Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Best Practice: Travel Light To China

timothy posted more than 2 years ago | from the micro-sd-in-dental-work dept.

China 334

Hugh Pickens writes "What may once have sounded like the behavior of a raving paranoid is now considered standard operating procedure for officials at American government agencies, research groups and companies as the NY Times reports how businesses sending representatives to China give them a loaner laptop and cellphone that they wipe clean before they leave and wipe again when they return. 'If a company has significant intellectual property that the Chinese and Russians are interested in, and you go over there with mobile devices, your devices will get penetrated,' says Joel F. Brenner, formerly the top counterintelligence official in the office of the director of national intelligence. The scope of the problem is illustrated by an incident at the United States Chamber of Commerce in 2010 when the chamber learned that servers in China were stealing information from four of its Asia policy experts who frequently visited China. After their trips, even the office printer and a thermostat in one of the chamber's corporate offices were communicating with an internet address in China. The chamber did not disclose how hackers had infiltrated its systems, but its first step after the attack was to bar employees from taking devices with them 'to certain countries,' notably China. 'Everybody knows that if you are doing business in China, in the 21st century, you don't bring anything with you,' says Jacob Olcott, a cybersecurity expert at Good Harbor Consulting. 'That's "Business 101" — at least it should be.'"

cancel ×

334 comments

Pot calling kettle. (2, Insightful)

Anonymous Coward | more than 2 years ago | (#39017963)

Read the subject line.

Re:Pot calling kettle. (0)

Cornwallis (1188489) | more than 2 years ago | (#39017975)

Exactly.

I'm much more worried about how the U.S is allowing drones to be used by police agencies in this country to spy on us, etc., etc., etc.

Re:Pot calling kettle. (5, Insightful)

jimbolauski (882977) | more than 2 years ago | (#39018105)

Exactly.

I'm much more worried about how the U.S is allowing drones to be used by police agencies in this country to spy on us, etc., etc., etc.

I'm sure if you were a major stakeholder in a company with valuable IP, that had business with China you would have a different attitude. The reason you don't need to worry about either is because you don't have any IP of worth that the Chinese want and you are not doing anything illegal. I'm not saying either is OK, just that jet fuel is expensive and following your every move is not worth their time, and how exactly can a drone invade your privacy any more then a manned plane?

Re:Pot calling kettle. (2, Insightful)

TheEyes (1686556) | more than 2 years ago | (#39018431)

Exactly.

I'm much more worried about how the U.S is allowing drones to be used by police agencies in this country to spy on us, etc., etc., etc.

I'm sure if you were a major stakeholder in a company with valuable IP, that had business with China you would have a different attitude. The reason you don't need to worry about either is because you don't have any IP of worth that the Chinese want and you are not doing anything illegal. I'm not saying either is OK, just that jet fuel is expensive and following your every move is not worth their time, and hquipow exactly can a drone invade your privacy any more then a manned plane?

Saying you don't have to worry about surveillance because you're not doing anything illegal is something like saying you don't have to worry about being shot because one of your legs is artificial. There are so many problems with being able to be put under surveillance by anyone who can flash a badge, or can fake it sufficiently to get away worn it, that concealing potentially illegal activity is almost trivial.

We Americans need to stop this live affair we are having with arbitrary privacy invasion, both by the government and private companies; if we keep it up we might someday be as bad as China is today.

Re:Pot calling kettle. (5, Insightful)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#39018517)

how exactly can a drone invade your privacy any more then a manned plane?

Lower cost. Virtually all of your privacy(especially if you are just Joe Sixpack) isn't protected by some fancy set of 'rights' or a 'judicial system', it's protected by the fact that watching you is too expensive to be worth the likely results.

The cheaper surveillance gets, the further down the food chain you can expect it to go, and the more frequent(and effective, unlike the grainy camera at EZ-mart that has been recording over the same grungy VHS tape since 1997...)

Unless surveillance has some atypically wonky demand curve, which doesn't seem to be the case, lowering the price will increase the amount done.

Re:Pot calling kettle. (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#39018139)

Fat women: what a waste of a perfectly good vagina!

P.S. Dear black men: if you quit knocking them up, Nature will take care of things. Don't fuck fat chicks. Have some self-respect and use your hand instead.

At a store I saw this fat heiffer who was close to 300 pounds. She had two kids. Would you be shocked and amazed and surprised to discover the kids were half black? Neither was I.

Re:Pot calling kettle. (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#39018249)

"At a store I saw this fat heiffer who was close to 300 pounds. She had two kids. Would you be shocked and amazed and surprised to discover the kids were half black? Neither was I."

You are not speaking of black men, you are speaking of niggers.

Anyone with a brain, especially intelligent black people, knows the difference.

Re:Pot calling kettle. (-1)

Anonymous Coward | more than 2 years ago | (#39017991)

The kettle is definitely a darker shade of black.

Re:Pot calling kettle. (2, Funny)

Anonymous Coward | more than 2 years ago | (#39018109)

I see the Chinese shills are on the job here at /. as usual. You get a cup of tea and a biscuit for being so diligent and getting at FP!

Re:Pot calling kettle. (1)

Anonymous Coward | more than 2 years ago | (#39018241)

So thinking of US of A as anything else but the land of the free and home of the brave makes me a chinese shill?

Really?

Re:Pot calling kettle. (2, Interesting)

Anonymous Coward | more than 2 years ago | (#39018365)

No, it's more the whole "err teh us is evler thn evrybdy else!!!!" drivel. Nobody does espionage like the Chinese, and you know it. Hell, it was a joke at an old job, go into china, turn your phone on, and watch it light up for a good 20 minutes while they downloaded the entire contents of your phone. Oddly enough, I've never seen that happen when I re-enter the US. The US isn't sneaky about it, they just confiscate what they want.

