. home.aspx


Huawei IoT devices show poor coding, security practices: claim

June 30, 2019 / SAM VARGHESE

A report on the security of Internet-of-Things devices made by Chinese telecommunications equipment vendor Huawei Technologies, published by the hitherto unheard of company Finite State, claims that analysis of 9936 firmware images in 558 different products shows that these devices are less secure than those from other vendors like Juniper and Arista.The company listed 142 devices — routers, switches, UPS units and the like — the firmware of which it said it had analysed in a matter of hours using its proprietary platform. Many of the devices listed are different versions of the same model. The report is titled "Finite State Supply Chain Assessment: Huawei Technologies Co Ltd." It referred to the Finite State 9-dimensional Risk Matrix as being the standard against which its study was done, but there is no sign of what this matrix is on its website.