Security researchers who downloaded the firmware for the Smart Switch SG250 from Cisco's website and analyzed it accidentally discovered that it embedded the certificate and private key of gary.wu1(at)huawei, a developer for Huawei's U.S.-based subsidiary Futurewei Technologies. Why would a Huawei employee's credentials make it into Cisco's firmware image? The researchers asked Cisco, which conducted an internal investigation and provided an answer: some of Cisco's products use an open-source package, OpenDaylight, and these certificates and keys are part of the open-source package. The developers used the certificates to test the Cisco FindIT functionality, and as a result the certificates and keys were inadvertently included in the final product.

So this is a complete oops and there is no need to over-interpret it.

What's interesting is that in the current environment, these two are sensitive companies again, so the media in both countries are somewhat bandwagoning. In this case, the American headline is "Huawei cryptographic keys embedded in Cisco's firmware", which makes you feel that the backdoor was implanted by Huawei in Cisco's products. In China, the title became "Cisco was found to use Huawei's code, explanation: forgot to delete", making you feel that Cisco copied Huawei's code.

You can't ask everyone to find out the truth for themselves, and the headline party can't be shot, so the rhythm is brought up.

Thanks for reading.

First of all, I'm a programmer, so let's look at the nature of the problem from a programmer's perspective. In fact, in the code world, is not divided into national boundaries, github above a lot of good open source code, so the use of good open source code is the most normal thing to improve the development efficiency, we are encouraged to use in the company, especially some of the big a lot of people involved in the project, the general code has gone through a lot of testing, test cases are also written very well, so that you can avoid a lot of basic work. So there will be like Ali copy Tencent's code, Huawei must have copied the code of other companies, of course, provided that the code is free open source, and the corresponding open source license. For example, the common Apache Licence 2.0 license, the agreement encourages code **** to enjoy and respect the copyright of the original author, also allows code modification, and then released (as open source or commercial software). So people don't need to make a fuss about open source code being used.

Then, various self-righteous media outlets amplified this, thinking that Cisco had done something sneaky; the actual reason was simply that Cisco used an open-source package developed by Huawei's North American company in the firmware for its 250-series switches, which contained Huawei's own keys and certificates. Cisco itself was a participant (and open source developer) in this open source project, but they forgot to remove the keys and certificates from this test before it went live. In the code world, this is just a small bug, not a big deal, and I personally don't think it needs to be over-interpreted.

Finally, this incident reflects Huawei's R&D strength and contribution to the world, actively participating in multiple open source projects, such as hadoop, spark, and other big data projects, and also taking the initiative to open source a big data project based on spark: CarbonData (which is already a top-level apache project). It can be said that Huawei is actively participating in cooperation with the world, as well as contributing to the world, from software to hardware.

If my answer is helpful to you, I hope that by hand to point a like, add a concern, I will work harder to contribute more interesting knowledge of technology, thank you!

How do I look at it? It's pretty simple, thirty years on, thirty years off, Cisco is getting out of hand, and Huawei is or has become the leader in communications.

As early as the beginning of the 21st century, Cisco has realized that Huawei is its strongest competitor, and Cisco boss Chambers once said, "In the next few years, Cisco will have only one competitor, and that's Huawei!" Therefore, when Huawei entered the North American market in 2002, Cisco began its own crackdown, wanting to take advantage of Huawei has not been completely huge up to be a fatal blow. 2003 Cisco launched an infringement lawsuit against Huawei, 77-page indictment covers almost all the areas of intellectual property rights lawsuits, alleging that Huawei infringed on patents, copyrights, unfair competition, trade secrets and other a total of 21 counts.

Of course, Cisco's scheme did not succeed, when Huawei is not very strong, but early preparation, Cisco simply can not do a fast press Huawei to death, the quick war into a protracted war, this lawsuit either lose, or from their respective interests to reach a settlement, after a number of battles Cisco and Huawei compromised to reach a settlement agreement, the two sides have to reap the rewards.

