x
Optical/IP

Alcatel, Lucent Face Security Grilling

Representatives from Alcatel (NYSE: ALA; Paris: CGEP:PA) and Lucent Technologies Inc. (NYSE: LU) have been called to a hearing organized by the House Armed Services Committee to answer questions about the national security implications of their proposed merger. (See Alcatel, Lucent Seal Deal.)

The hearing, organized by the Committee's chairman, Republican Congressman Duncan Hunter, and scheduled for 2 p.m. on Tuesday, November 14, in Washington, D.C., comes as the vendors make their final plans to become one giant telecom equipment supplier. (See Alcatel Preps New Tech Roadmap.)

The Committee's members are expected to hear testimony from representatives from the vendors and officials from the Committee on Foreign Investment in the United States (CFIUS), which has been reviewing the proposed merger. However, a list of "witnesses" due to speak at the hearing has yet to be announced. (See Alcatel/Lucent Wait on W OK.)

At the heart of any security concerns is the role of Lucent's Bell Labs , which does a lot of U.S. military-related work. Lucent has addressed this situation by planning for the Labs to become a separate subsidiary in a post-merger world, though questions have already been raised as to whether that will be enough to satisfy the concerns of some U.S. lawmakers. (See Analyst: Alcatel Should Rethink Things.) The vendors should prepare themselves for a challenging session next Tuesday. Congressman Hunter, who represents California's 52nd Congressional District, has already made his feelings clear about the proposed merger. Only weeks after the vendors announced their intentions to join forces, Hunter wrote a letter to President Bush saying that he had "several grave concerns about the potential merger of French-owned Alcatel and American-owned Lucent Technologies.”

He added: "These concerns arise in large part because Lucent Technologies and Bell Labs, a critical component of the parent company Lucent Technologies, conduct a significant amount of highly classified work for the United States government, including the Department of Defense. I am skeptical whether the current CFIUS process could provide adequate, verifiable assurances that such sensitive work will be protected.”

The vendors are keeping their thoughts about the hearing to themselves, at present. "We have heard from the Committee and have their request under review," says Lucent spokeswoman Mary Lou Ambrus, while Alcatel issued an identical statement.

Investors clearly aren't worried that the hearing might scupper or delay the deal. Alcatel's share price is down just €0.08, less than 1 percent, to €10.33 in Paris today, while Lucent's stock is up 1 penny to $2.53 in pre-market trading this morning.

— Ray Le Maistre, International News Editor, Light Reading

belakinabale 12/5/2012 | 3:34:42 AM
re: Alcatel, Lucent Face Security Grilling ... at the grilling? Did not see any new supply of french fries :) on lightreading.
corwin0 12/5/2012 | 3:34:46 AM
re: Alcatel, Lucent Face Security Grilling Brookseven,

I have thought about it - the USG access to coms channels is most probably NOT in commodidty hardware (think about how many people have access to those platforms).

If it were in those platforms, the operators would most definately notice the data outflows (it would be their bandwidth being used, afterall, unless you assume that there is some tachyon/graviton emitter hidden in those circuit packs).

The access, if it exists, is somewhere else.
zoinks! 12/5/2012 | 3:34:47 AM
re: Alcatel, Lucent Face Security Grilling I guess you're right. I shouldn't worry about French muslims or Europeans.

I should worry about China stalking my navy, training to torpedo the fleet right before it marches on my relatives in Taiwan.

Zoinks!
opticalwatcher 12/5/2012 | 3:34:47 AM
re: Alcatel, Lucent Face Security Grilling "This makes me wonder where all of the code that is being generated in Bangalor is going."

Exactly. People here are worried that a French company is supplying all this teleco equipment to the US (though much of it is US based Timetra).

A lot of the Lucent, Cisco, and Alcatel code is being written by low-paid programmers in India and Asia.

In any case, the US government couldn't care less.

