Editorial: For network infrastructural professionals, “Made in China“ is losing its luster :
Over the past three years there has been growing indicative evidence that many hacker groups are secretly financed or otherwise organized by the Chinese (and in some cases Russian) state apparatus, and as such, more and more consultants from the IT industry are also openly criticizing the use of network-capable hardware devices from Chinese production in Western networks. Essentially, hardware is able to offer better "hiding places" than might be found in purely software products. Whether in the case of virus scanners or general “watchdog” programs, native or third-party security systems are ultimately well able to monitor software products; this is less true in the case of standalone hardware.
Since hardware is usually "hardened", such security systems are not able to attain access to the inner software. Consequently, background processes cannot be checked for irritating or even harmful secondary functions. If the origin of the device is unknown or the manufacturer cannot be trusted, the "hardening" of an embedded OS, which is actually intended as a security feature, consequently becomes a vulnerability per se with regards to the broader cybersecurity of the system to which it belongs.