Experts Call for Transparency around Google’s Chinese-Made Security Keys

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,003
Security experts are voicing their concern following the discovery of Google’s new Titan Security Keys being made by Chinese company Feitian. While the search giant “does not see an issue with working with them,” security teams fear the keys could be compromised by the Chinese government. The supply chain process has not been documented thus far.

“The supply chain in China often is dictated by government policy,” the head of a security team based in a global, multi-billion-dollar company said. Generally speaking, one concern is that the Chinese government could potentially force Feitian to introduce some form of backdoor into the devices, or intercept the keys themselves and tamper with them, allowing the government to then access accounts of targets, for instance.
 

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
9,360
Google could care less what anyone thinks. They're happy to support anyone with money regardless of ideology. If NK could pay for it then Google would make them a censored search engine with no qualms.
 

seanreisk

[H]ard|Gawd
Joined
Aug 29, 2011
Messages
1,601
It's weird - I would have no problem buying a Huawei cell phone, but I wouldn't buy this. I'm trying to decide why the phone (which could also be compromised) wouldn't bother me, but this would.
 

DaBoSSs

n00b
Joined
Apr 4, 2003
Messages
41
Had been considering this as a possible source to ameliorate the lack of NFC on my Samsung tablet, think i'll pass on these though, will look for another source.
 

honegod

Supreme [H]ardness
Joined
Aug 31, 2000
Messages
6,930
So now we are only worried about WHICH tyrannical nanny state has full access to our lives?
 

PaulP

Gawd
Joined
Oct 31, 2016
Messages
776
I think it is reasonable to expect that the supply chain and manufacture of your security keys be transparent and documented. You are, after all, trusting them to with all your digital property.
 

idiomatic

Limp Gawd
Joined
Jan 12, 2018
Messages
162
Meanwhile the US govt compromising supply chains has been documented. Anything I get from the US I know has been intentionally compromised. If I get it from China I just assume it is.
 

Kibagami

Limp Gawd
Joined
Jul 26, 2004
Messages
342
I believe, that a healthy distrust of any "center of authority" is a must. There is always a tendency for any company or system/govt to do whatever it takes to attain and/or perpetuate its dominance. Whether for good or ill.
 

Chris_B

Supreme [H]ardness
Joined
May 29, 2001
Messages
5,029
Google couldn't care less what anyone thinks. They're happy to support anyone with money regardless of ideology. If NK could pay for it then Google would make them a censored search engine with no qualms.

Fixed.
 

xmadror

Gawd
Joined
Feb 13, 2012
Messages
800
I'd think that knowing the security key's info would be kinda useless unless you can associate it with a user account.
But It also seems similar in concept to using a smartphone with a sim card, which can be cloned ...


It's weird - I would have no problem buying a Huawei cell phone, but I wouldn't buy this. I'm trying to decide why the phone (which could also be compromised) wouldn't bother me, but this would.
Of the top of my head I'd say it could be because you can always root it and install an open source os.
No experience with Huawei but very happy with my Xiaomi A1 with aosp extended rom and mint kernel.
 
Joined
Mar 18, 2013
Messages
3,589
YEAH! The enemy du jour might spy on us!

Meanwhile domestic spying powers just went through yet another round of expansion.

We're doomed.
 

BloodyIron

2[H]4U
Joined
Jul 11, 2005
Messages
3,439
You mean like what the NSA does to Cisco? Yeah, it's not just China fucking with supply chains...
 

Uvaman2

2[H]4U
Joined
Jan 4, 2016
Messages
3,143
You mean like what the NSA does to Cisco? Yeah, it's not just China fucking with supply chains...
And hp.. and all kinds of shit.
Thing is, even if these are compromised they also need to know the target and piggy back software and shit like that i imagine. Same with Huawei, its a one off.. once discovered, thats it. I think Huawei servers are in Europe.. i doubt they would be allowed to sell there if they were so risky, and being caught once relaying info to the Chinese government would screw them most likely... That alone limits them greatly.
Now a good way to get info and access its with free software... I am surprised there isn't more top of the line free software floating around, used as a front / spy tool... And Yes im pissed i cant buy Huawei via normal channels in the US.. its bullshit, they have excellent phones on their way to be the best.. its all that crazy copying the Chinese do that leads to be the best, and others will soon start copying them i guess ...
 
Last edited:

dvsman

2[H]4U
Joined
Dec 2, 2009
Messages
3,231
Last I checked most if not all cell phones = made in china. So niche security widget being compromised, not really a big concern. That ship has long sailed.

And as has already been stated, getting something 100% made in America, won't be any more secure for us either, just a different set of state actors involved.
 

KazeoHin

Supreme [H]ardness
Joined
Sep 7, 2011
Messages
8,146
Google could care less what anyone thinks. They're happy to support anyone with money regardless of ideology. If NK could pay for it then Google would make them a censored search engine with no qualms.
Isn't that just capitalism?
 

Deathroned

Gawd
Joined
Mar 6, 2015
Messages
554
So now we are only worried about WHICH tyrannical nanny state has full access to our lives?
something something American Exceptionalism only CIA, NSA, FBI and Mossad are allowed to hack, clone and track, if it doesn't Benefit Americas Master's it must be defamed and stopped.
 
Top