Forgot your password?
typodupeerror
China Portables Security IT

The Trouble With Bringing Your Business Laptop To China 402

Posted by Soulskill
from the laptops-are-the-panda's-favorite-food dept.
snydeq writes "A growing trend faces business executives traveling to China: government or industry spooks stealing data from their laptops and installing spyware. 'While you were out to dinner that first night, someone entered your room (often a nominal hotel staffer), carefully examined the contents of your laptop, and installed spyware on the computer — without your having a clue. The result? Exposure of information, including customer data, product development documentation, countless emails, and other proprietary information of value to competitors and foreign governments. Perhaps even, thanks to the spyware, there's an ongoing infection in your corporate network that continually phones home key secrets for months or years afterward.'"
This discussion has been archived. No new comments can be posted.

The Trouble With Bringing Your Business Laptop To China

Comments Filter:
  • by dtmos (447842) * on Tuesday December 04, 2012 @08:37PM (#42186713)

    The other -- and, I would submit, more important -- reason for not taking your business laptop to China (if you're from the US) is US export control laws. The definitions of "export" and "controlled technology" have been so generalized that it is an even-money bet that the laptop of a given technologist contains information that, were he to travel to China, would result in at least a technical violation of the law -- and the penalties are severe.

  • by ZorinLynx (31751) on Tuesday December 04, 2012 @08:44PM (#42186771) Homepage

    Considering these laptops are for the most part manufactured in China anyway, how does bringing them back there in anyway give China access to any "controlled technology" they don't already have?

  • Re:encryption (Score:3, Interesting)

    by able1234au (995975) on Tuesday December 04, 2012 @08:44PM (#42186783)

    Encryption but to be extra paranoid, don't bring a laptop. You need to assume that there will be spies on your own payroll. Someone supplementing their pay and being patriotic at the same time. Paranoia is a good thing. Encryption is critical but don't assume it is a magic bullet. If they video or capture you typing in your password then you will have a false sense of security.

  • throw away laptops (Score:5, Interesting)

    by lophophore (4087) on Tuesday December 04, 2012 @08:56PM (#42186887) Homepage

    Any serious exec is going to use a throw-away laptop for travelling to China. A $400 special will keep you online abroad, and then it can be destroyed as a business expense. Cheap insurance against hacking.

  • Industrial espionage (Score:4, Interesting)

    by Taco Cowboy (5327) on Tuesday December 04, 2012 @09:02PM (#42186947) Journal

    I travel all the time, for business.

    China is not the only country where industrial cloak and dagger stuffs happen.

    The other countries that I've personally encountered industrial espionage activities includes Japan, Korea, Vietnam, France, Italy, India, Indonesia, Egypt, Turkey, and you will be surprised, I had had similar encounters in Canada, UK, Australia, and also US of A, although not that often.

  • by Anonymous Coward on Tuesday December 04, 2012 @09:05PM (#42186959)

    Yup, that's how we deal with it. We're frequently in China to do software and hardware testing at our facilities (I work for a large US transportation company), and we have "China laptops". These are encrypted machines that are specifically loaded with the bare minimum stuff we need when we leave and immediately blown away when we get back. Installation of anything beyond the bare minimum (which is pretty much Win7 and VS2005) is strictly disallowed. Source is kept on a separate, encrypted sd card which is not to be kept in the machine, but even then it's just not that interesting. It's all internal source for package sort controllers and such, and we don't even have the ability to check code back in from these machines. It's purely for debugging and sending problem reports back home.

    There's a big sticker on them that even says "China laptop, do not connect to corporate network"

  • Re:encryption (Score:5, Interesting)

    by lister king of smeg (2481612) on Tuesday December 04, 2012 @09:07PM (#42186967)

    better yet live cd let them try installing malaware on there then, encrypt the whole drive and only use it for data storage, when chinless agents tries booting and no OS is found so he simply images you drive for later analysis let him stew for a few billion years trying to decrypt it.

  • by blueg3 (192743) on Tuesday December 04, 2012 @09:16PM (#42187069)

    If your boot software is encrypted, how does your system boot at all?

    Oh, I see, you're thinking of something like Truecrypt. So, when you boot, where does the code that knows how to decrypt your hard drive live? Why can't the attacker put the keylogger there?

  • by hendridm (302246) on Tuesday December 04, 2012 @09:18PM (#42187097) Homepage

    I've surprised by many of the countries on your list.

    Can you give some examples of what you've observed that we non-travelers might find surprising/interesting?

  • Re:encryption (Score:5, Interesting)

    by Qzukk (229616) on Tuesday December 04, 2012 @09:55PM (#42187423) Journal

    And if the laptop has a firewire port, i'm fairly certain RAM can be dumped on ANY operating system [gnome.org].

  • by AaronW (33736) on Tuesday December 04, 2012 @10:07PM (#42187501) Homepage

    As you said, France is also notorious for this sort of thing which surprises a lot of people.

  • by Minupla (62455) <minupla@@@gmail...com> on Tuesday December 04, 2012 @10:22PM (#42187613) Homepage Journal

    I have in the past provided the following instructions to an exec:

    1) Go to local computer store
    2) Purchase off the shelf hard drive with this model:xxx-xxxx-xxx - pay with local cash
    3) Purchase philips screw driver
    4) Remove HDD (more details here on how to remove a HDD) and replace with local drive.
    5) Drive over old HDD with rental SUV. Repeat until fragments. Ensure HDD platters are fragments.
    6) drop into at least 3 random trash bins in tourist areas
    7) If questioned during exit, inform them that the computer crashed and that IT had you take it to a local repair shop but it's not working still.

    Such is life in the odd world we live in.

    Min

  • by fufufang (2603203) on Tuesday December 04, 2012 @10:59PM (#42187813)

    If you use Windows, you can install Truecrypt, and change the bootloader so it shows "Operating System Not Found".

    If you use Linux, set up encrypted LVM, and have your boot partition on a separate USB flash drive, which you attach to your keyring, and carry around with you all time.

  • Re:encryption (Score:3, Interesting)

    by mikeiver1 (1630021) on Wednesday December 05, 2012 @12:19AM (#42188223)
    The wise money would go a couple of steps further. Install nothing more than a plain jane out of the box live Linux CD image. Boot the thing and store/work out of a fast USB thumb drive on which all data is encrypted with the latest and greatest super kick ass encryption and a key that is very strong. You take the USB key with you around your neck. For extra points you could have the OS start the camera and record upon boot as well as screen capture every few seconds to the HDD unless a special key combo is used to shut it down.
  • Full disc encryption (Score:2, Interesting)

    by Anonymous Coward on Wednesday December 05, 2012 @12:56AM (#42188469)

    I work for a major multi-national corporation with big interests in China. Every transportable computer in the company has strong full-disc encryption installed by default, and NO ONE is allowed to divulge the ID/password required to boot it. If you are going to travel internationally, you back up your system before you leave. If some border agency demands the keys to your kingdom, you give them the laptop, but not the keys. Then the company ($40+B and major presence in every country) will bang on a few heads until the system is returned and some poor schlub is hung out to dry...

  • by neyla (2455118) on Wednesday December 05, 2012 @02:25AM (#42188911)

    True !

    Fun Fact

    encryption*SOFTWARE* was classified as munitions and restricted, meanwhile free speech laws meant that printed words could very seldom be stopped.

    I was part of exporting PGP from USA legally, by way of printing the (zipped, uuencoded + checksums) source-code, mailing it physically to norway, scanning it, OCRing it and manually proofreading all lines where the checksum failed.

At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.

Working...