I have the same feeling about this as I did the announcement of the "Department of Homeland Security". The name sounded Soviet in origin, with only the exchange of "Homeland" in place of "Motherland". It reminded me of things my family had taught me didn't happen in the United States.
"We call on all freedom-loving nations and companies to join the Clean Network." is a sentence straight out of an authoritarian playbook. Top-down imposition of standards is not what made America's melting pot great. Free and open discourse, with redundant structures designed to ensure that governance required the consent of the governed, did.
Furthermore, State is a decade or more behind the game. It is my impression that modern companies that care about security assume that all networks are compromised and act accordingly. See https://cloud.google.com/beyondcorp as an example.
Balkanizing the Internet will not make us free; we will instead tie our own hands. This is not the same as banning the import of presumed-compromised hardware.
> The name sounded Soviet in origin, with only the exchange of "Homeland" in place of "Motherland". It reminded me of things my family had taught me didn't happen in the United States.
Back in 2014, China launched a crackdown on illegal online content, it was named "净网行动", which literally translates to "Clean Network Campaign/Action". The targets were illegal materials, mainly materials officially considered obscene, but also included unwanted cultural and political materials considered harmful. Since then, the name became a codename for most government crackdowns, and can be referred to in a satirical manner by the people. Naturally, after Michael Pompeo announced The Clean Network Campaign in the United States, it has immediately became a meme in China, comparisons were also made by the international press like the BBC in their Chinese editions. Now, if you search this keyword in Chinese, it's extremely amusing that you'll see news reports on both governments.
Baudrillard made the observation that the Soviet Union as well as the US during the Cold War really should be seen as a larger reinforcing system of deterrence that is used to map out and control rather than a conflict, two sides of the same coin.
Rather than being afraid of a single hegemon, it's the internal opposition that stabilizes systems of control, and he also pointed out that this is even mirrored within the oppositional two party system of the United States, which while looking like it advances freedom and debate and so on really advances security, and it's much more efficient in doing so than monolithic autocratic governments which tend to collapse in on themselves.
Instead of the Great Firewall of China we get the half-assed Trump Firewall that doesn't really get built and doesn't require anything more complicated than a SOCKS proxy.
> It is my impression that modern companies that care about security assume that all networks are compromised and act accordingly.
I think more to the point, Google et al assume that all networks are compromised by state level actors. As in NSA. As in the people who wrote this "Clean" policy.
Reminds me of when Google security engineers...ahem...reacted...to the Snowden leak that the NSA was spying on internally decrypted traffic. [1]
It's insane to me that the US spied on an American company's internal traffic, got busted, and the only viable response was "well, I guess we have to make HTTPS mandatory in the protocol now".
Not that it was the wrong response. Just that it wasn't even on the table to say "hey, NSA, wtf..."
Unless you see the NSA as some sort of weird, legally protected black hat blue team.
I'm not defending this thought process, and I disagree with it, but I can at least understand.
You basically have two levels of recourse against the state for redress of grievances: elections and litigation. You absolutely can, and I believe every major corporation should have, sued the NSA and the larger federal government post-Snowden. I'm not a lawyer so I don't know the specifics of what that would have looked like but it seemed like a pretty egregious violation of a whole list of rights. But litigation, especially against an intelligence agency, seems a little quixotic in this context.
Elections don't seem like they'd have much impact against the NSA. They're not elected officials, and only the top leadership is appointed. Most of them are career bureaucrats (I don't necessarily mean that in a negative way) and scientists/mathematicians. You could replace a third of the Senate and the entire House every 24 months and you're not going to get sweeping changes throughout the NSA. From a national security, somewhat hawkish perspective, that might be a feature rather than a bug? But from a civil liberties/freedom perspective it's definitely a concern.
Probably after NSA, with "banned" devices from at least Juniper (who got caught for shipping NSA backdoor that was repurposed by IIRC China, but only because there was an NSA backdoor to utilize), and probably ban Ericsson due to well-known rogue state with penchant for messing with telecoms in order to do industrial espionage.
Said rogue state is, of course, United States of America.
> Furthermore, State is a decade or more behind the game. It is my impression that modern companies that care about security assume that all networks are compromised and act accordingly.
Unfortunately far from true. There's a small percentage who have the resource to run this kind of ops. Don't look at FAANG on how security is in companies, they're outliers by far.
FANMAG is also the infrastructure that most of these companies are running on, so in a way, they are delivering it bit by bit to most companies. Especially as companies move from doing things like 'running their own exchange server' to 'buying a microsoft 365 subscription'.
Chromebook + google apps is what most companies need, and really good security for the most part.
While I don't disagree with your statement, it's important to remember that cybersecurity is a "weakest link" issue. If 90% of your infrastructure/tooling is provided by FANMAG companies, you are still pretty weak from the remaining 10% -- unless your company has higher security standards than FANMAG, which is not typical.
However, the infrastructure and scenario may be wildly different from your average (modern) big tech company.
There's always the notion that your national infrastructure needs the security applied as an afterthought, VS maybe more careful planning and less heavy "legacy" dragging them down in the tech companies.
There's also massive amounts of variation between the companies in that group. Some are prohibited from taking source code off a computer located on premises (employees' take-home machines are "dumb" to the extreme in that they basically connect directly to their computers at work); others encourage their employees to use pre-production and internal products for personal use. As you can guess, they have dramatically different models for how to approach corporate security.
Yes. It is ridiculous how closely the language sounds to that of a dictatorial regime. The language is just so.. cringy. When I first read, I genuinely could not believe it was not onion or some weird caricature.
Also consistently calls out PRC as a threat without acknowledging the diversity of bad players on the net. This is more about posing and politics than countering real threats.
"Transhumanism is about how technology will eventually help us overcome the problems that have, up until now, been endemic to human nature. Cyberpunk is about how technology won't." - Stephen Lea Sheppard.
"The Clean Network program is the Trump Administration’s comprehensive approach to..."
Isn't that a bit odd? Surely these things would be worded as 'is the United States Government approach..' It almost smacks of 'errr, don't blame us guys, it wasn't our idea.
Probably the same reason why every white house announcement has to say that whatever it is is way better than any previous administration did or could have done.
Thanks for posting this, I was looking for this comment. I had to check the URL multiple times because the more I read the more I was convinced it was a parody site. Even the "Clean" typeface evoking the Mr. Clean brand, I thought surely this must be a joke.
In some sense all governments are the same. Any government trying to create a great firewall will use the same kind of propagandistic, utopian-seeming verbiage and metaphors.
> It is my impression that modern companies that care about security assume that all networks are compromised and act accordingly. See https://cloud.google.com/beyondcorp as an example.
No, you assume the network can be compromised like any other device in the system. You still defend the network and add in layers of access control. Employees of Google still use VPNs to connect into sensitive networks.
With the prevalence of 0-days and demonstration of usage by nation-state actors, you have to have multiple layers of defense to try to have any reasonable chance of preventing a compromise.
> Employees of Google still use VPNs to connect into sensitive networks.
Not really. Maybe the people that keep BeyondCorp-related systems running, if at all. There are VPNs, obviously, but not directly accessed by 99.9% of employees.
> There are VPNs, obviously, but not directly accessed by 99.9% of employees.
Requesting VPN access is trivial, and it's used heavily in some large teams for pretty banal engineering workflows (i.e., not maintaining BeyondCorp or anything).
BeyondCorp is essentially a VPN but a different structure. That puts security on all the machine nodes. It's more secure than a VPN because it doesn't have a gooey center being a single entry point.
Calling it a VPN muddies the point you are tying to make.
People think of a VPN as a secure perimeter (like a thick ship's hull), but BeyondCorp is layered security (like the many smaller compartments within a ship that can be isolated in case of a hull breach).
Yep. This "Clean Network" BS reminds me of the "Golden Shield" project (official name of the project that China's firewall is part of). Not something I'd expect from the US.
If the Clean Network lasts even so much as a few months as an infrastructure with a non-trivial amount of activity, it will be a fascinating time capsule. It will reflect a very strange kind of culture and bizarre set of national security assumptions and political constraints.
When we look back at the archive.org copies of Clean Net, it will be like visiting a bizarre short lived theme park.
I also personally agree with Fletcher Prouty (rip) that the naming of the department of war to the department of defense falls under this same category.
The parallel effort is the demonization of Section 230. Subjecting web companies to liability for users' speech is the surest way to squelch all that messy, hard to control speech.
Things will certainly be much cleaner when your public information comes from a short list of large companies with a lot to lose.
I'm an American in Canada and this is bunk. "I learned about" translates to "I've never spent any time below the border".
It's literally 99% American culture here. There isn't any "love and tolerance" that you couldn't find in any Blue State, and most of hard left types take their cues from what they see in the US; e.g. the prevalence of BLM wankery despite the fact they're in a different country with wildly different histories regarding slaves. The only things you can't find in the US are Nanaimo bars and banknotes with the Queen's face on them.
Just read in the news this morning that the intelligence community acknowledges China has a steak in Biden being put in the Oval Office and Russia has a steak in Trump staying put. Interesting that Russia's name was not in this piece anywhere...
Why would it be? There are no plausible 5G competitors coming from Russia. There are very few (if any) electronics manufactured in Russia and imported to the U.S.
Any resources the US spends in conflict with China are resources it can't spend in conflict with Russia. The US is relatively weaker, Russia is relatively stronger. 5G is just one small piece of the puzzle.
Russia is not relatively stronger than the U.S. by any metric. And we're not in conflict with Russia. China is the #2 economy in the world...it got there at a blistering pace and it has a population advantage over the U.S. by about 3x or 4x. China has been known to steal technology from U.S. firms and universities. It's been known to spy. They have vast amounts of electronics manufacturing capacity and can completely compromise our IT security as a nation if they are allowed to proceed. No need for social engineering hackers when you can compromise chips, software and boards directly at the factory.
>''People find it a little quaint, a little forced,'' said Deborah Tannen, a linguistics professor at Georgetown University and author of ''You Just Don't Understand'' (William Morrow, 1990).
