Can You Trust Chinese Computer Equipment?

Ian Lamont writes "Suspicions about China slipping eavesdropping technology into computer exports have been around for years. But the recent spying attacks, attributed to China, on Google and other Internet companies have revived the hardware spying concerns. An IT World blogger suggests the gear can't be trusted, noting that it wouldn't be hard to add security holes to the firmware of Chinese-made USB memory sticks, computers, hard drives, and cameras. He also implies that running automatic checks for data of interest in the compromised gear would not be difficult." The blog post mentions Ken Thompson's admission in 1983 that he had put a backdoor into the Unix C compiler; he laid out the details in the 1983 Turing Award lecture, Reflections On Trusting Trust: "The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect."

Another reason

[AnotherUsername]

This is just another reason for me to not want to buy Chinese made goods. Unfortunately, so much is made in China that it is nearly impossible to completely avoid the country.

Re:Another reason

[TubeSteak]

I have a feeling eventually they will catch on that people aren't buying Chinese made stuff and will just put stamps on it from their more friendly neighboring countries.

It's not as simple as "put stamps on it from their more friendly neighboring countries" when those neighboring countries do not have the high-tech industrial base to produce the hardware in question.

On a strategic level, the USA really screwed the pooch by chasing the lowest bidder and not building up our domestic capacity to produce these items. And for you small gov't types, this is an example of free market principles colliding with what is effectively a national security issue.

Re:Another reason

[Yaa+101]

US goods are riddled with backdoors too, I think it is much healthier for you to mistrust your own government apart from the Chinese one.

Re:Another reason

[toastar]

Listen, Do you want a $200 Intel i7 made in China/Taiwan/Korea. Or you can Buy american and get a $1000 IBM chip made over at East fishkill.

oh and they're about the same speed.

Re:Another reason

[TheLink]

The Chinese Government is unlikely to be interested in spying on US citizens (or taking control of their computers). They'll be spying on their own citizens.

Similarly, the US Government is more likely to spy on US citizens.

Re:Another reason

[ElectricTurtle]

Intel has several fabs in the US, and AMD's spun off fab company Global Foundries is building a US fab. Even the very Chinese (insofar as Taiwan is Chinese) TMSC has a fab in the US.

Re:Another reason

[WinterSolstice]

I couldn't agree more, but then I'm also a big believer in 'trust but verify'. It's worth noting, however, that paranoia is self-fulfilling. :D

I recommend just being careful, verify that your devices are performing safely (as much as possible) and taking your chances. There are really very few alternatives - you have to trust someone.

Re:Another reason

[Rogerborg]

You know that 2/3 of the phrase "trust but verify" is meaningless oxymoronic bullshit designed to mask the harshness of the only significant word, right? Like "strong but sensitive" or "sexy but geeky".

Re:Another reason

[jellomizer]

Then there is the conspiracy theory mind set. There is always something going on that somehow there is one piece that is beyond our comprehension on how they do it.

I am sure there are solid american geeks out there when they plug in their USB Device will find odd communication going to china and probably report it on the internet with the exact test case to show it.

As well many of the China made components are made of US made specs and if they are not working as planned then there is a problem.

For the most part for the problems with chinese goods isn't a grand conspiracy but a vender who is trying to make their product that much cheaper then their competition thus cut corners and make a harm full product... This happens in America too.

So the risk of buying chinese components isn't as much Spying on you. But just crappy products that could hurt you.

Re:Another reason

[Spazztastic]

You know that 2/3 of the phrase "trust but verify" is meaningless oxymoronic bullshit designed to mask the harshness of the only significant word, right? Like "strong but sensitive" or "sexy but geeky".

It's a good point, but that 2/3 of the phrase is what keeps the potential client from being insulted. The majority of business is sugar coating the harsh truth to keep people on your side and hopefully more of their money going into your wallet.

Re:Another reason

[BZ]

> You'll note nothing seems to get cheaper to the end user.

Since we're talking about computer equipment, this is demonstrably false.

Re:Another reason

[networkBoy]

It's not that it is an additional chip, it is a different chip all together.