The concern is Bell Labs, which does specific classified research for the US government.
whyiswhy 12/5/2012 | 3:34:47 AM
re: Alcatel, Lucent Face Security Grilling "That wouldn't be possible without major cooperation from the service provider, for sure. In effect, it would double the total interface size of the PSTN, for one thing..."

ROTFLMAO!

It's public information as long as 40 years ago the US was listening in on most of the USSRs military and diplomatic traffic from microwave to undersea cable to wires to coax...

Read a few books about how it was done very efficiently and automatically years ago (before anything like word recognition), and imagine the US government has spent a billion every year since getting better and better at it...

-Why
zoinks! 12/5/2012 | 3:34:48 AM
re: Alcatel, Lucent Face Security Grilling > I just think it's funny how you can go through all kinds of trouble to keep total control of muslims in your country,...

I'm not sure what country you're talkin' about fella, but it ain't the US. Political correctness and "sensitivity" run amok is in charge.

Yours,

Zoinks!, he with a healthy sense of xenophobia for those that want to kill me because I am a Christian and an American
megacop 12/5/2012 | 3:34:48 AM
re: Alcatel, Lucent Face Security Grilling
This makes me wonder where all of the code that is being generated in Bangalor is going.
paolo.franzoi 12/5/2012 | 3:34:49 AM
re: Alcatel, Lucent Face Security Grilling

MM,

Perhaps you should look at the exactly 2 vendors with a 99% share of telco switching. There are many car makers.

As for LCDs, go find who makes LCD panels. You will find that 90%+ market share is owned by Japanese companies. Given that this is considered a critical military technology the DoD is keeping some American Suppliers in business. Otherwise that market share would be 100%.

seven
metroman 12/5/2012 | 3:34:49 AM
re: Alcatel, Lucent Face Security Grilling Seven

Of course everyone sources goods from multiple places/vendors/distributors - it makes sense to do that to spread risk.

Lucent and Alcatel merging does not make the US dependent upon that merged entity to supply anything. They can choose to ignore them as a commercial partner in favour of an entity that they trust. Given that we live with free market economics no-one is forced to do anything or be dependent upon anyone - even the Japanese LCD suppliers.

By the way, an Australian dominates our media, the car market is dominated by the Japanese and Viagra is made by a british company. Be careful driving home, watchihng the news or in bed with the wife/husband tonight, who knows what they are doing to you.

Fear is easy to create. Trust is a little harder to come by these days, hence the number of Lawyers.

Metroman
CoolLightGeek 12/5/2012 | 3:34:50 AM
re: Alcatel, Lucent Face Security Grilling Seven wrote to Bytewatcher: "I don't consider it paranoia. You are being spied on through the Internet. It's okay with me. "

Lets call it non-intrusive monitoring of internet chatter: I doubt anyone(NSA/CIA?) has collected specific information tied to our ROW friend, bytewatcher, unless of course, he distinguished himself by researching terrorist organizations or b*mb making chemistry on the internet.

"Spying" typically implies a intrusive effort with a idea of a target in mind. I would bet a fair number of farmers that use ammon**m n*trat*
get on the list of people for special attention.

The DoD considers security concerns as primary even if it leads to more expensive solutions.
Its one place where basic capitalism (lowest bidder meeting spec) gets overridden if there is any thought that the bidder can be compromised by a group perceived as a security risk.

I expect ALA/LU will do what it takes to pass the "security grilling".

CLG
paolo.franzoi 12/5/2012 | 3:34:52 AM
re: Alcatel, Lucent Face Security Grilling
Metro,

I don't care if the foreigner is French or Muslim. It is a pause for concern to turn over the control of a fundamental infrastructure element to the products designed, manufactured and maintained by a 3rd country. It is the reason that the DoD sponsors some amount of US LCD business, so that the US is not dependent upon Japan to build Fighter Cockpits.

