Schneier on Security

Clive Robinson • November 26, 2025 5:19 PM

@ Winter,

You try to make this sound damning,

“Huawei personnel had unlimited access to essentially all Dutch mobile phone traffic of the main Dutch provider. There were no records kept of who had accessed what.”

But again “opinion not fact” and probably made up to sound threatening for political reasons.

You offer no evidence of misbehaviour by Huawei staff, and then say “no records kept”.

This tells me that those who were responsible for the contract management what you call the “main Dutch provider” were those actually “negligent in the extreme” as such record keeping was either,

1, Not in the contract with Huawei.
2, Not monitored by those responsible for ensuring contract compliance.

The first couple of rules of contracting for over half a century is,

1, No freebies, you get exactly what you pay for.
2, If it’s not in the contract you pay extra for it (a lot extra).

This is true of all “competitive bidding” systems.

So as @Wannabe Techguy notes,

“who decides what is “sensible control” and likewise as the saying goes “who watches the watchers”.”

It’s those who “write and monitor” the contract and payment made under it.

Which is what you call the “main Dutch provider”, which is an organisation running on “Capitalist Rules”.

The fact that is as @lurker points out in the article they quote,

“But the reality is that tech companies must cooperate with the national-security requirements of their governments – that is the case under the law in China, the United States, and countries around the world.”

It’s “a door that swings both ways” so you need to ask,

1, Why did the Dutch Government not legislate or regulate for “sufficient oversight”?
2, Why would the “main Dutch provider” do any more oversight than required by legislation/regulation?
3, If the “main Dutch provider” wanted to do that oversight why was it either not in the contract or not verified as being done?
4, Why would Huawei personnel do work not contracted to be done with a profit eating cost?

It boils down to Huawei personnel were working to contract and it was the Dutch provider or Dutch government that was negligent…

The fact you are trying to “invent crime” without evidence (to kowtow to US political wishes). And then “victim blame” to cover up Dutch Authorities failings, is shall we say “a little low”.

Corporations, Companies and partnerships are all legal entities that “work to contract” to ensure profitable working. That is by minimising cost, thus maximising profit. Legal action is expensive and in effect it is that which keeps both sides “honest”. So the capitalist view is,

“Don’t do extras only contracted or legislated”

Unless there is a fiscal reason to do so (like getting a contract renewed). It’s established behaviour going back well over a century or two and as far as I can tell started with those “shipping goods” with later, “oversight” of their insurers who likewise want to make profit.

Simple “risk and reward” processes drive “honest trade”, the legal system via contract law, and government legislation and regulation are the established mechanisms to ensure that “honest trade” is both fair and honest.

The fact that Dutch entities did not put in place contractual or legal requirements in the contract is not the fault of Huawei and their personnel who responded to what I assume was a legal and honest tendering process.

If you claim Huawei personnel behaved dishonestly then “put up the actual evidence”. Also include the political context for the “nothing burger” claims being made. Which is the Dutch Government kowtowing to US political “might is right” nonsense, payed for by US corporations illegally for “market protection” (monopoly/cartel) Protections that protect the neo-con corporations by inflicting harms not just on US, but Dutch and other Nations Citizens.

Clive Robinson • November 28, 2025 8:17 AM

@ Thomas, ALL,

Your,

“and facts are facts. China steals $300+ billion a year from the USA alone”

Smelt fishy, so I did a little digging on the Internet where claims were 200-600 billion.

So I followed them back and guess what I found as the probable point of origin,

Mike Orlando, a career FBI agent who has specialized in counterintelligence and was at the time of interview the “Acting Director” of the “National Counterintelligence and Security Center”(NCSC).

Who is quoted as saying,

<

blockquote>“We believe that there’s no other country than China that poses the most severe intelligence threat to America.”

But on a historical note, for well over a century the US stole IP from other countries and their citizens. I’ve gone through this in the past when it’s effected my personally. As have several more famous people doing serious documentaries for Television. One of whom –Jeremy Clarkson– famously commented after debunking many “invented in America” myths that it appeared the only thing the US had ever actually invented was “condensed milk”…

Clive Robinson • November 28, 2025 12:29 PM

@ KC,

With regards,

“The former US Ambassador to the EU, Anthony Gardner, appears to be petitioning Europe to support Ukraine.”

