Slashdot Mirror
Lenovo Under U.S. Probe for Spying
BigControversy writes "The DailyTech has a report indicating that Lenovo, the giant Chinese PC manufacturer, is under a probe by the U.S.-China Economic Security Review Commission (USCC) for possible bugging. Apparently, the government has ordered 16,000 PCs from Lenovo but is now requesting that Lenovo be investigated by intelligence agencies. The fear is of foreign intelligence applying pressure to Lenovo to equip its PCs so that the U.S. can be spied on." From the article: "Despite the probe, Lenovo says that its international business, especially those that deal with the US, follow strictly laid out government regulations and rules. Lenovo also claims that even after purchasing IBM's PC division, its international business has not been affected negatively. Interestingly, in an interview with the BBC, Lenovo mentioned that an open investigation or probe may negatively affect the way that the company deals with future government contracts or bids." There just has to be better uses of our intelligence community's time.
Isn't this the perfect use of our intelligence community? I think this is a very valid threat from a community like China who has been known to have spies in the US at all times. (Not saying we don't spy back, but that's the game!).
A lot of federal agencies have policies about using foreign hardware/software for reasons just like this. Go USA!
We have a crapload of good PC Manufacturers here in the states, and our government instead orders 16,000 PCs from a Chinese manufacturer?
{} ------ When I think of a good sig, I'll put it here
The fear is of foreign intelligence applying pressure to Lenovo to equip its PCs so that the U.S. can be spied on."
Should read:
The fear is of the Chinese Trade Gap widening further
Fixed! (Its a joke for the humour impaired)
My pics.
...why did they order the PCs from China in the first place? Didn't they know that their attempt to save a buck might end up in future unforeseen costs?
Next time, but from US manufacturers! Let this be a lesson learned.
He who knows best knows how little he knows. - Thomas Jefferson
They must have pre-loaded them with Microsoft Windows.
Better use of intelligence time? This should be taken damned seriously. Have a look at PROMIS and tell me this is a benign subject..
This isn't much different than the Chineese Governments fear of backdoors placed in M.S. Windows by U.S intellegence. The shoe is on the other foot now.
On the one hand, they have a point: it would be very easy for the Chinese government to "encourage" Lenovo to plant things in these machines to allow them to spy on the US. On the other hand, given the profusion of malware, keyloggers, Trojans, and such, the Chinese government could already be spying on the US without having to go to such extraordinary lengths. Frankly, it's too obvious to be credible.
GetOuttaMySpace - The Anti-Social Network
How do you figure? Isn't this what they should *actually* be doing, so we make rational decisions instead of using kneejerk racisim to eliminate foreign business? They should investigate, so we can base decisions on facts for a change.
Hmmm, with so many goods coming from China these days, your TV and DVD player may be spying on you too, or in the near future, especially with the growth of home networks. Seriously, trying to buy any kind of electronics that don't come from China is getting harder and harder. Do it yourselfers aren't much safer, afterall, would anyone notice if the network chip on that Chinese made motherboard have some extra functionality? My, isn't paranoia fun?
To the making of books there is no end, so let's get started
They spy on us, and we spy on them. Nothing new.
The only thing is now they're worried that the Chinese gov got a PC supplier to fiddle with their product. Maybe not all, just 1 out of 100 or something.
Do I think China did this? No.
But it's pretty much the job of intelligence agencies to be paranoid.
And you didn't install the OS yourself from something "known good" (or at least believed good, like a generic windows install CD bought at best buy or your other favorite local rip-off shop) you're an idiot.
Beyond that, by talking about it, you've given "the enemy" information on how your IT practices work: you pretty obviously don't use ghost or any similar sort of mass deployment software. (yes, I realize that for laptops with all their custom crap it doesn't work as well. Still, a place I worked as a summer intern used to do it back in the 96-2000 era on IBM thinkpads, so...)
Security by obscurity? Sure. That is all your password is, after all too, it (sec by obs) isn't strictly a bad thing.
Slashdot Patriotism: We Support our Dupes!
Any built-in addition features in the hardware, the bios or
even the preinstalled operating system would be immediately
detected and destroy the entire PC business of Lenovo abroad.
After all, it'd be so easy to find a PC that didn't have any components made in China. Where's the sarcasm tag? :-)
About time we started puting some of that security-conciousness into effect. Honestly, I think any foreign manufacuterer of devices with data logging capability should be HIGHLY suspect from the get-go.
Cliff Claven
K.E.G. Party Chairman
Founding Leader of: Koncerned for Egalitarin Governance
While there's a good chance this probe will find nothing, espionage is still alive and well. The world as not nearly as peaceful as we'd like to think it is. Have you ever seen xray photos of electronics with bugs embeded in them? They do exist.
The USCC is an organ of the US Congress. These are the members. If I understand correctly, they are all politicians. Chinese do things cheaper than Americans, American politicians whine so they look like they are against outsourcing, then they buy happily.
Seriously, bugging thousands of PCs to get intelligence? Give me a break. Intelligence is not just about getting information, it is also about not getting caught and leaving no evidence. Thousands of PCs trying to send coded messages to Beijing would ring a bell even at the Department of Homeland Security. It's much simpler and safer to buy or blackmail a politician or an employee to provide information.
Victims of 9/11: <3000. Traffic in the US: >30,000/y
There just has to be better uses of our intelligence .
WHY ???
You dont think the Chineese would do this ?