15 years ago, this lawsuit reflects that Cisco still has a certain advantage, but with the development of time, Cisco's advantage is slowly disappearing. Huawei, as Chambers predicted, is getting stronger and stronger, the market in the field of communications can be the first, 5G technology leadership, can provide a complete end-to-end communications solutions. At the same time, Huawei's contribution to the industry is also getting bigger and bigger, participating in various standards organizations to play their own strength.

This thing happened today in Cisco, I have to say that Cisco is going on the road to decline, the world's top 500 companies to appear this kind of Bug, but also real huh!

On the matter of Cisco using Huawei code, the ins and outs are actually like this:

Mainly because, 250 series switch firmware used in an open source program package is developed by Huawei's North American company, which contains Huawei's own test keys and certificates. Cisco was also one of the developers of this open source program, and they forgot to remove this test key and certificate before going live.

I don't think there's any point in over-interpreting such a not-quite oopsie.

Huawei has not only continued to make an effort in 5g communications, but has also contributed in every other aspect. Currently in the ICT field, Huawei is very active in various open source communities, and actively participates in the research and development of chips and system software. Huawei's presence can be seen in large-scale projects such as RISC-V, OpenStack, and Hadoop.

With the U.S. government's ban, there are still tech companies like Cisco that are willing to work with Huawei. And according to gossip, including the White House, there are people inside the U.S. technology companies to provide advice, through the U.S. government to circumvent the ban to reach and Huawei's continued cooperation. The trend of technology globalization and cooperation is unstoppable.

Even now in this situation, Huawei has not closed the door to cooperation. This is possible because Huawei has a certain technical strength and y recognizes the importance of technological cooperation.

All in all, the oolong is actually a very, very small thing that just happened to happen between two companies with a rather delicate relationship. The rise of Huawei is indeed a source of national pride, but there is no need to over-hypothecate it. Technical cooperation between companies is very normal, and the use of open-source code is also a common practice in the industry. So there is no need to produce Cisco in turn "copy" Huawei such a conclusion.

Welcome to the discussion in the comments section below.

The reason why this issue has attracted so much attention is mainly because before Cisco sued Huawei plagiarized their own code, this thing in the international influence, the development of these years obviously Cisco has been unable to catch up with the Huawei company, and now suddenly appeared so a piece of news so that attracted everyone's attention, the incident is mainly because Cisco in their own switches using the secret key in the open source code of Huawei's subsidiaries. The main reason for this incident is that Cisco used Huawei's secret key certificate in its own switch, which was not discovered by Cisco itself, but by a third-party security organization, and Cisco quickly clarified that it was due to laxity in testing by the testing department, and that this explanation was obviously a bit perfunctory, for whatever reason.

Once Huawei in front of Cisco is pediatrics, now Huawei is not the year's pediatrics, has grown into a giant enterprise, already has 180,000 employees of technology giants, and in the proportion of employees in the expatriate can account for more than 40,000, the standard multinational enterprises, Huawei now in the field of communications as well as the field of consumer electronics occupy a very important role, especially in the 5G technology, in the field of consumer electronics, and in the field of consumer electronics, Huawei is the most important company in the field of consumer electronics. is in the 5G technology, in the field of cell phones if not the list of U.S. entities basically by the end of the year will be able to take the name of the world's first, in the field of communications has been the absolute boss, is currently the world's only one can provide a full set of 5G equipment equipment vendors, and now Huawei in the field of the advantage of the Huawei is still increasing, this is the real Huawei's state.

Huawei is actively embracing the world's most advanced technology, and is also actively embracing the open source community, in many open source communities have left Huawei's shadow, because Huawei recruited a lot of top software masters, and a lot of people like to contribute to their own share of power in the open source community, some of them in the name of the company and some of them in the name of the individual. For this incident, Huawei estimates that it will not be put on the body as such a large enterprise, this thing is not worth mentioning.

Now a lot of big companies in the open source community have contributed to the predecessor of Google's chrome browser is the webkit kernel, the beginning of the Apple is all contributed to the original code open source it is possible to many companies in the maintenance of the use of the future of many large-scale software will choose to open source, which has been a major trend in the development of software, Android is the first to be used in the development of the software. A big trend, Android is because open source enlisted a large number of developers to join in, and now has formed a very solid ecosystem, Huawei because the use of Android system are more ruthless, the result of the United States because of the list of entities led to the cancellation of the authorization of the Google, for the cell phone business is very big, the whole thing is set by Google is a bureau.