>At worst, Ms. Tannen said, the phrase is associated with sinister historical precedents.
>''There is one particular group -- American Jews, and I am Jewish -- for whom it has a menacing association,'' she said.
>Nazis favored the word ''heimat,'' or ''homeland,'' and homeland defense forces were known as Heimwehr or Heimatschutz in Austria and Germany from the late 1920's.
The Chinese has shown no interest in co-operating with the world. They are an enemy. What’s wrong with keeping them out of our internet when they have their own?
To put it another way; this is like allowing your enemy to design and manfacture your military jets.
The Chinese government has shown no interest in cooperating with many western governments. Even though the Chinese government is, in some ways, an “enemy”, most of the 1.5 billion people living in China are not. We should be interested in what the people have to say and I’m sure the people of China are interested in what we have to say, too. We should be building connections amongst the people, not walls.
I’d even say that’s the entire point of the internet - sharing and inclusion. There isn’t “our” internet and “their” internet - there’s just the internet.
> We should be building connections amongst the people, not walls.
Do you think that it's really up to us? We weren't the ones who set up the Great Firewall. We have been trying to "build walls" for the past 30 years and it has gotten us nowhere. I get that people like to say things that evoke "positivity" or to feel good about themselves but there needs to be some semblance of reality if we really want to progress.
I like to think I'm the most free speech loving, liberal progressive in any room I walk into. But I think the wild west of the internet that existed in the 90s and early 2000s that leant itself to idealistic visions of what the internet could be is not what we have today.
You can't build bridges that are then used against you for espionage, theft of intellectual property, disinformation, tracking and abducting political dissidents, and infiltrating critical national security infrastructure, and then point at that and say "this is free speech!" And if there's no room to acknowledge that in your understanding of how the modern internet works in reality, then I don't know that we're operating from a similar understanding of reality.
There will be a natural decoupling between our two nations. We did the same with Soviet Union when we realized their ideology left no room for long term peaceful coexistence (see the Long Telegram).
A lot of political leaders are realizing that the communism of China, while different in many ways to the Soviet variety, is still incompatible with the USA.
I'm not sure China under any ideology would allow for peaceful coexistence with the USA.
It seems like a national pride thing that China cannot be subservient to the US, and the US can't survive a world where it's billionaires aren't in complete control.
There's maybe a synthesis where the Chinese billionaires take over America? That way it's still wealth in charge in the US, and the Chinese in control of china
All ideology exists to, ultimately, justify the growth and success of its promulgators; ideologies that don't rapidly stagnate or die off. Basic meme theory.
China's specific ideology is irrelevant; "Capitalism with Chinese Characteristics" or balls out Marxism won't change the fact that the CCP needs to feed and manage a billion people. They will eventually engage in aggressive, even ruthless, behavior because they have to; 'tis the nature of Realpolitik. National pride and ideology have nothing to do with it, hegemonic competition is inevitable.
This really comes off as a hastily prepared political dig against China, when there are in addition so many other actors and countries trying to take advantage of poor security. The JPEGed giant logo at the top doesn't help...
Other observations:
-- "Remove untrusted applications from US mobile app stores": so, this would call for even tighter control by Apple, Google, over its app distribution and monopolies?
-- Clean Apps: "Prevent untrusted PRC OEMs from installing trusted apps on their apps store... should remove apps to ensure they are not partnering with a human rights abuser." Umm, seriously, we're going to open this can of worms?
Edit to add a last thought:
I have yet to understand or read a coherent description about how we do not have the technical ability to protect against eavesdropping/etc regardless of who owns the physical hardware. Why is CCP-owned infrastructure uniquely susceptible to this? If we can't protect our transmissions with encryption, secure data storage techniques, what does it matter that the equipment is supplied by China? What unusual attack do they get access to by owning or manufacturing the equipment?
> The federal government has a very good design system.
Having no knowledge of how the federal government works, but having worked for fairly large organizations, I would still guess that the design system exists and is used in many places but a significant fraction may not even know it exists much less that they are supposed to use it.
Seconded. Plus many Fed'Gov orgs have explicitly different systems, requirements, and silos. The DOD or NSA would put out something flashy, but this is State...
Every interaction I’ve had with someone from USDS has been top-notch. I obviously can’t speak to the politics that may happen amongst the higher ups behind the scenes but the people they’re recruiting are excellent.
> What unusual attack do they get access to by owning or manufacturing the equipment?
It is incredibly easy to add almost undetectable backdoors to hardware, particularly inside ICs. Here's one particularly clever attack described by security researchers at U of Michigan, but there are many:
How would a hardware vulnerability on router equipment handling traffic compromise data flowing over that router which has already been encrypted properly at the source/destination?
Your comment that I responded to was referring to smart phones (ie, multiple references to "apps" and "mobile") and now you're bringing up "routers"?
Did you mean to do this? Because if not, it's what's called a bailey-and-motte fallacy. You've stated a very controversial, hard-to-defend position (what difference does compromised hardware make to a user's security?), mentioned it in a context where it would make a huge difference (smartphones), and now you've brought up a very specific scenario and context that is more reasonable (although still not as much as you appear to think).
Again, your original question was "What unusual attack do they get access to by owning or manufacturing the equipment?". Your original post made no reference to routers or switches.
To answer that original question explicitly, having a many types of hardware exploits on end-user equipment is game over - full access to all your data and communications on that device.
Edit: And regarding compromised routers, from https://www.welivesecurity.com/2019/01/17/new-years-resoluti..., here's a list of things that a hacked router could do to you, many of which would be of interest to nation-state attacker targeting a person or organization:
- redirect you to a web page that phishes for your credentials,
- dupe you into installing malware-laced versions of legit software,
- be hijacked to conduct man-in-the-middle attacks (MitM) on what you would believe are secure and encrypted connections,
- be corralled into a botnet in order to launch DDoS attacks against websites or even against aspects of the internet’s infrastructure,
- be co-opted as an on-ramp to attacks at other devices within your network,
- be used to spy on you via Internet-of-Things (IoT) devices,
- be compromised with malware such as VPNFilter, or, as another threat du jour, be misused for covert cryptocurrency mining.
Edit 2: And unless a website is only available via HTTPS, the end user is using an extension like HTTPS Everywhere, or the user carefully types in `https` as the URL protocol, then the end user is still vulnerable to SSL strip from a compromised router.
Sorry, we mixed up which hardware, in which questions. My question immediately above had to do with routers, etc. that the administration has also put attention onto.
OK, we crossed wires, no problem. However, for the reasons I mentioned above, compromised routers are still a very bad thing. At the very least, it's a beachhead from which to launch further attacks inside a data center or business. At the worst, they can use SSL strip to strip encryption off of any website/end-user who hasn't locked down HTTPS only. Plus, there are still many protocols in common use that are not encrypted by default.
Edit: Would you agree to let me (or anyone) hook up a compromised router inside your home network?
The bigger question is "how do you know your router isn't compromised already"
Chances are, the US government is pushing for china-free networks to ensure it has a monopoly on hacking American systems.
If we as a whole drop the assumption that the network is safe, we can build things where I would trust you to hook up a compromised router to my home network.
That doesn't sound useful or very sophisticated from a spying POV. I guess mass-shutdown of Telco infrastructure would be catastrophic but that could most likely be avoided by having a mix of suppliers and a minimum of known-good hardware in the field.
You'd have to maintain that mixture of manufacturers broadly across all the 'critical' bits of infrastructure for it to really matter and there's a lot of infrastructure to defend. Just disrupting payments or mobile data sporadically across the US could deal a big blow to a lot of businesses. Just look how poorly they've fared with the COVID disruptions.
Disruptions would be there for sure. But I think building up that kind of capability is necessarily single-use only, and only makes sense if your goal is to use it as a direct prelude to an invasion of a country. Because people will relatively quickly discover where the problems came from, punish whoever's responsible and then switch manufacturers. I don't see how this could be of benefit to secret services whether from China or any other country, except in the worst case stated above. A few billions in economic losses due to stock market disruptive etc dont mean much in the grand scale of things (and can't therefore be very attractive for intelligence services). Military planners would be foolish to outright dismiss this possibility, sure, but I don't think us-China relations are at this point yet. (And hopefully never will.)
The solution to all of this is to work together and increase the security of the overall system and ditch security through obscurity and security through NDA, go open-source and full inspectability for all critical infrastructure, be it comms, industrial controls, medical infrastructure, transport etc. And E2E encrypt all communications. Everything else is just screwing around with the symptoms instead of addressing the root causes.
Just OSS isn't going to solve the paranoia around hidden backdoors in Chinese manufactured network equipment. A tiny co-processor looking for a trigger to brick the rest of the device would maybe require delidding to notice. The old adage is once they get access to your hardware there's very little in the way of attackers doing anything, how do you secure something when it's being manufactured almost 100% by an 'attacker' country's industrial base?
I think the China-hawk paranoia is going too far but for national security paranoia it's relatively well grounded. It's hard to justify being able to certify that a thing is secure when the hardware could just be lying to you about the firmware checksum for example.
That's of course true. Which is another reason why I think that eg voting computers are an inherently bad idea (independently of who manufactures them). But my main point was that this sort of capability embedded in routers can only be used once and likely only in an end of the world scenario and therefore is of limited interest to "China".
Now I'm wondering whether I'm mistaken? If my connection to a website/device is properly encrypted (SSL/TLS), can a mitm attack (eg by an embedded hw bug) strip that encryption away? If so, that would be bad and would invalidate large parts of my argument above. If it doesn't however, then it wouldn't really matter that much I think. Unless... the device somehow saves a copy of the traffic for later decryption with better hardware down the line. That seems doable but not really feasible at scale. (Then again, maybe a few bugs in the routers installed at a few critical facilities or locations like downtown DC are enough to gobble up enough juicy traffic?)