Does anyone remeber our com plane and its pilots ?
The Chineese wouldnt even think twice about doing something like this. They would do it hands down.
Shit WE would do it, and we did, look at all the games we played with the russians, bugged photocopiers for example.
You seem like a plant , or a way to trusting soul to be on slashdot
Dell, HP, IBM, Apple, and many, many others are most of the time built right next to each other in China. I'd be willing to bet there isn't a single computer where every piece in it is made in the USA, or a US Friendly country (friendly by my definition = NATO)
As a rock-in-roll Physicist once said, No matter where you go, there you are.
After basically ignoring the fact that Hughes transferred critical missile technology to China, NOW the government is worried about a few PC's used to spy on us?
All the Chinese have to do is pony up a few bucks to any greedy US corporation and they can get the data much easier!
I'm surprised that more foreign goverments aren't calling for similar investigations of US-based suppliers of IT resources to other goverments. This move, even if justified, seems to take things in a bad direction for all.
Anyway, wouldn't outsorcing to other countries have some similar exposures?
"We are all geniuses when we dream"
- E.M. Cioran
Given the concern expressed by the US in starting this investigation, should the Chinese government be as concerned with US software? What would be the reprecussions of the Chinese government investigating US software companies for possible spying?
I mean, look at what they've been up to:
i _Rocket_Boosters_Batman-esque_armor_plating_
:P
http://digg.com/technology/_Help_me_Obi_Wan_Kenob
At best they've been spying on Bruce Wayne, Clark Kent, and Obi-Wan. Down with the bastahds.
Karma: Chameleon (mostly due to the fact that you come and go).
Hell, no doubt even Canada has a few.
Xenophobia.
I have nothing further to add, because that word sums it all up. While there are valid threats against the USA and in the intelligence community there are measures to tap into restricted data, they are NOT going to mess with PCs for fuck's sake! If someone has high security requirements that entity is not going to buy from a consumer level shop ANYWAY.
Geez.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
Your goverment spends your taxmoney on PC's from a evil-communist-chinese company instead from a probably-little-more-expensive US company and now your goverment spend again your taxmoney to investigate if that chinese company can really be trusted?
I think that is even more funny than that BS our (german) goverment is doing... (taxation of annuity... cuttung annuity by 50% if you can't afford children... blablabla...)
Thank you, Slashdot! This really made my day!
Look, it's likely that the Chinese really are out to get us. Infiltration through industrial means is a common, time honored practice. Any good patriot would be happy to do a little service for his government, especially if there isn't a lot of chance of getting caught. A modified wifi driver would be pretty easy to insert, say one that would transmit key data when it received a certain signal, and otherwise remained inert.
Easy Online Role Playing Campaign Management
Levono is NOT being investigated for spying or bugging the computers sold to the US Government.
The US Government is basically doing a security check on the computers they ordered to make sure there's nothing extra on those computers.
Someone got their panties all in a wad is trying to score some polipoints by being patriotic.
There really is smoke without a fire. This proves it.
In Soviet Russia, I ruled you
Nice doing! Now we all shold start investigations about US companies like Dell, HP and Microsoft, because the government of George "I can spy without judicial order" Bush can pressure them to spy on us (you know, us! that small part know by people as "the rest").
I could be way off here but would they order an evestigation if they had not found somting unusal in the newly orderd systems
If same logic applies, it would be a good chance for China to boost Huawei and its own WLAN standards
The problem with closed-source is that how would the customer even find them.
I'm shocked that the Government will buy any closed-source software from companies with employees in other countries.
Though Windows/IE takes less than an hour on average to become infected with spyware after connecting to the Net, Lenevo saves you the trouble by pre-loading it.
(A joke, not a troll)
Ok, so it's not spying. But the explosion could be detected from orbit. http://www.msnbc.msn.com/id/4394002
The world is made by those who show up for the job.
First off, they aren't under a "probe" for possible spying, despite what the article says. A "probe" would imply that somebody has reason to believe there is actually spying going on. Instead, this is a stupid "investigation" to ensure that there isn't, despite a complete lack of evidence saying there is. This is simple xenophobia, nothing more.
Do the geniuses that ordered this "probe" realize that the vast majority of components in a modern computer come from the orient? That it is VERY difficult to find a keyboard, mouse, case, or power supply that is NOT made in China? Do they know that many laptops (not Lenovo) are manufactured by Chinese-owned companies, and/or made directly in China itself?
The only thing that could be worrisome is if they had Lenovo handle the builds on the hard drives, but NO classified shop should be relying on "outside" builds anyway.
Do these folks ALSO realize that by law, no computer containing classified data may be connected to a public network of any kind? How is any "bugged" machine supposed to export the data? Osmosis? Telepathy?
SirWired
While I see the need to be wary when a major supplier could be potentially be comprimised (a good intelligence agency SHOULD be paranoid), I sense a knee-jerk xenophobic reaction here. In my limited experience with PCs at gov't agencies, they were all imaged by the local IT admins and nothing preloaded remained from the manufacturer. Any sort of spying tools would have to be in the hardware (or BIOS?).
:)
Anyone naive enough to think we can just "Buy Amuricun" (sic) obviously doesn't understand the PC market. Just my opinion.
"Build something idiot proof, and someone will build a better idiot" - Samuel Clemens
Mod Parent up. It's a vaild point and no hint of a TROLL. Just some mod abusing power.