For example:
the ICH (southbridge) on your system likely handles the following things for you:
keyboard/mouse
USB
IDE
SATA
FireWire
Lan on Motherboard
Boot from BIOS
WebCam

Using an ARM/ARC/MIPS core + SRAM added to the circuit of the ICH and fabbed as a "special item" one could conceivably manufacture motherboards with a larger than spec flashrom (to hold NVRam data for the extra proc) and so long as your system was on (possibly even "off" but plugged in if you can make it low enough power to run on standby voltage) you can datalog nearly anything.
Parse the data for the interesting bits and store that to a hidden file on the HDD (since you're the controller for the HDD this should be trivial, no one will miss 1 meg of sectors you've marked bad).
When you have an internet connection SSH over to your drop server (you run the ethernet MAC remember) and unload your stash.

Really not all that far fetched and as long as the government pays for it (the fab of chips) you can sub these into assembly and not even no there was something wrong on the system even with a physical inspection.

Re:Another reason

[electrosoccertux]

economic co-dependency is the best national security there is. We'll never go to war with China; we're both far too dependent on each other. Wars are fought for power. Money is power, and is preferable to war. History has shown we won't fight when there's money involved.
China only holds ~10% of our national debt; ~70% perhaps more is domestically owned; so the whole "THEY'VE GOT OUR DOLLAR BY THE BALLS" nonsense doesn't count-- they would be shooting themselves in the head by removing our purchasing power-- don't forget they have to keep their workers happy, and to keep them happy they have to keep them employed.

Re:Another reason

[QuoteMstr]

economic co-dependency is the best national security there is

They said that before World War I too.

Re:Another reason

From us small gov't types, you realize that big government regulation played a role in making China so attractive to begin with, right?

Re:Another reason

[PPalmgren]

You think if we had the means to produce them, people would have bought it? I'm sorry, but the reason domestic capacity doesn't exist is because it isn't competitive. Big gov't is not going to solve this in any way shape or form, it would actually make the issue worse by increasing admin overhead (taxes). If what you're advocating is protectionism, then I suggest you go read a bit of history on the subject and its reults.

There are only three sane ways manufacturing jobs will return to the US: De-globalisation due to peak oil, normalizing quality of life in the US down to the rest of the world, or bringing the rest of the world to the US quality of life. I prefer the third option.

Re:Another reason

[tiberus]

Should have been more specific. Granted prices on tech drop as overall manufacturing costs drop, new more efficient (read fewer defects and less waste) processes have been adopted, etc... So, yes in terms of a blanket statement it would be false.

The intent was to state, and I'm open to being shown evidence to the contrary, that I have never seen a company's offshore move and resultant reduced operating costs directly result in lower prices. The market bears current pricing until such time that a manufacturer's competitors make similar changes and a price war begins.

Re:Another reason

Although if you'd actually followed the link you cited, you might have read:

There have been claims that products made in this town and exported to the US in the 1960s carried the label "MADE IN USA, JAPAN", for it to have an appearance that the product is "Made in USA". It is, however a myth that Japan renamed the town "Usa" following World War II so that goods exported from Japan could be labeled as such.[1] The town had this name long before the war, at least from 8th century, and is not where the majority of Japanese industry is located."

Not that I'm claiming Wikipedia is necessarily correct either but if you are going to cite an article to prove your point, you might want to make sure it says what you think it does ;-)

Re:Another reason

[chiguy]

That's insightful? That's what's called a false dichotomy.

It's not mutually exclusive: The Chinese Government is likely to spy BOTH on US citizens AND their own citizens, just for different purposes.

The US Government does both as well, but US abuses of US citizens are more likely to have discovery and recourse than China's abuse of Chinese.

Just a bad argument all around.

Re:Another reason

You mean like minimum wages, environmental regulations, and sue-happy lawyers?

Re:Another reason

hand tools bought from China have never held up for me as well as American made tools.
Especially cutting tools like metal shears. The chinese ones nick easier because they use a lower cost (and thus softer) steel rather tan tool steel which is much harder, but more expensive and harder to work.

Of course I pay a lot more for the better tools

Yes, but is this because Chinese goods are inherently bad, or because there is a correlation between goods made in China and manufacturers looking to cut every last dollar of cost? If the only tools that are still economic to make in the US are the pro-quality top-of-the-range ones, then of course the US tools are going to appear better compared to the competition.

It's like the way that people blame outsourcing to India for crappy customer service. The real problem is often that the customer service department has been reorganized around the principle of least cost and least effort and the service would be equally indifferent anywhere.

Re:Another reason

[BrokenHalo]

I'd trust the Chinese further than most of my neighbours.

That's a bit sad. I get on quite well with the majority of my neighbours, but most people I know who have wide experience of commercial dealing with Chinese (not to be confused with personal interactions with individuals and their families) have told me of a catalogue of dishonest, conspiratorial and treacherous activities. Basically, it seems their attitude is that "westerners" are fair game, since their rules are just not recognised by the Chinese.

Adopting this attitude in comparatively small business dealings is one thing, but enshrining it in (unofficial) government policy is another. If the Chinese insist on treating other nations as enemies, they should expect the same in return. The fact that our governments and corporations are so ready to kowtow to them for their business is nothing short of sickening.

Re:Another reason

[khallow]

You know that 2/3 of the phrase "trust but verify" is meaningless oxymoronic bullshit designed to mask the harshness of the only significant word, right?

I disagree. First, you are trusting them. Else you wouldn't be employing their services or buying their goods in the first place. Second, the phrase indicates that this trust is not unconditional, that you will be testing them in some way to verify that they did the work that they agreed to do.

Money handling is a classic example. Allowing someone to handle your money (be it a transaction in a store, cashiers in a business you own, or some sort of financial advisor) is a bit of trust in that person. If you then check up frequently (it could be once in a while to every time you have access to the money they handle) to make sure they aren't skimming in some way, then that's verifying.

Re:Another reason

[timeOday]

...bringing the rest of the world to the US quality of life.

The US quality of life is only possible due to cheap offshore labor and disproportionate consumption of global natural resources.

It's mathematically impossible for every person on earth to burn this much oil, eat this much meat, and live on this much land. The reason I can buy my kids shoes for $6 at Wal-Mart is because somebody is desperate enough to trade a day of their time for ten minutes of mine.

Economic parity is fair, but it's also a big step down.

Re:Another reason

[jazman_777]

Go to your local farmer's market and roadside stands. Grow your own garden. Push back on food globalism

Re:Another reason

[oatworm]

Why does a totalitarian regime have to keep the workers happy? Squishing them with tanks when they complain seems simpler.

It's not so much the workers you have to keep happy, it's the military and the bureaucracy. If worker wealth disappears, wealth for the mid-level bureaucrat (e.g. party officials, regional governors, etc.) disappears, albeit more slowly. Once that happens, corruption turns up to 11 and nobody is willing to really sustain the country anymore. This happened to East Germany near the end - so much wealth was gone that nobody had a vested interest in maintaining the status quo anymore.

And what is difference to the worker if instead of selling the stuff built with their labor to the US, the Chinese government just buys it directly from them with freshly printed yuan and dumps it in the ocean? What changes, other than China not collecting IOUs that it exchanges for more IOUs.

One sends American wealth to China. The other sends Chinese wealth into the ocean. When American dollars are sent to China, they can trade those dollars for other, more useful things (oil, raw materials, and so on), provided the dollar is actually worth something. If the Chinese just start dumping surplus industrial output into the ocean, they won't get anything back to purchase new raw materials with, which would effectively shut down the factories sooner or later anyway.

Re: Another Reason

[soren100]

the reason domestic capacity doesn't exist is because it isn't competitive.

One of the reasons for that is because China is artificially holding down the value of its currency so that we will destroy our own manufacturing base in a mad rush to make a quick buck. For the other countries, often American companies are the ones building the facilities and training the workers over there just for the cheap wages. Our own technology is given away for their cheap labor.

If what you're advocating is protectionism, then I suggest you go read a bit of history on the subject and its reults.

It seems to be working very well in many countries around the world that are smart enough to protect their own industries and work to keep out ours. Why do you think China is creating such problems for Google, and that Baidu is doing so well over there? The point is that if you don't go to extremes, you do very well. The extreme that America has gone into (not protecting our own domestic industries in favor of temporary profits) has really hurt us.

normalizing quality of life in the US down to the rest of the world

You mean make America a 3rd world country? That strategy seems to be working.

Re:Another reason

[Troed]

It's mathematically impossible for every person on earth to burn this much oil, eat this much meat, and live on this much land.

Technological development, however, makes it mathematically possible for every person on earth (and a lot more) to have the equivalent of the life you describe.

Re:Another reason

[oatworm]

Actually, it's probably going to be a little bit of both.

Look, we need to remember something here - it's not like we were manufacturing high-quality goods in the US when we were still manufacturing goods. There's a reason people stopped buying American cars, for example. Sure, you can point at something made in the US from 50 years ago and say, "Ah ha! See? Our stuff was better!", but that's just selection bias. Of course the stuff that made it to today from 50 years ago is more durable than the stuff we have lying around our house now. That's why it's over 50 years old.. All the crappy stuff that fell apart instantly fell apart fifty years ago.

Back in the day, we made TVs. In those days, TVs were so expensive, TV repair was a legitimate career path. Nowadays, TVs are so cheap that it just doesn't make sense, which is why you don't see too many black & white TVs running around these days. Heck, the transition from analog TV to high definition TV will probably take less time for most families than the transition from black & white to color, if only because the cost of high definition TVs is falling so fast and so far that, when people's analog TVs die every 3-5 years (or so), they'll be able to easily afford a high definition one. How long did it take for VCRs to disappear once DVDs came out? The reason we can make these transitions so quickly these days is because of inexpensive manufactured goods.

That said, back in the day, we were pretty much the only industrialized country on the planet. After World War 2, the US was the only country around that had a significant industrial base that hadn't been bombed into the Stone Age (at least the only one of a decent size - obviously Australia, Canada, and New Zealand were still in decent shape, too). Guess who was the world's China? That's right - the US, which is why, even if we switch to a protectionist stance, we're never getting back to a world in which the United States is 10x more prosperous than every other country on the planet. There's simply too much competition these days. Of course, back in the day, China was starving - that's less of an issue now. Back in the day, Mexico was a backwards, lawless hellhole. Nowadays, they possess the 13th highest GDP in the world, just ahead of Australia, with a slightly lower per capita GDP than Russia and Turkey. That's still not great, mind you, but it's still more than double China's and a heck of a lot better than it was at the turn of the last century. Japan is now a world-leading economic power; going into World War 2, they were just a regional power, roughly along the lines of South Africa today and with roughly the same amount of regional and international pull. South Korea? They weren't even a regional power when they gained independence from Japan after World War 2.

Besides, life in the '50s and '60s wasn't that great in the US anyway, especially if you actually possessed melanin or were unfortunate enough to live in the South. Even if you were white, middle class meant something very different in '50s-era Birmingham than it meant in, say, '50s-era Detroit or Cleveland. Even if you were fortunate enough to live in an industrial city with lots of well-paying union jobs, what'd you get for it back then? A cookie-cutter suburban home sans-grounded wiring, a car that would rust or fail every three years or 50,000 miles, a TV if you really saved up for it, and lots and lots of canned food. Back then, frozen food was considered so novel and interesting that four-star restaurants in New York used to advertise that they used frozen product. Seriously, if you compared '50s America with today's... oh... Jamaica, you'd find yourself picking Jamaica in a heartbeat, and not just because of the weather.

Re:Another reason

[oatworm]

I'll point out that, at this point of the game, American factories are competing against foreign-owned factories built and run in America and are still losing. Part of that, of course, is due to the foreign factories generally being newer than their American counterparts, but there's much more to it than that. Thanks to a combination of short-sighted management and Wagner Act unionism, you had unions demanding gold-plated benefit packages from management that not only wanted to avoid profit-cutting strikes, but also wanted to create heinously expensive labor contracts that would put their competition out of business. It actually worked, too - that's why International doesn't sell pick-ups and why nobody buys new Studebakers anymore. It also nearly bankrupted Chrysler in the '70s and led to AMC swirling the drain. (Un?)fortunately, the Japanese and Europeans were unwilling to play along and kept the UAW out of their American plants, thus keeping them from getting "out-bid" for labor by GM and Ford.

There's a reason domestic automakers put up with the unions for so long. It's because, if you were #1 or #2, being able to set a legally binding market rate for labor that all of your competitors had to observe meant that your competitors couldn't just hire cheaper labor to make up for their deficiencies in economies of scale compared to you. That's a really handy way to make sure your smaller competitors remain small.

Re:Another reason

[SkeeZerD]

I think my neighbors are raptors

Re:Another reason

[Raffaello]

Which would matter if wealth were absolute. It isn't though, it's relative. By medieval standards almost everyone in the US today is "wealthy." But no one cares. What matters is how much wealth you have compared to others now.

By the time technology gets around to making what GP has available to the underclass of developing nations, the upper middle classes of the developed industrialized nations will have much, much more, so technology buys you nothing here.

Social problems rarely have technological solutions because their causes are tied up in the evolutionary selective pressures underlying our social systems, not a lack of available technology. Lords were lords in medieval times because men like dominating and controlling other men, not because we hadn't yet invented the cell phone. Wealth and power are entirely about differentiation, not meeting some absolute standard. All of this flows from the biological purpose of accumulating wealth and power, which is mate competition. Men like dominating and controlling other men because in previous generations such men got more mating opportunities (women preferred them) and they left more descendants than men who didn't. Women prefer such men because in previous generations such women, through their wealthy, powerful mates, had access to more resources, so when times got hard and resources were scarcer, more of their children survived to reproduce.

We are descended largely from men and women who prefer having more resources and power than others. Advancing technology to provide today's notion of "wealth" to tomorrow's underclass will not change these innate preferences, nor will it make what is considered wealthy today the equivalent of what is considered wealthy in the future.

Re:Another reason

[jasno]

Sorry to threadjack, but speaking of Chinese ownership of rare metals, I have to wonder, don't our landfills now contain enough rare earth metals to keep us going for quite a while?

I mean, even if they somehow cut us off, wouldn't we just start reprocessing our waste? That's the one advantage of buying all of their cheap exports - we're effectively stockpiling their refined resources.

Re:Another reason

[nedlohs]

I was joking about the dumping in the ocean... How about having another set of workers recycle the products back into raw materials for a complete loop.

The losses along the way can be made up by exporting some products to non-US countries to buy more resources with.

The point is that a large amount of the dollars they get from the US they don't use to buy resources with, they use them to buy US treasuries to keep the US afloat to keep consuming their products. Though they have been making a mad "better spend them dollars while they are good" rush to buy up everything they can.

Yes there's a co-dependency, but if you break that dependency then the US collapses in a heap, while China has a recession followed by better economic performance than they have now (since inflation will be lower when they don't have to pseudo-peg their currency artificially low).

Short and Sweet

[guygo]

No.

Re:Short and Sweet

How about a similar question: Can you trust American Operating System software?

Re:Short and Sweet

[hodet]

Every time there is a "beware Chinese" article AC comes along and asks if, on the same note, we can trust American. Maybe not, but that is not the question. Start your own thread because the reasons for not trusting are different and that is not the question.

Re:Short and Sweet

[abigor]

That China is a corrupt dictatorship that brutally oppresses its own citizens and has a history of "cyber-attacks" worldwide? Yeah, real shaky presuppositions there, Bertrand Russell.

Bad Headline

[lyinhart]

Considering where a lot of this stuff comes from, it should probably read, "Can You Trust Computer Equipment?"

Yellow paranoia

[lorg]

Cause it's only the chinese that spy on other countries cause the rest of us are all friends and friends don't spy on eachother ... oh wait ... Seems that red paranoia have had a bit of a colour change.

Sure this might be software related so it's write once - copy everywhere but would you really want to do that. Cause if you plant it everywhere, "everyone" will have it leading to a larger chanse it will be found and out blow the entire operation out of the water. But have they really ever found any evidence for this on a large scale? Seems overly complex and prone to failure. Sure if you bug a phone, switch or whatever that is one thing but to plant it in every single device you ship. That would or could seriously mess with the profit margin and nobody is going to stand for that.

If you didn't build it yourself perhaps this is just the risk you run.

Computers are information networks

[gurps_npc]

It is a rather simple military rule that you create your own information networks. You don't let your enemy or even your ally. Using Chinese made equipment for any military equipment is a bad idea. This is a no-brainer.

Sure...

[ironicsky]

While the USB memory key (in this example) could have low level software to snoop your data, how are they going to get it? Is the USB key going to open a TCP/IP or UDP connection back to their servers without tripping my firewall that a new application is trying to connect? Is my virus scanner going to get tripped that something suspicious is coming out of the key without my interaction?

Most decent virus scanners and firewalls will pick up on this. In a lot of corporate networks USB Mass media is disabled. I'd love to see a proof of concept that can get around these common checks... If anyone has a USB key that can do this, please let me know :-) I'll happily test it.

Re:Evidence?

[Jeng]

Looks completely made up to me. Why just think about the times that the consumer has ran across hidden malware such as the Sony Rootkit incident. Experts saw unusual traffic and traced it back to a CD. Same thing would happen if a piece of equipment had hidden malware in it, someone would notice the suspicious traffic and trace it back to the source.

Overblown fears

[timholman]

IMO people are worrying far too much about an exploit mechanism that is simply not needed if the Chinese want to spy on the West, or anyone else for that matter.

The problem with building backdoors into the hardware or firmware is that such backdoors are traceable. You know where it was made. The right forensics people can probably tell you the exact factory it came out of. And how many people would buy chips from a Chinese fab once someone found a hardware backdoor inserted into a product? The Chinese want to make money first and foremost, not shoot themselves in the foot adding a backdoor that might have a one-in-a-million shot of giving them access to a system they even cared about, but would destroy an entire industry if they were caught. It's not worth the risk.

The smart thing to do is what they (and everyone else) are doing right now - use software exploits over the net to gain access. The attack can be targeted, the attackers can easily hide their tracks, the attacks can be modified as needed, and you have plausible deniability if you're caught. That's the smart way to subvert your enemies, and as long as governments and businesses keep running Windows, it's the way that they'll keep using.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Ahem *cough* why is "china" singled out??

[Arthur+Grumbine]

and before thinking that "this is crazy, a U.S. firm wouldn't possibly do that" bear in mind that i've already had some experience of receiving a very weird series of SPAM messages, following which my machine started acting very very weird.

my guess is that simply by receiving that SPAM message, there was encoded within it some power-fluctuations or signal fluctuations which the CPU could pick up and "activate" whatever it was that was wanted to be activated by whomever it was that sent the SPAM message.

To be fair, the "Troll" mod is also used as a substitute for "Batshit-Crazy".

WARNING! This post is encoded with power and signal fluctuations that which will cause your machine to start acting very very weird. Again, if your computer starts acting very very weird after you read this it is because of this post.

Can I trust American computer Equipment?

All around on the interwebs, people say that the American government has a secret agenda in ruling the world more than it does now. There is the CIA, the NSA and other 3 letters that makes anyone fear. Since they are all American and all are evil according even to some American people, should I trust things that come from that the USA?

time for another FUD article about China, I see.

[Petkov]

I understand you poor Americans ARE terrified and scared because you can feel the power slipping away from your fingers but this is getting ridiculous, dont yo think? The level of FUD on China oat /. is reaching USA gov levels. Come on now, how bullshiting can you get and how low can you go??? A LOT lower than I ever imagined. Shame on you, shame!

This is MY last message here, I am deleting my account and NEVER coming back here.
You have officially become complete bullshitters.

Secret agreements

[rlglende]

The proximal causes of WWI were a combination of the secrecy of the treaties and the necessity of starting mobilization N days before any attack by an aggressor.

It was a system-level failure : prudent mobilizations for defense were indistinguishable from those intended for offensive operations, and no country could foresee the effects of their foreign policy actions.

Of course, we can't now, either. Multi-lateral international diplomacy with war is a game that makes 3D or 3-way chess look like tic-tac-toe. Nobody plays 3D or 3-way chess, as you can't play enough games in a lifetime to know whether you are getting better or not.

Re:Secret agreements

[rahvin112]

The ultimate hinge point in WWI was when Germany executed a war plan that called for a two front war when their treaty obligations only called for a one front war. Simply because the plans called for them to invade Russia and France simultaneously they did so even though Russia was the only one that had declared war (and France wasn't even involved). The generals at the time in Germany couldn't even imagine diverging from the war plan and the war plan called for invading France. Rather than stand up to his Generals the Kaiser caved and allowed the invasion of France (I believe he uttered the phrase "rolling the iron dice").

This is the entire reason France and the UK blamed Germany for the war and imposed all the war's costs on Germany (thereby causing WWII). The mindset in WWI Germany is incomprehensible today but the reason WWI happened (a much smaller war could have happened) is because there was a plan that wasn't applicable but the people in charge couldn't imagine deviating from the plan and the guy in ultimate charge wouldn't stand up to the ones tasked with fighting the war. The German/Russian/Austrian front of the war was minuscule in comparison to what happened on the French/German/Dutch border where entire armies (and two generations of French/German/English) were ground into hamburger in modern warfare. The greatest lesson of WWI is plans are great to have but they aren't the blueprint for the war that must be followed, iron adherence to a plan regardless of situation is suicide.

Re:Secret agreements

[Stormy+Dragon]

You mean like if your country were to be attacked by terrorists in Afghanistan and you decided to attack Iraq because that's the country you had a plan for?

Yeah your right. That could NEVER happen today.

Re:There is no comparison!

[swordgeek]

"But I guarantee you..."

That's a hell of a guarantee to make, especially given how extensively the US is currently known to spy on its citizens.

Not defending China here at all, nor saying that things in the western world are _that_ bad, but I think they are much closer than you claim.

Can you trust computer equipment?

[swordgeek]

No.

There, that's all there is to it. Chinese, Korean, Vietnamese, American, British, Indian, or other.

You can't trust the companies, and you can't trust the governments. Everywhere a corrupt person _could_ have (or create) access to data they shouldn't, there _will_ be a corrupt person working at it.

Maybe it's the Chinese government, maybe it's a hacker at a chip factory, maybe it's the Russian mafia, maybe it's a rogue NSA operative (or the NSA itself), but SOMEONE will do this eventually. They may not be after your data, but if it becomes useful (i.e. valuable) to them, then they'll use it.

No, he didn't, as best we can tell.

[jeffb+(2.718)]

I was a gung-ho CS student when this article came out, and we spent a LOT of time hashing it over. He specifically did not say that he had done this, and while I don't remember him making an outright denial, we concluded that he hadn't. After all, the C compilers of that day were still small enough to be understood by a single human, and comparing C code to the assembly code generated from it (or comparing that assembly code to generated machine instructions) was not very challenging.

Maybe the Jargon File entry is right, and he did implement it as a proof-of-concept, but it wasn't widely distributed. It was easy enough for an interested (and bored) undergrad to check out over a weekend, but hard enough that compiler distributions weren't routinely examined.

With today's optimizing compilers and layers upon layers of abstraction, though, it seems like there's more than enough room for plenty such exploits. Pham Nuwen can still have his backdoor into the localizers.

Holier than thou

Lets see: Xerox machines in the Kremlin with cameras. AT&T handing information over for the asking. Warrantless wiretaps. The Patriot Act. Asshats from Microsoft saying it would be a good idea for everybody on the Internet to have an I.D. (your papers please?). The Chinese government is just one more hole in the Swiss cheese. Oh wait, never mind, it's perfectly fine if WE do it. *sigh*