In RSA Showdown, Analyst Says U.S. Must Choose Between Surveillance and Security

In RSA Showdown, Analyst Says U.S. Must Choose Between Surveillance and Security

SAN FRANCISCO—The threat presented by Huawei is not—as U.S. officials have been warning allies—about espionage, a leading academic on the issue told participants at the hottest ticket of this year’s RSA cybersecurity conference.


“There is a lot more to [Fifth Generation Network] security than supply chain,” said Harvard Kennedy School security technologist Bruce Schneier before an audience of hundreds of security professionals. “5G is insecure primarily because the protocols are insecure, because governments, like the United States, like to use the systems to spy.”


While governments such as Germany’s have said they would require providers to implement end-to-end encryption in order to comprehensively protect against spying—by all entities—the U.S. has not.   


“If we like the fact that we can use the cellular networks to spy on our adversaries, then they get to spy on us,” Schneier said to rousing applause. “Pick one. You can't have both.”


The Wednesday afternoon session at RSA featured Schneier and R Street Institute fellow Kathryn Waldron alongside the Defense Department’s Acquisitions CISO Katie Arrington, and a representative from the forbidden company itself: Huawei security chief Andy Purdy. 


Attendees were expecting sparks to fly between Purdy, a former leader of Homeland Security Department’s cybersecurity division, and Arrington, who is leading the Defense Department’s effort to mitigate supply chain risk in the defense industrial base. Arrington stressed it’s simply her job to implement the law: Congress’ 2018 ban on federal agencies using products or services from Huawei, ZTE, and a number of other Chinese technology companies.   


Since 2018, efforts to remove Huawei from the global information and communications technology ecosystem have expanded to include a Federal Communications Commission initiative ..

Support the originator by clicking the read the rest link below.