Or since everyone is spying on everyone we just assume that.
Like it or not, we totally depend on other countries. I used to work on a military system that used tubes (valves for you brits). The tubes were no longer made in the west. The only source of the tubes was the USSR (with whom we would have been at war, if there was a war). If the third world war had lasted more than a month, we would have had to order spare parts from the Russians.
Mil Spec used to require second source suppliers for everything. That means every chip, resistor and capacitor. To do that now would require that several companies have the complete design of everything down to the last square mm of silicon. Such a policy would effectively prevent spying devices because many people would be able to examine the design. The same reason that open source is safer than Windows is the same reason that hardware designs should be open sourced (or at least second sourced).
BTW. You are absolutely right. Even friendly countries spy on each other. There was a story going around a while ago about an embassy had to be totally torn down because the local workers who built it had planted many microphones in it.
I miss the cold war. Back when hot Russian chicks seduced you into bed to trick you into giving up your national secrets. Oh wait, damn, that was James Bond :-(
The United States Government, that same stalwart agency that wanted to cap all civilian encryption at 56-bits, that wanted escrow technology built into every hardware encryption device, that prosecuted (persecuted?) the author of PGP for posting his work on the WWW - the same staunch defenders of freedom, champions of fairness and all that is good and right in the world; now they must contend with the possibility of somebody pissing in their soup!
Is it just me, or does anybody else feel the urge to shout "The circle is complete"?
Lenovo oughtta incorporate a fritz chip in all PC sales to the U. S. government - it should be tuned to permit only the manufacturer pre-loaded OS to boot, and to reject all attempts at modification of the encryption protocols. They should further lock the homepages on such machines to "www.whitehouse.com" and actively refuse to load any encryption technologies such as PGP, insisting instead that the hardware encryption kindly included by Lenovo be used for all security purposes. Of course, Lenovo would never install escrow technology on these machines, so the U. S. government should trust them implicitly.
</rant>
B. Gates.
Did any of you even read the article?
The US government didn't think there was a security issue when these PCs were built by CHINESE workers in CHINA owned by an American company - only when the manufacturer was bought by a Chinese company.
That leaves 2 options:
Either:
The USCC thinks that Chinese Spies would need permission from the company owners before conducting such an operation
Or:
The USCC is being used as a political tool for the purposes of economic protectionizm
The recent trend toward economic protectionizm in the USA has nothing to do with national security - if it did, it wouldn't be targetted at companies based in the USAs closest allies (for example, Britain).
dont hate the player, hate the game
they're worried that the laptop spies on you yet they're totally cool with running Windows.
Go figure.
Tom
Someday, I'll have a real sig.
I don't see why this is a big public story. Why did they even tell Lenovo about this.
If the U.S. is concerned (which is reasonable), then they just take a few laptops out of the shipment when it arrives and send it down to the lab to be inspected and tested. If everything is in order, pass out the rest of them.
If you do find something, then... uh... Bomb china or whatever it is we do when people piss us off. Oh, and ask for your money back.
I don't see why this should be a story, I would hope that anytime an electronics purchase is made which will involve classified data, that the devices are atleast mildly inspected before use. Especially when they are provided by a foreign country.
Big ones, small ones, some as big as yer 'ead!
Give 'em a twist, a flick o' the wrist...
This is exactly the kind of thing our intelligence communities should be getting involved in. First off, this kind of stunt would be the first thing our own intelligence agencies would try to do if the Chinese government were buying computers built by an American company on American soil. Some arm of the US intelligence community planted bugs in wine bottles and other amusing places near the UN ambassadors on the Security Council during the buildup to the Iraq War.
The Chinese practically wrote the book on espionage. For some interesting reading on the subject take a look at The Tao of Spycraft". Interesting, if extremely dry, reading if you're interested in the intelligence community. A very good look at the LONG history of intelligence practice that the Chinese government has to draw on. I got interested working in computer security when everyone else in my office was ex-mil intelligence.
And not being particularly antagonistic toward us doesn't mean anything. Back in 1999/2000, the general opinion by most of my co-workers who knew something about it was that France and Israel were the countries that were spying on us the most, with China coming in third. The only reason Britain wasn't number 1 on the list was "we already give them everything we know."
I wouldn't put it past us to try it on them, so it would be ridiculous to trust that they wouldn't try it to us too.
Most comments here focus on how great the job is that the intelligence does and how important it is to be sure that the "damn chinese" don't destroy your country...
Most of you seem to be so into this thought world that they don't realize that their great goverment is going through all this effort just for the sake of NOT buying 16,000 anywhere else than in china?
Probably they should ship the laptops to Jerry Taylor in Tuttle, Oklahoma for inspection.
Big ones, small ones, some as big as yer 'ead!
Give 'em a twist, a flick o' the wrist...
China:1,306,313,813
United States: 298,290,000
Get back to me when China doesn't outnumber the United States 4 to 1.
But seriously, what effect does declining population have on either China's stability or beligerence.
Also, what does it say when successive generations are viewed not as hope for the future but a threat to it?
...are you going to find a collection of article summaries that:
1) criticize the United States for using it's intelligence resources to protect itself from a corporation operating out of Communist China.
2) criticize the US for not using intelligence resources "_enough_" to protect its ports/borders/etc.
3) criticize the US for using intelligence resource "_too_much_" by wire-tapping potential terrorists.
Go figure.
I read
There is. You just don't hear about it.