Throw in stuff like how hwawei equipment is banned for deployment in the US, as well as India and several other countries, and at some point, even the biggest idiots amongst us have to start admitting that saying china gets a pass because the US does bad stuff too is sort of like saying hitler and stalin weren't so bad because Teddy Roosevelt liked to hunt.

Re:Pot calling kettle. (5, Funny)

1s44c (552956) | more than 2 years ago | (#39018259)

pot calling kettle

My cooking pots are stainless steel. My kettle is likewise stainless steel. Nether can talk and as far as I'm aware nether has racist tendencies.

It's time that whole pot/kettle thing was just forgotten about.

I wonder... (5, Insightful)

Anonymous Coward | more than 2 years ago | (#39017965)

...if people traveling from Russia or China to here are told the same thing?

Re:I wonder... (1)

Lehk228 (705449) | more than 2 years ago | (#39018167)

if they are smart they are. and between russia and china too.

these days we are all frienemies

Re:I wonder... (3, Interesting)

vlm (69642) | more than 2 years ago | (#39018181)

...if people traveling from Russia or China to here are told the same thing?

1) Our security forces focus exclusively on taking peoples shoes off, punishing them for traveling by irradiating travelers, and molest traveling women and children. Definitely the laughingstock of the world's security and customs personnel.

2) Russia occasionally innovates something worth stealing (occasionally...) but China never innovates. Individual Chinese visit the US to go to research colleges etc and innovate, but nothing comes out of China worth stealing. Other than plots to put melamine in baby formula and lead paint on kids toys, can anyone think of anything they've done that the west wants that isn't just copying the west? Also what would we do with something we stole from them, outsource it right back to them anyway? Russia is corrupt enough that nothing happens there that isn't at least tangentially involved in organized crime, so if you stole a "whatever" from them, you can safely assume you'll and/or your family will end up dead, which is in some ways better than our IP system and in some ways worse.

Re:I wonder... (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#39018219)

The Chinese never innovate? I'm British, but that's utter rubbish.. The Chinese are responsible for many inventions but just take the 4 "papermaking, the compass, gunpowder, and printing (both woodblock and movable type)" and you have pretty much the basis for modern society to grow from. But yeah, they probably stole those from someone, because, you know, they're all thieves.

http://en.wikipedia.org/wiki/List_of_Chinese_inventions

Re:I wonder... (2)

Theophany (2519296) | more than 2 years ago | (#39018293)

True, but they do rip off an inordinate amount of IP too.

As much as I like my woodblock printing set, there's only so much goodwill such inventions get before I get pissy about my Ray Ban Wayfarers being Chinese fakes.

Re:I wonder... (2)

lorenlal (164133) | more than 2 years ago | (#39018429)

Fine.

Add "Since the Maoist revolution," to the statement and then dispute. I'm a huge fan of tea, monks who can whoop some arse, and even some of the old music... but I'm not a fan of their current operating procedure.

Re:I wonder... (1, Interesting)

1s44c (552956) | more than 2 years ago | (#39018421)

1) Our security forces focus exclusively on taking peoples shoes off, punishing them for traveling by irradiating travelers, and molest traveling women and children. Definitely the laughingstock of the world's security and customs personnel.

Commiting minor sexual assult as a matter of routine isn't considered a laughing matter in most countries, it's considered sick.

2) ...China never innovates...

That's the pro-US point of view is it? Who do you think has been supporting the mighty US empire with loans for the last few decades? Who does the US now owe more to than it could ever hope to pay back?

Off the top of my head china invented gunpower and fireworks, paper money, the use of iron, and china ( The stuff cups are made out of ).

Re:I wonder... (0)

stanlyb (1839382) | more than 2 years ago | (#39018345)

You have not been bare striped at the US of A airports??? Man, you missed such an excitement.....

A good start (5, Insightful)

gtvr (1702650) | more than 2 years ago | (#39017979)

Good to see companies waking up to a very obvious threat. Next will be if they can figure out that sharing IP for a little bit of extra market share over there is NOT a good long term investment.

Re:A good start (1)

Younggeezer (2547956) | more than 2 years ago | (#39018043)

...and this sort of thing is why the company I work for has expanded in India, but has frozen headcount in China. If I were running the zoo we'd be gone from China.

Re:A good start (1)

El Torico (732160) | more than 2 years ago | (#39018169)

I'm considering starting a business; one of its cardinal rules will be "We don't do business with China." I'll blackhole/block every prefix for that country (and several others) at our external firewall and router.

"Little bit ?" (3, Informative)

unity100 (970058) | more than 2 years ago | (#39018165)

China is 1.5 billion people. all of anglosphere and europe AND russia combined, cannot match that market. and its a growing market. not a saturated one.

Re:"Little bit ?" (0)

Anonymous Coward | more than 2 years ago | (#39018189)

Ummm ... So what.

That market is tainted. And everyone knows it.

Re:"Little bit ?" (1)

1s44c (552956) | more than 2 years ago | (#39018465)

Ummm ... So what.

That market is tainted. And everyone knows it.

Quite right, it is. But then so is every other market with government protectionism and the various taxes made up to prevent free trade.

Using less electricity is a great idea and LED lighting is a great way to do that. Have you looked at why LED lighting is so expensive? So called anti-dumping tariffs stranging free trade, that's why.

Lacks disposable income (2)

realxmp (518717) | more than 2 years ago | (#39018265)

China is 1.5 billion people. all of anglosphere and europe AND russia combined, cannot match that market. and its a growing market. not a saturated one.