I think it is an interesting topic for debate and has little to do with whom is the buyer.

seven
bytewatcher 12/5/2012 | 3:34:52 AM
re: Alcatel, Lucent Face Security Grilling Hi brookseven,
I wonder if all the governments around the world had a similar concern.
I compare this threat at the same level (to say the least) of having Cisco equipments installed in the LANs of government agencies outside US.
Here in the ROW where I leave this is absolutely no reason for paranoia.

Regards
paolo.franzoi 12/5/2012 | 3:34:52 AM
re: Alcatel, Lucent Face Security Grilling
I don't consider it paranoia. You are being spied on through the Internet. It's okay with me.

seven
jepovic 12/5/2012 | 3:34:53 AM
re: Alcatel, Lucent Face Security Grilling The US gov, as most govs, already have multiple standards. Muslims are not treated the same, just like the japanese weren't treated the same 65 years ago.

I just think it's funny how you can go through all kinds of trouble to keep total control of muslims in your country, at the same time as you let go of the control of the software in your class 5-switches. What is the bigger threat, really?
jepovic 12/5/2012 | 3:34:54 AM
re: Alcatel, Lucent Face Security Grilling I'm surprised how many people here assuming it's a technically difficult feat to wiretap everyone. We're all engineers, right? It's just ones and zeroes after all, and hiding software is technically trivial.

The challenge is not technical, it's political. There will always be risk for a media scandal, and the question is how much the authorities are willing to risk?
jepovic 12/5/2012 | 3:34:54 AM
re: Alcatel, Lucent Face Security Grilling "I would also like to point out that it would be highly unlikely that a vendor could place code into one of these switches to monitor calls without the service provider knowing about it. "

Why? Service providers have very little control of the software, even if they are expert users of it. Even the vendors have very little control of their entire software. If the code is put in the right part of the software, noone will ever check the source code. If it ain't broke, don't fix it. The size of the source code in a class 5 switch is immense!

"Such a "bug" would be useless without some type of transport for offloading the information being gathered. This transport connection would be impossible to attain without first having permission from the vendor, as they control both the trunking and IP networks linked to the switch."

The links to the switches could be perfectly legal. E.g. NSA could set up a fake call center company and order a few T1s. Through the hidden software they could manipulate the call forwarding to route via their site, where they could use any kind of equipment for their purposes. Of course this could be done without the service provider or users being aware of it.

If not, why? Carrier networks route billions of calls, and noone has time to investigate anything unless there is a customer complaint.

Of course, listening for key words in EVERY phone call would be a whole different thing. That type of functionality would require special software and hardware, not found in a class 5 switch, which means that all the calls would have to be routed via NSA equipment. That wouldn't be possible without major cooperation from the service provider, for sure. In effect, it would double the total interface size of the PSTN, for one thing...

In that case, it seems a lot easier for NSA to wiretap on the optical level, on major backbone and transatlantic cables. Probably quite a complicated feat with DWDM and IP dominating the trunks, but quite possible.
metroman 12/5/2012 | 3:34:54 AM
re: Alcatel, Lucent Face Security Grilling Xenophobia - an unreasonable fear or hatred of foreigners or strangers or of that which is foreign or strange.

Some people see the behaviour of the US as foreign and strange - US is not the center of the universe. I am firmly of the belief that people's true psychology and underlying behavioural traits can be seen in what they expect others to do to them in similar circumstances to the ones they find themselves.

I am sure that by being Muslim or French or a French Muslim or a French Muslim from North Africa is only a threat in your minds. Sure Muslims have been involved in terrorism but so have americans (Oklahoma anyone?)

I am personally shocked and horrified by some of the comments on these pages. People should think twice about making judgements against others just on the basis of religion or nationality. I think that most Americans find it shocking when those in the Muslim coutries (and even in non-muslim countries) point the finger at the US. Americans who see this as baseless tend to refer to it as "fundamentalism". It is actually the manifestation of a misunderstanding of what real Americans are like - basing their view on a few public figures who don't know how to conduct themselves in different cultures and those who try and take a commercial advantage without considering the moral consequences. (Other people have different moral baselines and see US behaviour to be immoral, even if yo do not) To the rest of the world the discussions on this page look like American Fundamentalism.