Reading the article - it appears that there is only one company that does not use Mainland China for all or part. That is Apple.
Even Dells are put together in China! If the commies in china wanted to load something - it would already be there!
First of all I think anything installed would quickly be found and be the end of lanovo. secondly If they are going to have this kind of view then they will have to look at all brands of computers like Dell or Gateway because I bet you at least some of the parts (if not all) came from a foreign source. Personally this sounds like a bad press move by a competitor to ruin Lanovo because they make such a good product....
What they really need is a good, union created, American made, General Motors PC!
is that the government is buying windows laptops, not secure ones. it doesn't have a lot to do with lenovo.
if this is supposed to be a new economy, how come they still want my old fashioned money?
That would be the US Embassy in Moscow.
Comment removed based on user account deletion
The American government has good reason to be suspicous: they did pretty much the same with the former USSR. US intelligence services have managed to find out what the Russian were looking for and they supplied them with all the desired technologies, pretending to be smuggled out of the US.
By the late 80s the USSR started to realize that computerized equipments in key economic, military installations started to behave strangely. Some historians contribute this "technological trojan horse" as one of the main factors for the unexpectedly rapid fall of the Communist empire. Gorbachev had to realize that their major infrastructures are bugged, it was just no way to know what systems were doctored.
It's naive to think that such Communist super power, as China would not try to have an influence at Lenovo.
"...The U.S. could fear concerns that as China possesses U.S. debt, that could give China the ability to influence the U.S. financial situation."
So not only is the US being buried in debt, it's becoming more reliant on money on a potential strategic competitor. The problems of having Lenovo put in stuff to spy on the innards of the US govt is nothing compared to what could happen if they really wanted to screw us over.
Sanity.html - Error 404 not found
Mod Parent up. It's a vaild point and no hint of a TROLL.
US Intelligence: "If there is any spying to do on Americans, WE'RE the ones that are going to do it!".
What's the best place to plant an intelligence gathering device?
Hold on to your hat's for this one....
The best place to plant an intelligence gathering device is precisely where the entity you are spying on assumes that you would never place it!
Cliff Claven
K.E.G. Party Chairman
Founding Leader of: Koncerned for Egalitarin Governance
Agreed. While the government does take enormous efforts to block out these things (wireless security problems would be non-existant), there are legitimate fears. Contractors do screw up and break the rules that prohibit access to the Internet and things like that. DoHS in particular had that problem a while back with some of its security audits. One group found dozens of modems that were accessible from outside the DoHS on machines that were part of the DoHS networks.
Why is it that if someone asserts that the US might be doing the same thing with Windows and other things -- mandated back doors, master keys, etc -- they get dismissed as paranoid cranks who are just bashing the US government.
But if the Americans accuse a foreign country of doing the exact same thing with the exact same lack of evidence it's a perfectly valid security concern?
The blurb provides no proof, no belief it's happening, merely that a US agency has decided to insist this possibility be investigated based off a completely unsubstantiated, undefined HUNCH it could theoretically be happening; you know, in the abstract, maybe.
I mean, if foreign countries started looking at every single piece of exported US technology for the same thing to ensure that Uncle Sam wasn't unfairly targetting them, there would be a huge friggin' uproar. They'd claim it was unfairly infringing on trade or something.
Bah. I fail to see why the rest of the world should be expected to just simply accept US paranoia and influence, but they get their knickers in a twist over something they have apparently imagined to be a possibility.
Lost at C:>. Found at C.
read this. it's about backdoors being put in the routers. this was in 2004. given modern virtualiztion technology and large chip real-estates, the idea of hiding a hardware backdoor into a cpu is not as difficult to imagine as it once was. But of course there's plenty of other places to put stuff that would be damaging. In the bios roms, in the wi-fi, in the grpahics cards and the USB controller chips. just imagine putting a key logger in every usb handler chip. Not to hard ot imagine is it.
If my memory serves me, we pulled a similar stunt putting in a back door in some mainframe that was sold to Iran sometime in the early '80s that let us read every line of their national budget, plus a bunch of other juicy internal pencil pusher stuff. I think we even got caught at it eventually.
---
Play Six Pack Man. I
Dell, HP, IBM, Apple, and many, many others are most of the time built right next to each other in China.
However US corporations can inspect the goods returned from manufacturing, verifying that the ROMs and the installed software matches what they provided. I'd imagine they would be doing so already, due to QA and antivirus concerns. A foreign agent would need to infiltrate the US corp to alter the expected results. Plauable but more difficult than the corp and the manufacturing being in an "unfriendly" country.
Your memory does serve you. I had that in there, but I could not recall if that was common knowledge.
That slashtrolls like you are so quick with the irresponsible and inaccurate speculation? For example
"Why is it that if someone asserts that the US might be doing the same thing with Windows and other things -- mandated back doors, master keys, etc -- they get dismissed as paranoid cranks who are just bashing the US government."
Doesn't happen. You can claim otherwise, but whenever the subject comes up, there is widespread agreement that MS has most likely given the US government what it needs to gain covert access. Are you perhaps browsing at -1?
"The government grants you rights, not the other way around."-- beav007. Yes, these people really exist...
Any built-in addition features in the hardware, the bios or even the preinstalled operating system would be immediately detected and destroy the entire PC business of Lenovo abroad.