China as a nation has a big GDP yes, but the per capita GDP is right down there with the Dominican Republic. There are a lot of people in China, but as a market western companies can only target the relatively small subset with relatively large disposable incomes. All of the migrant workers etc need their money to eat and clothe themselves and don't have much left over. Also you need to bear in mind that the rules aren't the same across China, some businesses are only possible in the Special Economic Zones. The other big problem is it is really hard to judge how big the market is, the only accurate figures are a state secret and that makes a lot of businesses nervous.

Re:Lacks disposable income (1)

stanlyb (1839382) | more than 2 years ago | (#39018383)

Don't forget the "...clone themselves....".

Re:"Little bit ?" (0)

Anonymous Coward | more than 2 years ago | (#39018377)

1.5 billion people with nearly every one living in poverty. You think like a typical PHB - you lose money on each sale, but think you'll make it up in volume.

Re:A good start (-1)

Anonymous Coward | more than 2 years ago | (#39018221)

I hate chinks anyway.

Why not an article "Travel Light to US"? (5, Insightful)

stm2 (141831) | more than 2 years ago | (#39017993)

Since your laptop can be confiscated legally at the border.

They Do Catch Criminals That Way (5, Insightful)

eldavojohn (898314) | more than 2 years ago | (#39018061)

Since your laptop can be confiscated legally at the border.

I'm not saying it's right for them to be able to do that but they do catch individuals engaged with corporate and even economic espionage [slashdot.org] that way. The key difference here is that it's intended to be an open action against you by US Customs whereas in China the intent is for you to never know anything happened and the key logger or stolen information being covertly used without your knowledge of who did it or even what's going on. I think one is much worse than the other but I guess that's just my opinion.

Re:Why not an article "Travel Light to US"? (5, Insightful)

N1AK (864906) | more than 2 years ago | (#39018083)

I have no intention of defending the USA's often excessive intrusions; however, as with many other issues, trying to make out that they are operating on the same level as China is misleading and counter-productive. Unless you actually have, or can provide links to a credible source showing, evidence that the US is routinely compromising the electronic devices of a vast number of foriegn visitors then you're just spreading FUD.

Re:Why not an article "Travel Light to US"? (0)

stanlyb (1839382) | more than 2 years ago | (#39018487)

Facebook, twitter, google. Do you need more evidence???

Re:Why not an article "Travel Light to US"? (1)

Anonymous Coward | more than 2 years ago | (#39018095)

Because that's the US. Do i a say, not as i do!

Re:Why not an article "Travel Light to US"? (5, Interesting)

jellomizer (103300) | more than 2 years ago | (#39018107)

Or anywhere in the world.
General rule of thumb when traveling is to always travel light and poor. The more valuable things you bring with you the more liability that you are lugging around, which may be stolen, confiscated, or make you prime bate to be kidnapped.
Sure you may be street smart enough in your area to see the difference between a criminal and an honest folk, but in a different culture you are green all over again, and prime bate. Even if you are going across the US. In the country and need assistance often you can get help from those guys walking down the street with large riffles in hand (as they are probably just hunting) for those who live in the country these people are not threatening they are just out having a good time. In the City you should avoid the guy walking down the street with a riffle.
Or up in the Northeast, People usually go straight to business with less pleasantries, down south there is more talk and gentlemen behavior. For a Northern folk if someone comes up to you and starts talking all friendly like, you get warning bells that this guys is trying to distract you. If down south someone gets straight to business this guy is just being rude and hiding information so you shouldn't trust him.

Re:Why not an article "Travel Light to US"? (0)

Anonymous Coward | more than 2 years ago | (#39018207)

s/bate/bait/g

Re:Why not an article "Travel Light to US"? (0)

Anonymous Coward | more than 2 years ago | (#39018223)

Or up in the Northeast, People usually go straight to business with less pleasantries, down south there is more talk and gentlemen behavior. For a Northern folk if someone comes up to you and starts talking all friendly like, you get warning bells that this guys is trying to distract you.

You've obviously only been to New York City and never Minneapolis.

Re:Why not an article "Travel Light to US"? (0)

Anonymous Coward | more than 2 years ago | (#39018237)

"prime bate"

Or even worse, master bate.

Re:Why not an article "Travel Light to US"? (5, Interesting)

vlm (69642) | more than 2 years ago | (#39018319)

If down south someone gets straight to business this guy is just being rude and hiding information so you shouldn't trust him.

I spent a year in the south in the 90s and the reason is people see themselves as instruments of tradition. Historically mobility was low in the south, so a simple business transaction well become a lifetime economic marriage, so there's lots of courting going on. Your GGGgrandpa and his GGGgrandpa probably served in the same civil war regiment, and in fact there probably is a distant genealogically tenuous connection between you two assuming you're genuine southern natives. If nothing bad happens, your kids might very well be expected to continue the business transaction. Also there exists a massive gossip network such that you can assume everyone is all into your business, so if they truly don't know you, they will be mystified as to what you're up to simply due to curiosity. I heard some hilarious jokes that probably only make sense in the rural south about old forgetful people simply relying on their gossip hound neighbors to remind them of stuff, like a human peer to peer network. In the go go go north economic transactions are more of a one night stand or fling at most, so no one cares what church if any you attend, or what military unit you or your GGGgreatgrandpa served in. Its an article of faith amongst the southerners I knew that tradition and reputation (both individual and familial) are extremely valuable, they believe in that about as much as their church, more or less.

Northern business transactions are like a single hand of poker. Southern business transactions are like a multigenerational game of chess or Go. Before you freak out, obviously these stereotypes are only about 75% accurate.

