Can you trust Chinese computer equipment?

Discussion in 'other security issues & news' started by Keyboard_Commando, Feb 7, 2010.

Thread Status:
Not open for further replies.
  1. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    full story here

    China bugs and burgles Britain
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    What is bad is that those business people accepted the unsolicited so called presents. Of course MI5 does not stoop to such behavior, they offer much better ones ;)
     
  3. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690

    True. I can't imagine MI5 or MI6 are any cleaner ethically than the Chinese secret services.
     
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Nor is the CIA, NSA or any other special intelligence service. Intelligence is not a place to "play by the rules". They would never get anywhere. You think they have a tendency to foul up now? Wait until they start doing things the way (I'll use my own country as an example) Congress wants them to do it. We citizens would be knee deep in horse manure so fast our heads would spin until they flew off our shoulders and up into the sky.

    Intelligence is a dirty, downright filthy cheaters kind of game. Sometimes you have to be buddy buddy with lesser evils to get to the greater evils. It's just the way it is. As far as this equipment trusting deal, the U.S is doing it, Britain is doing it, why shouldn't the Chinese? If you've read any of my past posts, you'll know that I always say what one country is doing to gather intelligence, so are other countries. It's always been this way. Again, it is a dirty, low down game.

    Here's a question for you. We all know about the various ways our governments are eroding privacy day by day. We all know that whomever controls data, controls all. We know now about the ability to bug computer components to gather intelligence, and we know that at least one country has been proven to do it. Read over this post, and look down at your system case. Do you trust the spinning disks, the microscopic chips busily transferring data back and forth?

    I'm not asking you to run your little antimalware apps. I'm talking about playing with the big boys now. Can you say 1000% that there is absolutely nothing in your system right now that is not compromised? *Plays with his tin foil armor and winks*
     
  5. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If there is some type of backdoor in the firmware, chipset drivers etc, the only way to detect it that I know of will be to detect it's backdoor behavior. That would require monitoring all traffic in and out of that PC for an extended period. Chances are that such a backdoor would only send data when it receives a certain signal. Since most PCs are behind some form of modem/router that blocks unsolicited inbound, that signal would have to be solicited, aka, compromised web sites like Google or a service like the time servers, unless there's something that will go through a router that we're not aware of.
     
  6. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Provided the router/modem is not one of the compromised components. But yes, it would take analyzing traffic very carefully to catch this sort of thing, and home users won't have that kind of system in place...unless they are one of us Wilders members :D
     
  7. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    This is a very well known and very old concern. In fact, the U.S. government will ask for copies of the firmware in specialized hardware and the microcode of CPU's before it allows them to be used in sensitive areas. That is, they will either inspect the code with their own experts or will hire somebody to clear it. I read about a specific example of this some months back, but unfortunately cannot recall where. It seems like it had something to do with hardware used in fighter jets.

    But as for your run of the mill desk jockey at the CIA running a typical Windows box, this could be a real problem. However, the adversaries who are planting the trojans will find it difficult to predict exactly what software will be running on the machine, and this is important if one wants to awaken the trojan in the field.

    But the opposite is true too. The NSA, CIA, and probably MI5/6 are also interested in doing this to the enemy, you can bet on that. In fact I read an article about this just the other day. Quote:

    If you don't think the US military, with all of its billions of spending on the Cyber Command, hasn't already contemplated how to put trojans in hardware, then I have a bridge to sell ya.
     
  8. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    What you can trust isn't bound by borders. Who is the enemy?
    As do some big businesses and contractors sometimes a prerequisite due to contract, insurance or law.
     
  9. Dogbiscuit

    Dogbiscuit Guest

  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Call me crazy, but I do not trust hardware made by Lenovo. However, I do sometimes use software made in China, like for example Maxthon browser, Orbit Downloader and GOM Player. :rolleyes:
     
  11. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Your crazy. :)
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042

    That is letting paranoia get to you. I have a Lenovo Thinkpad tablet and it's fine. Also Samsung monitors are made in china, at least some of them.


    TO ALL. Lets back of the political stuff. This thread is on the edge.

    Pete
     
  13. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I have to agree with Peter. I trust Chinese hardware and software.
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I wouldn't automatically dismiss the possibility that new PCs being compromised at the factory, or label it as paranoid. Too much of what was considered paranoid thinking a few years ago is reality today. Ten years ago, no one would have believed that criminals would control botnet armies of over 100,000 or that they could be used to knock entire nations offline. Given the damage cyber warfare could do, I would find it very hard to believe that the military of many nations didn't sit up and take notice. In a closed or controlled society where much of the industry is under government control, what makes you think that nations government wouldn't make use of such an opportunity, with their potential enemies willingly buying the weapons that will turn on them? Spying and data theft might be the least of our problems if such a scenario is true. Think of the possibilities if new computers started launching DDOS attacks from within our own borders, possibly coming from the very infrastructure we're trying to protect. The potential consequences are too great to just call this paranoid and disregard it.

    Then we come to the operating system that's installed on this potentially compromised hardware, the one that the NSA "helped secure". The hardware spying for one nation while the OS spies for another. Throw in a few rootkits and trojans for the criminals. Anyone else need access to my PC?
     
    Last edited: Feb 11, 2010
Loading...
Thread Status:
Not open for further replies.