Not necessarily. They could claim that they were infiltrated by a government agent who made a substitution/alteration. It actually is plausible, the government might not want to trust management or more importantly the fewer people who know the less likely it is to leak. They could successfully argue that any corporation or manufacturing process in any country is subject to such infiltration.
Are you fucking kidding me? I'd say it is critical to secure computers in government.
The real news here is that our government is stupid enough to buy computers from China. Are we going to have Russia building our ICBMs for us now? There are just some things you have to do yourself.
Specifically, if I were them, I'd look into Lenovo's TPM implementation. The Chinese State Encryption Agency is mandating that these chips be put in be all PCs purchased for security-conscious government use. Lenovo will also be selling these on the mass market.
The question is whether or not the SEA has mandated backdoors. Since the chips are meant to be used for state purposes, I highly doubt that there's a backdoor in the chips used by China because that would make China weak to spies if someone found out the secret, and it would be difficult to fix since it's in hardware. There does exist the possibility, though, that China mandated that Lenovo make a weakened version of the chip for overseas exports. TPM chips include crypto accelerators. If these were deliberately compromised (somehow -- I'm not sure if it's technically feasable since I'm no crypto expert), then this could be an issue.
At the very least, the government needs to check to see if any hardware contains a keylogger or something else useful hidden in it to await a remote command. I'm not sure what the technical feasability of inspecting the laptops for all possible exploits is, but they're wise to do so. Espionage history is filled with examples of compromised hardware for spying and sabotage purposes.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
What are the chances that this story breaks just the Lenovo Tapes appear on line? Call me cynical but I reckon it's just part of a co-ordinated marketing campain.
Xenophobia. I have nothing further to add, because that word sums it all up. While there are valid threats against the USA and in the intelligence community there are measures to tap into restricted data, they are NOT going to mess with PCs for fuck's sake! If someone has high security requirements that entity is not going to buy from a consumer level shop ANYWAY.
...
That's terribly naive. You fail to realize that most espionage is industrial. Billions of dollars are lost due to industrial espionage, foreign countries acquire R&D info that saves them time and money, their military tech is advanced by years,
Also naive is to think that people with high security are the only target. In the real world espionage often goes for indirect info. What companies are supplying the goods and services, are their changes in orders, their production, etc. You don't have to get the general's plan for an invasion, you may only need to identify his preparations.
Why wouldn't they do the same to computers we buy?
Didn't the US do the same thing to Iraq in the months leading into the first Gulf War. But with some teletypes/printers that were sold to them. Or is this just an urban myth?
“Common sense is not so common.” — Voltaire
And you thought that the rest of the world was paranoid when they found out about the NSA Key ;-)
...to run their spyware, that is. ALL of the hardware and software vendors seem to think it's open season on the user to run whatever spyware and adware on his system they want to. To sweeten the pot, they'll even spam him a few times a week with some post-sale 'great deals' to investigate.
If the US government buys hardware and/or software for sensitive uses from ANYONE in the current wild west market without thoroughly testing it and removing all of the crap, they are totally insane. Totally.
Practically all computer equipment is manufactured in China, Taiwan, Japan or Phillipines. What's to stop them from doing the same?
They gather information on friends, enemies, potential enemies, potential friends for the purpose of advance a country's foreign and domestic policies.
Valuable intelligence can be commercial, political, scientific, or military in nature. It all depends on the goals of the organization gathering the information.
Intelligence can be gathered by methods as benign as reading a local paper from a world capital to as active as trying to bug the private office of a world leader.
The opposite mission of a good intelligence agency is counter-intelligence. To be aware that other countries want to gather intelligence and to frustrate their ability to gather information that may harm your own interests.
This is a case of classic counter-intelligence. Using imagination and saying "what if they bugged the computers when they make them?". Now you have to investigate to see is it possible, how it might be done, how it could be detected if someone did it, and find out if someone did it to us.
It doesn't matter that this is a US/China situation or a Lithunia/Bulgaria situation. All countries gather intelligence in one form or another on each other. It is good tactics to recognize new possible ways of spying on each other.
China's intelligence agencies have long placed a priority on information in the US from as many sources as possible. Based on history over the past 50 years it would be foolish to consider them our bosom pals. At best they are neutral, at worst they consider us a threat to their own existence.
If they care about being secure then they should buy gear and OS from the likes of Sun, BSD, SELinux etc.
A hardware/BIOS root kit is very doable, but Windows already has enough holes in it, so why go to those lengths if you want to spy?
Never saw that coming, eh? Imagine, Chinese company bugging computers sold to the US government. Next week, we learn that objects fall when dropped.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Did you know that there are other "American" computer manufacturers have their computers manufacture in Shanghai. I know Apple does. What of HP and Dell? Let's face it, the Chinese make our clothes, trash cans, and anything else that can be brought in an office building. To phrase a popular /. quote, "I for one welcome our Chinese overlords" and "me colloborate long time"
You don't have to be smart to use a Mac, you just have to be smart enough to buy one
This just looks like an attempt to scare US government purchasers away from the Chinese made systems. They are obviously hoping that US vendors will be able to make the sales instead.
It was the US Embassy in Moscow. Happened in the 80's, IIRC.
Best Slashdot Co
Anti immigrant, anti foreigners(Lenovo, CNOOC 18.b billion USD bid for US oil company, Dubai ports deal, Israeli attempt to by US security firm,etc etc). We're like this precisely when reports come out saying there is little savings by Americans. Foreigners are flush with cash, they are sitting on piles and piles of dollars, and they're finding dollars are harder to use.
