An anonymous reader shares a report: Russian internet group Mail.Ru is in talks with China's Huawei about the possibility of having its software pre-installed on the Chinese tech giant's devices, Mail.Ru told Reuters. Mail.Ru owns Russian social networks Vkontakte and Odnoklassniki. It is developing several messenger services and has an email and browser service.

Artem S. Tashkinov writes: Researchers from security company Eclypsium have discovered that more than forty drivers from at least twenty different vendors -- including every major BIOS vendor, as well as hardware vendors like ASUS, Toshiba, NVIDIA, and Huawei -- include critical vulnerabilities allowing an escalation of privileges to full system level access.

Considering how widespread these drivers are, and the fact that they are digitally signed by Microsoft, they allow an attacker to more successfully penetrate target systems and networks, as well as remain hidden. Also while some of these drivers "are designed to update firmware, the driver is providing not only the necessary privileges, but also the mechanism to make changes" which means the attacker can gain a permanent foothold. Eclypsium has already notified Microsoft about the issues and at least NVIDIA has already released fixed drivers.

After months of conflicting statements from Huawei executives, the Chinese networking giant on Friday officially unveiled HarmonyOS, the much-anticipated microkernel-based, distributed operating system that it has developed to power smartphones, laptops, and smart home devices as the company attempts to reduce its reliance on American firms. From a report: HarmonyOS will be made available for deployment in smart screen products such as TV, smart watches, and in-vehicle infotainment systems later this year, said Richard Yu, CEO of the Huawei consumer division at company's developer conference. In next three years, Huawei, the world's second largest smartphone vendor, will look to bring HarmonyOS to more devices including smartphones, he said. Yu said, without offering any proofs, that HarmonyOS is "more powerful and secure than Android." He said HarmonyOS' IPC performance is five times that of Google's Fuchsia. The top executive also claimed that HarmonyOS' microkernel has "one-thousandth the amount of code in the Linux kernel. The company said it intends to continue to use Android moving forward, but HarmonyOS is officially its back-up plan if things go south. "We will prioritize Android for smartphones, but if we can't use Android, we will be able to install HarmonyOS quickly," Yu said.

After China said it was halting purchases of U.S. farming goods earlier this week, the White House retaliated by postponing a decision about licenses for U.S. companies to restart business with Huawei. "Commerce Secretary Wilbur Ross, whose department has vetted the applications to resume sales, said last week he's received 50 requests and that a decision on them was pending," reports Bloomberg. "American businesses require a special license to supply goods to Huawei after the U.S. added the Chinese telecommunications giant to a trade blacklist in May over national-security concerns." From the report: President Donald Trump said in late June after agreeing to a now-broken trade truce with Chinese President Xi Jinping in Japan that some restrictions on Huawei would be loosened. But that promise was contingent upon China beefing up its purchases from American farmers, which Trump has complained the country has failed to do. In the past week tensions have escalated further as Trump said he would impose a 10% tariff on $300 billion of Chinese imports as of Sept. 1 and his Treasury Department formally labeled China a currency manipulator. Still, Trump said last week there were no plans to reverse the decision he made in Japan to allow more sales by U.S. suppliers of non-sensitive products to Huawei. He said the issue of Huawei is not related to the trade talks.

China has told India not to block its Huawei from doing business in the country, warning there could be consequences for Indian firms operating in China, Reuters reported on Tuesday, citing sources with knowledge of the matter said. From a report: India is due to hold trials for installing a next-generation 5G cellular network in the next few months, but has not yet taken a call on whether it would invite the Chinese telecoms equipment maker to take part, telecoms minister Ravi Shankar Prasad has said. Huawei, the world's biggest maker of such gear, is at the centre of a geopolitical tug-of-war between China and the United States. U.S. President Donald Trump's administration put the company on a blacklist in May, citing national security concerns. It has asked its allies not to use Huawei equipment, which it says China could exploit for spying.

