How exactly if almost all network traffic these days run on TLSx.x, would huawei having a part in building infrastructure be “dangerous” for the average person (and the population at large)?
Wouldn’t SSL termination be needed at each person’s device to allow snooping? Or is there some deeper issue I’m missing?
In: Technology
There are many possible problems when the network hardware you trust turns against you. The first and easy one to understand is location data. The cell towers know which phone it’s talking to, even if it doesn’t know what data it’s transferring.
The second is access to internal networks and possibly databases of carriers. This can be used to both steal data and disrupt operations.
The third, and more specifically to your question about TLS, is that authoritarian governments usually have access to generate whatever certificates they want for whatever domain they want. Chinese certificate authorities have been removed before for abusing exactly this issue.
https://www.zdnet.com/google-amp/article/google-banishes-chinas-main-digital-certificate-authority-cnnic/
There are many other possible issues. Even with TLS, they can do a very silly MitM and you can bet many people will fall for it and accept invalid certificates without thinking twice.
Latest Answers