I think on the whole it was a bad idea to offshore virtually all production capabilities for chips and computer hardware. (This is especially true for Europe which lost its hw production to Asia and its software production to the US.) Now we have to cope with this situation as it is though, and it seems to me that the best way to do that is to improve transparency by doing what I wrote above, radically reducing complexity of protocols and the tech stack (eg openssl vs wireguard) and forcing companies to clean up their act wrt IT practices. Not easy at all, I know.
Denial of service, metadata extraction, easy path to mitm if there's a zero day. Those are just a few attacks possible without decrypting payloads.
If I gave you a root CA's private key and my ip address you would not be able to mitm me unless you found a way to inject yourself in my datapath. Good luck with that unless you have nice backdoors to core infrastructure.
> Why is CCP-owned infrastructure uniquely susceptible to this? If we can't protect our transmissions with encryption, secure data storage techniques, what does it matter that the equipment is supplied by China? What unusual attack do they get access to by owning or manufacturing the equipment?
We Americans like to think we have the moral high ground against China. For some things, we do. For many others, they are just following in our footsteps.
The US has scarcely not been at war since I've been alive and the 2001 Authorization for the Use of Force has no end in sight. Wartime powers vested in the Executive Branch are far more expansive than we would like to think.
Who do you think re-routes shipments of Cisco networking hardware to the NSA TAO group? Cisco and FedEx/UPS. Same with any computing hardware and likely many other products.
Who do you think complies with National Security Letters? 99%+ of the companies that receive them. QWest tried to challenge their legality and that CEO wasted away in prison.
Patriot Act and Anti-Money Laundering statutes require that lots of industries participate with the USA government: financial, travel, hotel, telecom, etc.
> so, this would call for even tighter control by Apple, Google, over its app distribution and monopolies?
I think it does the opposite. It says "if you're going to vouch for software, really vouch for it". Not "only let users install software you can vouch for". It means that non-app store distribution becomes more of a thing, not less.
>This really comes off as a hastily prepared political dig against China
I think 'Clean net' is a horrific, short sighted, dystopian joke that will be the subject of ridicule and fascination as a historical subject.
I also think there's no surveillance operation in the world as vast and as troubling as China's, and there's nothing fundamentally inaccurate or misleading about pointing that out.
It looks like we are breaking the internet up along the lines of political boundaries. The US will have one internet, the EU another, China yet another... Hopefully the pendulum will swing back in the other direction soon...
Hope is not a strategy. AFAICT, both parties basically support stronger state control and more surveillance.
It will be interesting to see how EU/China/Russia/USA spheres of influence will develop. With the pandemic, a lot of "unthinkable" things have happened (travel prohibition from US to EU etc), so I think the various factions are emboldened to double down on
- keeping their data in their sphere
- improve surveillance of own citizenry
* China of course has been pretty much on this track for years.
* EU is using privacy as the good cause to sell this
* US is now doing the same with national security as excuse.
I don't see the big picture changing just because the president and administration change (if they do).
Many municipalities have no-justification-needed absentee voting (vote-by-mail by any other name) which can be dropped off often weeks before in-person voting occurs. Likewise many places have early in-person voting.
1. Check your voter registration.
2. Register to vote if you need to and it's still open for registration in your state.
3. VOTE as soon as you can. If you're voting absentee then drop off your ballot early if possible. If you're voting in-person then look into early voting to avoid lines and keep everyone safe.
The key this year is to _personally drop off your ballot_ at an official drop point rather than mailing it in. USPS can and will deprioritize mail in ballots for the fall elections.
I do this anyways. Why would I pay postage to have something brought to a distribution center 20 miles away, wait a few days, then brought back to my town to get delivered to town hall when I can literally walk there and drop it off for free?
With everything coming out about how mail in ballots are being delayed and otherwise messed with and who knows what else is in store, what is the value of ensuring your vote gets counted relative to your time dropping it off personally?
I drop mine off at the neighbor's house up the street too. It's a short walk, nice time to go outside and the times I go it's only one or two other people there.
I just prefer to be vote by mail so I can fill it out at home without being rushed.
I mean, I know that with less than 90 days before one of the largest absentee voting elections in the history of the nation that I would fire 23 USPS administrators on a Friday evening several days after admitting to congress to slowing down mail delivery. That seems reasonable. Right?
Please don't argue in bad faith, and actually read the links provided.
The issue here is that the current Postmaster General fired the administrators who were pushing back against the "optimizations" he is making and wants to make to USPS policies. The final goal is to privatize USPS, which has been a Republican dream since the Reagan era.
Yes, I read all articles about the USPS the day they are published across a wide range of journals.
However, I'm simply looking for a direct, factual claim that supports that these firings were directly intended to slow down mail delivery so as to cause problems during the forthcoming election. So far all the claims I've seen are indirect; further, the PG has explicitly said they are prepared to handle mail-in votes during the upcoming election.
It's entirely unclear whether firing administrators (rather than mail carriers and postal office workers, etc) has a direct effect on mail delivery rates and accuracy in the short-term.
>However, I'm simply looking for a direct, factual claim that supports that these firings were directly intended to slow down mail delivery so as to cause problems during the forthcoming election. So far all the claims I've seen are indirect
You realize that this is an absolutely inane thing to ask right? The direct implication is that Trump is slowing down the USPS in order the guarantee his re-election - are you looking for a quote from Trump himself that he's doing this, because I doubt we will ever see one until it's too late.
Sure, I agree that Trump appears to be signalling that he is attempting to prevent mail in ballots from being delivered but it's really hard to picture how this strategy helps him?
IE, I'm struggling to put together some sort of specuative game theory about the election that leads to him being president again.
No, those executives don't deliver mail. They did make all the decisions about how mail is delivered, who does it, and when. By centralizing the power structure DeJoy has put himself in the position of being able to make arbitrary decisions about postal delivery with very little immediate oversight.
The USPS is playing an unusually large role in this election and Trump (and, let's not forget, state-level actors that continue to take active measures in US elections) has indicated that he's open to messing with mail delivery to win.
Trump's USPS' Postmaster General replacement fired 23 USPS executives. It's possible that vote-by-mail will be the easiest way for gerrymandering to occur.
This shouldn't be downvoted - it's relevant to hackers here because the executive branch found an effective way to hack the electoral process. Socio-political engineering at its finest!
Judging by your politics the other party will do the same citing Russian interference, you will always be slaves to your two party system abs continue fighting with each other.
It won't, but it's already not part of what we typically consider "the internet". One country pretty much always being isolated from it is somewhat different than further ripping the currently-connected bits apart.
> Chinese invented their great firewall for trump, that your logic?
it swings back when we invent new protocols - which is to say it never swings back. From traditional publishing to radio to tv to the internet to gentrification once the bastards get control you gotta make the next thing.
Power naturally consolidates. If you have a little more power than the next person, the first thing you do is use it to get a little more power. Let that feedback loop run for several thousand iterations and you end up with the massive inequality that has been a hallmark of human civilization since the agricultural revolution.
The only force I know of that has been able to moderate that feedback loop is organization. By very definition, what the elite few who consolidate power don't have is numbers. They are massively outnumbered, which is why they are constantly sowing discord (like fomenting racism). Because they know the only thing keeping them in power is the disorganization of the masses.
At least to me it sounds like an announcement that they plan to "cut the lines" to countries that don't adhere to the standards of the current American administration.
A new protocol won't allow you to communicate with people in the United States if you're on a "blacklisted" comms company's network.
Well that's not how the Internet works. Perhaps they can blacklist prefixes from being accepted by American ISPs, but as long as ISPs peer with any ISPs from outside of the country, those advertisements will be coming in.
It sounds to me that this document is outlining their plan to change how the (read: "how their") internet works. No "path" that connects to any hardware that the US can arbitrarily deem as being in bed with the CCP.
It sounds like "clean" American ISP's won't be allowed to peer with arbitrarily "unclean" service providers of any kind or else risk losing their "cleanliness" designation.
There are new protocols being invented; namely the decentralized web protocols (IPFS, web3, dat (Breaker), etc. ). Whether you think cryptocurrencies are useful or not, there is a push to build a new open decentralized internet using these protocols and IPFS + ENS domains and the web3 protocol stack on Ethereum.
in fact the best thing to do to fight the Great Firewall of China is to make it easier for the Chinese people to access the internet-at-large including sites hosted in the US. This program will do the opposite.
This is 100% the answer, and one thing I've never understood about many, many aspects of American life.
If you want people to act a certain way, you incentivize that thing, not punish the opposite of the thing.
You want people to stop doing drugs? Make programs designed to support them during the withdrawal process, provide counseling and other necessary supports, and make it free. You want people off of welfare? Provide career training and education, and assistance in the job search process, and make it free.
Punishment doesn't give you what you want, it gives you the appearance of getting what you want, while the people you punish spend their time trying to figure out how to lie their way around you.
Most people aren't philosophers or social scientists, and their understanding of criminal science is based on their personal experiences with crime and punishment or their casual suppositions. This is why a trusted and high quality education is essential for a strong democracy.
> Generally the better educated are more prone to irrational political opinions and political hysteria than the worse educated far from power. Why? In the field of political opinion they are more driven by fashion, a gang mentality, and the desire to pose about moral and political questions all of which exacerbate cognitive biases, encourage groupthink, and reduce accuracy. Those on average incomes are less likely to express political views to send signals; political views are much less important for signalling to one’s immediate in-group when you are on 20k a year.
I'm not necessarily referring to people having a high level of education -- a PhD in mathematics doesn't give anyone a higher understanding of criminal justice or other civics issues.
What is important is a well-rounded secondary education and/or liberal arts post-secondary education.
> Huawei, an arm of the PRC surveillance state, is trading on the innovations and reputations of leading U.S. and foreign companies. These companies should remove their apps from Huawei’s app store to ensure they are not partnering with a human rights abuser.
So should European Companies also pull apps from Google and Apple?
I‘m all for standing up against the horrible human rights abuses of China, but it sounds unbelievably hollow from the US, which has a track record of putting their own interest before democracy and human rights abroad.
The whole website is pitched for other countries to join in, but I really don’t see that happening except maybe the UK and Canada.