Huawei is testing a smartphone equipped with Hongmeng, the company's self-developed operating system, which could potentially go on sale by the end of this year, Chinese state-media outlet Global Times reported. From a report: The release of a Hongmeng-powered smartphone would mark a major step for China's Huawei, the world's second-biggest maker of smartphones, as U.S. government actions threaten its access to Google's Android operating system. The device will be priced at around 2,000 yuan ($288), the Global Times said on Sunday, citing unnamed sources. That will place the device toward the low-end segment of the smartphone market. Huawei executives have previously described Hongmeng as an operating system designed for internet-of-things products. Last month the company said the first major devices powered by Hongmeng would be its upcoming line of Honor-brand smart TVs.

Chinese tech giant Huawei could have helped secretly build a 3G wireless network for North Korea, according to internal documents leaked by a former employee of the company. From a report: Huawei worked with another Chinese company, Panda International Information Technology, on a number of projects in the region over the course of eight years, as suggested by work orders, contracts and spreadsheets published by the Washington Post on Monday. The revelations come as the latest blow to Huawei's reputation in a series of events over the past year, a period in which the company has come under fire from the US government amid its trade war with China. In January, the US Justice Department unsealed indictments that included 23 counts pertaining to the alleged theft of intellectual property, obstruction of justice and fraud related to its alleged evasion of US sanctions against Iran. President Donald Trump has blacklisted the company as a security threat, and Huawei CFO Meng Wanzhou is under house arrest in Canada awaiting extradition to the US.

Russian lawmakers want to make it a legal requirement for all smartphones, computers and smart TV sets sold in Russia to come pre-installed with certain Russian software in a bid to support domestic software producers, according to a draft bill. From a report: The bill, tabled at the lower house of parliament on Thursday, would allow authorities to draw up a list of mandatory, locally-made software. If passed, it would come into force in July 2020. Russia's cell-phone market is dominated by Apple, Samsung and Huawei products. Those who do not abide by the rule, the proposed law says, would have to pay a fine.

Huawei reportedly wants to keep using Google's Android operating system in its phones instead of jumping to its self-developed Hongmeng system. From a report: Company senior vice president Catherine Chen told reporters in Brussels this week that the Hongmeng OS isn't even designed for phones, according to Chinese state news agency Xinhua. Chen apparently said Hongmeng is for industrial use, noting that it contains far fewer lines of code than a phone OS, and has much lower latency than a phone, meaning it can process a very high volume of data messages with little delay. Latest episode in a confusing narrative about what Huawei even intends to do. The company's executives have previously said on record that its homegrown operating system is designed to replace Android on its handsets. One executive said the operating system would be released by last month -- a target that Huawei has missed.

Huawei is planning major layoffs at its US research labs as it struggles under the weight of the Commerce Department blacklisting, The Wall Street Journal reported Sunday. From a report: The embattled Chinese telecom's Futurewei R&D subsidiary employs about 850 people in Texas, California and Washington state. The layoffs may number in the hundreds, according to the Journal, which cited anonymous sources. A few people apparently already know that they'll be dismissed, but further cuts are expected and some Chinese workers are being allowed to continue with Huawei if they return home.

A senior U.S. official told the Commerce Department's enforcement staff this week that China's Huawei should still be treated as blacklisted, days after U.S. President Donald Trump sowed confusion with a vow to ease a ban on sales to the firm. From a report: Trump surprised markets on Saturday by promising Chinese President Xi Jinping on the sidelines of the G20 summit in Japan that he would allow U.S. companies to sell products to Huawei Technologies. In May, the company was added to the so-called Entity List, which bans American firms from selling to it without special permission, as punishment for actions against U.S. national security interests. Trump's announcement on Saturday -- an olive branch to Beijing to revive stalled trade talks -- was cheered by U.S. chipmakers eager to maintain sales to Huawei, the world's largest telecoms equipment maker and a key U.S. customer.

But Trump's comments also spawned confusion among industry players and government officials struggling to understand what Huawei policy he had unveiled. In an email to enforcement staff on Monday that was seen by Reuters, John Sonderman, Deputy Director of the Office of Export Enforcement, in the Commerce Department's Bureau of Industry and Security (BIS), sought to clarify how agents should approach license requests by firms seeking approval to sell to Huawei.

