Taiwan and US make joint declaration to only use 'clean' 5G kit

It's all about transparency, yet China didn't rate a mention

Taiwan and the US have made a joint declaration that calls for “rigorous” checks on 5G kit to prevent interference from foreign governments.

In the declaration - made by officials from Taiwan's de facto embassy, the American Institute in Taiwan (AIT); Taiwan's Foreign Ministry; and National Communication Commission - Taiwan said it joined the US in "keeping technology systems clean and free of un-trusted vendors to promote security of nations by protecting sensitive data of our citizens and companies from authoritarian governments."

The move comes as part of Washington's increasing efforts to keep vendors it deems dubious - essentially Huawei and ZTE - out of 5G networks worldwide. In April, Washington announced the "5G Clean Network" plan, what Secretary of State, Mike Pompeo has described as "the Trump administration's comprehensive approach to guarding our citizens privacy and our companies' most sensitive information from aggressive malign actors, such as the Chinese Communist Party."

The first step of the plan, the 5G Clean Path, also announced in April, aims to block untrusted vendors from accessing US diplomatic systems. This was then extended this month to include five other key areas: carriers, undersea cables, cloud computing, mobile app stores, and the apps themselves.

Taiwan has not formally signed up for the whole Clean Networks plan. Nonetheless, the joint declaration calls for a "rigorous" evaluation of 5G hardware and software suppliers on criteria such as whether they are subject "to control by a foreign government", whether they are "financed openly and transparently", whether they have "transparent ownership, partnerships, and corporate governance structures," and whether they have "a commitment to innovation and respect for intellectual property rights."

"Protecting these next-generation communications networks from disruption or manipulation as well as the privacy and individual liberties are vital to ensuring our economies are able to take advantage of the tremendous economic opportunities 5G will enable," the statement announcing the declaration read.

Director of the AIT, Brent Christensen, said: "Trust cannot exist if our telecom vendors are subject to authoritarian governments, like the People's Republic of China, which lacks . . . the rule of law and whose legit privacy protections result in security vulnerabilities."

Washington has carefully watched Taiwan since the mainland Chinese government imposed a new national security law on Hong Kong that that cracks down on dissent and saw state secret police stationed on the autonomous territory for the first time.

Taiwan asserts it is a sovereign nation, but China claims it is a rogue province. Whatever its status, Taiwan has become increasingly strategic for the US, not least because it is home to chipmaker TSMC, which produces around half the world's made-to-order silicon chips. Adopting secure 5G will give the US administration, and buyers, more confidence that designs made by TSMC will be harder to obtain by nefarious means.

Washington recognises Taiwan as one of 30 "clean "countries". Taiwan has excluded Chinese companies from its telecoms infrastructure since it introduced 4G in 2014. But the government has increased its scrutiny of mainland companies with a raft of new regulations that block Chinese companies from acquiring sensitive technologies from Taiwan and banned video streaming providers from operating through local partners. ®

Other stories you might like

  • 5G C-band rollout at US airports slowed over radio altimeter safety fears
    Well, they did say from July, now they really mean from July 2023

    America's aviation watchdog has said the rollout of 5G C-band coverage near US airports won't fully start until next year, delaying some travelers' access to better cellular broadband at crowded terminals.

    Acting FAA Administrator Billy Nolen said in a statement this month that its discussions with wireless carriers "have identified a path that will continue to enable aviation and 5G C-band wireless to safely co-exist."

    5G C-band operates between 3.7-3.98GHz, near the 4.2-4.4GHz band used by radio altimeters that are jolly useful for landing planes in limited visibility. There is or was a fear that these cellular signals, such as from cell towers close to airports, could bleed into the frequencies used by aircraft and cause radio altimeters to display an incorrect reading. C-band technology, which promises faster mobile broadband, was supposed to roll out nationwide on Verizon, AT&T and T-Mobile US's networks, but some deployments have been paused near airports due to these concerns. 

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • 1Password's Insights tool to help admins monitor users' security practices
    Find the clown who chose 'password' as a password and make things right

    1Password, the Toronto-based maker of the identically named password manager, is adding a security analysis and advice tool called Insights from 1Password to its business-oriented product.

    Available to 1Password Business customers, Insights takes the form of a menu addition to the right-hand column of the application window. Clicking on the "Insights" option presents a dashboard for checking on data breaches, password health, and team usage of 1Password throughout an organization.

    "We designed Insights from 1Password to give IT and security admins broader visibility into potential security risks so businesses improve their understanding of the threats posed by employee behavior, and have clear steps to mitigate those issues," said Jeff Shiner, CEO of 1Password, in a statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022