Has anyone published the evidence of Huawei being an "arm of the PRC surveillance state"? I've seen a lot of claims and a lot of out-of-court-settled lawsuits, but nothing really showing that they're using their devices or software infrastructure for surveillance.
There’s such a long list of this stuff from various companies. It’s not hard to research this at all.
In terms of an anecdotal evidence... My father used to work for molex, one of his biggest complaints were fixing the molds after they were sent to Chinese factories. They would try to deconstruct them and couldn’t put them back together (this was the 90’s, early 2000’s). So they would be shipped back to the US operations to fix.
Eventually, he ended up spending years training up Chinese to replace him (my father, in China). Molex moved much of its tool making shop to China and shut down most US tool and die making operations.
Anyway, China has people who are trained, on factory floors, who are there to reverse engineer processes.
This has been known for decades, companies don’t really seem to care or know (I guess that’s possible as they are outsourcing manufacturing).
I have no doubt this is designed across all their industries and systems. It’s in their interest to do this.
EDIT: I want to point out, there’s no longer a need for China to reverse engineer. US companies ship the designs straight to China. This is probably why we’ve seen China catch up so fast. We trained their workforce and now provide them all the IP before we build it.
This has been known for decades, companies knew, and the way they dealt with this was to only give China obsolete tech or tech about to get out of date, so they didn't care. That's no longer the case as China is catching up fast and really threatening the competitive advantage of truly innovative companies all around the world.
I think part of it is moving most manufacturing to China had companies like Molex move as well (cheaper). Molex builds the molds for items (I’m sure other companies are doing this to). That means the Chinese are reviving the designs BEFORE manufacturing even starts (US or China or India).
My understanding from the tool & die industry is that’s only been happening the last decade or so. IMO that’s the real issue, because it’s decimating the ability to manufacture here and sure design can happen in the US, but if you can’t build the molds for the latest tech here then it doesn’t matter. Those designs are given straight to China, no need to reverse engineer.
Recently, Like in the case of 5G. They are the innovators and others are the catchers.
I think labeling every western company as truly innovator and the Chinese ones as copy-cats is the modus operandi in the US but that is clinging to the old stereotypes in fast changing times. They built up massive expertise and are putting it into use to gain more edge on other countries including the US.
Huawei's contribution to 5G is probably overstated. Looking at the 3GPP rapporteur roster, a lot of work is done by Qualcomm engineers with Chinese names. This is why immigration is so important to the US in order to attract the best talents to contribute to US IP.
That Molex story is great. Can only imagine how much magic is in some of those molds... trying to think through many molex connectors in terms of relief angles, tolerances, and manufacturability boggles the mind.
> people who are trained, on factory floors, who are there to reverse engineer processes.
I only read this once and don't know if it is true. Supposedly Technology Transfer was/is a distinct engineering specialty in China, up there perhaps with Civil, Electrical.
Coincidentally this was while working with a US manufacturer which somehow could never satisfy a Tech Transfer arrangement completely enough to get the final contracted payment. (Mixed reasons there.)
Frankly I wonder if China will [thus] preserve aspects of industrial civilization while the US works and/or collapses toward a relative dark age. (One case in point: nuclear power generation.)
GGP: Has anyone published the evidence of Huawei being an "arm of the PRC surveillance state"?
GP: My father used to work for molex, one of his biggest complaints were fixing the molds after they were sent to Chinese factories. They would try to deconstruct them and couldn’t put them back together
Taking apart competitors' products is standard & ethically accepted practice virtually everywhere, there are lots of published anecdotes. Eg the one in Soul of a New Machine, where the team at Data General analyze a VAX. And there's no relevance to the surveillance state.
This section on Wikipedia covers the history of the concerns. I wouldn't say there's a definitive smoking gun that's public knowledge. Instead, there are several instances of vulnerabilities discovered in Huawei systems that may have been taken advantage of (by the PRC or other parties). My guess is that there's more to a few of these stories that only the intelligence community knows about.
One other point of concern from Western governments is that Chinese law compels Huawei to cooperate with Chinese intelligence services, which presents a vulnerability whether that law has been taken advantage of or not. This is much different than say, Apple, which has refused (or it has been simply impossible due to E2E) for them to cooperate.
Why has no one actually provided evidence of a single backdoor in the replies? The top reply is currently some anecdote that while interesting does not answer the question at all.
If anyone replies with an example of an actual unambiguous Huawei backdoor for which there isn’t a corresponding Cisco “backdoor” I’ll be happy to buy them a coffee. But why are so many of the replies to the parent comment just pure noise?
I grew up in Ottawa, Nortel HQ, and had lots of friends with parents working at Nortel. That's a town that does not buy a lot of Huawei.
What kept happening, from the perspective of people who worked there that I've talked to, was that Nortel would do heavy R&D investments and then a few months later Huawei would be selling identical hardware with zero R&D budget- for lower cost, naturally. It took Nortel years to finally figure out their network was highly compromised, likely by the PLA[0]. The PLA would steal industrial secrets and hand them to companies owned or controlled by the Chinese government, like Huawei.
One fellow I met at a wedding party once told me how he had actually read Huawei source code that included Nortel copyright notices. It was a joke by the end. Everyone knew.
As for as being an arm of the PRC, Huawei claims they're owned by their employees Trade Union. But Trade Unions in China, by law, are highly controlled and managed by the party. You can't have a trade union that isn't highly associated with the Communist Party. Huawei counter these arguments by saying it's very complex- but provide no evidence to the contrary.[1]
These are all valid reasons for concerns yet these do not qualify as proof of wrongdoing from Huawai. For 2) specifically, I'm not sure it would be helpful to declare all private companies started by veterans as "sharing deep ties to $Country's military operations".
There's no shortage of "guesses" and "plausible connections" around but the parent comment is specifically asking for actual proof in this instance.
People suspected the NSA were snooping and introducing backdoors and proactively places countermeasures against that. Why should the standard be different when it comes to China?
The standard shouldn't be any different and that's precisely the problem here:
* NSA is a governmental agency that by construction is tied to the state. Bytedance, Huawai and Tencent are privately owned companies in China and all "ties" to the Chinese governments are unsubstantiated. Blanket ban on private companies because of their country of origin and unsubstantiated suspicions results in clear discrimination and suppression of open competition in my mind.
* For my understanding, could you help by providing context on what specific counter-measures have been taken against NSA's intelligence effort based on people's suspicion?
People have been warning about BSafe and Dual_EC_DRBG for years before Snowden came along. Privacy advocates and security professionals had been placing out a blanket warning of "government" snooping for decades before Snowden. Richard Stallman, the guy who wrote most of the Gnu utils back in the days, had been signing his emails with M-x spook, which had been in Emacs since 1988. The Internet started out anti-spook way back in the days.
Corporations are inherently organs of government, being incorporated under a specific jurisdiction and receiving liability limitations in return. At the very least, Huawei is an arm of the PRC surveillance state in the same way that Google is an arm of the USG surveillance state.
The problem is not that the claim is false, but rather the one-sided focus on it that justifies the USG surveillance state continuing to turn on its own people. If this were just some defense contractor pork for internal USG networks nobody would really care, but it sounds like they intend to fork most common Internet features while dictating how they operate.
The impression put out there by many people is that in China, the state, the military, and the corporations should be thought about as part of the same whole, not separate interests.
The NSA barely acknowledges its own existence. It's not exactly known for publishing direct intelligence for public consumption.. The Mashable report you link was only possible because of the most notorious leak in the history of the world (Edward Snowden), who is currently a fugitive of the US government.
There is the story about a man who invented a way to coat glass with diamonds. He was negotiating to sell his invention to Huawei when they shipped one of his samples to China even though he instructed them not to because it was export controlled technology. The reason it is export controlled is that such an invention has applications in military laser weapons. I am summarizing from memory but you can read this article to learn more.
CIA-staged gas pipeline explosion is an urban myth. I guess the same can be said about a lot of other casually known spy stories cited in this very discussion
China’s National Intelligence Law from 2017 requires companies, organizations and citizens to “support, assist and cooperate with the state intelligence work.”
Yes, Huawei is an arm of the PRC surveillance state.
Of specific concern is a 2017 intelligence law that obliges companies to "support, assist and cooperate with state intelligence services in accordance with the law, and maintain secret all knowledge on the national intelligence services." Another is China's cybersecurity law, which contains similar requirements.
Vodafone asked Huawei to remove backdoors in home internet routers in 2011 and received assurances from the supplier that the issues were fixed, but further testing revealed that the security vulnerabilities remained, the documents show. Vodafone also identified backdoors in parts of its fixed-access network known as optical service nodes, which are responsible for transporting internet traffic over optical fibers, and other parts called broadband network gateways, which handle subscriber authentication and access to the internet, the people said. The people asked not to be identified because the matter was confidential.
RE the Bloomberg article, be aware that Vodafone rejected Bloomberg's reporting [1]: "The 'backdoor' that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet.
"Bloomberg is incorrect in saying that this 'could have given Huawei unauthorised access to the carrier's fixed-line network in Italy'.
"In addition, we have no evidence of any unauthorised access. This was nothing more than a failure to remove a diagnostic function after development.
"The issues were identified by independent security testing, initiated by Vodafone as part of our routine security measures, and fixed at the time by Huawei."
That's a nice way of saying that Bloomberg made up most of the article.
Huawei inked a $10 billion credit line with the China Development Bank (CDB) in 2004 to provide low-cost financing to customers buying its telecom gear. It was tripled to $30 billion in 2009.
“Like other tech companies that operate in China, including those from abroad, Huawei receives some policy support from the Chinese government,” Karl Song, vice-president of the company’s corporate communications department, said in a statement. “But we have never received any additional or special treatment.”
There's no large corporation in China that got there without financial backing, and board control, from the CCP.
Thus, all major Chinese corporations are a extension of the CCP.
I don't know why you tell me that, I'm not arguing anything, I'm just pointing out that Bloomberg is a bad source because they are making false claims and do not correct them.
> Thus, all major Chinese corporations are a extension of the CCP.