Now many areas have been inseparable from Huawei's equipment, Huawei's huge annual investment in research and development costs have now slowly to the harvest season, and from now on this advantage is getting bigger and bigger, it is because of the strong Huawei in the United States after the blockade can still show so tough, mainly because of the strength. Huawei from its inception to now has accumulated more than 30 years from the beginning of obscurity to the world's giant, always adhere to the research and development of core technologies, to the present in various fields have made very great achievements, has become the leader of the domestic science and technology enterprises, able to guide the development of many enterprises to grow and develop.

For Cisco did not expect one day to take Huawei's open source code to develop their own products, can only say that the wind and water rotate, I hope to help you.

At the moment, although the code may not be critical core code, but still can be interpreted out of some of the problems, first of all, we say that Cisco, as Huawei's most important competitor before, may be in the relevant areas, but also by Huawei gradually caught up or even exceeded.

So at this point it's worth celebrating because Huawei is actually doing a really great job at the code level, not just because of its performance on the Linux source code, but also the code portion of the components at other levels.

It's worth noting that North American companies have probably always had a two-tiered standard, as evidenced by the various scenarios and events that have taken place, and there's not really an argument that might be relatively satisfying about the use of Huawei's source code, but in general the condescension is still maintained.

Of course, Cisco certainly has the capital to be proud of, the reason is that as an international giant has been leading the world only so many years ago, due to the importance of the domestic core technology, including Huawei and a part of the industry in the new gradually close to Cisco, so in fact, Cisco from the psychology of the changes are still very difficult to accept, and it is difficult to accept the difference.

For us it is certainly reassuring that Huawei's influence is not simply in the so-called communications field, the so-called cell phone field, the chip field, and a variety of source code as well as the core technology level.

And then remove Huawei, in addition to some of the more low-end marketing on the phone, in fact, overall, Huawei is really very worthy of a high-tech domestic enterprises, and the technology content is very high, far from other enterprises in pursuit of the so-called patent number and make up the number of some of the technology!

The wind and water are turning! Remember in 2003, Cisco accused Huawei of illegally copying and stealing Cisco IOS?software, including source code! At that time, the vice president of Cisco said: We have no choice but to sue Huawei! And of pointing out: plagiarism is not innovation, and the theft of intellectual property is not competition!

After 16 years, Cisco has made a joke, in the network security consulting firm found that the secret key certificates used in the product switches, is a subsidiary of Huawei research and development.

Although, Cisco claims that the keys and certificates in the testing phase, the result of negligence before going live, forgot to delete! Moreover, these certificates and keys existed only in the file system and were not activated for use by the device, and have now long been deleted!

The more you describe it, the darker it gets! On the other hand, if Huawei had used Cisco's code in this case, I guess there would have been another accusation in 2003. After all, Cisco used "plagiarism, misappropriation" to accuse Huawei.

In fact, Huawei has repeatedly entered the U.S. market and was prevented, Cisco's role is very large, its main business is digital communication, Huawei's main business is fixed-line, but Huawei is also in the later, this aspect of the Cisco has a great impact.

For example: carrier, enterprise routers, Cisco although with 35.7% share of the first, but Huawei's share reached 31.7%, note that this is the second quarter of 2018.

So, Cisco has been guarding against Huawei, but Huawei's growth has put a lot of pressure on Cisco, which has led to a long-lasting competition between them!

Doing a thief was caught in flagrante delicto, only a sentence I was supposed to take their own wallets, but the hand reached the wrong pocket, how to pull out your wallet, misunderstanding misunderstanding ah! The next time only pull out their own wallets!

Cisco uses Huawei code, Huawei should be happy, should not be harsh, I think Huawei will not go harsh, because Huawei from now on know that they are powerful, and even Cisco have to ask Huawei in turn. Once, Cisco is a giant, Huawei is a child, Huawei is following Cisco's path step by step, Huawei knows how to get along with their peers, which is also something in the Chinese culture, Huawei does not engage in the competition between you and me

There is no view that would have been a platform for the open source