Huawei can't patch basic security holes (namely ancient OpenSSL versions sprinkled through their LTE Basestation codebase): <a href="https://www.theregister.co.uk/2019/03/28/hcsec_huawei_oversight_board_savaging_annual_report/" rel="nofollow">https://www.theregister.co.uk/2019/03/28/hcsec_huawei_oversi...</a><p>HCSEC asked Huawei to update these vulnerable libraries last year when Huawei promised a $2 billion investment in security, yet this really basic firmware maintenance task has yet to be performed.<p>Huawei also did the same thing with a Windows driver: <a href="https://arstechnica.com/gadgets/2019/03/how-microsoft-found-a-huawei-driver-that-opened-systems-up-to-attack/" rel="nofollow">https://arstechnica.com/gadgets/2019/03/how-microsoft-found-...</a><p>This company does not give a fuck about security, even when they are under scrutiny. It isn't the "Chinese hackers" I'm afraid of, but rather normal blackhats and greyhats exploiting this cornucopia of vulnerable software to our detriment.