Huawei savaged by Brit code review board over poor dev practices

Aside | Posted on by

Huawei savaged by Brit code review board over poor dev practices

“The work of HCSEC [Huawei Cyber Security Evaluation Centre]… reveals serious and systematic defects in Huawei’s software engineering and cyber security competence,” said the HCSEC oversight board in its annual report, published this morning. While the report itself does not identify any Chinese backdoors, which is the American tech bogeyman du jour, it highlights technical and security failures in Huawei’s development processes and attitude towards security for its mobile network equipment:

Even though Huawei has talked loudly about splurging $2bn on software development, heavily hinting that this would include security fixes, HCSEC scorned this. HCSEC said: “The underlying cyber security risks brought about by the single memory space, single user context security model remain,” warning that Huawei has “no credible plan to reduce the risk in the UK of this real time operating system.”

Source: www.theregister.co.uk