Because Trump has sided with Putin for a few million in profit, and the US nolonger supplies arms to Ukraine. Also the 28 point plan from “King Trumper” is basically going to turn the Ukraine into a vassal state of Putin and be run as badly if not worse than Belarus.

As for,

“Why do you think he seems to support Europe brokering a minerals deal?”

Well there are several reasons, the biggest issue is that the EU has a really bad foreign policy arrangement. That is all EU States have to agree not a 2/3rds majority or a simple majority.

For the EU to actually come to the aid of the Ukraine then some EU countries are going to ask

“What’s in it for us?”

A minerals deal that kicks the US one out, would not just teach “King Trumper” a lesson, it would also compensate for the fact the 28 point Trumper plan basically not giving the Ukraine money to rebuild it’s self. That is the Trumper will take and use the Russian money to pay off his buddies etc via “family connections”…

The problem the EU has, is that Putin will see it as a success and will then move on to other ex Soviet Union nations.

In effect WWII will be re-opened…

But it appears I’m not alone in my misgivings about “King Trumper”, “Emperor Putin” and the nonsense they have cooked up,

https://www.msn.com/en-us/news/world/here-s-what-europe-and-ukraine-can-do-with-trump-s-peace-ultimatum/ar-AA1QWCRA

But the one thing you can be certain of it’s a “Peace Plan” that will in no way lead to peace, and has all the hallmarks of swinging over into a broad front Russia v Europe and will probably kick off around Kaliningrad,

https://www.bbc.co.uk/news/world-europe-18284828

If you’ve been keeping up with the news the two EU nations have taken a very dim view of Putin’s behaviours and have in effect put the clamps down on the tracks between Russia and Kaliningrad Oblast.

The behaviour being not just Russia attacking the Ukraine. It’s also the fact that Russia has moved long range nuclear capable missiles in and are carrying out GNS jamming and spoofing of the EU and US systems.

Clive Robinson • November 29, 2025 10:10 AM

@ Thomas, ALL,

Someone is always going to invade, just like a thief will invade your home.

What keeps them out is one of four things,

1, The potential invader makes more by trading with you.
2, You have nothing to be invade for.
3, You have sufficient defence to not be the low hanging fruit.
4, You have weapons of total annihilation and the known willingness to use them if attacked.

Obviously the cost of these defences rises as you go from 1 to 4 with position 1 being the most beneficial for all.

If you can not maintain peace by mutual beneficial trade that profits all parties, then the ideal place to be is position 3.

However there is a problem, how much do you spend?

As I’ve indicated a number of times on this blog in the past this is the defence spending paradox…

“You only know it is to little when you get invaded, you never know if it is too much”.

The big problem is there is always a significant delay in “Defence Economics” and part of the equation is how fast can you deter an invader. Which is where intelligence and allies come into play.

NATO is supposedly a “joint effort” not against Russia as such but to,

“Keep Peace in Europe, and thereby stop a third world war starting there.”

Not understanding this is where many people go wrong (mostly so far it’s been US politicians making this mistake)

That is NATO primarily acts as an intelligence and clearing organisation spying as much on it’s members as it does on external threats. Thus hopefully gaining sufficient time to get inside of a potential attackers “Observe, Orient, Decide, Act”(OODA) “Decision-Making loop”(DM-loop).

If you can change the game faster than a potential attacker, you can keep them in either the Observe or Orient stages and out of the Decide or Act stages.

For thousands of years people have been told the way to defeat an opponent is to keep them “unbalanced” direct strength is usually not required. Because when unbalanced the opponent is in effect “fighting themselves”.

Where it has gone wrong is with the US. Coming out of WWII the US had full manufacturing capability, and most of Europe had none, and not even the ability to feed it’s self.

At first US Politicians decided they wanted revenge and compensation thus “blood money”. It was this sort of stupidity that was the primary cause of WWII. We get taught all sorts of nonsense at school for political reasons. But the simple fact was WWII was going to happen due to the Great War (WWI) reparations. And the Great War was not started by Archduke Ferdinand getting shot, that was just the spark. What caused it was the political situation equivalent to the long term pilling up barrels of gun powder. The spark could have been anything, anywhere and not just in Europe.

