If somebody were to tell you that the Australian government is stealing your data, there’s a chance you’d smile a bit contemptuously at the suggestion. If they said it was the Portuguese, the smile might get bigger. The Norwegians, the Peruvians, the government of Papua New Guinea… Now you’re having a laugh.

But the idea that it might be the Chinese… Now you take it seriously.

The reality is that anybody could be stealing your data. The nationality of a hacker really isn’t that important since computers understand nothing but ones and zeros. The fact that we have a certain fear of some Other is rooted in our experiences of the world. China builds our hardware. It is also a totalitarian state, with a vile record of human rights abuses. We have a whole history of a troubled relationship with them. We don’t need to start peering through millions of lines of code to explain why we might distrust them.

It does, however, explains how Donald Trump came last night to call a national emergency in order to exclude foreign companies from providing technology deemed a risk to national security. The ban has been long coming. The US has been muttering darkly about the Chinese technology giant Huawei for some time, leading most notably here in the UK to the Gavin Williamson debacle as politicians debated (and allegedly leaked) around this most gnarly of problems.

But as with everything involving the Trump presidency, the Huawei story needs the hard stuff extracting from bravado, posturing, and pouting. There is a story here that’s worth understanding but it’s not necessarily about technology. It is much more to do with the reality described above; something hovering between national pride and nationalism, between sensible self-interest and blind paranoia.

In fact, it might clarify our understanding of what’s going on if we could set aside the complicated technology details that sometimes feels like a friend explaining the plot of Game of Thrones. The idea that a Chinese company presents security concerns is only a real one in the same way that any nation thinks about its energy or food security. Simply put: when a society is so profoundly reliant on a product, it makes sense if that product is manufactured in that nation or a nation considered a friend. The fact that China isn’t much of a friend now and, given their increasing expansionism, might be a lot less friendly in the future, Trump’s approach might be a sensible one.

Beyond that, however, there’s much we can dismiss. Technology, whether made at home or abroad, is, by its very nature, insecure. You can strengthen it with layers of security, use cryptography with unbreakable levels of complexity, but, thus far, there has not been found a way to ensure there are zero vulnerabilities. The best security remains the “air gap”, meaning don’t connect your PC to a network, but even that is open to attack via USB thumb drives and “air gapping”, by which a potential hacker could, for example, read the electromagnetic signal emanating from a remote computer. Make no mistake, systems can be very very secure indeed but it’s hard to imagine a situation in which the security is absolute.

We needn’t get into the hard theory behind this because we have a few uncomfortable recent examples to make the point. In late 2017 and early 2018, the IT world was rocked by the news that Intel processors had vulnerabilities that became known as “Spectre” and “Meltdown”. It should be noted that these vulnerabilities weren’t at the level of the software running on machines but were at the level of the hardware, which is exactly where the argument on Huawei is focussed. A flaw in the Intel design meant that the majority of the world’s PCs (Intel were and remain the dominant processor manufacturer) were, in theory, open to hacking. Intel issued so-called “microcode” updates which added protection around the low-level operations of their chips, closing the loopholes (though, notably, causing all machines to run a little slower). Yet that should not be reassuring. A new vulnerability with Intel CPUs called SPOILER came to light in 2019 and, at the time of writing, has not yet been fixed (with some reports suggesting it might not be as easily fixed as previous exploits).

If that doesn’t worry you enough, consider the video games industry, worth about $135 billion in 2018. Given the profitability of the industry, you’d imagine the security they use to protect their business is the best available. Except when Nintendo launched their new Switch console in 2017, they failed to spot a glaring security flaw. A simple paper clip placed across two external points put power through a certain pin on its processor that would boot it into developer mode. The result: an exploit that hackers could use to run illicit software on the machine. What’s more, since it was a physical exploit, it could not be easily fixed with software updates. It would require a redesign of the product.

All these vulnerabilities have one commonality: they were spotted and soon shared with the community. Other vulnerabilities might not come to light so quickly. It’s like finding the keys to the local bank lying around and nobody knowing you found them. How much are they worth to you? How much are they worth to somebody else? A newly discovered vulnerability might have a value, especially to the security apparatus of a foreign government. Sometimes they only become apparent when they manifest themselves in the real world, as they did with the Stuxnet worm that exploited specific hardware used to control the speed of the centrifuges used in Iran’s enrichment program.

History teaches us that systems are rarely as secure as advertised and that politicians are usually the last people to understand this (in the very same way as they are usually the first people to embrace technology by throwing huge amounts of money at software solutions). Yet against that, we must also account for the natural paranoia that most people have about technology. Just this month the company, Super Micro, announced plans to move its production facilities out of China. This comes after a long-running story, originating in Bloomberg, reporting that “spy chips” had been found in server hardware sent out to major US companies. It’s a story that plays to our fears. The idea that one tiny little chip, indistinguishable from all the rest on the circuit board, was sending data back to Chinese agents is compelling. Yet the fact that no evidence of these chips has been found clearly isn’t enough reassurance. It also, again, highlights how these stories aren’t really about the hardware. The problem is with China.

While it makes sense to ensure that a nation controls its own data network, the Huawei really transcends the business of hardware and software. This is another facet of Trump’s ongoing trade war with China. In fact, “trade war” might already be too simple a term. This is really a war for the American soul. Trump, as with so many things, expresses this as America restating its place in the world and righting a wrong that has been obvious for so long. Arguably, of course, America never really lost that place until Trump came along and what he sees as an imbalance is a by-product of a free market system that exploits China’s cheap labour to produce things it could not (or would not) make at home. I’ll leave it to economics experts to unpick that problem.

Should America and the UK be worried about Huawei? Only in so far as they should be worried about all hardware in their data infrastructure. Unless they have information that Huawei poses a specific threat, then this story goes far beyond a single hardware manufacturer – it’s really about how we became so reliant on a nation we still need but can no longer trust.

Let us know your view. Send a letter for publication to letters@reaction.life