Slashdot Mirror
Lenovo Banned by U.S. State Department
chrplace writes "The BBC is reporting that the Chinese-made Lenovo PCs are not allowed inside secure US networks." From the article: "Assistant Secretary of State Richard Griffin said the department would also alter its procurement process to ensure US information security was guaranteed. His comments came after Rep Frank Wolf expressed national security concerns. The company Lenovo insisted such concerns were unwarranted and said the computers posed no security risk."
While Levono insists that their computers pose no security risk, we need to remember that they do run the Windows OS which is a significant hole:-) On a more serious note, this is obviously a purely political step - but why? No one with any technical savvy is going to believe that these systems pose a greater security risk, unless someone independently confirms this and demonstrates how a backdoor exists. Is a mere accusation enough to get a company dumped from secure contracts, if so I have dirt on Halliburton, KBR, CACI and a host of companies who are defrauding government agencies. Isolationism doesn't score political points the way it used to, and these are the same people that will happily defend moving jobs off shore. Who are they trying to appeal to here? There can't be that many blindly stupis people in the country ( 29%, or so, it seems)...
I have nothing to hide. So, why are you spying on me?
From TFA: This is just plain stupid. Apparently, Representative Wolf's former crusades against meth and medical marijuana no longer have the punch needed, especially in an election year, so he stirs up some ridiculous FUD about Lenovo laptops.
Never mind that the State Department would probably be wiping the default software load on these laptops in favor of its own custom software load (frankly, if they don't, they're idiots). Never mind that the State Department itself (as well as any other networks these systems will be connecting to) should be adequately protected by firewalls to prevent any unauthorized phoning-home by these systems (again, idiots if they don't). Never mind that someone at least halfway competent should be able to analyze packets exiting these systems to determine conclusively, one way or another, if they are trying to compromise security (again...well, you get the idea).
Trouble is, none of these measures will provide Rep. Wolf with the political ammo required in a year divisible by 2. By denouncing the Lenovo laptops as a 'security risk', he insures that his constituents (at least the less-technically minded of them) perceive him as 'fighting for America'.
____
~ |rip/\/\aster /\/\onkey
Why would anyone buy from electronics from the Chinese?!?
-=/\- Jizzbug -/\=-
It's not like the PCs weren't made in China when the division was owned by IBM.
This is old news to anyone who works in Defense.
...
In fact, if you want to use hardware/software in a classified area, it has to be from a United States based company and passed through a rigorous investigation as to whether or not it is safe to use. Even things like Java or C++ libraries have to undergo this for the simple fact of the matter that the US government is over-cautious.
Do you blame them? Can you strip down a Laptop and really ensure that there's nothing like a keystroke logger or a very very low-level chipset process running on a side processor or microcontroller that captures choice information and automatically sends it out the NIC to a Chinese agency?
You have to remember that there are conspiracy theorists out there that are paid and unpaid. The paid ones are simply better at controlling their imagination to realistic limits and are hired by governments to think & fear.
Now, do you remember when certain Chinese conspiracy theorists decided that China's government suspected Windows SP2 of foul play? This is more of the same kind of thinking
My work here is dung.
After the interview, Secretary of State Richard Griffin proceded to log on with his blank-password account on his spyware infested Windows PC...
I heard they make their motherboards out of enriched uranium.
Does this mean that they WON'T be outsourcing their network management to India?
Exactly when have computer components been made in America. Most, in fact, are not. thinkpads were made in China before, the only difference now is that they are not supervised by a US company.
Somebody should show this guy the label on the pen he uses, on his reading glasses, on most of the small electronics he owns. Odds are they aren't made in America either. Does that mean his cellphone is a threat to national security!? This kind of ignorance really makes no sense whatsoever.
Go ahead and call me unreliable; reliable is just a synonym for predictable.
It started to sing the Internationale so I took it back to store.
I suppose next they're going to ban chinese take-out as well.