Re:Why not an article "Travel Light to US"? (0)

Anonymous Coward | more than 2 years ago | (#39018519)

In the country and need assistance often you can get help from those guys walking down the street with large riffles in hand (as they are probably just hunting) for those who live in the country these people are not threatening they are just out having a good time. In the City you should avoid the guy walking down the street with a riffle.

I was once bitten by a country riffle.

Re:Why not an article "Travel Light to US"? (4, Interesting)

GameboyRMH (1153867) | more than 2 years ago | (#39018121)

Yep this is a point on which it is fair to say that America is no better.

The only safe way to take devices there is to wipe your devices clean (an uncertain and damaging act on flash storage) and carry a hard drive with a deniable hidden encrypted partition (including duress key to unlock a decoy partition) containing backups of the devices. Or store the backup online (connecting with an anti-MITM system and using proper encryption of course, that means ONLY YOU have the key and there is no "recovery" option) if you have a shit-ton of bandwidth and time.

Even then they may take your hardware and do who-knows-what to it, as happened to Moxie Marlinspike's phone. Or you may just not get it back at all.

Re:Why not an article "Travel Light to US"? (5, Interesting)

ios and web coder (2552484) | more than 2 years ago | (#39018201)

Yep this is a point on which it is fair to say that America is no better.

I'm not sure I'd agree with that.
This is a case of them planting trojans on your equipment in China, then exercising that, when you get back to the US.
In the US, this can be (and I'm sure, is) done by folk like the CIA and NSA. However, folks like me don't do it. Foreigners can come to my office, exchange files and information, use my network, and even use my USB fobs with no worries that I'll plant spyware on their machines (I am quite capable of doing so, as, I'm sure, are a significant number of /. readers).
To have it so prevalent in a nation is a serious, serious indictment. The NSA does not come to my office and demand that I arbitrarily plant trojans on our partners' and customers' machines. If they did, I would fight them fang, tooth and claw.
What is happening in China is very dangerous. Not just for us, but also for the Chinese. They may think they have this tiger by the tail, but they will really be shocked when it turns around and bites them.

Re:Why not an article "Travel Light to US"? (1)

stanlyb (1839382) | more than 2 years ago | (#39018533)

What was the purpose of NDAA bill again? You don't know? Don't worry, you will, soon, or maybe not, forget it, just keep dreaming, BIG.

Re:Why not an article "Travel Light to US"? (1)

Anonymous Coward | more than 2 years ago | (#39018385)

Because that article has already been on slashdot many times.

Kind of dumb... (1)

Lumpy (12016) | more than 2 years ago | (#39018001)

Travel with a "travel phone" it's a basic phone that does not contain anything important.... EVER.. and yes, wipe it a lot, but a wipe will not help if they flashed a new firmware with spy additions in it.

I would never even think of bringing my daily phone overseas. Bring a disposable that you dont care about.

Re:Kind of dumb... (1)

acidfast7 (551610) | more than 2 years ago | (#39018059)

my daily phone is disposable. i don't need a super computer to make/receive phone calls. in addition, i enjoy being detached from the office at times.

Re:Kind of dumb... (2)

pseudofrog (570061) | more than 2 years ago | (#39018495)

Okay. Erm...good for you? Would you like a cookie?

Why do you think companies hate user's devices? (4, Insightful)

msobkow (48369) | more than 2 years ago | (#39018005)

When there are risks of company devices being hacked and used to spy on corporate data, is it any wonder that many companies still refuse to allow personal devices to be connected to the company networks?

Still, you have to wonder how much of these issues are due to poor maintenance and management of the corporate infrastructure enabling the penetrations and attacks.

I've heard of ONE incident where a penetration was actually a zero-day exploit and did not happen because someone didn't upgrade a server or change passwords after employees left the company. 25 years. A quarter century. And only ONE incident that wasn't someone's failure to perform due diligence of maintenance?

That doesn't say much for North America's corporate security policies, does it?

Re:Why do you think companies hate user's devices? (1)

Lonewolf666 (259450) | more than 2 years ago | (#39018375)

True enough, and not only in North America. At my current place of work (in Germany), there are still some XP SP2 machines around. This despite SP2 being out of support. That is trouble waiting to happen ;-)

Good practice anywhere (5, Insightful)

million_monkeys (2480792) | more than 2 years ago | (#39018017)

This has been standard practice in many places for years. And not just when travelling to China. Even if you're not working with high value information, there's usually not any justification for taking equipment full of company information abroad.

Re:Good practice anywhere (2)

jimbolauski (882977) | more than 2 years ago | (#39018199)

This has been standard practice in many places for years. And not just when travelling to China. Even if you're not working with high value information, there's usually not any justification for taking equipment full of company information abroad.

Wiping your HD after a trip to remove almost all types of malware so you don't bring anything back to the company is new, using a throw away phone so your phone can't be compromised is something new, having a thumb-drive with all your passwords on it so a key logger can't get them is something new. Not taking sensitive data overseas has been a policy for a long time but these new measures are something totally different. This is just the next evolutionary step in the battle to steal IP vs protect IP.

Hang on,,. (5, Funny)

Anonymous Coward | more than 2 years ago | (#39018023)

My T510 Came from china in the first place...

A thermostat? (1)

SJHillman (1966756) | more than 2 years ago | (#39018039)

I can see how compromising a printer could be useful if you sent back documents of everything sent to it. But a thermostat? Unless the thermostat was also bugged, I don't see what good infiltrating a thermostat would do. Or why a thermostat would be Internet accessible.

