cross-posted from: https://mander.xyz/post/41894619
Wherever possible, only components from our own production β this is the federal government's plan for German telecommunications networks, which Chancellor Friedrich Merz surprisingly announced on Thursday at the congress of the German Retail Association in Berlin.
"We have decided within the government that we will replace components wherever possible β for example in the 5G network β with components that we produce ourselves," according to consistent media reports citing Merz, including the Handelsblatt. "And we will not allow components from China in the 6G network." Merz did not provide a more precise classification, for example, what is considered "self-produced" according to this standard. The statement is said to have been made during a Q&A session and is not to be found in the transcript of his speech.
...
The industry should discuss what can be done not only to become more independent from China, but also from the USA and the major technology companies, Merz is further quoted as saying. However, Merz ruled out a complete decoupling from China.
...
Just at the beginning of the month, the Federal Network Agency tightened its rules for components of the 5G network. The regulator argues that 5G networks represent the future backbone of digitized economies, connect billions of systems, and process sensitive information in critical infrastructures (Kritis). According to the Handelsblatt, the CDU, CSU, and SPD last week also agreed on new legislation also agreed on new legislative tightening last week to ban equipment from German telecommunications networks deemed insecure.
...
According to the legally anchored "Huawei Clause", the federal government can prohibit the use of "critical components" in cases of "potential threats to public safety and order." The federal government and the mobile network operators reached a fundamental agreement last year to no longer use technology from Huawei or ZTE for critical components of the radio networks by 2029.
What about components from the USA?
Preferably not either, we should heavily invest in Nokia, Ericsson and other heavyweights in the EU/Europe to build out an independent tech stack.
I just switched my Fiber operator and they replaced my perfectly working Nokia ONT with a Huawei ONT just because itβs maybe $3 / unit cheaper for them in the log run to buy from Huawei.
I told them I really donβt want Huawei Hardware in my business and Iβd happily pay extra for Nokia but they said they signed a contract with Huawei and they are not allowed to continue using Nokia equipment.
What about avoiding whataboutism?
The industry should discuss what can be done not only to become more independent from China, but also from the USA and the major technology companies, Merz is further quoted as saying.
Agree, but I think it's worth pointing out that Merz's cabinet have failed to take meaningful steps to get us off US tech.
This is very relevant. The reasoning to ban hardware from China is two fold in the article: 1. To reduce general dependency on Chinas Manufacturing 2. To increase security. And here is the point. Huawei has offered to provide source code and processes for building the firmware for their devices, thus allowing the German state to check every detail of the the devices. Neither Nokia nor Ericson have agreed to do the same, they should be forced to do so for such important infrastructure.
Even worse is Cisco from the USA. They have been found guilty of multiple times adding hardware and/or software backdoors to their devices. Or in their wording "forgetting to remove a remote root access used for development purposes" Here one of the recent cases: https://www.cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-cisco-devices-cve-2023-20198 (This may happen once, but if it happens more than once the company is either guilty of implementing it a backdoor or so incompetent in security no one should dare to buy even a home router from then, much less equipment for critical infrastructure)
In the NSA Leaks Snowden also revealed documents proving that the NSA regularly tampers with Cisco devices to implement backdoors and have standard tools for that. (Also affecting hardware from other US manufacturers)
So asking: "Why these bold claims about increasing security and decreasing dependence with focus on China when these issues are far greater with another supplier" is very much valid. I am actually quite happy that Merz mentioned independence from the USA too.