Nokia's CTO Marcus Weldon "told the BBC that the UK should be wary of using the Chinese hardware" -- though Nokia rushed to assure the BBC that Weldon's remarks do "not reflect the official position of Nokia."

Forbes reports: On the security front, Weldon referred to analysis suggesting Huawei equipment was far more likely to have vulnerabilities than technology from Nokia or Ericsson. "We read those reports and we think okay, we're doing a much better job than they are," Weldon said, describing Huawei's failings as serious and claiming Nokia's alternatives to be a safer bet. "Some of it seems to be just sloppiness, honestly, that they haven't patched things, they haven't upgraded. But some of it is real obfuscation, where they make it look like they have the secure version when they don't...."

The comments from Nokia's CTO came in light of research from Finite State, which published a scathing report claiming that "Huawei devices quantitatively pose a high risk to their users. In virtually all categories we examined, Huawei devices were found to be less secure than those from other vendors making similar devices." And this included the potential backdoors that lie at the heart of the U.S. government's security case against the Chinese company. "Out of all the firmware images analyzed, 55% had at least one potential backdoor," Finite State found. "These backdoor access vulnerabilities allow an attacker with knowledge of the firmware and/or with a corresponding cryptographic key to log into the device."
Nokia's later statement insisted that their company "is focused on the integrity of its own products and services and does not have its own assessment of any potential vulnerabilities associated with its competitors."

hackingbear tipped us off to a breaking news story.

CNN reports: US President Donald Trump has appeared to soften his tone on Chinese communications giant Huawei, suggesting that he would allow the company to once again purchase U.S. technology. Speaking at a press conference in Osaka, Saturday, Trump said that the U.S. sells a "tremendous amount of product" to Huawei. "That's okay, we will keep selling that product," said Trump. "The (U.S.) companies were not exactly happy that they couldn't sell."
Forbes points out "While it's not a lifting of the blanket ban, it will significantly benefit the Chinese manufacturer."

ZDNet reports: This news just broke with comments made by Trump, including "U.S. companies can sell their equipment to Huawei. We're talking about equipment where there's no great national security problem with it." The details of this statement are still pending, but it is likely that 5G infrastructure equipment may still not be part of this access deal while the smartphone segment may be where we see open access.
One Daily Beast contributor argues the action "appears to be a surrender to publicly issued Chinese demands."

But TechCrunch writes that "any mutual trust has been broken and things are unlikely to be the same again."

Several Huawei employees have collaborated on research projects with Chinese armed forces personnel, indicating closer ties to the country's military than previously acknowledged by the smartphone and networking powerhouse, Bloomberg reported Thursday. From the report: Over the past decade, Huawei workers have teamed with members of various organs of the People's Liberation Army on at least 10 research endeavors spanning artificial intelligence to radio communications. They include a joint effort with the investigative branch of the Central Military Commission -- the armed forces' supreme body -- to extract and classify emotions in online video comments, and an initiative with the elite National University of Defense Technology to explore ways of collecting and analyzing satellite images and geographical coordinates. Those projects are just a few of the publicly disclosed studies that shed light on how staff at China's largest technology company teamed with the 'People's Liberation Army on research into an array of potential military and security applications.

India may have plans to follow France's footsteps in building a chat app and requiring government employees to use it for official communications. From a report: The New Delhi government is said to be pondering about the need to have homegrown email and chat apps, local news outlet Economic Times reported on Thursday. The rationale behind the move is to cut reliance on foreign entities, the report said, a concern that has somehow manifested amid U.S.'s ongoing tussle with Huawei and China. "We need to make our communication insular," an unnamed top government official was quoted as saying by the paper. The person suggested that by putting Chinese giant Huawei on the entity list, the U.S. has "set alarm bells ringing in New Delhi." India has its own ongoing trade tension with the U.S. Donald Trump earlier this month removed the South Asian nation from a special trade program after India did not assure him that it "unfortunate," and weeks later, increased tariffs on some U.S. exports.