Re:A thermostat? (3, Insightful)

Captain Hook (923766) | more than 2 years ago | (#39018067)

I read it as... laptop taken to China, infected with something which then wormed it's way into all the systems it could when reconnected to the corporate network, which happened to include some network controllable thermostats.

i.e. the Chinese aren't after the thermostat, it was just part of a system which got compromised.

Re:A thermostat? (2)

vlm (69642) | more than 2 years ago | (#39018397)

Not only just another windows box, but a windows box that cannot be upgraded without violating the extremely expensive software support contract.
Seen this happen with numerically controlled machine tools, PBXs, some internet accessible "software as a service" type of apps, some weird embedded stuff I don't think I can talk about ... the stereotype is if there is an expensive support contract, that machine is gonna get owned.

Re:A thermostat? (2)

Lehk228 (705449) | more than 2 years ago | (#39018267)

a fancy thermostat and a printer would both have a web interface panel, if the firewall did not isolate those devices from outside http requests both could have been being accessed from china without compromising anything, for that matter it could have been one of their own people tried to print something while they were in china, and that put the printers address in memory with the great firewall, and chinas security guys were following up (probably automated but sometimes china will do things manually that really need not be) to check if that address was some kind of proxy system.

Re:A thermostat? (0)

Anonymous Coward | more than 2 years ago | (#39018435)

How can you a) read and post to slashdot, and b) not have any interesting ideas about why you would legitimately want your thermostat connected to your network? Or what bad guys could do if they penetrated it?

Is this news? (1)

Anonymous Coward | more than 2 years ago | (#39018041)

Since North American Telecom use Chinese made equipment from the likes of Hua Wei does this bode well at all?

Done all over the place (2, Interesting)

Anonymous Coward | more than 2 years ago | (#39018049)

This is done in every totalitarian country. For example, when David Smick [amazon.com] was in Singapore, he called home and made a comment about being dissatisfied with the hotel room provided to him. When he was picked up the next day, the person "escorting" him apologized for his hotel room not being good.

Here in the States, we're monitored under the auspices of the "War on Drugs" or Terrorism or Child Porn or what have you. When folks say we live in a free country, I have to ask, "Is being monitored being Free?" The fact that I have to show id to buy suphedrine because a couple of addicts burnt their houses down is freedom? (As an aside, I live in white trash America and there has been maybe one meth lab in my area that has been raided in the last decade. One. But yet people and the police act like there's one on every block.)

In this day and age, the tin foil hat brigade are usually right

Re:Done all over the place (1)

DigiShaman (671371) | more than 2 years ago | (#39018481)

I could see that going either way. Perhaps his phone was bugged. But think of this scenario. Imagine him never making a phone call mentioning anything about his hotel. Would it have been out of line for that same person to apologize about his room not being properly made? Perhaps one of the maids ratted out her fellow co-worker in order to earn brownie points (backstabbing is notorious in China I've been told). It could also have been SOP at a major star hotel too. As an American, one thing I've learned about China is that they are extremely kind and courteous to westerners. It's a cultural thing if theirs to treat their guests with the upmost respect. Right up until you violate their laws.

Word of advice for those traveling abroad. Keep your nose clean and you should be fine. Don't bitch or start a fight. You are a foreigner in a foreign land. Remember that!

CHICOMs (0)

Anonymous Coward | more than 2 years ago | (#39018055)

Bill Clinton's BFF!

Chromium OS (3, Insightful)

should_be_linear (779431) | more than 2 years ago | (#39018057)

For this purpose notebook with ChromeOS (or ChromiumOS) seems like good solution.

Re:Chromium OS (4, Insightful)

idji (984038) | more than 2 years ago | (#39018123)

Where Google has full access to all your data

Re:Chromium OS (0)

Anonymous Coward | more than 2 years ago | (#39018131)

Why?

Re:Chromium OS (1)

stiggle (649614) | more than 2 years ago | (#39018275)

And all your network traffic is compromised via a Man-in-the-Middle attack.

Why do you think Certificate Authorities keep getting compromised?

Re:Chromium OS (0)

Anonymous Coward | more than 2 years ago | (#39018493)

And all your network traffic is compromised via a Man-in-the-Middle attack.

Who cares? The point of the exercise is to not travel with/have access to damaging information and infrastructure. If you take a Chromium netbook that has no damaging information, it does not matter if there's a MITM snooping on your non-damaging information. The point is to have as disposable a portable working environment as possible. If that's Chromium, then go with that.

this is old news (4, Interesting)

mbone (558574) | more than 2 years ago | (#39018071)

If you travel to China, this is old news.

Yes, some businesses are beginning to require wiped travel laptops for entering the US. I have to say that I do not know anyone personally who has had laptop issues at the US border (although I know that there are some people who are on some sort of list and have them frequently). The assumption is, if you go to China, you will probably be hacked, and it's not going to happen at Customs.

By the way, in my experience Chinese firms are incredibly paranoid about this, much more so than US firms. I suspect that paranoia has some justification.

sign (4, Insightful)

CohibaVancouver (864662) | more than 2 years ago | (#39018073)

Sigh.

Cue all the "BUT THE US IS WORSE THAN CHINA!" posts. You should log off WoW and read a little on Amnesty International about China. Could the USA do much better? Absofreakinglutely - But I can tell you as a Canadian business traveller that the USA is orders of magnitude less intrusive when it comes to visitors to their country. The next time you're in China go try to surf Tibet videos on Youtube and let me know how that goes for you.

Re:sign (0)

Anonymous Coward | more than 2 years ago | (#39018137)

Yes, but the big difference is, that you can scream and plead all you want in China and nothing will change, in the US things can be changed.