Chinese food may lead to Maoism. Protect yourself and your family with Freedom fries and toast!!! The American thing to do.
I eat Karma for breakfast, lunch, and dinner. That's why I don't have any.
By buying Dells ... assembled from components made in Taiwan. ::rollseyes::
I wonder if it's actually possible to construct a PC at this point without using at least one component that originated in China, given that everyone is now shifting manufacturing there.
- Roach
All other computer equipment manufactured in China must be removed too, by this reasoning.
This includes keyboards, mice, USB hubs, and other PC equipment.
Thank GOD the Blackberries are manufactured in Mexico!
He who knows best knows how little he knows. - Thomas Jefferson
[NSA Agent 2] AUUUUGH!
Chas - The one, the only.
THANK GOD!!!
"No one with any technical savvy is going to believe that these systems pose a greater security risk, unless someone independently confirms this and demonstrates how a backdoor exists."
....) wouldn't do the same on their hardware?
Why would you think this has not already happened? Add to that the fact the the government buys these things in bulk and even IF a sample posessed no backdoor, how hard would it be to put a backdoor in 1 out of 1000 and hope it gets by?
Paranoid? I think not, you haven't had night shift cleaning crews hired by the chinese into your business have you? It happens.
If Windows has US government demanded backdoors as so many Slahdotters insist, why would ANYONE think the Chinese (or the Russians or the French or the Germans or the English or the Japanese or the Koreans
slashdot troll = you make a compelling argument I do not like the implications of.
I haven't seen such a dramatic knee jerk reaction since I saw a marionette being controlled by a sufferer of Parkinson's Disease.
There's definitely a lot of politics and money in play here. Practically speaking, it would be difficult to impossible to exclude products made by any country that may be a present or future enemy of the US from use in govt agencies. And ironically the US govt has aided and abetted the rise of Chinese economic and political power that now they suddenly fear. If they really cared so much, they should have said something before IBM sold its PC division to Lenovo. So given that everyone spies on everyone else, the real trick is not to stop the spying, but to make sure that your enemy (and sometimes your friends) only get inaccurate or junk info.
For the current matter, I would guess that some domestic PC maker is trying to take advantage of the situation, *cough*Dell*cough*HP*cough, pardon me!
To the making of books there is no end, so let's get started
It's worse than that. Do you realise that the Chinese security forces monitor all international calls out of China. Evil or what?
Don't put off until tomorrow what you can leave until the day after.
While I may not agree with it the US government has a point.
t m
Does anyone remember the US Jet that was sold to the Chinese President? More then 20 bugging devices found in it. Some of them built into the jets framework itself (so they weren't casually put there).
http://news.bbc.co.uk/2/hi/asia-pacific/1771238.s
Although there is so much Chinese tech in the US these days even just avoiding the chinese company isn't going to avoid China.
"A little box on the keyboard wire"? I'm sorry, but do you imagine Chinese intelligence to be run by 14-year-old pranksters that get their spy supplies at ThinkGeek?
I know it'd never happen in a million years, but wouldn't it be absolutely hilarious if the Chinese company was so upset by the American politics involved that they decided to stop doing business with us?
Slashdot Burying Stories About Slashdot Media Owned
It seems rather shortsighted to single out Lenovo. It would make a lot more sense for government computers to pass some sort of actual security audit, rather than simply singling out a single manufacturer. Most IBMs were probably manufactured in China anyway, even before the sale to Lenovo.
A large percentage of consumer eletronics are produced in China - if we're truly worried about the Chinese government spying on us through consumer electronics, why only care about a single brand?
That was a rhetorical question, of course. Obviously the answer is: "political grandstanding in an election year"
Still, this thing isn't totally without merit. After all, do we really want our government using computers manufactured by a company owned in part by the Chinese government? The American government has sabotaged other countries with software Trojan horses before. While I certainly don't believe that Lenovo Thinkpads have anything malicious lurking in the firmware, it's not totally impossible or anything.
OtakuBooty.com: Smart, funny, sexy nerds.