This is the problem with the 4th position. You get that “god-hood madness” of thinking that not only is “might right” but also “protectionism / tribute” is owed…

The US politicians initially decided to bleed the little that was left in Europe, and if it had happened it would have been an unmitigated disaster. Because as history shows Tribute Empires always end up destroying themselves or being destroyed. Which is why the Soviet Union collapsed (something Putin apparently can not get his head around).

What happened was the Marshall Plan and about 5% of US GDP was given in goods to the west of Europe to enable it to not only get back on it’s feet, be self sufficient in production and most importantly “trading”. Thus bringing the European nations into position 1.

What many do not realise is that the 13billion or so mainly in food and goods was a significant economic push for the US as well and significantly built it’s GDP for the next half decade.

I happen to be one of the people that happened because of the Marshall Plan, and the CARE Packages from US families. Because it’s fairly clear my parents would probably not have survived without it and it’s spin off. Most are aware of Red Cross Parcels and how they are used for prisoners of war and in war torn places. Well outside of the US Government and US Politicians, US Families started sending out food parcels to Europe, and many including my parents would probably not have survived with out them.

Most Americans have heard of “Care Packages” that family and friends send when they go to college (also called Freshman 101 by some). But few know that CARE Package originally stood for “Cooperative for American Remittances to Europe” and were boxes of food sent to Europe to prevent starvation[1].

Clearly the population of the US was at odds with quite a few US politicians of the time (some things apparently stay the same). And in effect CARE is the only US aid to the Ukrainian people currently.

But the Marshall plan not only succeeded, it built the US Economy Post War and one spin off was NATO, which as I indicated kept the various European Nations from starting WWIII.

The thing is though that certain US politicians and especially those in the State Dept have a “sense of grievance” The believe the Europe should not just repay –which they have– but keep paying and paying and paying. The coterie of the cult of Trump believe that Europe should give 5% of European GDP year after year endlessly as well as provide cannon fodder for US initiated military action and wars.

The Europeans mostly do not agree with this view point nor do quite a few Americans.

Because mostly they know that the “tribute” will go in “the select few” back pockets whilst also fund development of US weapons to go and start other wars (China and Iran were the most likely).

But also the US State Department and others have been trying to destroy the EU…

So ask a sensible question,

“If you have good reason to believe that the US is actually your enemy to be, why would you buy your weapons of defence from them?”

It would be stupid at best, a point the French, Italians, Poles, Estonians and more recently even the Germans have been considering.

Especially when other nations produce better weapons for the price.

It’s why Trump is upset, his plan to make big bucks from the EU through the US arms industry has in effect failed. The EU have seen how the US have held the Ukraine back to continue the meat grinder that is the Russian Front. With the plan being to frighten other NATO members into handing over their defence budgets to the US to protect against Russia. Hence the reason Trump want’s Putin to have a victory, so that he will put pressure on the other NATO countries to hand over “tribute” for nothing in return.

It’s one of the reasons some NATO members think it’s time to have an independent “European Defence Force” without the US making trouble for every one else and dragging them in…

[1] You can read more about the original CARE Packages at,

https://www.careinternational.org.uk/about/our-history/

More than 80 years later CARE still exists and gives aid all over the world from all over the world not just where it started in the US.

Clive Robinson • November 29, 2025 8:50 PM

@ lurker,

Such differences as you have found as well as the percentage of errors in such a small sample, does not give any kind of confidence in the whole…

Whilst I personally dislike URLs to the Web as references and I always have done (which is why my dead tree cave has a lot of print outs). It’s not just because URLs are impermanent at best, but also what they point to can be changed or deleted at the source at any time, or censored by outside third parties blocking access, redirecting DNS etc etc.

Then of course there is “access tracking”. It amazes me sometimes why researchers don’t realise just how much information they leak when they go searching for information.