I believe that to be true. I also believe that to be true for all corporations in all nations. They're independent from the state until it matters.
See, that's a false equivalence, as the degree of entanglement between state and corporation matters, as well as how much workers would defy corporate policy aligning the company with the state, for e.g. ethical reasons.
I don't buy the cynical well, they're all the same. ByteDance employees attend CCP-indoctrination meetings in the regular. Is that the case for any US corporation? How many of them are lead by former former military, like Huawei?
Isn't it already pretty balkanized? Different countries have different censors and copyright laws. I post a video here in the U.S., it might be legal here but illegal in the EU, or vis versa. And people in Europe enjoy tighter consumer privacy protections than me. And being in CA, I enjoy better protections than other Americans in other states, on the same 'national' internet. The internet has been balkanized for probably 30-40 years, whenever the lawyers first entered the chat. The countries that do highly censor content, like china or russia, censor all forms of media, not just the internet.
They view it as a success and have double down on it, while the rest of the world continued to feed them knowledge free minds across continents spent centuries to accumulate. In short, they only took the useful bits to strengthen the government's grip on the population while leaving out all those things that made the vast amount of knowledge possible. They are getting all human knowledge for free, while it it not the same for us.
Strategically, this position is untenable. The free world is defenseless until we demand reciprocity. Balkanization, be that as it may, it's not the end, but a means to an end, the end should be all open for every one.
> leaving out all those things that made the vast amount of knowledge possible
No. This is the conceit of the humanities to attribute the past few centuries of industrial and scientific progress to their work. The Soviets, the Nazis, and the Japanese Empire all managed to progress useful knowledge while believing in completely different ideologies. Your John Lockes and Thomas Paines made no real contribution to the discovery of Penicillin or the Transistor. The idea that censoring ideology will stunt technological growth is a fantasy believed in only by ideologues.
I strongly advise you to look into the Needham Question. China could have industrialized a millennium ago, and yet it hadn't until around 50 years ago. Insulating one from knowledge can have tremendous effect on growth for centuries. All Soviets, Nazi and Japanese progress are built on ideas and attitudes first found in Reformation Europe.
The solution isn't more added on top. When China is your example of somewhere that is leading the way in doing something on the internet first, it's time to look at yourself long and hard in the mirror.
If they weren't serious about this claptrap it would be downright hilarious. "Clean" means nothing, other than "Approved by us" which of course can mean anything they want, including shutting down anything they disagree with even internally, and changing day by day. In practicality there isn't much they can do legally to make any of this actually exist.
> there isn't much they can do legally to make any of this actually exist.
Please, let's stop the whole thing of "he doesn't have the power to do this". Maybe he cannot do everything, but the last four years have proved that he can do pretty much everything he wants with a few minor problems with justice that he will also disregard. Think about mass imprisonment of immigrants, travel bans, attacking protestors in major cities with unidentified military units, diverting money fro the military to build a wall against congress wishes, not allowing his co-conspirators to testify in Congress, affirm he will not accept the election results, etc. All of these things supposedly were not legal. But he doesn't care about the constitution, and the constitution only has any power if the government is willing to uphold it.
I'd add that the collection of telecom companies at the bottom of the page is grossly misleading. It makes them appear as signatories or as if they're following America's lead.
Probably true. At the same time, they may have no choice. This sort of thing is not elective.
There are a lot of people around me taking that as a list of companies not to do business with. As if this will save them from the global surveillance dragnet. But here's the thing, you either submit to american surveillance and tracking, or you submit to some other nation's surveillance and tracking. You will not be able to choose companies that don't partner with their national governments for surveillance and tracking. So people taking this as a list of cooperating companies, and asking how to avoid this system, are being a little naive. Thinking that somehow, not being on our network will save them from surveillance. It won't. Best case, it saves them from surveillance by us.
The point I was referring to is that is that companies are listed that have announced Ericcson as their network infrastructure hardware supplier for years, and the decision has nothing to do with Pompeo's "Clean Path".
However, they are listed as if they are following the directive rather than having been long in front of it. It's gross political posturing, useful or not.
There's no good intention here. Its clearly a political document. It even calls out hiding covid research from China as if that helps humanity in any way.
The US is ran & staffed by the hyper-partisan “Z-team” right now.
This is tragic & dangerous bc we need shrewd & wise people to make decisions + build coalitions in the opening decades of 21st century, not hyper-partisan kooks.
Some of the worst actors in cyber space rn is the Russian gov’t & their intelligence + “security” services —- it sure is funny (funny as in strange, not humorous) how difficult it is to get any of these apparatchiks to publicly acknowledge that
I think the parent commenter's point is that making laws based on objective rules would make it more future-proof. Laws once passed usually stay for a long time. Huawei wasn't a big deal 15 years ago. 15 years from now someone else their place.
As with most things the Trump admin does, this one too is sloppy.
There was no need to call out the CCP in the document, it's obvious who this measure is primarily directed at. Also, characterizing it as an initiative of the "Trump Administration", instead of the United States Government or State Department, was unnecessarily political and also obvious.
Also as mentioned above, China already has a Clean Network initiative. I wonder if the Trump admin copied that name, or chose it accidentally.
Are there any cybersecurity professionals on here who want to comment about the pros and cons of the network? I don't have the necessary expertise to ascertain the merits of it (actual threat vs. mitigated threat) but I don't like the "clean" verbiage. Nor do I like China's own longstanding protectionism and Great Firewall.
1) There are too many in/out points and encrypted paths in and out of the network to actually make this worth spending time on. Think of walling off the entire country, yet there is still air above the wall, movable earth below the wall.
2) It creates a false sense of security if you're on the "clean network" and may make some developers less considerate of securing apps, websites, etc, and some consumers of questioning the security and privacy of the apps they install. I.e. it weakens those within the "clean" firewall.
I laughed, but also ... yes? As a lover of liberty I would much rather just my own government (by which I am ostensibly represented) have the ability to infringe on that liberty than 2 governments. I would want to support regulations that protect myself and neighbors from the influence of those other infringers, no?
Your own government also has more tools to use against you. You'll pass through your own border more frequently, you're more available to be arrested, harassed by LE, etc.
How about as a lover of liberty, _nobody_ snoops on our data?
Of course you are correct, but the tools available to other governments still concern me greatly. Are we actually presently capable of making sure nobody snoops on our data? If so then I agree it is a better solution. But is it not better to use an imperfect plan which is implementable than wait for a perfect plan (if such a thing exists for cyber-security) to become implementable when a threat is present?
Depends how paranoid you want to be, and to what degree of certainty (after all it's impossible to prove a negative).
But in general, backdoors for "the good guys" are just more surface area for "the bad guys", and developers of products which take security seriously lock themselves out too.
The actions required to shut out that second attacker are blunt tools that impinge upon your personal freedom far beyond their stated purpose. And since you still have that primary attacker, then you still have to defend against them anyway.
The proper solutions to protect us from "China" are the same as the solutions to protect us from NSA - E2E encryption, P2P communication, decentralized namespaces, and making data transmission (ie trust) as non-interactive as possible.
Can we realistically implement these in the near future? Will this not function as a stop-gap in the meantime while we do work on your (better) solution?
Yes they can be implemented, when there is necessity. The tech industry has been coasting on commercial surveillance to fund centralized solutions, relying on consumers not looking too hard behind the curtain. I'd say that overall fiction is what is really collapsing here.
I don't see how it's possible to answer whether this will "function". None of the simplistic actions stated in the press release address any of the actual threats - hence everyone is filling in their own imagined technical specifics. This is basically another "series of tubes" moment, with politicians not understanding that while they can control the physical wires, they cannot control the emergent complexity of communications happening over the wires.
Is it really another "series of tubes moment"? Is it not true that a system crucial to the majority of economic, social, and political(!) activity in this country ought not to be running on hardware/software known to be designed/manufactured by what has proven to be a "malign actor"?
For sure, but this page is also trying to position the US government as a trustworthy provider of equipment for other governments. Given some of the historical work done by the US secret services [1] it's laughable that another government would take this seriously.
The NSA didn't reveal any secrets that couldn't be looked up by anyone who cares about privacy. Is Thief A more trustworthy than Thief B because Thief A told you to lock your doors and windows and Thief B didn't, when both already have keys to your house?
If you're not already familiar with the history of labeling immigrants (particularly non-European immigrants) as unclean or dirty, I'd urge you to read up. This article seems to be a good start: https://journals.openedition.org/transtexts/1011
In short, calling this a "clean" network continues a long history of racist and xenophobic language in the U.S.
Yes. I don't think its repeated usage in this way diminishes my point, however. In all of these contexts it's been used to put down foreigners or immigrants.
No. First of all, attitudes toward Chinese and other immigrants to the U.S. in the 20th century were formed, in part, by the language that was used by those in power. That Chinese immigrants were "dirty" was not fact, it was a racist stereotype.
Second, I do not contend that describing anything in negative terms is racist. I am linking the specific history of describing Chinese immigrants as dirty with the Clean Network's choice of names. It behooves us not to think of it as a benign coincidence but rather an intentional act to signal the Trump administration's commitment to xenophobia.
It's not but it does have a long history of being applied to vilify any immigrant group. In the early 20th century the US was forcing all crossers from Mexico to go through a delousing with Zyklon-B because they were 'dirty' and threatened to bring in vague disease. OP wasn't saying clean is exclusively a bigoted phrase against Chinese people, it's more broadly problematic and directed at any group considered undesirable.
Please don't use that racial slur. The article I linked above shows ways in which "dirty" was used as a racialized term in the 20th century in the U.S.
Follow the link in "Digital Trust Standards" to the "Criteria for Security and Trust in Telecommunications Networks and Services" (https://csis-website-prod.s3.amazonaws.com/s3fs-public/publi...). Political & Governance Criteria numbers 8 and 9 would seem to present problems for companies in the UK and US, both of which require suppliers to cooperate with the government in secret and unchallengeable ways.