I suggest you let you personal xenophobia sit on the shelf and see how you can represent your nation in a positive light. If you want to live with nice neighbors you make the effort to let them see you as a good person, you don't think of all the things they could do to you and build barriers. It will be the end of American commercial dominance if we build barriers to the rest of the world so that people do not want to do business here. That would be a shame for a nation with such a multicultural heritage.

Metroman
paolo.franzoi 12/5/2012 | 3:34:56 AM
re: Alcatel, Lucent Face Security Grilling
megacop,

You are missing the point. The vendors could be under order from the NSA to put in the bug and the connections that use it could be perfectly valid. The carriers would be unaware of the way things are working.

It is a well known program that every phone call in the US is monitored by the NSA for keywords and key phrases. These keywords trigger the recording and forwarding to the NSA. This is not part of CALEA, and is real. Think about how they do this.

seven
megacop 12/5/2012 | 3:34:57 AM
re: Alcatel, Lucent Face Security Grilling The point I was trying to make is that CALEA is a feature which is required in most, if not all, class 5 switching and soft switch platforms in the US.
The vendors do not control access to this feature, the service providers do.

I would also like to point out that it would be highly unlikely that a vendor could place code into one of these switches to monitor calls without the service provider knowing about it. Such a "bug" would be useless without some type of transport for offloading the information being gathered. This transport connection would be impossible to attain without first having permission from the vendor, as they control both the trunking and IP networks linked to the switch.
CALEA simply does not factor into any security concerns regarding this merger.
BTW - both vendors have CALEA in their switching platforms, as do many others.

MC
whyiswhy 12/5/2012 | 3:34:58 AM
re: Alcatel, Lucent Face Security Grilling Brooks:

I think you have to presume every country has "special" code in the switches made in their country.

The purposes might range from benign traffic monitoring, to law enforcement, to espionage to sabotage.

I think it's reasonable to presume they can do any or all of the above.

-Why
paolo.franzoi 12/5/2012 | 3:34:58 AM
re: Alcatel, Lucent Face Security Grilling
It also seems that you folks don't know that CALEA stands for:

Carrier Assistance of Law Enforcement Agencies.

It is a requirement for an electronic mechanism for turning on wiretapping. Today, it is generally implemented at a Class 5 switch through a very specific interface. The actual ongoing wiretaps are unknown to the carrier. This is done to protect carrier personnel (if they don't know they are there, nobody can bribe/extort knowledge of their existance). This is a mandate of Federal Law and is required (or a waiver is required) for every phone line in the US. There are similar setups in the developed world.

Do you want a pointer to the standards body that manages the implementation?

seven
paolo.franzoi 12/5/2012 | 3:34:58 AM
re: Alcatel, Lucent Face Security Grilling
MG,

No, it means that you should expect that the NSA is spying on other countries through its knowledge of Cisco and Juniper gear.

seven
mu-law 12/5/2012 | 3:34:59 AM
re: Alcatel, Lucent Face Security Grilling but they do have networking R&D and sustaining organizations in Morocco and Algeria.

From what I've seen, many "legacy" products have sustaining that is offshore, and to the lowest bidder. There's certainly an incentive for the vendor to do this, but the decision to approach sustaining this way is also one to forego some amount of oversight and quality in exchange for productivity or cost effectiveness. Outsourcers build their businesses accordingly...
materialgirl 12/5/2012 | 3:34:59 AM
re: Alcatel, Lucent Face Security Grilling Dera Seven:
Does that logic mean that we should not run the Internt on CSCO or JNPR gear outside the U.S.? Other countries have run their network on U.S.-made gear for years with little ill effect. We aren't that trustworthy.

Perhaps the growing risk of slipped in security leaks implies that we should make the network stupid. After all, all those network "features" could be seen as just breeding grounds for security leaks.
jepovic 12/5/2012 | 3:35:00 AM
re: Alcatel, Lucent Face Security Grilling Most scenarios regarding national security are far-fetched, and the US spends far more money on outright ridiculous military projects.

