suffolk said that Huawei had not sent anyone to attend an
earlier presentation by Lindner in July but had done so for the
Kuala Lumpur conference.
Their presence, he said, was not to dissuade Lindner from
speaking but to see if he was revealing new information.
"We like these comments, although sometimes you think to
yourself that's a bit of a slap in the face," Suffolk said.
"But sometimes you need a bit of a slap in the face to step
back, not be emotive in your response, and say what do I
systematically need to change so over time any these issues
begin to reduce?"
The move to engage Lindner, Suffolk said, was part of a
broader shift in Huawei's approach that he had led since joining
the company in 2011.
He numbered among the changes making it easier for other
security researchers to contact Huawei with vulnerabilities they
have found. But his long-term goal, he said, was to change
procedures to make all products more robust.
"I can fix the Felix issue in a few lines of code," he said.
"But I'm interested in systemic change within Huawei."
Huawei's efforts to crack the lucrative U.S. market have
been hurt by years of suspicion from U.S. lawmakers, who say the
Shenzhen-based company, started by CEO Ren Zhengfei, a former
Chinese military officer, has links with the Chinese government.
After an 11-month investigation, the U.S. House of
Representatives' Intelligence Committee released a 52-page
report urging U.S. firm to stop doing business with Huawei and
its smaller rival ZTE due to potential influences from the
Chinese government, which could pose security threats.