So the country whose national security and intelligence agencies have gathered the largest database of sensitive information in the world is proposing to "safeguard sensitive information from aggressive intrusions by malign actors"... If U.S. is some kind of role model / example for other countries to follow (in terms of freedoms, democracy, prosperity, etc) then other countries will also gather sensitive information to the largest extent possible... So this "we can, but you shouldn't" is just a shameless hypocrisy. What would the U.S. founding fathers say to all this? Is there any William Penn living in the U.S. today to give basic freedoms like privacy back to the people? Or will the "controlling party" take everything away - including the freedom to think and say?
It's possible to criticize the national security state in the U.S. while not losing sight of the fact that China is run by an authoritarian government guilty of abuses at a completely different order of magnitude.
That difference is important, because a lot of people even in this thread seem to completely lose sight of it.
I would argue that the United States is worse than China. China isn't, nor has it really ever been imperialist. The United States is an imperialist country that has wreaked havoc across the globe, and is responsible for the death of millions of innocent civilians.
Your link includes post-WWII "regime change". Would you rather live in Western Europe or Eastern Europe? North Korea or South Korea?
The point is, the United States has done a lot of things across the world. Some of it may be havoc. It may be responsible for many deaths. It's also responsible for many improved lives.
China today is involved in territorial disputes involving military mobilization with more than half of its neighbors. In a few decades, we're probably going to look back on Xinjiang as an event comparable to the holocaust.
Boiling this down to "USA = imperialist = bad" and "China = not imperialist = OK" is silly.
I question the validity of the accusations i Xinjiang. If you can provide me evidence of wrongdoing, I will be more than glad to read and investigate it. China is dealing with radical Islamists in the best way they feel they can.
I never said that China was "ok", I simply pointed out the hypocrisy that is always present when we demonize a foreign nation, for political ends.
>I never said that China was "ok", I simply pointed out the hypocrisy that is
I'm sure you think this is helpful, but this is a false equivalence that, for practical purposes, serves to derail necessary and needed criticisms of China.
Luis Kutner was a co-founder of Amnesty international, and Kutner would go on to form the “Friends of the FBI” group, an organization “formed to combat criticism of the Federal Bureau of Investigations,” according to the New York Times, after its covert campaign to disrupt leftists movements — COINTELPRO — was revealed. He also went on to operate in a number of theaters that saw heavy involvement from the CIA — including work Kutner did to undermine Congolese Prime Minister and staunch anti-imperialist Patrice Lumumba — and represented the Dalai Lama, who was provided $1.7 million a year by the CIA in the 1960s.
Oh, I'm very aware of these JV debate team talking points about Amnesty International. I would just dismiss those as not relevant and point you toward some courses on remedial critical thinking skills to better understand what kinds of evidence are relevant to what kinds of claims, specifically how the signal diminishes as you increase the degrees of separation from your evidence and the content you are trying to apply it to.
This is several degrees of abstraction away from the point about Uighurs, so unless you are claiming Luis Kutner's actions in the 60s have a specific, direct evidentiary connection to the 400 instances of Uighur testimony about disappearances and torture across the world from the past few years, the only thing I can do for you is try to help explain how to critically think about evidence and its connection to different kinds of claims, and how to understand when it does and doesn't weigh on particular claims.
Did you have anything specific to the issue of Uighur testimony you would like to share that's not from 60 years ago? Is there a particular line in the wiki article or mintpressnews that you linked that directly and specifically debunks all 400 pieces of testimony?
If you looked at the second link I provided about Nayirah and Desert Storm, you would realize that my concerns about Amnesty and testimonies are inextricably linked. They "corroborated" her testimony. Bear in mind this was in the early 90's, not 1960.
Watch the testimony, and then read the video description. Its all public record.
The facts of the matter are that there HAVE been radical Islamic terrorist attacks in Xinjiang. The Chinese are dealing with the nature of this problem. The extent to which "atrocities" are occurring is constantly stated, yet somehow the numbers are always inflated, stories are changing, none of it adds up.
You asked for evidence supporting 'the accusations in Xinjiang.' I posted some. Since then, most of your reply has had nothing to do with that. None of the material you linked previously was directly related to Uighurs. And now you've come back with a second trove of links, and instead of explaining them you're inviting me to wade through a huge trove links that apparently imply somethingorother that you just can't get around to stating in plain language.
The most relevant appears to be a pair of articles that support a half-baked argument that someone's testimony has changed, although you aren't clearly stating how it changed, and it's not clear that your interpretation of that is one that I would share. And to the extent that there's an argument here at all that relates to Uighurs, it appears to depend on using a single account to disprove an entire trove of 400 interviews, which is a fundamental misunderstanding of how different kinds of evidence balance against each other.
That's in addition to the comprehension issue regarding how evidence diminishes in weight the further it is removed from the subject - the connection between stuff from 60 years ago on a different subject doesn't balance against Amnesty's work in the present the way you seem to think it does.
And again, I'm very familiar with the copy+pasted talking points from /r/Sino. For the most part, you still haven't directly addressed the veracity of the interviews, you've just attempted to turn the whole conversation into a pandora's box of digressions with unclear connections to the specific question you were originally asking about. This is more an exercise in Qanon-style free association than an expression of a coherent thought that logically addresses specific arguments.
> Some of it may be havoc. It may be responsible for many deaths. It's also responsible for many improved lives.
If we're making those kinds of tradeoff, China is just as responsible for many improved lives, just look at the Road and Belt initiative, projects against poverty and involvement in Africa.
China pulled an entire nation of 1 billion people out of poverty, industrialized and become a global force in less than a century. As is typical with propaganda, you must demonize the enemy as an all knowing specter read to pounce, and at the same time pretend they are a toothless tiger that has so many failing they could never be considered successful.
>The enemy is both strong and weak. “By a continuous shifting of rhetorical focus, the enemies are at the same time too strong and too weak.”
I said nothing about China in my comment. All I said is that it is disingenuous and incorrect to call the U.S. a “liberal democracy” and use that to explain away the reasons that our surveillance state is “better” than theirs. I made no judgment about the comparison itself.
Call it what you like, but the reality is that the USA is so much more free at every level of society than China under the CCP, and that's even ignoring the horrors of Xinjiang and Tibet.
Even in this much-derided "Clean Network" document there is not a word about the sort of content-based censorship that is ubiquitous in China.
I said nothing about China in my comment. All I said is that it is disingenuous and incorrect to call the U.S. a “liberal democracy” and use that to explain away the reasons that our surveillance state is “better” than theirs. I made no judgment about the comparison itself. Clinging to the judgment that we are the least worst, or “clothespin”, surveillance state, seems pretty grim to me.
Between an Oligarchy posing as democracy that give me the 'illusion' of choice and an Hegemonic Autocracy run by a single party, without any alternative and by an egomaniac without opposition, I chose the former every day of my life.
At least the current egomaniac in the US Presidency can be voted out under the 'illusion' system
Nearly every affluent liberal democracy on the planet qualifies as an oligarchy by the premise that gets floated about the US.
Similarly qualified: Britain, Australia, Canada, France, Germany, Spain, Japan, South Korea, Switzerland, Sweden, Norway, Ireland, Iceland.
Have you looked at how many billionaires there are in Sweden and Norway? Oligarchy. Sweden has considerably more billionaires per capita than the US does. They're clearly not a democracy at all. The billionaires control the entire country including its government, obviously.
Ever look at the perpetual old money dominance in Germany and France? Oligarchy.
You're down to there only being a dozen or so liberal democracies that aren't in some way broken, severely tainted by money or entrenched power groups, etc. - if you use the same standard used against the US.
Serious question: if you pick any given surveillance state from a liberal western democracy and pick it out of a hat, and set it side by side with China's surveillance state, are you telling me you would not be able to tell them apart?
Because that's the point at issue in the thread you are replying to. And I'm personally kind of amazed that it's possible to lose sight of something I find to be an incredibly obvious distinction.
I think you may have pulled the wrong point. This thread seems more about how the US prides itself on being a role model when we are often hypocritical. If we're good to slide on our principles and ideals "as long as we can tell ourselves apart from China" that's a pretty sad state.
This branch of comments goes back to a commenter who made the accurate point that the US is closer to a liberal democracy than China.
>If we're good to slide on our principles and ideals "as long as we can tell ourselves apart from China" that's a pretty sad state.
This is conflating a differentiation for a justification. We can form coherent thoughts about the relative scale of abuses committed by different powers without that meaning we think those abuses are okay.
If we lose our ability to form coherent thoughts about abuses committed by China because we can't express them without also having to labor through false equivalences to U.S. surveillance, those valid and needed criticisms get derailed and the comprehension of China's unique status as an abuser of surveillance infrastructure gets erased. Judging different scales of moral error is important, because otherwise we can never progress from a position of moral error to positive moral standing and we get bogged down with frivolous exercises in whataboutism.
I think the intimation is that it's not only the NSA or the United States building such databases, and the assumption that the NSA would have the largest database may no longer be credible--not because they stopped gathering data but because they were surpassed.
That's an unfair caricature. The steelman version of that argument is that China has likely amassed a more robust global surveillance database (to the extent that that's even the right word to use) than the U.S.
I think it's just true in a literal sense that China has constructed it's own surveillance system that under any metric would be larger than that of the United States or any other nation.
Just search for all current and past "data scientist" / BigData job offerings for those agencies on Google and Archive.org for the last 10 years. This data is freely available.
Chinese government mandated pre-installed spyware on all phones made in China is certainly a huge problem.
But on the other hand, isn't it a violation of First Amendment protections if the US government can dictate certain apps aren't allowed to be distributed in the US?
Since software's subject to copyright, doesn't it logically follow that banning software is legally similar to banning a book?
Imported goods and services aren’t protected by 1A.
Software is protected by 1A, so there’s nothing the government could do to prevent China from publishing software or source code, and allowing people in the US to download it. But it can certainly prevent a Chinese entity from providing services to US customers.
It's fairly simple. Did the app you download have anti-American sentiment posted on it? Banned. It could have been Chinese propaganda after all. Same goes for video hosting, web hosting, etc.
