U.S. Senators call for travel warning for countries with Chinese smart city systems
A pair of U.S. Senators have called on the State Department to issue a travel advisory to Americans traveling to countries that use Chinese-supplied smart city biometric surveillance systems about the threat they pose.
The letter from Senators Marco Rubio (R-FL) and Ron Wyden (D-OR) was spotted by NextGov, which reports that the White House is trying to convince other nations not to use Chinese technology in the development of their 5G mobile networks.
“The Chinese government is exporting advanced surveillance and monitoring systems as part of a broad effort to spread its authoritarian model abroad and influence foreign countries,” the Senators write to Secretary of State Mike Pompeo. “Chinese companies like Huawei and China National Electronics Import & Export Corporation are selling, loaning, or transferring to foreign governments so-called “smart city” and “safe city” systems—a broad array of surveillance and monitoring technologies, including cameras, facial recognition along with artificial intelligence and cloud systems, that can be used to track and monitor individuals.”
The letter also notes a recent report in The New York Times which says 18 countries now use intelligent monitoring systems supplied by Chinese companies, and a 2018 Freedom on the Net report from Freedom House, which suggests China’s deals with other authoritarian regimes could enable the country’s intelligence agencies to gather global data. Serbia and Uruguay launched biometric facial recognition systems from Chinese suppliers under smart city initiatives earlier this year.
The Senators argue that in the 21st century, threats to privacy and personal information fall within the State Department’s mandate to make American citizens aware of travel threats.
Security researchers have discovered that security cameras from Dahua, the second-largest CCTV manufacturer in the world, contain a security vulnerability that enable unauthenticated parties to listen in to audio feeds, even on devices with the audio disabled, Forbes reports.
Researcher Jacob Baines first discovered the vulnerability with Armcrest-branded cameras, and called Dahua cameras, which are also white-labelled and sold under various brand names in North America and Europe, “anyone’s listening device” if they are connected to the internet. Subsequently, researchers with IPVM reported the issue is widely found in Dahua cameras and firmware.
Dahua issued a security advisory on August 2 admitting “some Dahua products’ VideoTalk function has authentication vulnerability—users without authentication can access this function. After Dahua reconstructed the relevant functional code in 2018, this vulnerability no longer exists.”
IPVM criticized the company for not notifying the public, even after fixing the problem. A representative of Dahua told IPVM that an emergency investigation revealed a problem in some end-of-life products, for which the company has a plan. Forbes reports that the latest firmware update seems to resolve the vulnerability.