I still maintain that as this continues this will increase inflation, USD will be the new monopoly money.
2 years and no mod points. Join reddit. Because openness is good.
...the only reason it's being done now, and against a conspicuously Chinese company, is because it's an election year. This is exactly the kind of public move that accomplishes little, but looks good to John Q Public. As others have pointed out, virtually all notebooks are manufactured in China these days anyway. And if the notebook itself isn't, some of the parts going into it are. High security agencies should be auditing new equipment anyway, so the whole thing is kind of moot. I bet you after the elections the whole bruhaha will be quietly swept under the rug.
who would be really surprised if the US Gov't was putting pressure on Microsoft to allow backdoors in WIndows to be used to spy on foreign gov'ts....
LedgerSMB: Open source Accounting/ERP
And all this time I thought the aliens were the ones doing the probing.
I wasn't intentionally trolling, merely making an observation. Fortunately, I have karma to burn.
Unrepentant, and proud of it. I still think that all US Government employees and data centers should use computers with the Trusted Computing Platform present - after all, they are right along with Microsoft et. al. in pushing this technology on the rest of us.
Use your points. I am unarmed. Mod me down and your journey towards the dark side will be complete!
/probably still wouldn't be investigated
Is it just me, or does this sound like a power grab by some obscure wanna be organization? While I agree that some review should be put in place when purchasing equipment for sensitive missions, I would imagine that there are other agencies in place to do this.
--WooooHoooo--
buy dell
To those who are pooh-poohing this story, there have been congressional white papers that document China's widespread efforts to acquire technology and intelligence. The one I read in 1998 detailed how they're using non-intelligence service channels (ie. industrial espionage, etc) to collect that information. But why is that surprising? The CIA's done similar things in the past, so thinking that China, which is expressly expansionist, would not use every means they can think of to strengthen their hand in the looming showdown over Taiwan, is pretty naive.
d f
Check out page 39 in this: http://www.defenselink.mil/pubs/20030730chinaex.p
Do what you can, with what you have, where you are.
Everyone appears to be using this to vent their outrage at the wiretapping issue. Getting back to the point of the original article, however, I'm not sure why people are against the investigation.
I guess that it isn't as widely known as I thought, but US companies (and individuals acting alone within those companies) have cooperated with US intelligence in the past. Investigating to see if Chinese citizens have behaved similarly with their government in similar situations seems perfectly logical to me.
I mean, seriously, what's the argument against it? That so many components are already made in china and a review is long overdue? That the US intelligence agencies have tapped international calls made by Americans? None of the counterarguments seem to have anything to do with the question.
Better uses of the intelligence community's time?
Like what, pray tell?
Hunting down pornographers??
who is going to pay for the investigation?
All of the stuff in this article could easily be covered under current, nevermind future DRM schemes. And Lonevo(sp?) is certainly involved in that.
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
Well, why does the phrase "'told you so" come to mind? Even if it's just an investigation, previous "investigations" of similar types resulted in one thing - the foreign country being told flatly to drop it and leave this to the US. This should be quite interesting to see when China finds itself increasingly shut out. 1.4 billion people does not make for a good lobby when you dont fulfill your end of the bargain on trade by dumping low quality goods made from slave labor on the majority of the world.
BTW, you might want to look at China as they're quite xenophobic themselves.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
One answer to this mystery: DUH! When will we learn that China is intent on stealing everything from us: our jobs, our technology, our secrets, our money?
The "xenophobia" cry, like the "racism" canard, are simply techniques to try to stifle discussion or criticism.
The cases of China spying on the US and stealing US technology are too numerous to link to, and I am sure you are well aware of them.
While this is true, accidents happen all the time. Consider that the computer might also act like a virus spreading its data to different machines... just waiting on the secured network for ONE pc to get accidently plugged into the wrong slot in the wall.
While the most important secret computer work is all done in vaults plenty of sensitive info could be spread through one accidental connection.
Pete/Petri "damn, my chainsaw is clogged with 1's and 0's again." --clyde
Population as large as China, speak better English, democracy, no history of spying or dirty play and the only country outside US where a huge majority of population has a positive view of US. http://pewglobal.org/commentary/display.php?Analys isID=1002
Better late than never. If there's no problem, no problem, which would be nice to know. If there is a problem, the US needs to react to it. Consider it an unintentional consequence of the wholesale offshoring of US (or for that matter, all of the OECD's) manufacturing to cheap labor markets. It's an uncontrolled economics experiment for a major economic power to suddenly switch to having someone else make all of their shit for them. Who knew that not only would the "market" sell the rope that hung them, they would outsource rope making to the hangman.
Looks like Clancy needs to update one of his opus', in which an agent slips the Chinese Politboro an 0wn3d laptop.
Luke, help me take this mask off
The reality is that no company that ever wishes to do serious business can spy on their customers. Lenovo is trying to make a serious business. If they're caught and burned: bye bye Lenovo, bye bye many other chinese companies. They'd never be so stupid. All they want is to make some money, and this is just a sensible precaution by the U.S. government.
Flower people and tree-huggers are so washed down stupid it sometimes makes my head hurt.
This is an example of why you dont outsource ( to another country ) a major infrastructure.. ( this also goes for war materials, oil, food, etc )
Even if the country is friendly today, that can change tomorrow and severely compromise your nation's security.
