Huawei Doesn't See Open Source as the Fix for Spying Accusations (but They Should)
jas writes:
Networking equipment is one of the last bastions of technology where opaque, proprietary, closed-source hardware continues to thrive. This opacity-combined with networking equipment functioning as the backbone of enterprise computing-creates a fertile breeding ground for fear, uncertainty, and doubt to proliferate. As a result of this, Huawei has spent nearly a decade embattled by accusations of spying for the Chinese government, and since May, a blacklisting.
[...] There's an aphorism named "Linus's Law" which states "Given enough eyeballs, all bugs are shallow." This plausibly applies to Huawei's circumstances: Publishing the full source code to Huawei products is a simplistic-and maximalist-way of dealing with security vulnerabilities and undercut accusations of spying that have plagued Huawei for years.
Opening Huawei products to third-party scrutiny would-at a minimum-surface situations where third-party open-source libraries are not being properly updated, if not allow security researchers the ability to identify vulnerabilities in Huawei-developed code. Such an initiative could also be used to create a shared build platform, making security updates easier to deploy across different device models.
Read more of this story at SoylentNews.