41 comments

[ 3.3 ms ] story [ 58.4 ms ] thread
It's hard for my brain to accept that the US literally bans its citizens from selling equipment containing chips from Huawei. You can't even sell them for reverse-engineering or hobby purposes.
What’s hard to accept about it?

The US has existed in a state of national security paranoia for a long time.

Yeah, I mean there are a lot of things the US does that appears "normalized" to the point that you maybe just see an angry tweet about it every now and then, but that's it. Those things are still hard for me to accept.

e.g.congress from both parties have what feels to me like extreme conflicts of interest when dominating the stock market (handily beating out every hedge fund returns across many congress members). It's like sports players being able to bet on the outcome of their own game, when they are almost capable of guaranteeing a certain outcome.

It's not paranoia when foreign adversaries actually DO attack national security.
1. I never said it was unfounded.

2. I’m unaware of an instance where huawei was used to attack the US.

This made me think of the encryption export ban. Looks like there are still some restrictions:

> Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license[9](pp. 6–7). Furthermore, encryption registration with the BIS is required for the export of "mass market encryption commodities, software and components with encryption exceeding 64 bits" (75 FR 36494). In addition, other items require a one-time review by, or notification to, BIS prior to export to most countries.[9] For instance, the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required.[10]

https://en.wikipedia.org/wiki/Export_of_cryptography_from_th...

(comment deleted)
I wonder what counts as "custom cryptographic software"?
Huawei and the USA has some history. The first Huawei product was a line of routers that had the same names (Cisco gave all their routers a numbers as their names), same features, ports, command interface, and even same bugs. As the corresponding Cisco routers.
Don't forget that was a joint effort by 3Com w/Huawei.

The debug messages even still said Cisco. It was ridiculous.

Wow! I've never heard of thus. How were the counterfeit servers eventually discovered to be counterfeits? Sounds like this went pretty deep.
you buy one, and ask your engineers to go to work on it. make sure it is air gapped…
LOL, more like, you take the factory manufacturing stuff, and the stolen source code for the OS that runs on it, you run a sed script to replace 'Cisco' with '3Com' and 'IOS' with '3OS' but make it not actually do so everywhere, and then just change the badge and ship to customers.

And for what it's worth, they were network switches/routers, not servers. Cisco didn't make 'servers' back in the day.

https://www.infoworld.com/article/2674627/3com-huawei-joint-...

yup, c10k (iirc) was one of the affected platforms.
Hold on, are we talking about the same Cisco that also outright stole its first product, with the founders narrowly avoiding jail time? [0]

Huawei vs Nortel (Canada) is a far more interesting story.

[0] https://en.wikipedia.org/wiki/Cisco#1984%E2%80%931995:_Origi...

>On July 11, 1986, Bosack and Lougheed were forced to resign from Stanford and the university contemplated filing criminal complaints against Cisco and its founders for the theft of its software, hardware designs, and other intellectual properties.[15]

"But this was not exactly bad, because other things had happened like that at Stanford before."

Presumably Stanford eventually figured out that it was a tech incubator.

> The way royalties work, a third goes to the school, a third goes to the department and a third goes to the inventor. I gave my third back to my department because essentially all of this stuff is born out of a great research environment.

Presumably most of the royalties came from Cisco. Cisco's founders would certainly have known that Stanford owned the hardware design and software, as well as any copyrights or patents, and that licensing would be required.

It sounds like Yeager's biggest complaint was that Cisco didn't give him (and Bechtolsheim) credit for their work.

Did they have also the same backdoors ?
Huawei destroyed Nortel through grand-scale espionage and robbery. They openly support the Uighur concentration camps and totalitarian surveillance in China’s Xinjiang province. Banning import of their products to the US and Canada is a moral, economic, and strategic imperative.

https://aragonresearch.com/cyber-war-flashback-the-huawei-ha...

https://www.theverge.com/2021/12/14/22834860/huawei-leaked-d...

> Huawei destroyed Nortel through grand-scale espionage and robbery.

At least according to Wikipedia ( https://en.wikipedia.org/wiki/Nortel#Accounting_restatements ), Nortel had some epic accounting issues long before the hacks (of both Nortel & Cisco) which your source claims. Cisco is still around.

Perhaps Nortel self-destructed, with no more help from Haiwei than Enron or Bernie Madoff needed, and it feels better to blame Dark Lord China for Bad_Thing happening?

The hacking of Nortel, which goes back at least to the year 2000, started around the same time Dunn began messing with the numbers:

https://archive.ph/TZM9A

Whatever other issues Nortel had, the theft of their IP, internal communications, and strategic plans certainly didn't help.

