As far as I can tell, the concern with Huawei is not that their phones have some kind of obvious backdoor, but that the Chinese government has Huawei's private keys and can load arbitrary software on their phones, something the Chinese government uses sparingly to attack targets they don't like. And not just phones, their switches, routers, base stations, and other gear - in that case used to eavesdrop on cellular voice traffic around the world.
Even if Huawei didn't do this willingly the Chinese government doesn't operate by open rule of law. If the Party decides they will comply then they will comply. No news outlet will report on it. Social media will be censored. None of us in the west will ever know. There is no court to appeal to because the courts are under the thumb of the Party. Huawei is required to hire Party members as employees - Huawei leadership might not even be aware of it for plausible deniability reasons.
This is the direct result of the State apparatus that the Party in China has built for itself. They can cry all the rivers they want about Huawei; it's their own fault. Even if nothing nefarious is going on the suspicion alone has a huge impact.
To address the whataboutism: The whole issue around NSA revelations is entirely because that sort of thing isn't supposed to be possible in the USA (and nominally wrt NSA is only supposed to be valid when it involves foreign individuals). Individuals and companies regularly challenge government over-reach so there are at least some checks and balances, even if they aren't as strong as we'd like. Apple can choose to fight a court order. Trump's executive orders can be blocked.
Now imagine a new story claiming someone sued to block Xi Jinping's executive order in China. Such a scenario is absolutely laughable.
There is a difference between China and the West. To pretend they're the same is to pretend a bicycle is identical to a semi. They're both methods of transportation with wheels that carry cargo but there is a wide gulf in practice.
edit: As for the Supermicro story, who knows. The attack is certainly theoretically possible. Whether such an attack took place is another matter and so far no one has provided a tampered board as evidence.
The only way to be reasonably sure it isn't happening is to sample the final product, tearing down every individual component to verify everything (down to the traces on boards and gates on chips). That's a lot of work, expensive, and time-consuming. Most manufacturers probably don't bother. That applies regardless of where the product is assembled unless your own factories are producing every single component.
Even if Huawei didn't do this willingly the Chinese government doesn't operate by open rule of law. If the Party decides they will comply then they will comply. No news outlet will report on it. Social media will be censored. None of us in the west will ever know. There is no court to appeal to because the courts are under the thumb of the Party. Huawei is required to hire Party members as employees - Huawei leadership might not even be aware of it for plausible deniability reasons.
This is the direct result of the State apparatus that the Party in China has built for itself. They can cry all the rivers they want about Huawei; it's their own fault. Even if nothing nefarious is going on the suspicion alone has a huge impact.
To address the whataboutism: The whole issue around NSA revelations is entirely because that sort of thing isn't supposed to be possible in the USA (and nominally wrt NSA is only supposed to be valid when it involves foreign individuals). Individuals and companies regularly challenge government over-reach so there are at least some checks and balances, even if they aren't as strong as we'd like. Apple can choose to fight a court order. Trump's executive orders can be blocked.
Now imagine a new story claiming someone sued to block Xi Jinping's executive order in China. Such a scenario is absolutely laughable.
There is a difference between China and the West. To pretend they're the same is to pretend a bicycle is identical to a semi. They're both methods of transportation with wheels that carry cargo but there is a wide gulf in practice.
edit: As for the Supermicro story, who knows. The attack is certainly theoretically possible. Whether such an attack took place is another matter and so far no one has provided a tampered board as evidence.
The only way to be reasonably sure it isn't happening is to sample the final product, tearing down every individual component to verify everything (down to the traces on boards and gates on chips). That's a lot of work, expensive, and time-consuming. Most manufacturers probably don't bother. That applies regardless of where the product is assembled unless your own factories are producing every single component.