I don't believe in Windows backdoors any more that I believe that the Lenovo people are able to pull this off without anyone detecting it. Remember, Lenovo assembles these in this country and in Mexico, and the company has moved its headquarters here, and hired American executives, etc. If they got caught doing this HEADS WOULD ROLL. These people would all be guilty of spying or treason, so it wouldn't be quietly hidden away, they would face arrest, possible execution. These aren't products from a company where the Chinese government has direct control of operations, and design, specification and manufacture is worldwide.
I have nothing to hide. So, why are you spying on me?
I don't trust them.
The article claims that the Chinese government owns a 28% stake in the company. At the end of the article a Lenovo spokesman says that the "government is only a minority stakeholder"
Well call me naive, but look at the power our government has over influencing companies where they own 0%. ie.. the whole NSA call monitoring thing, DOJ over MS, etc... Not to mention we have a much 'nicer' government then Chinas.
So I would hardly classify a government that owns 28% of a company a "minority stakeholder". Can you imagine the board meeting where the Lenovo CEO tell the "minority" stakeholder no.
DK
Now, tell a government inspector to take apart a Lenovo and verify that there are no spychips in it. They'll simply laugh and say, "It has spent time outside of this country, it cannot be used to store or process sensitive information." This isn't saying "Chinese bad," it's simply a fail safe security measure for them.
And why does this not go for the subsystems in any computer, not just the assembled whole? How do you for a fact know that the IC in that ethernet board or video card really is bog standard and not a "special" version? How do you know that the motherboard does not have a few "extras" implemented, in hardware or in the BIOS? They've all been manufactured abroad, after all.
With your logic, nothing that isn't built ground up within the US borders should be allowed - and good luck with that.
No, to paraphrase Freud, sometimes a xenophobix knee-jerk reaction is just a xenophobic knee-jerk reaction.
Trust the Computer. The Computer is your friend.
I was going to write a long(-ish) reply, but decided against it - after all - it can be summed up easier: surely there are much weaker security issues than who made a laptop -- such as the user for example. Others have commented about windows. I say they should worry about education of their users rather than who made it.
And surely the US can't talk back at people for spying on others considering recent news.
, , , , , karma elon
I just bought an HP laptop that was FedEx'ed directly from Kunshun China to my door.
But when other states does the same, we hear outraged yapping from US about undermining "free market". Go figure.
Not to mention the US Embassy in Moscow built during the cold war.
This is why there is legitimate concern about this sort of thing. It actually happens. It would make a great spying tool as well. Just add some keylogging logic as well as some storage (perhaps store it on unused sectors of the HDD) to the southbridge as well as a hook into the onboard NIC. When an attacker gets a machine on the network (these machines wouldn't be connected to the internet) somehow, they send out a specially formatted broadcast message (probably in the form of an apparently corrupt Ethernet frame) that causes all of the affected machines to dump the contents of their keylogs to the machine that sent the broadcast. It'd take just seconds and it'd be almost impossible to catch. It would work even if you don't have full access to the network and you wouldn't have to leave a machine conspicuously on the network for a long time. It could even be a PDA or some custom box that can be plugged and unplugged within seconds.
What do I think about the feasability of this attack? Personally, I don't think it's likely that it's in use at the moment. Most laptops just use off of the shelf components. AFAIK, Lenovo doesn't actually manufacture the southbridge themselves, they use existing chips from other companies (like Intel). Adding another chip to the laptop (especially a lot of laptops) would be too risky since eventually some repair monkey is going to notice it, especially if the chip you add fails and causes problems with the laptop. There are still guys out there who know what chips do by their serial number and what they should look like. They'll also know if you have some mislabeled chip that shouldn't be there (Why is there an external UART chip on this laptop? It's a built in feature of the southbridge. Why is it wired to the keyboard lines on the Southbridge?) Thus, such a change would have to be installed strategically, which is difficult when selling in quantities of a thousand to the government.
I read the internet for the articles.
While I would love to agree with you, I have to regretfully point out the fact that we long ago handed virtually any manufacturing capability to the Chinese and now have no choice but to buy from them and hope that they continue to fund our debt.
However, they don't really have a choice anymore in the debt funding dept. They have to in order to insure the viability of their own investments.
House of cards? Or is it a house of cheap plastic goods, motherboards, and US govt issued bonds? Either way....
I am very small, utmostly microscopic.
Let's be reasonable here.
The US government, in theory, should do what is beneficial to the US citizens. They're, after all, their employers, their reason to exist. Without them, they're as superfluous as the RIAA to music.
So, the government should need no reason to reach for US manufactored goods and prefering them over foreign ones. For the simple sake of national commerce. Security aside, the US government is a non profit thing. Their "profit" is the well being of the US. And that isn't buying the cheapest products, the best deal for the US is their government buying at US companies.
Just stand up and proclaim that you won't buy the Chinese laptops and instead buy (insert something that at least partly could be possible manufactured at least at SOME areas within the US). Not because China is evil, not because you don't trust them, simply 'cause the US government should first and foremost aid (and thus buy from) US based enterprises.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
No, but I do imagine them buying their supplies at RadioShack.
Is your terror cell living in terror? Is your safe-house not so safe? If so, read the New York Times, the jihad journal.
Are you Japanese ?
for the last time people, I am "frodo from middle eaRTH", not "middle eaST".
I guess it's time to rethink that mantra.
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-U
(Speaking as someone who has some training in securing facilities against spying) If they allow secure work on laptops, they are already making a big mistake. This was proven by the recent fears of a leak in Afghanistan due to missing thumb drives. Regulations state that such devices are not to be used, and any computer they are on is to be no longer considered secure. But, the twits who care more about the ease of doing their work than security use them anyways. The more portable the information is, the harder it is to keep secure.
Hardware and software backdoors are a reality. Look at the tiawanese Router maker that put a backdoor password in all the netgear routers. Consider that britain finally wised up and wont buy closed source software on their defense avionics. Consider the fact that slot machines get ripped off every year by programmrs putting in backdoors.
Sure it's more difficult to imagine how commondity hardware would be rigged but it's not implausible if the target warrants it. There's been some pretty big efforts staged for security interests. For example, the NSA's recent efforts and the British enigma cracking computers.
The total capitalization of Lenovo is a teeny teeny teeny fraction of the value of being able to have a backdoor to secret us government negotiating positions. teeny. it's would not only be truly worth the risk of exposure and loss of bussniess, it would be a dereliction of duty for the chinese not to try to rig the machines.
Some drink at the fountain of knowledge. Others just gargle.
"Especially since all new Thinkpads have a fucking TCPA chip. Can you trust a chinese fabbed uber security module for critical national security purposes?"
Wherever that TCPA chip was fabbed, it is almost guaranteed to come from the same source as those found in laptops from any other manufacturer.
If there were ANY chips in the Lenovo that were built in China without a clear paper trail leading back to a non-Chinese supplier (or a Chinese supplier that isn't also selling chips to manufacturers that the government ISN'T freaking out about) then this would be justified. But it's an Intel CPU with an Intel northbridge/southbridge, Intel/ATI/NVidia graphics, the LCD is probably Japanese or South Korean just like nearly every other LCD on the market. The only place where Lenovo could backdoor the machines is in the BIOS (easy to audit) and in the OS (hire a sysadmin to nuke and repave).
retrorocket.o not found, launch anyway?
So they should spend more money than they need to, buy from less efficient producers, and reduce the productivity of the US?
I take it you're a communist? Since you want the government to be bigger - higher taxes and higher expenditure, want the government to subsidise less efficient producers so they don't need to become more productive, and if that reduces the productivity and overall income/wealth of the country then it's worth it.
I really suggest you go read the DOD's 'orange book' on secure systems, it explains the issue very well. While this book is old, and some things in it are outdated, the ideas and methods it suggests are still quite relevant.
I don't believe in Windows backdoors any more that I believe that the Lenovo people are able to pull this off without anyone detecting it.
Agreed, for now, MS would most likely not be able to hide such things. But what about when Treacherous Computing comes around?
I don't know about you, but Microsoft having their own hardware encrypted little processing enclaves, communicating over an encrypted channel with Microsoft, on most of the computers in the world gives me the shivers in a bad way.
Dells are manufactured in China, are they banned too? Lenovo has been making IBM laptops for years under the IBM name. Does the security risk depend on who's name is glued to the outside?
"In politics, absurdity is not a handicap."
- Napoleon Bonaparte
Does anyone really think that these PCs are "domestic?" They may not be made in mainland China, but they are certainly not made in the United states either.
If you want to be reasonable you should take an introductory course in economics. Just because you are buying from the US does not mean you are automatically doing the best thing for the US economy.
The concept is called relative advantage. Due to the situations being what they are, The US has been a leader in science and education for a while now, and China has lots of cheap labor. So the computer was first made by a handful of scientists in America, it was expensive as hell and there were very few of them. As the scientists better understood the computer and were able to commoditize its production it became cheaper and more accessible. Computers have now gotten to the point where they are pretty much a commodity, and manufacturing them at the cheapest cost is important inorder to meet the demand.
So China has the relative advantage of manufacturing, while Americans are still the leader in business and software. If you really want to do something good for the US stand up and proclaim that you want better education systems! If we are going to lose status in the world economy it wont be because we are buying foreign products, it will be because we got fat and lazy.
Just google Comparative Advantage if you want to know more about it.
"how can they call it a MINE if everything here is THEIRS?!?!" -Straight Jacket
It is easy to embed interesting code inside of special chips.
And the USA should know. We have done it a number of times to many other countries. In fact, if the gov really wanted to make certain that it could not happen to us, they would not buy from a spcific company but from many companies esp. the white labels. As it is, when you buy all your systems from just one company, it is far easier to get inside the chips that make up these, then doing it to everybody.
I prefer the "u" in honour as it seems to be missing these days.
The US State Department says the 16,000 computers it bought from a Chinese firm with links to the Beijing government will not be used for classified work.
Twinstiq, game news
"That is FUD pure and simple. Unless I'm clueless, backdoors are software not hardware"
Your clueless.
Backdoors can be placed in firmware in a chip or hard coded into a chip. With millions of transistors in even the smallest chips, how hard would it be for them to put in a couple, in the bus path, or the network communications path, or any number of other places that kick back and listen for X. when X happens, open a link on an unsuspecting port encrypted and give full access to the box, or log keys and wait for something to happen or some set time and dump the data somewhere.
there are many many many ways this can be done and hidden, and anyone with even a slight technical background could point this out.
Why do clueless people bother to voice their uninformed opionions on something? The standard liberal montra. Scream louder than anyone else and the crap you are spewing becomes true?
Just three more hours seapeople and you can finally take me away from this crappy God Damned planet full of hippies
Backdoors can be anywhere and they could just as easily be placed in hardware. In fact, they'd be much harder to detect in hardware since "opening up" a chip is a heck of a lot harder than disassembling executable code that is fully visible. Chips have a bunch of input pins and output pins--what goes on inside may as well be "maigc" unless you have a lot of time and money available to try to reverse engineer the IC.
Also, isn't almost all computers and electronics made in China today? What is unique about Levino besides they are an offshoot of an American designed piece of hardware (that odds are was fabed in China for years)?
This is just speculation, but it's not unreasonable to imagine that a given backdoor could only work in a given configuration involving multiple ICs with backdoors--in fact, unless the backdoor is in the processor itself, any given backdoor in an IC would probably have to operate in conjunction with backdoors on other ICs on the motherboard. For a backdoor to be useful, it's either going to send a memory dump back "home" (which is doubtful because it'd be big enough that it'd be easily detected) or it's going to have to be able to "spy" on the CPU. If the backdoor isn't in the CPU, it's going to take multiple ICs with backdoors to build a picture of what the CPU is doing based on its interaction with other ICs on the motherboard. So while many ICs may come from China, any potential backdoored ICs are probably only going to be able to do their job when used in conjunction with other ICs with similar backdoors and used on a motherboard that connects those ICs in a way that is conducive to the functioning of the backdoor.
Is this far-fetched? Maybe a little, but not much. Do NOT underestimate the value (perceived and real) that countries place on knowing thing about their military and economic competitors. If a company China had a stake in was known to have a contract for 16,000 computers at the U.S. State Department, it would be naive to believe that China wouldn't try to make the most of that as possible from an intelligence standpoint.
And, as I've already said, it's not unreasonable to think that the U.S. Federal Government should have a "Buy American" policy on products and services.
All other computer equipment manufactured in China must be removed too, by this reasoning.
..by a Canadian company ;) This is not an issue becasue RIM is not a Crown Corporation, not because it is not Chinese. If RIM was a Crown Corporation (government) then I'm sure use of blackberries by US government or military agents wouls also be restricted, or a special agreement would've had to be established.
As I read this you're modded 5/insightful...Moderators on crack again...
This reasoning means nothing of the sort. The distinguishing factor is that Lenovo is PARTLY OWNED BY THE CHINESE GOVERNMENT. Apple makes computers in China, as does Dell. However, in those cases there is NO owenership by ANY foreign governments, China or otherwise. This is important because since a foreign government can control the latter companies to disrupt supply of sensitive goods (cutting them off, or sabotaging them).
This is standard Military policy: sensitive equipment of ANY kind cannot be supplied by ANY company that is partly or wholly owned by a foreign GOVERNMENT, and even private foreign ownership is restricted somewhat. As I mentioned in another post AMC had to sell AM General when Renault bought part of AMC because Renault was owned by the French GOVERNMENT, because the military wouldn't stand for relying on its supply of Hummers being influenced by the government of a foreign company.
This includes keyboards, mice, USB hubs, and other PC equipment.
Well although many are made in China, they are not made by companies owned by the Chinese government. If it really matters, a sizeable amount of this stuff is made in Taiwan (NOT recognised as part of Communist China) and other asian countries.
Thank GOD the Blackberries are manufactured in Mexico!
All comments I've seen fail to address the following:
1. Securing Gov't contracts is a dirty business. If you don't have the resources, (people, money) to do the dirty work, then you are out. IBM has these things and they know better to keep them.
2. I'd be very interested to hear some feedback on Lenovo's service levels versus IBM's. Based on my knowledge of Chinese tech industry, I predict there was a great deal less satisfaction. Along the way this fine specimen of a politician gets to make a little hay on their misfortune and inexperience. That's predictable and accepted human behavior.
This has nothing to do with protectionism. It's about a once-venerated public agency brand (thinkpad) failing spectacularly.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Not really; They are pissed at him for treason (outing an active undercover agent), lieing(the coverups on the fact that it with the suggestion that he declassified the data; of course that was AFTER he said that he would throw the full force of the law at those responsible), and cowardice(finally, trying to allow others to take the fall as well as suggesting that he declassified it).
It is obvious that he is the same person that he was in the 70's and 80's.
I prefer the "u" in honour as it seems to be missing these days.
how hard would it be for them to put in a couple, in the bus path, or the network communications path, or any number of other places that kick back and listen for X. when X happens, open a link on an unsuspecting port encrypted and give full access to the box, or log keys and wait for something to happen or some set time and dump the data somewhere.
The first scenario is not a matter of "a few transistors"; to give "full access to the box," you need to be able to communicate with the box at an operating system level. The question you're really asking is, "How hard would it be to put the equivalent of VNC in hardware and have it transparently work with the OS on a laptop," and the answer is "very." The second scenario is more plausible, but exactly where is the "somewhere" the data is being dumped to? The laptop may not be on a network all the time, and most corporate networks are running firewalls these days, despite what the cynics will tell you. (I haven't been able to open a non-standard port out at any company I've worked at in the last four years, and when I've opened a standard SSH connection to my home machine I've gotten questioned more than once.) Do you propose that at midnight the computer is going to automatically FedEx a flash card to China?
Go talk to a company that actually deals with classified technologies and export controls sometime. Business computers manufactured by a company that has a home office in China are not very high on the list of things they worry about. And you are aware that many laptops sold by non-Chinese companies are made in China anyway, right? If it were truly so easy to be hiding nefarious things on motherboards, they could be just as easily "bugged" by a subcontractor. The fact that we're worried about Lenovo and not about Dell shows this is more about making a political point than making the State Department safer.
Why do clueless people bother to voice their uninformed opionions on something? The standard liberal montra.
If only more Americans gave the careful, deliberate consideration to important matters that Rush Limbaugh and Bill O'Reilly do.
Nobody can look at an IC chip and read the traces inside.
Man, you really need that seminar!
Am I the only one that remembers when the CIA put defective chips into a pipeline system -- and blew it up on purpose?
Jeez, you guys act like this is "just a product" and it's wayyyy more than that, when your national security infrastructure is being manufactured outside the US. There is nothing to prevent the Chinese from supplying the same thing to us and I am quite sure they have the technical competency to pull it off.
So the remedy is simple: don't buy Lenovo.
On a more serious note, this is obviously a purely political step - but why?
Because the U.S. is in the grip of a fairly major bout of xenophobia just now. This is something that overtakes all human groups every once in a while, where suddenly anyone who is remotely outside the mainstream is automatically suspect and "other".
This kind of thinking can be seen all over the current immigration reform in the U.S., as well as border security generally. It creates massive distortions in thinking--for example, President Bush's proposal for a "tamperproof" ID for foreigners working in the U.S. only makes sense if you somehow mentally categorize outsiders in such a way that they are inherently different from Americans. Otherwise the obvious work-around of foreigners using fake American IDs is, well, obvious. Without this kind of unconscious mental distortion it is clear that foreigners are indistinguishable from Americans.
We see the same kind of thinking amongst the people who say that various illegal and unconstitutional measures will only be used against "terrorists", as if that was an unabiguously distinct, knowable category of person. By reconceptualizing terrorists as inherently "other" they are able to perform this nasty mental trickery of reassuring themselves that only bad people will be affected by the draconian powers being granted spies and miliary officials, despite the glaring epistemological problems with such beliefs.
In such a social climate, xenophobia has a lot of political value, and gestures of solidarity with the group (flag waving, declarations of patriotic feeling, signs posted on businesses declaring they hire only documented legal workers) are highly valued. Those things by themselves are relatively benign, but the flip-side is the tendency to demonize anyone outside of the group.
Personally, I would think that no closed-source application should ever be used in a secure network environment. That includes the OS, obviously. There's just too much stuff that a closed-source application could be doing that isn't good, even if there was no malicious intent.
Blasphemy is a human right. Blasphemophobia kills.
One reason the US government is so paraoid about hardware backdoor is the number of times we've done this to other countries! Line printers (line-at-a-time impact printers) sold to Iraq in the 80s had radio transponders secretly embedded, so that they could be located at some distance. As such printers are only used in large data centers, we had a targets list of a significant portion of the Iraqi communications infrastructure, which we bombed at the start of Gulf War I.
Xerox machines sold to the USSR during the cold war often had cameras embedded, and service technicians would take great risk in retreiving the data (I think it was actual film) when servicing the machines, but we had pictures of everything copied.
These are just 2 very simple examples that have been made public, who knows what sort of stuff we've done that's clever enough that we still keep it secret. If the Chinese got busted the consequences wouldn't be much worse than where we already are today. The CHinese government could, after all, argue that they're not crossing the line any more than the US government has repeatedly done.
Socialism: a lie told by totalitarians and believed by fools.
Did you ever have a kid in class when you were in elementary school who always complained that everyone was stealing his pencils? I bet that if you'd looked in his desk, you'd find stacks and stacks of stolen pencils.
Perhaps the reason the State Department is concerned about sabotaged computers from overseas is because they are doing it.
Yeah, but the Chinese market is still pretty closed off, so there is potential, but it has a long way to go yet. Right now a company that releases a product in China has a very good chance of competing against that same product at a much lower price point in a few months after a chinese company copies it. Cars being the most obvious example right now. Just search for chinese car copies on google for more examples.
Q.
I'm not sure that many of you all remember this, but a while back the US actually sold China a Boeing 767 with at LEAST 27 different spying devices on board. Both China and the US were mostly quiet about this though, which kept things under wrap. The BBC has articles here and here.
Looks like America has every right to be paranoid, if it expects China to treat it as it has been treated.
We are the all singing, all dancing crap of the world....
These computers DO pose a security risk and this is nothing new. The issue is not trojan software or keyloggers installed. What the state department does not want is to have to speak with someone in China for support. If you need to go to China for support then someone in china might know your network topology and what kinds of other security features are or are not in place. This also has nothing to do with it being from China and everything to do with it not being American. If the computers were made in France and you needed to call France for support they would not allow it.
Remember that when they want security they dont just want security on a random 500 computers. Usually if they do any type of check it is to ALL the computers on a network. These systems are too critical to even let 1 key logger slip by.
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
Yes, but what about the software embedded in those familiar chips? What about the BIOS? There's lots of nasty stuff that could be hidden at that level, and would be hard to detect. Certainly, visual inspection is not going to be enough...
Great men are almost always bad men--Lord Acton's Corollary
You assume that soft-stored software (OS and higher) is the only risk.
You forget, there is an entire hard-stored software subsystem and electronic circuitry which could be altered or designed to compromise security. Not just the BIOS; networking, display, and disk subsystems, as well as power and wireless communications.
Jim
Yeah, no sense to /dotters with no knowledge of the past. I'm trying to find the reference articles to educate these naive folks. Basically about 15 years ago a Scandanavian telco discovered switches being sold by American companies had backdoors to shut down the phone systems. Corporate world working for military. Also, it is fairly common knowledge printers sold by US companies to Iraq and others contained transmitters. "Export printers". I found an article reference on the Black Art of Electronic Warfare but cannot find articles on these yet. Too much noise on Google.
/dotters seem to realize. Finally, Carnivore is SW based so does not lend itself to the argument the espionage/military support would be in BIOS or chipset but does clearly show what goverments are willing to do in order to maintain complete control over communications.
/dotters seem to believe Lenovo is innocent considering so many past instances of US companies being complicit with this exact sort of activity. Of course it is probably political as with Texas in office one would not be surprised to see DELL become the sole source; but the reality of electronic warfare and complicit companies is documented. Judging from history I believe the Chinese have no qualms about stealing trade secrets, military secrets, and even software from the USA.
I also worked with an engineer who'd worked on an undersea cable system where they had to revise the design so submarines could tap in every ten miles or so. Do you recall teh case a few years ago where US spies determined the Spanish government had unfairly awarded a business contract to a Spanish company and not the the company who technically should have won? Business and military are intertwined more than
I'm very frustrated so many
BTW, adding in rootkits is not necessarily the only ill which could be done. Consider transmission frequencies helpful in guiding missiles to data centers. Consider a command to have the system reboot into netboot. Consider ability to saveout or remotely read TLB or cache. With such large caches, this could be serious.
TimJowers
Enjoy Freedom
Expect Freedom.
These are actual State Dept. Regulations as found in the Foreign Affairs Handbook regarding the purchase of ANYTHING that enters a Classified Access Area (CAA). Give it a quick read. It could shed some light on the present situation.