There's good reason: Huawei is entirely owned by the Communist Chinese government, a government which has shown itself to be committed against American interests and democratic interests around the world, and a government which has itself ordered Huawei to use its technology to spy on its political enemies.[1][2]

1. https://foreignpolicy.com/2021/04/30/huawei-china-business-r... 2. https://en.wikipedia.org/wiki/Criticism_of_Huawei#Espionage_...

Except Huawei is 99% owned by employees (https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3856761) and paid out $9B+ to employees last year (https://www.scmp.com/business/article/3173121/huawei-pays-ou...).
Isn't that what you'd expect in a "Worker's State?"
It's owned not by individuals employees, but by the employees' union ... which is entirely controlled by the communist party and not the employees. It's a very obvious fiction. The generated income may end up in the employees' hands, but the control is in fact with the dictatorship.
Even if all your assertions were true, it is irrelevant to the fact that we here in America, who claim to value our freedom, are prevented by our government from buying what we want with our own money. If the government wants to ban the use of these devices by government personal or at government owned facilities that's perfectly reasonable. Telling private citizens that they aren't allowed to take their own informed risks is authoritarian (which is ironic because that is the source of most of the legitimate criticism of China).
There are tens of thousands of pages of products that cannot be imported into the US from particular companies. This is not particularly unique. Start importing stuff from around the world and you'll quickly find yourself in deep legal trouble if you do not understand the law here.

This isn't just the US either. I would say the vast majority of countries have comprehensive import laws.

I had a customer in Italy once. There is a such a ridiculously long list of items that can't be imported into Italy that I can understand why so many companies don't take overseas orders.
(comment deleted)
Huawei has also faced allegations that it has engaged in corporate espionage to steal competitors' intellectual property, and in 2019, was restricted from performing commerce with U.S. companies, over allegations that it willfully exported technology of U.S. origin to Iran in violation of U.S. sanctions.

https://en.m.wikipedia.org/wiki/Criticism_of_Huawei

The US is really not as free as many seem to believe it is
The undocumented BMC is what gives me the most pause.
“There is also a BMC based on a chip we could not find information on via Google.”

Red flags, literally.

It's been a while since I worked with Huawei servers (x64 though).

Their build quality is decent, but the firmware were not quite up the game at that time. But they pumped new revisions like hot cakes.

> Many companies in China are choosing Ampere over these Huawei Kunpeng 920 chips, and it seems like that is for good reason. Ampere Altra Max is twice the core count per socket and is socketed.

I guess whats when you can choose your platform. This one is for the government.

When looking at this Huawei server, one should not forget that it no longer represents the best that the Chinese can do in servers.

Now the best Chinese servers are the Alibaba Yitian 710, which have 128 cores per package implementing the Armv9.0-A architecture and also other modern features, e.g. PCIe Gen5 and DDR5 memory, exactly like the future AMD Genoa and Intel Sapphire Rapids.

The Alibaba server CPU, judging from its name, appears to use Cortex-A710 cores, which is a little weird, because ARM also offers a derivative of the Cortex-A710, i.e. Neoverse N2, specifically intended for servers, but it seems that Alibaba did not choose that.

Currently, the Alibaba Yitian 710 has the best SPECrate2017 integer result per socket of any CPU, beating easily AMD Milan or Ampere Altra, and it will remain the best until AMD Genoa will be launched (with 96 cores/192 threads per socket).

Of course Alibaba did not submit results for floating-point SPECrate2017, because there the ARM cores cannot beat the Intel/AMD CPUs with AVX/AVX-512, but for a cloud company the floating-point workloads are not a priority.

For now the best ARM-based server CPUs are the Amazon Graviton 3 CPUs (Neoverse V1 cores) and the Alibaba Yitian 710, but neither of them will be available for sale or for independent testing, as they are intended only for internal use, for cloud implementation.

The choices of Amazon and Alibaba have been different, Alibaba uses medium-size ARM cores, which have a performance intermediate between a thread on an Intel/AMD core and a full Intel/AMD core, so that 128 ARM cores are needed to beat easily a 64/128 cores/threads AMD CPU.

On the other hand Amazon has chosen big ARM cores, which have a performance similar with older Intel/AMD full cores, i.e. they are not so fast as AMD Zen 3 or Zen 4 or Intel Tiger Lake/Alder Lake/Sapphire Rapids.

Using big cores has forced Amazon to implement only 64 cores per package. For some well optimized programs that use all the resources of the CPU, a big core may have up to a double throughput compared to a medium-size core, so for such workloads Amazon Graviton 3 can match the throughput per package of the Alibaba CPU, but for more typical programs, where the execution units are not busy all the time, the Alibaba CPU with a double number of cores will have a higher throughput.