Its nice to see people are starting to wake up about this.
---- Booth was a patriot ----
Being probed, and coming out clean, is a better situation to be than not being probed and being under ongoing suspicion. Think about it. That way, Lenovo can address such issues with "we're continually being probed by the US government; that's the best guarantee you can have that our machines have no such problems!"
It also helps the business interests of the company resist Chinese government pressure to install such spying facilities, by saying that they couldn't get away with it because they're constantly being probed.
It is madness to think that the Chinese government wouldn't try such a thing if they could get away with it. Any government, including the US government, would try it; it has nothing to do with paranoia against evil Communists.
To the extent that Lenovo is, and wants to be perceived as, a reputable company, Lenovo should welcome the probing.
Look at the Japanese.... no one can sell electronics to them except Japanese.
Really? Sony will be glad to hear that it no longer has to try to compete with iPod.
The US free market: two halves of a government-granted duopoly are free to set the market price.
>BTW. You are absolutely right. Even friendly countries spy on each other. There was a story going around a
>while ago about an embassy had to be totally torn down because the local workers who built it had planted
>many microphones in it.
That wasn't a "story going around", it was the new U.S. Embassy in Moscow, which was to be built (on Soviet insistence) with Russian labor and materials. The Soviets took this opportunity to build so many listening devices in the structure, that the U.S., after a security review, refused to occupy it and construction stopped in 1985. After considering tearing it down and restarting from scratch, and a 15 year wait, the decision was made to tear off the top two floors, and put on 4 new floors with US security screened labor and US materials flown in (undoubtedly at a nauseatingly high cost).
Let me hasten to add that the U.S. has also mounted its own surveillance of the Soviet embassy in Washington -- for those of you smarmy types that will reflexively post a "US does it too!" reply.
Visit the US Spy Museum in Washington, D.C....well worth the visit when you are there, and something of an eye opener for folks that think that security and intelligence are an absurd waste of time.
Feel free to google it.
[Insert pretentious and semi-clever sig here: ______ ]
Given tbe Dubya administration's track record, the whole thing just seems rather hypocritical. Yes, we need to be sure that foreign governments aren't surreptitiously spying on us, but I dare say that we (the citizens) currently face a threat on this side of the ocean that's more pressing.
Further, I believe that the wiretaps are only part of what's actually visible to the public - I wouldn't be a bit surprised if all kinds of nastiness (unconstitutonal or otherwise) continue to be uncovered. Just yesterday there was an article about the potential use of small airborne drones equipped with cameras to spy on ANY location from a stationary point in the air. What is with the preoccupation this governnment has with spying on everyone for no rationally justifiable reason? ("fer the terrists" doesn't cut it anymore - that's been done to death, and has become little more than a logical fallacy).
exactly.
Rirelobql xabjf gung EBG-13 vf gur yrnfg frpher rapelcgvba rire, ohg jbhyq lbh jnfgr lbhe gvzr npghnyyl qrpelcgvat vg???
Ports buy Ports ... danged if they didn't go out and buy computer ports. Ok got them straight now. The Chinese are now buying our SHIPPING ports. Whew. I need to get a better English to Chinese translation system. My bad sorry for the confusion.
I'm sorry, I'm to tired to be witty at the moment so this message will have to do.
Hello all:
I can't help but think along this line:
Our government probes Lenovo for spying charges. Lenovo claims, and truthfully so, that they do not bug their systems. Then, our government concludes the investigation and Lenovo goes free; no harms done, or is there?
What I don't understand is why this news made it out to the public to begin with. If Lenovo is guilty of spying, then our government wins. If Lenovo is innocent of spying, our government still wins by telling that all US customers out there that if your computer is made from China, it might be bugged and we have to investigate you on that. Seriously, if I was a big computer customer, I would think twice before buying electronics from China.
Cheers.
B. Pascal.
The "xenophobia" cry, like the "racism" canard, are simply techniques to try to stifle discussion or criticism.
I agree with you *in this case.* But not with your generalized statement. It's the favorite defense of xenophobes and closet racists. It basically asserts that no such thing as xenophobia or racism exists, so the accusation is false.
Xenophobia and racism exist. They are both quite common, and they are at the root of many far right and far left opinions.
And they should be called, just like bullshit.
If I was the chinese and I wanted to conduct industrial espionage wouldn't I target phones instead of PCs?
evil is as evil does
I figure that if enough countries band together to fight us (and, conversely, very few come to our aid) that they actually have a chance of winning, then there's probably a really good reason.
In such a situation, it's likely that we've become the new 1939 Germany or 1810 France of the world, and deserve to have our asses handed to us.
One of the biggest security risks are the switch manufacturers. Cisco in particular; but none of the big switch companies are exempt. Cisco, at the Feds insistance, has installed back doors on all their switches. It's called "Lawfull Intercept".
Cisco has an incredibly HUGE number of H1 and L1 visa people doing their development. With full access to source code. Now, the one thing India isn't is dumb. Put yourself in their shoes. Would you pass up an opportunity to have a back door into just about anywhere? I didn't think so.
So the problem isn't just the U.S. government. Businesses are far more whole-heartedly selling this country out, for a profit.
Does anyone remember when they thought Furbys were being used to spy on the US?
I'll admit that there is a possibility of all this being true, but people need to stop being complete paranoid freaks. Since when has China been "the enemy"? Korean War? Since then it's just been complete unfounded fear, ignorance, and idiocy towards a nation that isn't any more Communist than this country is Democratic.