Isn't this why we have the legal system? Companies could sue the US government for that sort of thing? Or do you feel like the judicial arm of our government would not defend the rights of those companies? Or would the laws surrounding this plan be worded such that companies have no legal recourse? I still fail to understand this fear.
Would you invest in a disruptive new startup that made an app which allows individuals to communicate with end-to-end encryption, and had no restrictions on "anti-American" sentiment (meaning "anti- some particular political party" sentiment)?
The startup might win the court case, but you might lose your money before the government gives up its appeals and injunctions.
Isn't it ridiculously easy to set up attacks from within a "clean" network? It probably does increase costs marginally (you have to fly people to "clean" countries, set up ISP access with third parties, etc) but are there any public estimates how much it does that vs the increased costs to run this network? I would think it's marginal.
Seeing the partner list this seems like more of a ploy by telecoms to attack tech companies than any legitimate attempt to secure networks.
> To prevent U.S. citizens’ most sensitive personal information and our businesses’ most valuable intellectual property, including COVID-19 vaccine research, from being stored and processed on cloud-based systems accessible to our foreign adversaries through companies such as Alibaba, Baidu, China Mobile, China Telecom, and Tencent.
There's a bunch of different measures discussed, but they all seem to remove some attack surface that we have seen exploited.
Securing the routers and network cables removes the means for man in the middle attacks (or at least makes them preventable with router security). Not connecting to telecos does the same (because of bgp highjacking and the like).
Removing chinese apps and not storing data on Chinese servers makes decreases the amount of data that can be extracted from large portions of the population by the CCP. E.g. preventing the "who knows who" graph from leaking wholesale (even if individual nodes can still be investigated via other means).
This doesn't fix all security problems, but it removes some of China's current advantages in cyberwarfare.
Not putting apps in Chinese app stores and devices looks to be an outlier in that it's a form of sanction (in response to human rights abuses) rather than a defensive measure.
Securing routers and network cables is basic stuff that we should be doing anyway (and probably are, at a classified level.) You don't need to balkanize the net in order to do those things.
Removing "Chinese apps" just means that different Candy Crush clones will be collecting that data, either directly or through their advertising networks. Or it means the Chinese companies who need to collect data will collect it through data breaches.
The best thing you can say is that this puts a speed bump in front of attackers, but since speed bumps aren't a security measure the reality is that it won't do anything.
What i don't get is why we should care about this (care as in, advocate for). MITM is a great argument for distrusting the everyone in the middle, not trying to increase trust in the middle man - no?
This just feels like an attempt to control who is the middleman spying on data, not actually securing Americans data. Which makes sense, coming from the government and whatnot - but i'm just trying to make sense of if there's an actual reason i should like this "Clean Network" (which is to say, my comment is an honest question, not an attack on the proposal).
Perhaps i'm just biased because of my (pet) passion for distributed systems. I don't trust any MITM, so i think i struggle to understand the concern for _who_ is in the middle.
I'd be far more interested in this type of pitch if it came with heavy support for encryption, distribution, etc.
Look at the "great cannon" attack for an example of why securing the middle is important. Secure software obviously shouldn't trust the middle, but the middle being compromised means that insecure software can do orders of magnitude more damage.
Moreover the middle can just shut down. Especially for things like embassies it's not a good idea to give the adversaries an easy off switch.
I agree that "encrypt all the things" would be a very nice addition.
> This doesn't fix all security problems, but it removes some of China's current advantages in cyberwarfare.
How? It makes attacks slightly more expensive (because you need to use infrastructure in a "clean" country), but it doesn't stop anyone that's dedicated and has money to spend.
Want your spy-app on the app store? Don't register your company in China, just do it in the US. Voila, you're "clean."
Why? Copy cats are normal, everybody copies things that are successful in other countries. How do you assure that the company that creates a new app "out of the blue" isn't secretly funded by China? Require a background check and federal approval before an app can be downloaded more than 1000 times?
You can't move around the many millions of dollars in advertising without the government being aware of it. Good old fashioned investigative work and arrest of anyone knowingly contributing to wirefraud is sufficient to stop clandestine apps from growing to the size of tiktok.
Sort of like how the CFO of Huawei is currently in jail.
Creating orwellian straw man arguments is not a productive method of conversation. Please stop.
> You can't move around the many millions of dollars in advertising without the government being aware of it.
Why would you need to? I don't understand the point you're making. It's not about the money, it's about data, right? Presumably the Chinese aren't using Tik Tok to fund their government, they're happy to spend money on data collection. From the outside, you can't tell whether a company is collecting user data to give them to the Chinese intelligence service or just to engage in "good old American surveillance capitalism". That these kinds of operations can collect data and fund themselves is just the cherry on top.
My point is that if "location of development" team and "immediate source of funding" are the criteria, you might keep the average Chinese developer out that just wants to release his hobby app. But you're not keeping out anyone that's dedicated, has money to spend and can just do it in plain sight, because the actual acts are not the criteria you look at, because they're identical to the things your companies do (which they obviously don't want to stop from collecting data).
If the initiative was for simply protecting companies and individuals from tracking and spying, I'd be on board and I could easily see how that might have some success. But it's not, and short of forcibly removing anyone with Chinese heritage from the US and doing lie detector test on everyone else to make sure they're not secretly working for China, there's no way to keep anyone safe from Chinese data collection invasive anti-privacy companies while not interfering with the regular invasive anti-privacy companies. Well, maybe by looking at growth rate and use of dark patterns, the Chinese agents might fear being uncovered and won't go all out with the abuse...
> Creating orwellian straw man arguments is not a productive method of conversation. Please stop.
Not everybody is a Chinese agent. "We will build a wall, it'll be great, nobody will be able to come through, and China will pay for it" just doesn't sound like a good plan to me.
> Why would you need to? I don't understand the point you're making. It's not about the money, it's about data, right?
It's inevitably about both. You don't make an app with the reach of tiktok without a huge amount of money changing hands. You need to advertise it, you need to motivate content creation, you need to buy servers, you need to pay for that (probably by selling advertising - but funding from the government works as well), and so on.
If someone made a popular app without a source of revenue, that would be just as much of a red flag that I would expect the government to look into (for tax reasons even).
You can't stop small things no one uses, big things have but noticeable footprints. Big things are also the things you care about stopping if your goal is to do things like "not let China collect a complete social graph".
Some of the companies listed in the photo are only companies that do not (or have never) used Huawei equipment in their network infrastructure.
For instance, Rogers (Canadian telecom company) hasn't released any statements [as far as I'm aware—to date] following Pompeo's announcement. They've been set up to use Ericcson for their 5G rollout for several years.
It's misleading on the part of whoever drafted the document.
Opinion: The only reason Canadian telecoms and the Canadian government haven't officially announced an outright ban is because of the delicate situation with Meng + the two Michaels. They've almost certainly, behind the scenes, committed to it.
Oh no doubt. The Canadian gov is certainly more nuanced (sometimes to a fault) with a lot of issues.
I was just pointing out that the Canadian telecoms did this long before the US admin started honking their horn about "Clean Networks TM" and not at all to comply with American [government executive] directives like "if you are freedom loving you'll join us".
No, this is propaganda by the current admin who's succeeding step by step to create a tyrannical position that has control-censorship abilities like the CCP et al.
This information has already been had by hackers (e.g. Equifax) and/or people from within US companies doing corporate sabotage to steal trade secrets from within a company, etc.
I am surprised it did not make bigger news. I am genuinely annoyed that US, of all places, is contributing to the splintering of the internet as we knew it.
But what surprises me more people are not up in arms about it. I mean, who would not love only government approved code floating around and only child appropriate messages being visible before 10PM.
If there is a real reason to dislike this administration, this is it.
This is disgusting. Anybody working at an American firm that's supporting this initiative should be ashamed. Anybody working on this project is actively contributing to the destruction of international trust and cooperation.
I am beyond disgusted at my government. This Republican administration has been an unprecedented disaster on every front.
How would you suggest we limit the surveillance and active attacks on American infrastructure by the Chinese government? They show no signs of letting up and/or respecting how America works in the slightest.
Ok that helps the issue in issue in 20-30+ years (develop the tech, start mass production, replace all old hardware with it) what can we do in this decade?
That is the government's problem, had they asked me 20 years ago, I would've told them moving all manufacturing operations to China just to enrich a small small percent of people would be disastrous for the nation.
Right now I don't care whether China or USA spies, they are identical countries in my mind.
Keep in mind that China can still spy on even with this Clean Network.
Biden is going to be 110% behind this too. I don't have the slightest idea of why you'd think otherwise. People have been playing nice with China for the last few decades hoping they'd change and it hasn't happened maybe a different approach is needed.
Can we get a clean government? Free from hyper-partisan politics, where there can be more than two sides and folks on other sides are still on the same overall team and not the enemy?
The whole goal of trumpism is to create slaves to the ideology of white and western supremacy. It has so clear racial undertones that it's not a surprise they want to attack China: they see it more as a racial target, poorly disguised with "homeland security" excuses.
Wrong, Trump only fights for himself. Americans will also suffer the consequences of a new irresponsible "Cold War". Trump, on the other hand, will continue lining his pockets.
Fuck. This is really terrifying. The internet has connected all of us, which has been mostly for the better, and these idiots want to ruin it. I really hope none of this shit sees the light of day.
"In our time, political speech and writing are largely the defense of the indefensible. Things like the continuance of British rule in India, the Russian purges and deportations, the dropping of the atom bombs on Japan, can indeed be defended, but only by arguments which are too brutal for most people to face, and which do not square with the professed aims of political parties. Thus political language has to consist largely of euphemism, question−begging and sheer cloudy vagueness. Defenseless villages are bombarded from the air, the inhabitants driven out into the countryside, the cattle machine−gunned, the huts set on fire with incendiary bullets: this is called pacification. Millions of peasants are robbed of their farms and sent trudging along the roads with no more than they can carry: this is called transfer of population or rectification of frontiers. People are imprisoned for years without trial, or shot in the back of the neck or sent to die of scurvy in Arctic lumber camps: this is called elimination of unreliable elements. Such phraseology is needed if one wants to name things without calling up mental pictures of them."
