Experts Call for Transparency around Google’s Chinese-Made Security Keys

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
Security experts are voicing their concern following the discovery of Google’s new Titan Security Keys being made by Chinese company Feitian. While the search giant “does not see an issue with working with them,” security teams fear the keys could be compromised by the Chinese government. The supply chain process has not been documented thus far.

“The supply chain in China often is dictated by government policy,” the head of a security team based in a global, multi-billion-dollar company said. Generally speaking, one concern is that the Chinese government could potentially force Feitian to introduce some form of backdoor into the devices, or intercept the keys themselves and tamper with them, allowing the government to then access accounts of targets, for instance.
 
That kinda looks familiar.

latest?cb=20131126063117.jpg
 
Google could care less what anyone thinks. They're happy to support anyone with money regardless of ideology. If NK could pay for it then Google would make them a censored search engine with no qualms.
 
It's weird - I would have no problem buying a Huawei cell phone, but I wouldn't buy this. I'm trying to decide why the phone (which could also be compromised) wouldn't bother me, but this would.
 
Had been considering this as a possible source to ameliorate the lack of NFC on my Samsung tablet, think i'll pass on these though, will look for another source.
 
So now we are only worried about WHICH tyrannical nanny state has full access to our lives?
 
I think it is reasonable to expect that the supply chain and manufacture of your security keys be transparent and documented. You are, after all, trusting them to with all your digital property.
 
Meanwhile the US govt compromising supply chains has been documented. Anything I get from the US I know has been intentionally compromised. If I get it from China I just assume it is.
 
I believe, that a healthy distrust of any "center of authority" is a must. There is always a tendency for any company or system/govt to do whatever it takes to attain and/or perpetuate its dominance. Whether for good or ill.
 
Google couldn't care less what anyone thinks. They're happy to support anyone with money regardless of ideology. If NK could pay for it then Google would make them a censored search engine with no qualms.


Fixed.
 
I'd think that knowing the security key's info would be kinda useless unless you can associate it with a user account.
But It also seems similar in concept to using a smartphone with a sim card, which can be cloned ...


It's weird - I would have no problem buying a Huawei cell phone, but I wouldn't buy this. I'm trying to decide why the phone (which could also be compromised) wouldn't bother me, but this would.

Of the top of my head I'd say it could be because you can always root it and install an open source os.
No experience with Huawei but very happy with my Xiaomi A1 with aosp extended rom and mint kernel.
 
YEAH! The enemy du jour might spy on us!

Meanwhile domestic spying powers just went through yet another round of expansion.

We're doomed.
 
You mean like what the NSA does to Cisco? Yeah, it's not just China fucking with supply chains...
 
You mean like what the NSA does to Cisco? Yeah, it's not just China fucking with supply chains...
And hp.. and all kinds of shit.
Thing is, even if these are compromised they also need to know the target and piggy back software and shit like that i imagine. Same with Huawei, its a one off.. once discovered, thats it. I think Huawei servers are in Europe.. i doubt they would be allowed to sell there if they were so risky, and being caught once relaying info to the Chinese government would screw them most likely... That alone limits them greatly.
Now a good way to get info and access its with free software... I am surprised there isn't more top of the line free software floating around, used as a front / spy tool... And Yes im pissed i cant buy Huawei via normal channels in the US.. its bullshit, they have excellent phones on their way to be the best.. its all that crazy copying the Chinese do that leads to be the best, and others will soon start copying them i guess ...
 
Last edited:
Last I checked most if not all cell phones = made in china. So niche security widget being compromised, not really a big concern. That ship has long sailed.

And as has already been stated, getting something 100% made in America, won't be any more secure for us either, just a different set of state actors involved.
 
Google could care less what anyone thinks. They're happy to support anyone with money regardless of ideology. If NK could pay for it then Google would make them a censored search engine with no qualms.

Isn't that just capitalism?
 
So now we are only worried about WHICH tyrannical nanny state has full access to our lives?

something something American Exceptionalism only CIA, NSA, FBI and Mossad are allowed to hack, clone and track, if it doesn't Benefit Americas Master's it must be defamed and stopped.
 
Back
Top