Alcatel are french at the moment, but is that true in five years? If Huawei would like to buy Alcatel in a couple of years, the US gov can do nothing about it.

There's another angle here as well: Suppose NSA and/or FBI have backdoors into LU. Not unlikely, as some have pointed out. With the Alcatel takeover, the risk increases that those backdoors will be closed or (worse?) will leak out in the media.
zoinks! 12/5/2012 | 3:35:00 AM
re: Alcatel, Lucent Face Security Grilling No, but they do have networking R&D and sustaining organizations in Morocco and Algeria. One could posit a timebomb being slid into some maintenance release .... its far-fetched but I don't think its out of the question.

Zoinks!
paolo.franzoi 12/5/2012 | 3:35:00 AM
re: Alcatel, Lucent Face Security Grilling
The point of CALEA is silent wiretapping to maintain the safety of End Office personell. They are unaware of wiretaps.

And if you think the US government doesn't have backdoors into existing equipment (authorized or not), you are greatly kidding yourselves.

People were asking why there might be security concerns. That is where it is. How do you think NSA monitors phone calls for key words? By magic?

seven
mu-law 12/5/2012 | 3:35:02 AM
re: Alcatel, Lucent Face Security Grilling I guess in a busy switch, it would be possible to have a silent call out wiretap that crops up every once in a while... however, the mechanism by which this would be triggered is not clear. Perhaps the vendor in question would provide service on the affected system, etc... this requires all but an overt conspiracy, and its a pretty low yield undertaking. I remain unconvinced.

In the present day and age, and given the large proportion of lines served in the US by equipment from a single vendor I would be far more concerned with the likes of a "logic bomb" causing service disruption. In this case, the trigger could be something as simple as ANI of terminations into each affected exchange.

It seems a bit far fetched to put the French at the root of all of this. However, there are manifold groups and individuals throughout the world that would like to see the US come to harm, and some number of them can get computer or internet access.

For that matter, even before the French were in the picture, what have makers of critical infrastructure elements done to assure the integrity of their object code? audit source?

If we're looking for an issue worthy of a few billion dollars of attention, maybe regulating or attaching liability to information security is worthwhile.
LightInSky 12/5/2012 | 3:35:02 AM
re: Alcatel, Lucent Face Security Grilling To chip-mate (#8)

Isn't Eslambolchi muslim ?
There are some muslims in LU as well ...
Not that I disagree with your criterion ...
jepovic 12/5/2012 | 3:35:03 AM
re: Alcatel, Lucent Face Security Grilling I agree that this probably has little to do with security, and I'm allergic to protectionism. However, in this case I think a lot of people are very naive.

First of all, what says that Huawei couldn't buy Alcatel in 5 years?

And of course the switches are owned by the operators. But the vendors are in control of the software, and could realistically put any feature in it. Operators are cutting down testing and focus on getting the right functionality from the boxes - who has time to go through the source code even if it was an option?

So, in a 5-year perspective, you could have chinese engineers controlling the software for the majority of your class 5-switches. Yum.

Put it this way: Yes, it's probably an economical loss to keep Lucent American. Perhaps a few billion dollars.

How many wonderfully useful defense system projects do you get for a few billion dollars? Compared to your astronomical military spendings, I would say the cost for keeping LU under control is puny.
corwin0 12/5/2012 | 3:35:04 AM
re: Alcatel, Lucent Face Security Grilling Brookseven,

The last time I checked, the switches were owned by the operators, not Lucent or Alcatel. They were made by either L or A. Does that mean that it's impossible for "evil code" to be loaded into a switch during an upgrade or maintenance - no, however, even if it were, it would have to have the infrastructure to do something useful. It's the carrier's network, and the carrier's kit.