--
EDITS: Simplified language, and removed quotes from OP as well as several paragraphs from the Orwell quote to make my comment shorter and easier to digest.
I am not sure why you got downvoted. This is absolutely the interpretation you can easily reach after reading it. Maybe readers perceive Orwell reference as too dramatic?
The question I think this is an answer to is how you can have a reasonable expectation of freedom and privacy while sharing an internet with a CCP who has militarized their technology sector as a means to facilitate colonial expansion.
I'm no fan of anyone involved, but we should accept that the Internet as we may have known it has been compromised by exogenous governance structures and their gatekeepers in service of non- and even anti-internet agendas, and it can no longer seriously be considered a free territory for divergence and innovation. The U.S. and their Clean network seems naive in a way, but in this case, I don't object because I think it is the devil we know.
Computer security does not operate around large sweeping claims of some party doing something bad, and so doing something bad in retaliation. And it's impossible for the "Internet" to be compromised - by definition it's an open network that gets packets from A to B while letting most anyone listen in. So then, what are the specific problems?
If the problem is that China is copying designs, then the solution is to stop moving sensitive production there.
If it is that Chinese manufacturers are putting remote backdoors in products, then the solution is to make trustable designs with open firmware, and domestic production of sensitive parts to avoid hardware backdoors.
If the problem is apps with built in surveillance, then the solution is to secure mobile OSs to prevent data leakage.
If the problem is that Chinese groups are shitposting to manufacture political consent, the solution is better social media filters, reputation systems, and fixing our domestic institutions (eg the press) thus hindering the ability for anyone to manufacture consent.
None of these things are solved by top-down imposition of some blunt firewall, or whatever other misguided heavy handed ideas the politicians have in mind. From the perspective of network security, it's really no big deal if Internet addresses become 64 bits with the addition of a proxy.
This appears to be a rare example of a government providing a secure perimeter for its citizens to create and innovate without being subject to a foreign totalitarian machine's global spying operation. It's not a top down imposition.
Reality is, if the U.S. govt doesn't protect its networks, people and companies will have to protect themselves with encryption and hardware key management that keeps China out, which by extension means keeping US law enforcement out as well. It's a sovereignty issue.
1) This won’t stop or significantly mitigate hacking from China. China is perfectly capable of hacking US software on US networks.
2) China has the intellectual capacity to meet the US technologically without stealing IP. Putting pressure on them will just encourage faster technological development.
3) At this point, it seems China will continue to expand control of South China Sea, or US will go to war with China to stop them. Any middle ground is fast disappearing. Hawks in US seem to have won control of strategy.
> To prevent U.S. citizens’ most sensitive personal information and our businesses’ most valuable intellectual property, including COVID-19 vaccine research, from being stored and processed on cloud-based systems accessible to our foreign adversaries
I find it an interesting choice to specifically use COVID-19 vaccine research as an example of intellectual property.
What about all the talk that COVID-19 vaccines should be developed in global collaboration and that vaccines should become available to everyone worldwide?
> our businesses’ most valuable intellectual property, including COVID-19 vaccine research
1. If we have some valuable Covid-19 research, shouldn't we like, um, not keep that a secret?
2. Also, if we're going to take this farcical notion of "IP" seriously, it's only right that we give up all our guns, since gunpowder was invented in China, and we are infringing on their "intellectual property".
I should find this more mortifying, but with the EU Court of Justice's decision on the privacy shield, India's ban on Chinese apps, and the great firewall + other nationalized internets, the US just seems like a late mover on nationalizing the internet.
I guess I'm confused. I clicked the link and read through it really quick. I didn't really have a lot of strong opinions. This seems to be a response to how powerful China is becoming and that's scary for many reasons. This almost seems like a natural reaction of one government trying to abuse the internet and another government trying to protect it's citizens. It might even be irresponsible for the U.S. not to react. Obviously, there's no mention of Russia, but let's shelve that for now.
I wasn't totally alarmed by what I read. Maybe I'm misunderstanding something, but I take this as a sort of stamp of approval that a cloud/network/platform isn't compromised by China. It doesn't seem to say, "Only use the U.S. internet" as other commenters have mentioned. The stamp of approval seems to be global (if you look at the list that was mentioned it's worldwide, not just the US).
When I came back to look at the comments I was surprised to see a lot of noise. I feel like something must have flew over my head and maybe someone can explain it to me. I went ahead and read the link again but slower and I still don't understand the reaction I'm seeing on HN.
Maybe it's some sort of state of idealism. People want the internet to be a place that's free from tyranny or government, but that's not what's happening. China/Russia/US/whoever is abusing the internet to gain an upper-hand. The best solution is to reinvent the internet, which I know there are a quite a few projects going on that are trying to accomplish that, but in the meantime what is a government supposed to do? Let other governments siphon their citizen's data without a cost?
Again, I could use an explanation as I must have missed something that a lot of other people are finding very obvious. When a top level comment just says "Make sure you vote in November". I don't understand the context.
Disclaimer: I am definitely not voting for Trump and dislike pretty much everything the administration has done. Yet, I do try to look at everything in silos.
I'm not really sure what's going on here either. Reading the article, it looks like there will be a list of approved providers of telco equipment and all services to US govt facilities will be required to use the approved list of gear. Same for 5g networks. I don't see how that splits up the internet. The app store thing could be fishy or maybe is just leads to a disclaimer in the app store that an app is "clean" or not.
> Clean Cable: To ensure the undersea cables connecting our country to the global internet are not subverted for intelligence gathering by the PRC at hyper scale
What is hyper scale? Did Trump write the copy for this site?
> The Clean Network program is the Trump Administration’s comprehensive approach to safeguarding the nation’s assets including citizens’ privacy and companies’ most sensitive information from aggressive intrusions by malign actors, such as the Chinese Communist Party.
What bunkum. What about intrusion by parties such as Russian intelligence using legal methods, targeting ads using our "most sensitive information" on Facebook to benefit Trump? Trump wants to talk about the Chinese digging tunnels under the house while his cronies (domestic and Russian) walk right in the front door.
This is such an obvious ploy to change the conversation away from the now >160,000 Covid-19 deaths in the USA resulting from his disastrous management of the crisis.
>The Clean Network program is the Trump Administration’s comprehensive approach to safeguarding the nation’s assets including citizens’ privacy and companies’ most sensitive information from aggressive intrusions by malign actors, such as the Chinese Communist Party.
Welcome to the great firewall of the US. The trump regime seems to be adamant in copying the worst of digital surveillance and anti-competitive prohibitions from communist countries.
What would possible make you think Biden would change course on this? Neither party likes China and the whole idea that a new administration is going to roll back a hardline policy vs them is crazy.
Trump plans are the musings of a rambling idiot. He and his enablers don't know anything about technology and the impact this can have on American companies.
Simple, stop outsourcing manufacturing to China. Companies regularly get contracts which require an IP transfer in return for cheap mass labor. Of course there's IP which is stolen, but that's the cost of doing business when manufacturing at home has been shuttered.
But, wouldn't this need to be enforced by the government? How else are companies going to agree to stop outsourcing manufacturing to China? And if you agree that the correct solution involves government regulation, then what specifically about this plan doesn't accomplish your preferred outcome of "stop outsourcing manufacturing to China"? I may be naive but I also fail to see exactly how this plan is bad. Do you not feel the Chinese government is using technology to undermine the US, or that this isn't actually a legitimate and compelling issue of national defense?
My comment was intended to be descriptive, rather than prescriptive. IP theft isn't a new thing and American companies no doubt take it into account when manufacturing overseas.
Enforcing IP internationally is actually quite difficult anyways. Tariffs effectively restrict manufacturing overseas, as there's some breaking point in cost to produce.
I don't believe banning trade / manufacturing to China is a good idea, we depend on them for cheap consumer goods, and they depend on that revenue. We developed a dependency on Chinese manufacturing because it was cheap, and no with little to no manufacturing ability stateside, we're tied to their economy.
As someone who worked for the D.O.E for years, I can care less where consumer goods / technology is manufactured. The US government already has VERY strict rules about manufacturing for military / transportation equipment. "National Defense" isn't going to be decided by who owns TikTok or app-de-jour.
This particular administration has gone out of its way to gaslight everyone and thing it possibly can. It is to the point that everything they do is consider suspicious and/or a lie at face value. That they have the gall to name this "The Clean Network" and encourage the allies they have been bludgeoning for the past 4 years to join it is both laughable and insulting.
> We call on all freedom-loving nations and companies to join the Clean Network.
This makes me physically sick. The only freedom you have in the U.S. is being poor, controlled, and oh yea, you can Tweet whatever you want. While the U.S., both citizens and the government, have pointed fingers at Russia, China, and <name a country>, we've been under the assault of propaganda and control for decades, at increasing rates, all under the guise of so-called freedom and democracy. Instead of propelling us into the future, our government has dragged its feet to pull us back all in the name of pure greed and control, giving itself and corporations near limitless power by sacrificing the common people.
Edge cases for an obvious hyperbole is not really bad news. Of course you can't Tweet whatever you want, and you can't even say whatever you want. That's obvious. The hyperbole was a jab at people, often commenters on this very site, justifying "freedom" in the U.S. as being able to Tweet the president whatever you want, within reason, as opposed to other authoritarian countries.
"We call on all freedom-loving nations and companies to join the Clean Network." is a sentence straight out of an authoritarian playbook. Top-down imposition of standards is not what made America's melting pot great. Free and open discourse, with redundant structures designed to ensure that governance required the consent of the governed, did.
Furthermore, State is a decade or more behind the game. It is my impression that modern companies that care about security assume that all networks are compromised and act accordingly. See https://cloud.google.com/beyondcorp as an example.
Balkanizing the Internet will not make us free; we will instead tie our own hands. This is not the same as banning the import of presumed-compromised hardware.
Vote.