Huawei, Android, and Cybersecurity

8 minute read | Last updated 21-May-2019 |  Security

Watch the episode on YouTube

Join the discussion on LinkedIn

Share on Twitter

Bad Robot Transcript

Morning, everybody in this episode of the show. We’re going to explore the impact of the latest Huawei news on Android cyber security. Recently the US government increase pressure on Chinese Telecom giant Huawei. Now, there’s multiple layers to a lot of them are political G network infrastructure. We’re not going to dive into politics.

That isn’t what this show is about. What we are going to tackle is the reality of the latest move by the US the last week the u.s. Put Huawei on the US entity list. Is it published by the US Department of Commerce and this list sets license requirements for the export re-export and transfer of certain items into the United States and out from the United States now in simpler terms, it really sets are restrictions around a company’s ability to do business in the US with us based companies in the name of National Security.

Now being on the US entity list directly affects, you always relationship with Google Huawei makes the popular P20 and P 30 lines of smartphones and these phones run. Android operating system and they live in the Google ecosystem when I say popular I do mean it the numbers change depending on the source, but Huawei is undeniably one of the top three mobile vendors on the planet are being put on the US and to the list means that Google is no longer allowed to export their technology to the send shenzhen-based company.

This means that Huawei phones will only be able to use the Android open source or AOSP moving forward. Now that doesn’t sound so bad right Androids, very competitive rights were wrong name an Android phone that doesn’t have Google search or Google Maps or Gmail or access to the Google Play store and it doesn’t end there the most people think of as Android is actually the combination of the Android open source project and Google mobile services.

Most people wouldn’t actually recognize an Android device without Google mobile services. layered on top that was a result of this order at some point in the near future and near currently means about 90 days out while we will lose access to the top half of that technology stack with all the Google mobile services being pulled from your phone and maybe existing ones.

No one’s quite sure about that little detail. Now the cybersecurity angle here is an interesting one since its Inception Android security updates have been problematic it best being super polite. Unlike Apple’s ecosystem wear eye patches released by Apple and it’s pushed out to all devices automatically. Android is a lot more complex and ideal scenario again an ideal scenario.

Android patches are released by the Android open source project or buy Google accepted by the hardware component manufacturers accepted by the handset manufacturers accepted by the mobile providers and then eventually released to the end user. Now. This flow won’t change for Huawei assuming assuming that the patches issued is part of the Android app.

Source project this isn’t necessarily there isn’t necessarily a clean line between these initiatives as there should be and as a result Huawei devices might lose out on some critical security patches that aren’t released at the lowest public layer now, ironically that’s as a direct result of work that Google is doing to make the Android ecosystem more secure by pushing updates directly to end users as opposed to the multi-stakeholder workflow that existed a dispute between us and Huawei politics aside.

It’s an example of the repercussions of cyber security and privacy with large Global ecosystems and real-world devices will Huawei come up with a plan for long-term sustainability and the security of their existing devices for new ones. Only time will tell now what do you think of this issue? How would you handle how do you handle the lifecycle devices when there are dramatic changes to their support model.

This is not the only case. We’ve seen it with me. Square Google’s involved again with iot this is a real ongoing Challenge and it’s only going to get worse as we get more and more devices how sustainable are these when there are geopolitics at play when there is the life cycle of a company itself at play.

There’s a lot of complicated issues here, but at the end of the day we have devices that are floating around that need updates that may not be able to get them. Let me know what you think online where I’m at at Mark NCAA in the comments down below and as always by email me at Mark m.

C. I look forward to talking to you about this issue will see you on the next show. Morning, everybody in this episode of the show. We’re going to explore the impact of the latest Huawei news on Android cyber security. Recently the US government increase pressure on Chinese Telecom giant Huawei.

Now, there’s multiple layers to a lot of them are political G network infrastructure. We’re not going to dive into politics. That isn’t what this show is about. What we are going to tackle is the reality of the latest move by the US the last week the u.s. Put Huawei on the US entity list.

Is it published by the US Department of Commerce and this list sets license requirements for the export re-export and transfer of certain items into the United States and out from the United States now in simpler terms, it really sets are restrictions around a company’s ability to do business in the US with us based companies in the name of National Security.

Now being on the US entity list directly affects, you always relationship with Google Huawei makes the popular P20 and P 30 lines of smartphones and these phones run. Android operating system and they live in the Google ecosystem when I say popular I do mean it the numbers change depending on the source, but Huawei is undeniably one of the top three mobile vendors on the planet are being put on the US and to the list means that Google is no longer allowed to export their technology to the send shenzhen-based company.

This means that Huawei phones will only be able to use the Android open source or AOSP moving forward. Now that doesn’t sound so bad right Androids, very competitive rights were wrong name an Android phone that doesn’t have Google search or Google Maps or Gmail or access to the Google Play store and it doesn’t end there the most people think of as Android is actually the combination of the Android open source project and Google mobile services.

Most people wouldn’t actually recognize an Android device without Google mobile services. layered on top that was a result of this order at some point in the near future and near currently means about 90 days out while we will lose access to the top half of that technology stack with all the Google mobile services being pulled from your phone and maybe existing ones.

No one’s quite sure about that little detail. Now the cybersecurity angle here is an interesting one since its Inception Android security updates have been problematic it best being super polite. Unlike Apple’s ecosystem wear eye patches released by Apple and it’s pushed out to all devices automatically. Android is a lot more complex and ideal scenario again an ideal scenario.

Android patches are released by the Android open source project or buy Google accepted by the hardware component manufacturers accepted by the handset manufacturers accepted by the mobile providers and then eventually released to the end user. Now. This flow won’t change for Huawei assuming assuming that the patches issued is part of the Android app.

Source project this isn’t necessarily there isn’t necessarily a clean line between these initiatives as there should be and as a result Huawei devices might lose out on some critical security patches that aren’t released at the lowest public layer now, ironically that’s as a direct result of work that Google is doing to make the Android ecosystem more secure by pushing updates directly to end users as opposed to the multi-stakeholder workflow that existed a dispute between us and Huawei politics aside.

It’s an example of the repercussions of cyber security and privacy with large Global ecosystems and real-world devices will Huawei come up with a plan for long-term sustainability and the security of their existing devices for new ones. Only time will tell now what do you think of this issue? How would you handle how do you handle the lifecycle devices when there are dramatic changes to their support model.

This is not the only case. We’ve seen it with me. Square Google’s involved again with iot this is a real ongoing Challenge and it’s only going to get worse as we get more and more devices how sustainable are these when there are geopolitics at play when there is the life cycle of a company itself at play.

There’s a lot of complicated issues here, but at the end of the day we have devices that are floating around that need updates that may not be able to get them. Let me know what you think online where I’m at at Mark NCAA in the comments down below and as always by email me at Mark m.

C. I look forward to talking to you about this issue will see you on the next show.