Should've seen this coming.
Or would we? http://archives.cnn.com/2002/WORLD/asiapcf/east/01 /19/china.plane.bug/index.html
"Wow, dude, they should have bought Dell."
Dudes, all your hardware is made in China. What the hell are you talking about?
not sure xenophobic is the word for Chinese outlook. its more of, "You are all part of China but don't know it yet." Basically, 1)if you have Chinese ancestry, you are part of China. 2)Anywhere that a person of Chinese ancestry calls home rightfully should be part of China 3)If you are not of chinese ancestry but anyone in your ethnic group lives within current borders of China then all of your ethnic group should rightfully be part of by China. This covers a good chunk of the world and as their borders expand it becomes more inclusive and if China has its way the planet will be united under them eventually.
If I was the chinese and I wanted to conduct industrial espionage wouldn't I target phones instead of PCs?
Yes and no. To possibly get inside a decision making process, phones may be useful. To get "dirt" in order to coerce/blackmail, phones would seem quite useful. However phones only access a tiny fraction of the valuable data that computers have access to. Consider a company that makes the "material" that covers stealth aircraft, it might be useful to trickle out all purchase orders to chemical supply companies. Actually a more plausable scenario would be the other direction, trickle out all purchase orders at the chemical supply company and look for those from the defense contractor. The preceding is oversimplified to illustrate a point. However if you can become a supplier to a large cross section of companies in various industries collecting and mining data could provide useful info.
Having laptops with bugs is nothing compared to having major US shipping ports owned by foreign companies. I would assume hardware is checked for bugs before classified information is stored on them. This should apply no matter who the laptops are made by.
regardless of whether a country is spying on the USA or not, does it matter? I guess it might be funny if a country actually *did* think that Iraq had WMD :D :D :D :D (sorry, couldn't stop laughing) - considering the LACK of intelligence the US government has, why would they mind if anyone was spying? It's like someone in an exam cheating from the classes worst student who is destined to fail anyhow.
What the US government might be waking up to is that hardware and software that are being passed off as automatic updates, or DRM software may actually be more sophisticated examples of Electronic Warfare.
If you can back-door government computers using creative approaches (Such as music CDs),
what is to stop snooping right from the hardware/firmware level?
ThinkPads generally came with a good deal of IBM software preloaded, and the new systems probably follow the same configuration.
I remember one company seemingly had a shipment of systems with 'bad hard drives' - several dozen machines
had hard drives that went bad 6 to 8 months into service. No problem - free hard drive replacements from the supplier, you just had to mail the bad hard drives back to them.
Now that is a clever way to phish data.
Once the 'dead' drives were returned to the supplier - the data contained in them could be retrieved using hard drive hardware recovery tools.
SO if true national security is a must - some federal agency is going to have to build a computer fab in the USA - because most computer parts are made in foreign countries anyway!
Here we see the limitations of the 'global economy'. You can NOT maintain homeland security and defend the national security when all of your subsystems are built and controlled by foreign powers.
National Autonomy can only be preserved through total independence from foreign suppliers,
which is truly impossible to do in the global economy.
Too bad the USA hardly manufactures anything, anymore.
Some time ago, USA was building a new embassy compound in Moscow (during the cold war).
It was built with Russian labour.
It is so riddled with bugs that it stands unused to this day.
And you wonder why they are paranoid? You are talking about machines that will process EVERY SINGLE document.
Sounds like a perfect line of attack from China's point of view.
"Cats like plain crisps"
The title for this story is misleading. Wether or not the author intended, it seems to imply that the US government is responding to spying actions.
that different people have different opinions.
This is a community based site on the internet after all.
http://www.sse.com.cn/sseportal/en_us/ps/home.shtm l
Such a policy would effectively prevent spying devices because many people would be able to examine the design.
Spying devices are not documented! When things like this are done, a select few people from a supplier are dragged aside to make a modified version of the product. Having access to the drawings for the original, unmodified product does nothing to prevent this.
The ONLY way to tell is to tear the actual product apart, having two vendors and lots of documentation does nothing to help with this.
Life is too short to proofread.
Remember, US will do anything to start a war, and to me looks like they have been trying to get one with China off and on for a few years. Docestic foreign policy, I guess it's called. Anything to take the electorate's mind off the local scene, and unify them against the external threat, or so the theory goes.
This is the first thing that I've heard that makes sense out of IBM selling it's huge and profitable PC Division, which as demonstrated by this event, makes a bunch of stuff that the US military rely on heavily, and have for years.
I can't think why the US would put themselves into this situation, unless for the reasons I outlined in the first paragraph.
The first few messages by the first few trolls only show how effective such a strategy can be. I wonder if those top postings are maybe plants?
Anyway, China is big enough to look after itself, and I think the US Govt know they can't actually get into a war with China, but the publicity still achieves the purpose. Works every time. Some of the people, all of the time, right guys?
Not that I find it unlikely that Lenovo should do this or that the Chinese intelligence services may find it attractive to have this kind of access to Computers in the US; but I doubt it would be all that effective. You have too little control over where these machines end up, for one thing.
The sad fact is that all governments spy; of course China spies on the US and countries in Europe. The US has spies both abroad and at home - we all know that it happens, and instead of giving howl of righteous outrage, we simply have take this into account.
I mean Duh!