Back last century, as I’ve mentioned before, I worked for a Citation / Abstract database company and as we moved from CD/DVD as the update mechanism to “online” we allowed researchers to “save their searches” on the server. The company got purchased and the organisation that took over had a very non benign attitude to the “customer searches”, and considered the customer searches as the companies property to keep and use… and I don’t just mean for improving customer experience. One downside that became immediately apparent was University Researchers shared a central “Learning Resource Center”(LRC) account thus their searches became available to just about anyone in the University or someone who knew how to use the University Network Cache to fake being on the University IP address range…

However sometimes such URLs are the only way to gain access due to a third parties rules (think journals and their “pay till you bleed” firewalls)…

It’s a problem with “Open Access” that libraries used to give. The old way you could just go in and take a book off the shelf and go to a reading table to use it and in effect nobody would know what you were reading (or particularly care). However with online systems the price you pay for “Open Access” is also the near 100% surveillance by third parties.

It’s something the drugs companies were acutely aware of and they refused to switch from optical media to Online-Access point blank (and for good reason even a sniff of what they were looking at was worth millions if not more to their competitors).

Clive Robinson • December 11, 2025 12:27 PM

@ lurker,

With regards,

<

blockquote>“Whether it was the hard graft of focussed R&D, or industrial espionage and IP theft,”

Remember this is refering to areas where Huawei’s expertise was effectively “Open for any to see”.

In two different ways,

1, The 5G technology patents.
2, The technology center in the UK.

Other than the known and provable fact the UK Commercial section of GCHQ broke the agreement with Huawei by repeatedly “backdooring in US NSA personnel” to in effect “steal data” on Huawei’s “processes and other trade secrets”.

The “US Experts found nothing” in the way of even a “cold unloaded pistol” let alone a smoking gun or holes in a target. That they could give to their “Political Masters”.

All they found was a very busy technology company following in effect standard procedures of even US equivalent technology companies. That in short was “rushed and messy”.

Which back then I noted on this blog “was not unsurprising and in effect expected” behaviour. I could say this having worked in two different UK companies and a South Korean company in the same technology discipline.

So all the “NSA Experts” smuggled in by “UK GCHQ staff” had for their “US Politico masters”,

“Come home with a big fat nothing burger.”

I further gave reasons why the US made fools of themselves which was to “kill off 5G” and that way “try and fail” to get out from under the “Huawei Patents” so that the US could make a grab for 6G status.

The thing is the US Companies that had done such things in the past, either nolonger existed or were owned by “other Nations”, such as Israel and China who had put in large sums of investment to US entities to acquire them.

I’ve still to see any argument from the “US NSA Experts” or their “Political Masters” that justify the “dumb ass claims” they’ve made. And to justify the “throwing the toys out of the pram in a fit of conniption and pique” behaviours because they found nothing to even remotely try to claim moral high ground or any actual proof.

Whilst there is a possibility that some might say,

“ah but, they did and did not say anything because they wanted it to spy on others”

It’s not even a “whataboutism” because if that was the case why did they try every trick to kill 5G?

Logically it’s an argument that does not carry any “useful load” for anyone.

However what it does indirectly show just how far “US Corporatism” based on neo-con thinking and gross short sightedness has destroyed “US Industry” since the 1960’s. Which enabled,

1, Japan
2, Taiwan
3, South Korea
4, Europe
5, China

To kill off US Industry and jobs, to the point they can not be brought back in anything much less than the same time period of more than “Three Score Years and Ten”…

As far as “industry” is concerned the US really only has “Defence” as being vaguely viable. Hence the Doh-Gnarled demanding Europe to spend 5% of European GDP “propping it up”.

Unsurprisingly the French have quite bluntly pointed out what that really means which is “selling out European Industry” and having “The US kill Europe off, sell it out to Russia, or both”.

Which is why Nations in Europe are now collaborating with not just each other for Defence Development, but have also started collaborating with others including the first three Far East Nations on the list above.

Without most US Citizens realising it, US Politicians and their neo-con masters,

“Have turned the US into Public Enemy ‘Numero Uno'”

And it’s getting worse as the rest of the Western World sees “the orange little hands” getting played worse than a cheap guitar, and trussed up like a festive turkey at the top of Putin’s wish list.