Tuesday, February 22, 2011

Dear Huawei: I have a solution for you!

Several of my posts have been less than positive about my trust for Chinese computer/tablet/cellphone manufacturer Huawei (just do a search for "Huawei" in the left-hand search box and you can pull up my previous epistles). It's not my nature to be "an accuser" in life, so my diatribes against Chinese and Russian individual and government misconduct have been provided reluctantly. As any who know me will attest, I always try to leave people (and companies) better than I found them. Even if it's only one meeting, I tend to throw my bread upon the waters and give my best constructive net-net assessment of their situation. I have not done that with Huawei, only hinted at solutions for Russia, and I've taken a fairly uncompromising/unconstructive line with regard to China (do the searches and you'll see what I mean).

Yes, this sinner needs to repent, starting with Huawei. The question I asked myself:
If I were hired by Huawei to help them overcome the lack of trust reported in both the US and the UK, as well as my own lack of confidence in the security integrity of their products, what would I do?
Actually, I've been contemplating that question since my very first post on you. The thought generally starts with the term, "Wow, you poor b*st*rds…" Clearly, though, what would I do to help you turn around and penetrate Western markets like they never thought possible? Assuming your quality is good, and knowing in advance that your prices will undercut pretty much everything else out there, how could you turn your biggest liability (would distrust of China's cyber goals) into your greatest asset? That concept, turning a liability into an asset of equal proportion, is something motivational speakers and so-called "life coaches" have been doing since…well…since the theme occurs fairly routinely throughout the Bible, the Torah, and even the Koran (probably Buddha and Lao Tse, too). So what's the answer. Three steps, gentlemen:

  1. Huawei, you must face the problem head-on. It's not good enough that you offer their source code to potential large customers. As I've said before, it's easy to hide two or three-way combination locks in plain sight. Source code doesn't make any difference. Facing it head-on means recognizing you have a problem and solving it forthrightly.
  2. Google's offering a mere $20,000 to the first CanSecWest attendee who can crack their Chrome browser is downright insulting. It certainly doesn't bespeak infinite confidence in their product. If you want to make you point, offer $1 million to the first person who can find a trap door unique to your products.
  3. Don't just make the offer, but put the actual $1 million in escrow with a trusted third party to whom you have also given the right to make the decision as to whether or not the identified trap door is legitimate. You should also make it part of the contract with that trusted third party that their decision about disbursing the $1 million must be made within a very short time. Maybe 30 days.
You won't have to spend another dollar…er, Yuan…on either marketing or advertising. The press will be staggering. Not only will everyone from major corporations to lowly consumers buy your product, but every hacker and whacker will want your product, too. You get the picture.

And even if you have to pay out the $1 million—even several times—the newsworthiness of the event and honest "Gosh,-we-really-didn't-have-any-idea,-and-that-employee-who-was-acting-as-an-agent/spy-has-been-publicly-terminated" will further instill confidence in your integrity.

This is the best I have. Yours free for the taking. Yes, because I'm basically a good guy having a little intellectual joust at your expense. But also because you have a lot of families depending upon you for their jobs and sustenance. Why not make them proud to work for such an honorable employer? Heck, you might even consider giving internal whistle blowers a bounty. Adam Smith's "invisible hand" could deliver…financial freedom.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?