Huawei kit decision arrived at for UK 5G network operators
5G is meant to be the mobile network to rule them all and some claim will be a solution that will avoid the need to actually build large full fibre networks to homes. It is this potential for 5G to be so pervasive that has driven a lot of the debate around the spying risk that using Huawei kit for 5G, though we should say it is sometimes hard to tell if its a spying risk that is being combated rather than a worry that Huawei will end up being the monopoly hardware provider.
The UK Government has now announced that Huawei hardware is banned from the core parts of the 5G network, e.g. those that make the call and data routing decisions and therefore know where individual users and their devices may be. In the periphery that includes the masts and other hardware there is a new limit of 35% of the network. Additionally around sensitive sites such as nuclear sites and military bases Huawei hardware will not be allowed.
The local exclusions for sensitive areas we presume is there to help avoid base stations from logging visibility of persons of interest mobile devices and sending this data to third party that is not authorised to see this location data. Any actual sensitive or secret data should of course already be encrypted and never transferred across any network in an open format even if it is a trusted network. One concern from some corners may have been that it is possible for network hardware to copy this encrypted data and people to then spend time trying to crack the encryption offline. Of course with wireless communications, interception is always a risk but if the actual network hardware can be compromised you avoid the need for local assets to carry out any interception.
Huawei is not the only 5G network hardware provider, there is Nokia, Ericsson, Samsung and ZTE that also offer hardware, but one of the differences compared to the 4G roll-outs a decade ago is the way that software is a much bigger part of the puzzle. A lot more tasks are carried out using powerful hardware where the software is making the decisions, where as in the past you would have a larger number of distinct dedicated hardware boxes all playing their individual part and monitoring their behaviour in real world use due to the defined interfaces.
Of course there is no guarantee that network hardware and the software from any provider is immune from compromise, hence why it has often looked like a lot of noise from the USA has been driven by concerns about other countries racing ahead in the software and hardware sphere meaning that their is little or no fully home grown solutions.