Apple has hired one of ARM's top chip engineers as the iPhone maker looks to expand its own chip development to more powerful devices, including the Mac, and new categories like a headset. Bloomberg reports: The company hired Mike Filippo in May for a chip architect position, according to his LinkedIn profile. At ARM, Filippo was a lead engineer behind chip designs that power the vast majority of the world's smartphones and tablets and was leading a new push into parts for computers. ARM, owned by SoftBank, designs microprocessors and licenses technology that is fundamental to the chip development efforts of Apple, Samsung, Qualcomm and Huawei.

Prior to his work at ARM, Filippo was also a key designer at chipmakers Advanced Micro Devices and Intel. For Apple, the hire could help fill the void left by the departure of Gerard Williams III earlier this year. Williams was Apple's head architect of chips used in the iPhone and iPad. Apple's A series chips power its mobile devices using ARM technology. Its Mac computers have used processors from Intel for nearly two decades.

Telecommunications gear made by China's Huawei is far more likely to contain flaws that could be leveraged by hackers for malicious use than equipment from rival companies, according to new research by cybersecurity experts that top U.S. officials said appeared credible. From a report: Over half of the nearly 10,000 firmware images encoded into more than 500 variations of enterprise network-equipment devices tested by the researchers contained at least one such exploitable vulnerability, the researchers found. Firmware is the software that powers the hardware components of a computer. The tests were compiled in a new report that has been submitted in recent weeks to senior officials in multiple government agencies in the U.S. and the U.K., as well as to lawmakers. The report is notable both for its findings and because it is circulating widely among Trump administration officials who said it further validated their policy decisions toward Huawei.

"This report supports our assessment that since 2009, Huawei has maintained covert access to some of the systems it has installed for international customers," said a White House official who reviewed the findings. "Huawei does not disclose this covert access to customers nor local governments. This covert access enables Huawei to record information and modify databases on those local systems." The report, reviewed by The Wall Street Journal, was prepared by Finite State, a Columbus, Ohio-based cybersecurity firm.

An anonymous reader quotes a report from The New York Times: A number of the United States' biggest chip makers have sold millions of dollars of products to Huawei despite a Trump administration ban (alternative source) on the sale of American technology to the Chinese telecommunications giant, according to four people with knowledge of the sales. Since the Commerce Department enacted the ban in May, American companies including Intel and Micron have found ways to sell technology to Huawei, said the people, who spoke on the condition they not be named because they were not authorized to disclose the sales. The components began to flow to Huawei about three weeks ago, the people said. Goods produced by American companies overseas are not always considered American-made, and the suppliers are taking advantage of this. The sales will help Huawei continue to sell products such as smartphones and servers.

For years, companies like Oracle and IBM invested heavily to build new markets in China for their industry-leading databases. Now, boosted in part by escalating U.S. tensions, one Chinese upstart is stepping in, winning over tech giants, startups and financial institutions to its enterprise software. From a report: Beijing-based PingCAP already counts more than 300 Chinese customers. Many, including food delivery giant Meituan, its bike-sharing service Mobike, video streaming site iQIYI and smartphone maker Xiaomi are migrating away from Oracle and IBM's services toward PingCAP's, encapsulating a nation's resurgent desire to Buy China. PingCAP's ascendancy comes as the U.S. cuts Huawei off from key technology, sending chills through the country's largest entities while raising questions about the security of foreign-made products. That's a key concern as Chinese companies modernize systems in every industry from finance and manufacturing to healthcare by connecting them to the internet.

An anonymous reader quotes a report from Reuters: U.S. parcel delivery firm FedEx Corp on Monday sued the U.S. government, saying it should not be held liable if it inadvertently shipped products that violated a Trump administration ban on exports to some Chinese companies. In court filings in the District of Columbia, FedEx said it should not be expected to enforce the export ban, and could not reasonably be held liable for shipping products that it did not know about. Export restriction rules "essentially deputize FedEx to police the contents of the millions of packages it ships daily even though doing so is a virtually impossible task, logistically, economically, and in many cases, legally," it said in a filing.