Americans CAN change their country, but they don't want to. Chinese can't change their country even if they wanted to. Without some serious political maneuvering to make the regime fall, or a lot of bloodshed, that country won't change any time soon.

Re:sign (1)

X.25 (255792) | more than 2 years ago | (#39018153)

But I can tell you as a Canadian business traveller that the USA is orders of magnitude less intrusive when it comes to visitors to their country. The next time you're in China go try to surf Tibet videos on Youtube and let me know how that goes for you.

I can tell you that Chinese did not require my fingerprints and were very polite to me. Guess who was exactly the opposite?

I also don't care about watching Tibet videos on YouTube when visiting China, I don't watch them at home either.

Have fun watching Al Qaeda videos while killing time in your US hotel.

Here's a better idea- (5, Insightful)

IWantMoreSpamPlease (571972) | more than 2 years ago | (#39018099)

Stop doing businees in and with China, entirely.
Bring manufacturing and jobs back to your home country/state and improve your own damn economy. /radical concept I know.

Re:Here's a better idea- (2)

siddesu (698447) | more than 2 years ago | (#39018151)

Too bad the captains of the industry already decided it cannot work. To paraphrase the best one of them, workers in your home country/state are no longer flexible enough, smart enough and diligent enough to contribute enough to your shareholders' returns.

Also, you're not a common radical, you're a delusional and dangerous communist.

Re:Here's a better idea- (0)

Anonymous Coward | more than 2 years ago | (#39018209)

His position has nothing to do with Communism. It's more protectionist and a position I whole-heartedly support.

Re:Here's a better idea- (3, Insightful)

siddesu (698447) | more than 2 years ago | (#39018335)

His position is obviously against maximizing corporate profits. As such, it is undeniably dangerous, abhorrent, anti-capitalist and utterly unjustifiable, as I already explained. It is also very bad for you, although you probably cannot realize it now. By supporting this position, it looks like you may benefit, but this is most assuredly a delusion. And here's why.

You are a man who thinks in terms of nations and peoples. There are no nations. There are no peoples. There are no Russians. There are no Arabs. There are no Third Worlds. There is no West. There is only one holistic system of systems. One vast and immane, interwoven, interacting, multi-varied, multi-national dominion of dollars. Petro-dollars, electro-dollars, multi-dollars, reichmarks, rands, rubles, pounds and shekels.

It is the international system of currency which determines the totality of life on this planet. That is the natural order of things today. That is the atomic, and sub-atomic and galactic structure of things today.

You get up here on Slashdot howl about America and democracy. There is no America. There is no democracy. There is only IBM and ITT and AT&T, and DuPont, Dow, Google and Apple. Those are the nations of the world today.

We no longer live in a world of nations and ideologies, Mr AC. The world is a college of corporations, inexorably determined by the immutable bye-laws of of business. The world is a business, Mr AC. It has been since man crawled out of the slime.

And our children will live, Mr AC, to see that perfect world, in which there is no war nor famine, oppression or brutality. One vast and ecumenical holding company for whom all men will work to serve a common profit. In which all men will hold a share of stock.

Re:Here's a better idea- (1)

Chas (5144) | more than 2 years ago | (#39018299)

Too bad the captains of the industry already decided it cannot work. To paraphrase the best one of them, workers in your home country/state are no longer flexible enough, smart enough and diligent enough to contribute enough to your shareholders' returns.

Also, you're not a common radical, you're a delusional and dangerous communist.

Translation: They won't work for something that makes poverty wages look generous and lock themselves into a Company Store setup on top of that...

Re:Here's a better idea- (1)

jimbolauski (882977) | more than 2 years ago | (#39018297)

Stop doing businees in and with China, entirely. Bring manufacturing and jobs back to your home country/state and improve your own damn economy. /radical concept I know.

And go out of business because your competitors did not and Labor costs here 20x's higher ($0.60/hr vs $12/hr). It is quite radical and the only way it won't be is if US labor costs go down and tarrifs/Made in the US tax exemptions are used to make the US manufacturing industry globally competitive at least in the US markets.

Re:Here's a better idea- (1)

O('_')O_Bush (1162487) | more than 2 years ago | (#39018313)

That's based on the premise (that economists disagree with, btw) that bringing back manufacturing jobs *will* improve the economy.

Yes, in the past manufacturing employed a large section of the population, but during that time (50's/60's), there really wasn't such a thing as disposable incoome for the middle class. You had your tiny ranch house, your station wagon, and single TV, and scraped up what was left over for food and future hand-me-down clothes.

Nowadays we are all more affluent thanks to cheaper manufacturing overseas, and the end of that would not only make our standard of living lower, but thanks to robotics and automation (and environmental regulations), there isn't any gauruntee that anyone would be better off.

That is, it wasn't the solution 10 years ago when our economy was fine... I don't see why you think it is now.

Re:Here's a better idea- (1)

iggymanz (596061) | more than 2 years ago | (#39018497)

News for you, pal, our standard of living is dropping and now over half of the USA is lower income or in poverty. In the 50s/60s, one man with one job could have the house, car, extra income for vacations. I know, I was there.

Plenty of economists believe real wealth creation, rather than paper pyramid scams, are the key to national prosperity. Just because you choose to believe the ones that shill for the banking cartel and stock/derivatives market doesn't mean the wiser points of view don't exist.

Re:Here's a better idea- (1)

couchslug (175151) | more than 2 years ago | (#39018483)

The US exports, among other things, BMWs to China.

When Americans choose to compete, they can. Automation is the counter to "Asian hordes of cheap labor", which is why companies like Stihl can produce in the US at close to Chinese costs.

"Buy American and subsidise inefficiency" doesn't help US _GLOBAL_ competitiveness.

Misinformation (3, Funny)

Maximum Prophet (716608) | more than 2 years ago | (#39018103)

So take a laptop filled with misinformation, science fiction, and totally bogus stuff. If enough people do this, your adversary will bankrupt himself trying to figure it all out. Extra points for the size of the server farms you can get trying to decrypt output from /dev/random.

Re:Misinformation (1)

MiniMike (234881) | more than 2 years ago | (#39018443)

So take a laptop filled with misinformation, science fiction, and totally bogus stuff. If enough people do this, your adversary will bankrupt himself trying to figure it all out. Extra points for the size of the server farms you can get trying to decrypt output from /dev/random.

Why encrypt /dev/random, when you can have them working to unencrypt pictures from goatwhatever.com? Or if you don't want to have the goat pictures in the first place, encrypt a bunch of demotivational posters. Or if you want to mess with them, use steganography to embed the goat pictures in the posters.

portable devices arent so bad (1)

sl4shd0rk (755837) | more than 2 years ago | (#39018117)

Lets face it. Most companies are ill equipped to defend against compromise and it stems from people treating business computing resources like their personal equipment. Most places find out theyve been compromised by sheer accident. If the Pentagon, NSA, and US military can't keep from being owned* I think there are bigger problems to address.

  * http://www.bibliotecapleyades.net/ciencia/secret_projects2/project396.htm [bibliotecapleyades.net]
* http://www.codemysafety.com/?p=1143 [codemysafety.com]

Thermostat?? (1)

subreality (157447) | more than 2 years ago | (#39018119)

OK, I understand the point that any equipment that could have been in Mallory's hands unsupervised needs to be considered compromised, and that it will spread the compromise if you give it a chance. I totally agree.

And I understand that thermostats have IP stacks.

But what attacker then goes and compromises the thermostat? This is the Chamber of Commerce. You're not going to use the last guy turning the heat off in the evening as the time to start your black ops raid. Thermostats don't have microphones (please, please let me be right on this).

What POSSIBLE reason would you do this, with the obvious cost that it increases the chance you'll get caught?

Re:Thermostat?? (1)

vlm (69642) | more than 2 years ago | (#39018451)

Its just a windows box with PLC control software type stuff. IT might not even know about it. It might not be possible to install security patches while maintaining a valid support contract, or maybe fly-by-night-inc.com went out of business and there is no support of any type at all, at which time you pray it never breaks, and never ever touch it or change anything. IT might want you to upgrade from XP, but they're not offering a multi-million dollar capital budget to replace the entire HVAC system, and the new contractor is not going to just drop in a new controller because they know they have you over a barrel and can try to get you to spend $$$$$$$.

IF the windows box can in any way communicate with the outside world, that's how you evade the firewall. Seems obvious?

Re:Thermostat?? (0)

Anonymous Coward | more than 2 years ago | (#39018525)

I think you are looking at it wrong. The Thermostat is not a target, it's a carrier. It may not have any valuable data on it, but if it's part of the same IP network, it could certainly spread the infection. Who's to say that the shinny new thermostat that just came from China didn't come pre-infected with the Malware that then infected the rest of the "secure" environment.

What's next... (1)

ninguna (1406987) | more than 2 years ago | (#39018125)

You got to wonder when the next stage in this story will come out; that with all those computers we purchase being made in China, they have hacked the chipsets to allow backdoors for their use. Probably the only reason this hasn't happend so far is that they make too much money with the current situation and breaking into M$ computers is too easy to make such a step necessary. But the Defense department better be thinking about this!

Note. The author is selling something (1)

ebonum (830686) | more than 2 years ago | (#39018157)

That said. If you are a CEO of a major corporation, you need to be careful. That is good advice. If I was CEO of Intel, I would be just as careful in the US as in China.

Penny's Cheesecake in the rain (-1)

Anonymous Coward | more than 2 years ago | (#39018161)

Feb 2012:
=========
"Tony Bennett, who kicked his own cocaine habit 30 years ago, made a pitch for the legalization of all drugs as he reflected on the death of Whitney Houston, whose drug problems have been well documented.

"In Amsterdam they legalized drugs and it calmed everybody down," Bennett said Sunday on the Grammy Awards red carpet.

"It stopped a lot of gangsters who sneak around and get people to take drugs. Everybody gets wounded that way. By legalizing it, you won't have that problem."

The 85-year-old crooner acknowledged his call for legalization is controversial. But he said he stands by it.

"It's called the elimination of ignorance," he said. "If you do something that makes things better, why not do it immediately, whatever it is.""

- http://calgary.ctv.ca/servlet/an/plocal/CTVNews/20120213/grammy-whitney-houston-drug-laws-120213/20120213/?hub=CalgaryHome [calgary.ctv.ca]

also @:

http://wonderwall.msn.com/entertainment/whitney-houston-remembered-on-grammys-red-carpet-1666601.story [msn.com]

and from the past, Bill Hicks:

"Itâ(TM)s not a war on drugs, itâ(TM)s a war on personal freedom is what it is OK. Keep that in mind at all times."

"George Bush says we are losing the war on drugs. You know what that implies? There's a war being fought, and the people on drugs are winning it. Ha ha ha ha! What does that tell you about drugs? Some smart, creative people on that side."

"That's what I hate about the war on drugs. All day long we see those commercials: "Here's your brain, here's your brain on drugs", "Just Say No", "Why do you think they call it dope?" ⦠And then the next commercial is [singing] "This Bud's for yooouuuu." C'mon, everybody, let's be hypocritical bastards. It's okay to drink your drug. We meant those other drugs. Those untaxed drugs. Those are the ones that are bad for you."

"Pot is a better drug than alcohol. Fact! ⦠I'll prove it to you. If you're at a ball game or a concert and someone's really violent and aggressive and obnoxious, are they drunk or are they smoking pot? [The crowd answers "Drunk."] Wow! We all know the truth."

"It's all about money, not freedom, ya'll, okay? Nothing to do with fuckin' freedom. If you think you're free, try going somewhere without fucking money, okay? "

The lesson to take from this (5, Funny)

Blahah (1444607) | more than 2 years ago | (#39018173)

The lesson to take from this is: don't store valuable information on your thermostat.

Color Me Paranoid (0)

Anonymous Coward | more than 2 years ago | (#39018185)

A few years ago a visiting Chinese exchange student was a guest at a party at my home and I caught her sneaking out of my home office where I keep my computer running 24/7. I scanned the computer in my office the next day and found a keylogger. For the past five years my wife has told me that I was crazy to think that the exchange student put it on there.

When my wife read the story in the NY Times, she finally said "You were right."

I am convinced that the woman who brought the exchange student to my home, a first generation Chinese-American, knew exactly what the exchange student was up to and brought her to the party for that purpose.

Cheap Ralph Lauren Polo shirt outlet (-1, Flamebait)

lgxfly (2527120) | more than 2 years ago | (#39018195)

Cheap Ralph Lauren [cheapralph...outlet.com] is a noble movement, the participants often wear knitting short-sleeved sports which are derived from tennis clothing.Ralph Lauren Outlet [cheapralph...outlet.com] , making this kind of sportswear evolved into mass, this is his achievements.Ralph Lauren Polo shirt [cheapralph...outlet.com] is the successful masterpiece of modern fashionable clothing. Polo shirt on sale [cheapralph...outlet.com] store is the best place to spot cheap Polo shirt [cheapralph...outlet.com] , discount Polo Ralph Lauren [cheapralph...outlet.com] . As a matter of fact, Ralph Lauren polo [cheapralph...outlet.com] is famous for men and women Ralph Lauren polo [cheapralph...outlet.com] , for their fashion styles and high quality.

Good to see a sensible attitude (1)

golodh (893453) | more than 2 years ago | (#39018225)

I'm glad to see a sensible attitude here. As in: don't get angry (as this won't solve anything), just take adequate measures to solve the problem.

Oh, and about the Slashdot-standard post titled "pot and kettle". Their problems are no concern of us, Ok? We're trying to solve *our* problem here, not theirs.

I personally trust them to be completely up to the task of concealing whatever useful IP they might have when they come here.

Yep. (0)

Anonymous Coward | more than 2 years ago | (#39018227)

Perhaps one day we'll realize we should have kept manufacturing capability from bottom (raw materials) to top IN COUNTRY. Ah well. Since we now have to work with countries that have governments that may find themselves in opposition to ours, and depend on them for all our various tech products, well... I guess we're screwed, since there's no way I can know if my computer's chips are secretly radioing home to Thailand or China or Taiwan or Waitan, or wherever. Guess that means I daren't use my computer for anything I don't want others to know about.

Or... I keep a second computer that never attaches to a network, and keep all my secret stuff on that, and use my internet connected computer to do stuff involving the outside world. I also should keep the secrets machine in a Faraday cage, complete with a completely isolated power system about which nothing could be inferred from without, i.e., it's powered by batteries which are swapped out for charging so there's no way to tell what I'm doing with it by looking at power consumption over time... etc.

Or... I don't need to do anything like that anyway, so I don't worry about the whole problem myself anymore than I worry about the possibility of getting hit in the head by a meteorite while typing on my com... OWWWW! WTF?!? I think a meteorite just... owwwww....

There can be only one (1)

concealment (2447304) | more than 2 years ago | (#39018229)

China, Russia, or the USA: which is the next great superpower?

The EU is sitting this one out.

There can be only one superpower, or we're in a state of global cold war like in the 1980s.

So who will it be?

effective countermeasures? (0)

Anonymous Coward | more than 2 years ago | (#39018243)

So...the Chinese can install "key-logging software" (not just hardware) but they can't install software to read screens, capture clipboard data, or traipse through storage devices? (FTA: He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive. He never types in a password directly, because, he said, “the Chinese are very good at installing key-logging software on your laptop.”)

my roommate is from China (0)

Anonymous Coward | more than 2 years ago | (#39018257)

I guess it goes without saying that his laptop is even now trying to steal my chem 201 notes.

Firmware (1)

EmperorOfCanada (1332175) | more than 2 years ago | (#39018379)

Did they wipe their firmware? Personally I would bring a burner phone and laptop. Take devices that are about to be retired and dispose of them upon returning.

A noodled firmware would allow the bypassing of any level of HD encryption.

Also assume that the devices are hacked the moment you board the plane. Keep the important bits in your head and don't tell them to the sexy lady who finds you so interesting.

Might as well leave the door unlocked... (1)

Anonymous Coward | more than 2 years ago | (#39018419)

Now a good question would be -- yet again -- why do people connect everything to the internet? It just opens them up to attack. Have an intermediary between the internet and important systems to protect the more important computers and technology from external control. This is something I'm yet to see in even the most sophistocated systems. The fact is, you need the internet for a few things, not everything, and there are computers containing secure information which can (and should) be isolated rather than connected to the internet. Otherwise, when your toaster starts spitting out toast with angry kanji burnt into it, it's your fault and yours alone for connecting the damn thing to the internet...

TSA confiscates stuff (0)

Anonymous Coward | more than 2 years ago | (#39018469)

Pot Kettle Black

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...