Also, the staff working on those switches will probably be mostly US (local support organization, etc.) You can't tell me that if an "evil, cheese eating, surender monkey" put "evil code" into a switch, some US worker wouldn't raise the red flag.

Frankly, I am much more nervous about my own government getting the carriers to look the other way when it comes to constitutional protections, than a surrender monkey company taking a risk that would screw up a huge market that it has just spent 13B to enter.

Corwin
paolo.franzoi 12/5/2012 | 3:35:05 AM
re: Alcatel, Lucent Face Security Grilling
njguy,

French CIA: Put a bug in the next patch so we can listen to all US phone calls that pass 5ESS switches anytime we want.

Alcatel: Okay...

Get the idea? That is the reason it is a security risk.

seven
njguy 12/5/2012 | 3:35:05 AM
re: Alcatel, Lucent Face Security Grilling 1) Lucent does not own the switches. The phone companies own the switches. Lucent makes and sells them.

2) There's a lot more to Bell Labs than government work. Lucent will not be making Bell Labs a subsidiary. They'll be making a portion of Bell Labs a subsidiary.
alchemy 12/5/2012 | 3:35:05 AM
re: Alcatel, Lucent Face Security Grilling brookseven tells us:
French CIA: Put a bug in the next patch so we can listen to all US phone calls that pass 5ESS switches anytime we want.

Alcatel: Okay...

Get the idea? That is the reason it is a security risk.


Combine that with all the Quebecois who worked on the DMS-100.....

Shouldn't we be more worried about Microsoft? *grin*
paolo.franzoi 12/5/2012 | 3:35:06 AM
re: Alcatel, Lucent Face Security Grilling
MC,

Think a french company that will own half the switches in the US (or probably more than half) is going to be keen on implementing changes to help support the Patriot Act? Now replace the word french with foreign. Now think about all the communications in your country flowing through the equipment owned by a foreign power.

Get the idea now? As I said, CALEA will be easy.....but just suppose the French want to spy on the US.

seven
chip_mate 12/5/2012 | 3:35:08 AM
re: Alcatel, Lucent Face Security Grilling To be blunt on the Security Vote:

Is Alcatel run by Muslims?

Yes or No.




Vote is decided.




End.
megacop 12/5/2012 | 3:35:09 AM
re: Alcatel, Lucent Face Security Grilling Hey seven,

I'm a wee bit confused.
Vendors are responsible for making sure CALEA is in their product, so the telcos can meet the requirement. CALEA is an absolute requirement in these parts ....

MC
whyiswhy 12/5/2012 | 3:35:09 AM
re: Alcatel, Lucent Face Security Grilling Duncan Hunter...

Did one of his parents lose a Yo-Yo?

-Why
whyiswhy 12/5/2012 | 3:35:12 AM
re: Alcatel, Lucent Face Security Grilling JMHO:

Congressman doofus brain ought to be seriously worried about HuaWei-3Com.

-Why
digits 12/5/2012 | 3:35:12 AM
re: Alcatel, Lucent Face Security Grilling Oui. Je conviens, monsieur.
markjohn20 12/5/2012 | 3:35:12 AM
re: Alcatel, Lucent Face Security Grilling I think this is an issue not of merger with a European company, but of merger with a company of 'cheese eating surrender monkey' extraction :) Perhaps the neo-cons still haven't got over French opposition to their adventure in Iraq....
paolo.franzoi 12/5/2012 | 3:35:13 AM
re: Alcatel, Lucent Face Security Grilling

Well, Alcatel + Lucent would be the clear #1 most important Telecom company in the US. Cisco is the clear #1 Internet company.

Things like CALEA can be worked but relationships are not always as friendly as one might think.

seven
SolitonWave 12/5/2012 | 3:35:14 AM
re: Alcatel, Lucent Face Security Grilling Guess I've heard all this before. Security issues are always a good excuse to hide some other concerns... Alcatel is based in Europe, not Iran or North Korea. It should not be that hard to reach an agreement on security issues. Unless there are other "not so clear" motives to raise questions.
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE