Is Your Antivirus Made By the Chinese Government?

← Back to Stories (view on slashdot.org)

Is Your Antivirus Made By the Chinese Government?

Posted by samzenpus on Monday April 18, 2011 @12:08AM from the great-security-wall dept.

guanxi writes "Huawei, a large Chinese telecom and IT company with close ties to the Chinese military has faced obstacles doing business in other countries, because governments are concerned about giving them access to critical infrastructure. Huawei Symantec is a joint venture with one of the world's largest IT security companies which sells security products in the US. Would the Chinese or other governments take the opportunity to create back doors into western IT networks? Wouldn't they be crazy not to?"

196 comments

Min score:

Reason:

Sort:

We'd never do such a thing by tomalpha · 2011-04-18 00:11 · Score: 5, Insightful

Would the Chinese or other governments take the opportunity to create back doors into western IT networks? Wouldn't they be crazy not to?
Would the US or other Western governments take the opportunity to create back doors into Chinese IT networks? Wouldn't they be crazy not to?
1. Re:We'd never do such a thing by qpqp · 2011-04-18 00:17 · Score: 4, Interesting
  
  Would people continue to be stupid enough to install Symantec software to allow them to?
2. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 00:17 · Score: 0
  
  Would the Chinese or other governments take the opportunity to create back doors into western IT networks? Wouldn't they be crazy not to?
  Would the US or other Western governments take the opportunity to create back doors into Chinese IT networks? Wouldn't they be crazy not to?
  Would the US or other Western governments take the opportunity to create back doors into US or other Western nation IT networks? Wouldn't they be crazy not to?
3. Re:We'd never do such a thing by jimicus · 2011-04-18 00:20 · Score: 5, Insightful
  
  Certainly used to be the case that Symantec Enterprise AV wasn't too bad. Small footprint, didn't hog system resources, didn't clutter up the desktop with pointless "I'm still here! Aren't I wonderful!" alerts.
  Too much, in fact. As a sysadmin I regularly had people ask me to install AV or (in one or two cases) go out and install a third-party AV product, thinking I'd shipped them a PC with no AV.
4. Re:We'd never do such a thing by ThePromenader · 2011-04-18 00:23 · Score: 3, Funny
  
  Well, if everyone's going to be getting into everyone else's back door, the best we can hope for is an all-round reacharound.
  
  --
  
  No, no sig. Really.
  
  ThePromenader
5. Re:We'd never do such a thing by arth1 · 2011-04-18 00:26 · Score: 1
  
  Too much, in fact. As a sysadmin I regularly had people ask me to install AV or (in one or two cases) go out and install a third-party AV product, thinking I'd shipped them a PC with no AV.
  As a sysadmin, I defer questions like that to the IT staff that does windows. I certainly won't install clamav or similar on any of the workstations I get people -- it's a complete waste of good bits and cycles.
6. Re:We'd never do such a thing by somersault · 2011-04-18 00:33 · Score: 2
  
  Someone should tell the RIAA/MPAA about the illegal filesharing these governments are taking part in. Will be fun to watch the ensuing apocalypse.
  
  --
  which is totally what she said
7. Re:We'd never do such a thing by pmontra · 2011-04-18 00:54 · Score: 3, Insightful
  
  Who needs the backdoors supposedly made by Symantec when they already installed the ones supposedly made by Microsoft? Or a BIOS or hardware itself?
8. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 00:55 · Score: 1
  
  Except the RIIAA/MPAA is in the pocket of big government.
  If A is B then B is A amirite.
9. Re:We'd never do such a thing by ObsessiveMathsFreak · 2011-04-18 00:57 · Score: 1
  
  What opportunity? When was the last time the Chinese bought anything from the West.
  
  --
  May the Maths Be with you!
10. Re:We'd never do such a thing by TheRaven64 · 2011-04-18 00:57 · Score: 1
  
  There are lots of ways that malware can target Linux. There are very few ways that malware can target Linux that antivirus software will protect you from. This is almost equally true of you substitute 'Windows' or 'Mac OS X' for Linux.
  
  --
  I am TheRaven on Soylent News
11. Re:We'd never do such a thing by BagOCrap · 2011-04-18 01:05 · Score: 1
  
  Well, if everyone's going to be getting into everyone else's back door, the best we can hope for is an all-round reacharound.
  I once tried to explain that to my other inmates...
  
  --
  -- Chaos, panic, pandemonium... My job here is done!
12. Re:We'd never do such a thing by the_womble · 2011-04-18 01:09 · Score: 1
  
  Are other governments crazy to use proprietary software from American companies, given that the US would be crazy not to use it to spy on them?
13. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 01:10 · Score: 0
  
  I forgot e.g. Intel and AMD are Chinese companies. Oh, wait.
14. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 01:22 · Score: 1
  
  What opportunity? When was the last time the Chinese bought anything from the West.
  Didn't they buy up a crapload of the USA's debt?
15. Re:We'd never do such a thing by zach_the_lizard · 2011-04-18 01:24 · Score: 1
  
  Science use, 3D work (Maya runs natively under Linux), perhaps CAD work (no AutoCAD, but others), maybe programming work. There're plenty of other uses.
  
  --
  SSC
16. Re:We'd never do such a thing by ArcherB · 2011-04-18 01:24 · Score: 1
  
  Would the Chinese or other governments take the opportunity to create back doors into western IT networks? Wouldn't they be crazy not to?
  Would the US or other Western governments take the opportunity to create back doors into Chinese IT networks? Wouldn't they be crazy not to?
  American companies are not owned by the US government. China is a communist country. By definition that means that Chinese companies are owned by the Chinese government.
  So, if the Chinese were buying their network security products from the US government, I would fully expect them to put back doors in. Since US companies are not owned by the US government, the I fully expect them NOT to. On the other hand, if you buy anything from the Chinese, you are effectively buying from the Chinese government, meaning I would definitely want to thoroughly investigate the code and compile myself before installing any software written by the Chinese government. Then again, if I'm going to do that, I may as well write my own.
  In other words, you are comparing apples to oranges.
  
  --
  There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
17. Re:We'd never do such a thing by Lumpy · 2011-04-18 01:27 · Score: 0
  
  In other words real computer tasks... Not the gaming and secretary work that most windows users have a pc for.
  
  --
  Do not look at laser with remaining good eye.
18. Re:We'd never do such a thing by SniperJoe · 2011-04-18 01:30 · Score: 3, Funny
  
  Oh come on, that's easy: http://en.wikipedia.org/wiki/United_States_Congress
19. Re:We'd never do such a thing by zoom-ping · 2011-04-18 01:45 · Score: 2
  
  Oh yeah? What about all the 1.1 trillion US dollars in bonds that the Chinese have bought?
20. Re:We'd never do such a thing by no+known+priors · 2011-04-18 01:45 · Score: 4, Insightful
  
  China is in no way communist. It's as capitalist as they come. They only thing "communist" about them is the name of the party in power. What's the similarity between the economic and political systems of the former USSR (along its 70 odd year life), Cuba (over the last 50 odd years), Vietnam since 1975, PRC since '49, North Korea since the '50s, and Romania, East Germany, and other Eastern European "Warsaw Bloc" countries when they were "communist"?
  Oh wait, fuck all. Apart from, most of the time, the party in power having the word "communist" in its name.
  Sure, there are many companies that are owned by the government in China. There are also a lot more that aren't. That's part of the reason you hear all these cases of people dying from contaminated milk products and the like. Capitalists making a killing. Saving money at any cost.
  Wikipedia (not a great source for most political ideas) says:
  
  The only communist state which still traditionally follows Marxist-Leninist doctrine and maintains a largely planned economy is Cuba, which describes itself as "a socialist state guided by ideas of Marx, Engels and Lenin and in transition to a communist society".
  
  --
  Appended to the end of comments you post. The maximum is 120 characters.
21. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 01:46 · Score: 0
  
  Except **AA isn't in the pocket of the PLA.
22. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 01:49 · Score: 3, Informative
  
  Except that, well, the government has COMPLETE and total control over every industry. The fact that they let SOME companies operate without direct everyday oversight in no way changes the fact that the government can, at any time, tell them to do something and they will do it. So, schmucky mcmoron, try not to convince people that the Chinese Government does not have control over these companies, when, in fact, they have complete control.
23. Re:We'd never do such a thing by zoom-ping · 2011-04-18 01:53 · Score: 1
  
  How about bonds for 1.1 trillion USD?
24. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 02:01 · Score: 0
  
  If my company's computers are any indication, yes.
  It wouldn't annoy me so much if people weren't still getting all sorts of nasty stuff. I've done my best to barricade my own computer to avoid contamination.
25. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 02:02 · Score: 0
  
  It's not a waste if it means you're not stuck cleaning the entire network because a powerpoint contained something else than cute puppies. You're fired.
26. Re:We'd never do such a thing by datapharmer · 2011-04-18 02:05 · Score: 1
  
  pretty sure you just defined "totalitarian" not communist, thereby affirming what the parent wrote...
  
  --
  Get a web developer
27. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 02:28 · Score: 0
  
  This shit is why I run open source. You will never know what crazy shit people can hide in proprietary software. If it runs shitty or not at all, at least it's not subversive. That it runs quite well is a bonus, but I'll never trust closed source. Not because I'm biased, but because it's simply not possible.
28. Re:We'd never do such a thing by dkleinsc · 2011-04-18 02:41 · Score: 2
  
  That's part of the reason you hear all these cases of people dying from contaminated milk products and the like. Capitalists making a killing. Saving money at any cost.
  Another way of thinking about this is that the modern-day Chinese capitalists are doing exactly what every other country's capitalists did regularly during their countries early industrial period. The British capitalist's abuses along the same lines (e.g. adulterated bread) was part of Karl Marx's evidence that pure capitalism necessarily led to suboptimal outcomes. The American capitalist's abuses along the same lines (e.g. sick cattle getting sold as premium beef) was vividly described by Upton Sinclair. The list goes on.
  
  --
  I am officially gone from /. Long live http://www.soylentnews.com/
29. Re:We'd never do such a thing by Moryath · 2011-04-18 02:43 · Score: 5, Insightful
  
  Antivirus programs are an important part of any sytem to protect you against virus infection. They work well against almost every virus.*
  *-more than a week old
  *-that hasn't already infected the system
  *-that doesn't exploit something in the system running lower level than the AV program
  *-that doesn't exploit some hole in the code of the AV program itself
  *-that doesn't successfully evade detection just-long-enough to shut down the AV program from behind
  *-that doesn't successfully exploit people via social engineering and scareware tactics
30. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 02:55 · Score: 0
  
  Although, it successfully refutes his claim that China is capitalist. A state controlled economy is just the opposite.
31. Re:We'd never do such a thing by FatGath · 2011-04-18 03:11 · Score: 1
  
  Right, because the US Government is owned by American companies.
32. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 03:19 · Score: 0
  
  Autocratic China has a clear history of such attempts.
  The US does not.
  Iran can blame the US, but Israel is the more likely culprit.
  For every person in the US GOV that would attempt to do such a thing there are two other people ready to tell on that person.
33. Re:We'd never do such a thing by djdanlib · 2011-04-18 03:26 · Score: 1
  
  +1 Unfortunately True
34. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 03:26 · Score: 0
  
  Nearly all of their large airliners and their engines are built here in the US of A or in Europe.
35. Re:We'd never do such a thing by ron_ivi · 2011-04-18 03:29 · Score: 2
  
  Occasionally we document it when we do, like the NSA back door in Lotus Notes: http://www.heise.de/tp/artikel/2/2898/1.html
  OTOH, sometimes we don't; like when we blew up the Soviet pipeline with software trojans: http://www.damninteresting.com/the-farewell-dossier
  But regarding Windows and this anti-virus software? C'mon - you can pretty much bet that every country in which Microsoft has software developers already has their own back doors (disguised as accidental security bugs). How else can you explain that OS having so many more QA resources than comparable scale OS's (linux, bsds, unixes, etc) but having so much worse a security reputation.
36. Re:We'd never do such a thing by z-j-y · 2011-04-18 03:52 · Score: 0
  
  Yes, there is huge difference between US gov and Chinese gov.
  You are a fag.
37. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 03:58 · Score: 0
  
  This shit is why I run open source.
  
  Yep, I, too, have inspected every line of source code in my Linux and OpenBSD installs.
38. Re:We'd never do such a thing by DNS-and-BIND · 2011-04-18 03:58 · Score: 3, Informative
  
  Bzzt wrong. China is still capital-C Communist. They just released their new Five-Year Plan, for Pete's sake. The difference is that after Mao died, Deng Xiaoping hijacked the people's revolution onto the capitalist road. For those of you who didn't go to university and hence weren't exposed to Marxism, "capitalist roaders" are a heresy of Communism. They still want to achieve socialism, but by the wrong methods. According to Mao, the Soviet Union suffered this fate after Stalin died.
  The Chinese government still directly controls huge swathes of the Chinese economy. Companies are owned by the state and operate for its benefit. Americans having trouble with this unfamiliar idea could perhaps think of Amtrak, or the conversion of General Motors into an arm of the federal government a few years ago. The baby milk scandals are due to a lack of enforcement mechanisms. In so many words, there are few laws and fewer inspectors. Moreover, Chinese culture places no value on people you don't know - they might as well not exist, so who cares if you poison them or not? This is how you get crowds of people standing around gawking at accident victims instead of rendering aid (first one to help has to pay the victim's hospital bills).
  Unfortunately, there are those out there to whom socialism is an unassailable holy concept, and when a communist country takes the capitalist road, an attempt is made to classify the whole shebang as EEEVIL in order to make capitalism look bad. It's like old Soviet documentaries about the United States that focused on the poor and homeless, in order reinforce the conclusion that was preordained anyway.
  
  --
  Shutting down free speech with violence isn't fighting fascism. It IS fascism!
39. Re:We'd never do such a thing by DarwinSurvivor · 2011-04-18 04:09 · Score: 1
  
  AHA, so black is my computer!!!
40. Re:We'd never do such a thing by linuxwolf69 · 2011-04-18 04:42 · Score: 1
  
  Pretty sure his point was that as a sysadmin, he only cares about the linux machines. He lets the "IT staff that does windows" handle windows A/V
41. Re:We'd never do such a thing by flyingkillerrobots · 2011-04-18 05:09 · Score: 1
  
  Yes. But that's not our problem.
  
  --
  "It is a good thing for an uneducated man to read books of quotations..." -Winston Churchill
42. Re:We'd never do such a thing by GameboyRMH · 2011-04-18 05:12 · Score: 2
  
  Well if /home is mounted noexec that's absolutely right. They can click on DancingBunnies.sh all they want.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
43. Re:We'd never do such a thing by ThePromenader · 2011-04-18 05:23 · Score: 1
  
  Except the RIIAA/MPAA is in the pocket of big government.
  No, the RIAA and the government are trying to get into each other's pockets - that's called a 'double half-reacharound'.
  
  --
  
  No, no sig. Really.
  
  ThePromenader
44. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 05:33 · Score: 0
  
  "when a communist country takes the capitalist road, an attempt is made to classify the whole shebang as EEEVIL in order to make capitalism look bad."
  It isn't difficult to make capitalism look bad. It's an obvious dead end. The final death throws being behavior like, exporting jobs, denying health care, endless foreign wars, corruption of news and information, poisoned food and environments, crumbling education, no investment in infrastructure, disenfranchisement of the middle class, massive profits for the top 0.05%, corporations that pay no tax ie. AMERICA
45. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 06:22 · Score: 0
  
  Let's see, ATT and Verizon handed over all the information the US government requested. Do we know how many other free, American companies have "freely" done the same and weren't "outed" by a loose-lipped engineer? It doen't take communism to get down and dirty. The road to hell is paved with good intentions.
46. Re:We'd never do such a thing by DNS-and-BIND · 2011-04-18 06:58 · Score: 1
  
  Funny, the death throes of capitalism have been preached since oh...about 1917 or so. To the barricades, comrades! Surely, communism won't kill 100,000,000 people in this century like it did last century. We'll get it right this time for sure!
  
  --
  Shutting down free speech with violence isn't fighting fascism. It IS fascism!
47. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 07:03 · Score: 1
  
  Said it before, and I'll say it again. China has been called "the world's first truly mature fascist state" (can't remember who said it, unfortunately).
  
  By that, I assume they mean Mussolini's original vision of fascism, where the interests of the state and of business were totally entwined. That, and other undeniably fascist leanings of the Chinese government in general.
  
  (To be fair, many "traditional" communist governments also exhibited similar tendencies, though it could be argued that "true" communism has never been implemented. I'd argue that "true" communism *can't* be implemented because it rests on a stupidly idealised view of human behaviour that requires fascist-like control to make people fit, totally subverting and destroying itself in the process- but that's something different altogether. China as it stands today isn't even "communist" by the flawed traditional measure).
48. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 07:12 · Score: 0
  
  Although, it successfully refutes his claim that China is capitalist. A state controlled economy is just the opposite.
  I'd disagree. Some versions of fascism have been defined- by the founder of fascism itself!- as a form of "state capitalism".
  
  The problem, I think, is that Americans assume that the other attributes that they generally associate with their version of capitalism- such as lack of state control- are inherent in the core definition of capitalism itself. They're not- just like it's assumed that liberty of the individual is an inherent part of "democracy" (and often treated as synonymous with the latter) when it certainly isn't. It's quite possible for democracy to result in the tyranny of the majority.
  
  At any rate, it's been argued that the capitalism == freedom and small state fallacy is partly why the US was happy to encourage China to become so economically powerful- they assumed that they'd become more free, democratic and like the West.
49. Re:We'd never do such a thing by Dogtanian · 2011-04-18 07:28 · Score: 1
  
  Yes, there is huge difference between US gov and Chinese gov.
  He didn't say that there wasn't. He said that the US government would probably take advantage of a similar opportunity, thats all.
  
  Of course, given the somewhat rudimentary level of your political insight...
  
  You are a fag.
  ...it's hardly surprising that you don't get that. :-)
  
  --
  "Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
50. Re:We'd never do such a thing by AK+Marc · 2011-04-18 07:39 · Score: 2
  
  AV *is* a backdoor. So I'm sure there's nothing wrong in the Huawei Symantec AV now. But if there were a war, then the next update would be a backdoor. And the updates are automatic by default and it'd have mostly trust by then (whether explicit trust, or trust by ignorance).
  
  --
  Learn to love Alaska
51. Re:We'd never do such a thing by praxis · 2011-04-18 08:08 · Score: 1
  
  That's not the point.
  The point is that when you have an active project with a shared repository that the world has read-access to and developers that constantly work with the code and hence look at changes made as they are made, then you would have to control or buy out every developer in order to sneak in a nefarious change. The odds of malicious code existing in an open environment as such are much lower than in a propriety closed-source environment.
52. Re:We'd never do such a thing by jc42 · 2011-04-18 08:26 · Score: 1
  
  Would the Chinese or other governments take the opportunity to create back doors into western IT networks? Wouldn't they be crazy not to?
  Would the US or other Western governments take the opportunity to create back doors into Chinese IT networks? Wouldn't they be crazy not to?
  Then there's the observation that the security folks have been making from the very beginning: If you are actually serious about computer security, you don't install any software unless you have the source and you've compiled it yourself. This especially applies to the security software itself, though it applies to everything installed on every machine.
  If your organization's security team is installing software from anything other than the source code, there are only two possible explanations: 1) They're incompetent; or 2) They understand that their job is "security theater" rather than actual security, and are acting appropriately to impress management without actually providing any added security over what your computers came with.
  When there's a real security team, it doesn't matter whether any government agency has imposed backdoors on the software. The security people will analyze the code, discover the backdoors, and close them. They are highly likely to do this by sharing the source with their colleagues in the general security community, to invoke the "many eyes" process and to keep each other up to date on what that vendor is foisting on their customers. They're also likely to have tools of their own that they don't tell anyone about, which is watching the installed software to catch it at mischief.
  (And, of course, there is also the famous Ken Thompson "Reflections on Trusting Trust" paper, which introduced the fun topic of whethert your compiler can be trusted to not introduce backdoors. And there's the added question of what's hiding in the firmware. Nobody ever said that real security is easy. ;-)
  
  --
  Those who do study history are doomed to stand helplessly by while everyone else repeats it.
53. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 08:50 · Score: 0
  
  At any rate, it's been argued that the capitalism == freedom and small state fallacy is partly why the US was happy to encourage China to become so economically powerful- they assumed that they'd become more free, democratic and like the West.
  It's sufficient to say the primary goal was to further foul the relationship between the USSR and China. The stuff about them maybe opening up came later, IMO.
54. Re:We'd never do such a thing by Anonymous Coward · 2011-04-18 09:19 · Score: 0
  
  It's sufficient to say the primary goal was to further foul the relationship between the USSR and China.
  Not really; if that was the case it would have ended with the fall of the USSR at the start of the Nineties, when in fact it ramped way up during that decade. At that point only cheap, bottom-of-the-range stuff was made in China. Nowdays, everything is.
55. Re:We'd never do such a thing by fibonacci8 · 2011-04-18 09:47 · Score: 1
  
  Only on Friday http://www.youtube.com/watch?v=CD2LRROpph0
  
  --
  Inheritance is the sincerest form of nepotism.
56. Re:We'd never do such a thing by guanxi · 2011-04-18 10:35 · Score: 1
  
  Are other governments crazy to use proprietary software from American companies, given that the US would be crazy not to use it to spy on them?
  Yes and intended to be an unavoidable conclusion. If you think it's hard for the US to secure systems, imagine if you're another gov't. What would you install? All FOSS (and after you review it all)?
57. Re:We'd never do such a thing by guanxi · 2011-04-18 10:42 · Score: 1
  
  At any rate, it's been argued that the capitalism == freedom and small state fallacy is partly why the US was happy to encourage China to become so economically powerful- they assumed that they'd become more free, democratic and like the West.
  You talk as if it's all over and written in the history books, but the story is ongoing. I see no reason why the people of China won't seize their liberty and self-determination from their authoritarian government like so many others have done. Even now, they advance it every day.
58. Re:We'd never do such a thing by guanxi · 2011-04-18 10:46 · Score: 1
  
  The US does not.
  We most certainly do. The government wouldn't be doing its job if it didn't, and we do also have done many well-documented things that weren't part of the job, unfortunately.
59. Re:We'd never do such a thing by CastrTroy · 2011-04-18 12:39 · Score: 1
  
  what if the instructions on the website tell them to open a command prompt and type
  
  sh DancingBunnings.sh
  
  Many people are stupid enough to do it if you promise they'll see something funny.
  
  --
  
  Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
60. Re:We'd never do such a thing by arth1 · 2011-04-18 15:27 · Score: 1
  
  Compiling is a good example.
  As for "is a little protection really worth losing", there is NO protection at all. None.
  AV programs for Linux only detect Windows viruses (and two old concept viruses and a worm that are so old that they don't even work on modern Linux systems). Nothing else. Nada.
  Some of them are even worse than nothing, in that they will classify perfectly legal and standard Linux software like netcat, cracklib and telnet(!) as malware and try to delete them.
  AV sortware for Linux can be useful on e-mail and file servers where Windows users have access, but on a Linux workstation, they're utterly pointless.
  As an AV software author, I say this with some authority.
61. Re:We'd never do such a thing by Anonymous Coward · 2011-04-19 00:27 · Score: 0
  
  Terrrible product couldnt deal heavy I/O when it crashed after a week suddenly...
  Never again Symantec.. even comodo freeware is better
62. Re:We'd never do such a thing by GameboyRMH · 2011-04-19 00:45 · Score: 1
  
  What will happen is the user will most likely say "durr wut is command prompt?"
  To do that they'd have to place DancingBunnies in the correct location, open a terminal, and run that command with correct capitalization. How many users would be able to do that?
  The ability to run scripts with sh/bash is a vulnerability though. Hopefully like WINE it will soon perform checks to make sure it isn't executing something that it shouldn't.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
Yet another reason by Anonymous Coward · 2011-04-18 00:13 · Score: 1, Interesting

NOT to have anything to do with Symantec. Besides the products being over-bloated and under-performing now consumers need to worry about being part of the Chinese anti-American fight?
No thank you.
1. Re:Yet another reason by Anonymous Coward · 2011-04-18 00:42 · Score: 0
  
  Chinese anti-American fight? Reading slashdot, and now this story again, it looks like it's American anti-Chinese fight...
2. Re:Yet another reason by betterunixthanunix · 2011-04-18 00:55 · Score: 1
  
  ...because things were different when the FBI was pressuring Symantec to deliberately whitelist FBI viruses and malware?
  
  --
  Palm trees and 8
3. Re:Yet another reason by Anonymous Coward · 2011-04-18 02:09 · Score: 0
  
  Honestly? I'm a little more afraid of China's hackers than the FBI's.
Probably by Moderator · 2011-04-18 00:14 · Score: 2, Interesting

"Would the Chinese or other governments take the opportunity to create back doors into western IT networks? Wouldn't they be crazy not to?"
Yeah, but it's probably happening at layer 2 and 3, since a lot of American networks are being offshored to Japan who in turn hires the cheapest third country nationals (Chinese CCNA's) to administrate. Add this to the fact that there is a lot of counterfeiting of Cisco hardware anyway, and there's no reason to hide a backdoor in plain site within an AntiVirus program.

--
The World is Yours.
1. Re:Probably by w0mprat · 2011-04-18 08:53 · Score: 1
  
  But it's so easy to hide a backdoor in plain sight you might as well not called it plain sight.
  
  http://underhanded.xcott.com/
  
  It's possible to have code that looks and even functions innocently but does something nasty. You can bet this is the technique used. If discovered, it just looks like a regular vulnerability - a coding mistake.
  
  --
  After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
I don't think Symantec would risk treason by Anonymous Coward · 2011-04-18 00:16 · Score: 0

If a Chinese government sponsored back door was found in a product sold domestically by Symantec then their corporate officers would face treason charges. I don't think they are that stupid.
1. Re:I don't think Symantec would risk treason by Spad · 2011-04-18 00:17 · Score: 2
  
  I don't think they are that stupid
  You've obviously never used Symantec's products...
2. Re:I don't think Symantec would risk treason by geekmux · 2011-04-18 01:17 · Score: 0
  
  If a Chinese government sponsored back door was found in a product sold domestically by Symantec then their corporate officers would face treason charges. I don't think they are that stupid.
  Yes, Symantec may in fact be that "stupid", but not because they fear treason, but because they don't fear anyone actually going through with it. We couldn't even impeach Clinton when he tried to redefine what "sex" is for an entire (now sexually corrupt) generation of kids watching him commit adultery, you actually think we're going to go after someone for an act of treason? We're far too busy calling US Citizens "terrorists" these days because they're patriotic enough to fly the US flag and belong to a tea party. Treason? Please.
3. Re:I don't think Symantec would risk treason by Anonymous Coward · 2011-04-18 01:41 · Score: 0
  
  Good luck proving that. Would the backdoor have in some comments the Mandarin symbols for "Yos, this is for the Chinese only, ya yanks keep out!"
  There could be a backdoor as wide as the Goatse guy, and if it got found, Symantec might take some bad press for a day or so, but it would be quickly forgotten about.
4. Re:I don't think Symantec would risk treason by Anonymous Coward · 2011-04-18 02:15 · Score: 0
  
  Your biggest concern about the country is that someone who was president over a decade ago had sex out of wedlock? You're funny! You also apparently don't understand the political background to that entire fiasco - right or wrong, it arose from depositions resulting from investigations by Kenneth Starr. Of course Kenneth Starr couldn't prove any wrongdoing by Clinton in the "Whitewater" investigation for which he was charged with conducting, so instead he took the low road and asked about Clinton's sex life, which had what to do with real estate? Not to justify Clinton's actions, but that entire thing was a circus and certainly not the worst thing even Clinton did during his presidency. Want to look at some really ugly stuff? How about Kosovo, NAFTA, or the Salvage Logging Rider. If none of that bothers you more than someone getting a blow job you should get your pulse checked. Oh, and what did all that have to do with Symantec? ....pretty sure Symantec is not an elected official.
5. Re:I don't think Symantec would risk treason by geekmux · 2011-04-19 03:25 · Score: 1
  
  Nice. You completely missed my point. From what I've seen out of our Government over the last couple of decades, a lot of elected officials (up to and including the President) have pulled bullshit that would have not only gotten the average man fired, but probably also facing criminal charges and jail time, and yet they get away with it and continue to act in this manner of sheer arrogance. Why you ask? It's simple. Threats don't mean shit unless someone has the balls to ACT upon them.
  The entire point here is don't sit here and throw around words like "treason" unless someone out there is prepared to ACT upon it. From what I've seen, "treason" and "impeachment" are probably two words that should be removed from the dictionary, because they sure as shit don't mean anything in our legal system anymore, especially for those who are "too big to fail".
Does Symantec even work? by Anonymous Coward · 2011-04-18 00:16 · Score: 1

I mean, we use it here but honestly...it's mostly for show and doing little things. It's the stuff on the backend and decent architecture that makes things work.
1. Re:Does Symantec even work? by mevets · 2011-04-18 01:03 · Score: 0
  
  With a decent architecture, you don't need Symantec.
I don'tt have an "antivirus" by Eunuchswear · 2011-04-18 00:18 · Score: 2, Funny

Why would I need one?
If I did need such a bizzare thing how on earth could it be made to work?

--
Watch this Heartland Institute video
1. Re:I don'tt have an "antivirus" by koolfy · 2011-04-18 00:37 · Score: 1
  
  Maybe it would be like something that checks if the file you downloaded comes from a trusted platform, maybe do checksums..
  
  Something clever enough to understand the context from which the file comes from, and give it only as much privileges as it deserves/needs.
  
  Something that could understand the risk of a proprietary software, "trusted" or not, in critical parts of the system, and the benefits of an opensource one.
  Maybe even, if it's clever enough analyse its traffic and source code, but that's a lot to ask, and it may simply rely on other, more competent and independent, neutral entities to spot backdoors in the code/protocol.
  
  Something like... the user ?
  
  --
  Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.
2. Re:I don'tt have an "antivirus" by Anonymous Coward · 2011-04-18 00:47 · Score: 1
  
  Blaming the user for being an idiot is like blaming the sky for raining, or the earth for quaking. It's part of the natural landscape, and while no engineering solution is perfect, you can do better than point your finger and scream shrilly "it's not my fault, you should have read the manual!"
3. Re:I don'tt have an "antivirus" by HopeOS · 2011-04-18 01:03 · Score: 0
  
  Ditto on the antivirus. But with regard to your sig... given Ayn Rand's philosophical bent, that may well be the exact dollar amount that she paid into it. (Also, citation need.) --Hope
4. Re:I don'tt have an "antivirus" by Eunuchswear · 2011-04-18 01:08 · Score: 1
  
  But I obviously do need a speel chequer.
  
  --
  Watch this Heartland Institute video
5. Re:I don'tt have an "antivirus" by datapharmer · 2011-04-18 02:41 · Score: 1
  
  or IDPS
  
  --
  Get a web developer
6. Re:I don'tt have an "antivirus" by smithmc · 2011-04-19 05:07 · Score: 1
  
  Between December 1974 and her death in March 1982, Ayn Rand collected a total of $11,002 in Social Security payments.
  And why shouldn't she? She paid into the system (and probably quite a bit more than $11K); wasn't she entitled to get it back?
  
  --
  Downmodding is the refuge of the weak. Don't downmod, make a better argument!
ClamAV, Open Source Antivirus by Compaqt · 2011-04-18 00:19 · Score: 2, Insightful

OK, the usual caveats apply about logic bombs hidden in open source, but still, at least when the source is open you have a fighting chance at discerning a backdoor.
http://www.clamav.net/lang/en/
There's a Windows version, too (Immunet):
http://www.clamav.net/lang/en/about/win32/

--
I'm not a lawyer, but I play one on the Internet. Blog
1. Re:ClamAV, Open Source Antivirus by Anonymous Coward · 2011-04-18 00:35 · Score: 0
  
  Yeah, but its mainly built to stop the odd windows virus going through an email system. Its not that great at stopping viruses on an actual end user machine...
2. Re:ClamAV, Open Source Antivirus by rbrausse · 2011-04-18 00:39 · Score: 4, Informative
  
  But ClamAV is one of the worst engines out there. If one need's an antivirus tool (it would be a fair point to call all of them snake oil) use a package with a higher detection rate.
3. Re:ClamAV, Open Source Antivirus by hitmark · 2011-04-18 00:49 · Score: 1
  
  What about false positives? Or having the audacity to report a simple ad cookie multiple times to inflate the detection hit counter?
  
  --
  comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
4. Re:ClamAV, Open Source Antivirus by JasterBobaMereel · 2011-04-18 00:51 · Score: 1
  
  Anti-Virus
  - Spots only known viruses ... meaning that new viruses, i.e the ones you are most likley to see, get through
  - Spots known virus like activity.... meaning will cause false alarms, whilst letting viruses using new expoits through
  It's much better to make it difficult or impossible for people to run random software sent to them ... rather than make this commonplace
  Logic bombs in Open-Source - are very hard to do (and not be easily seen), and could just as easily be in closed source ...
  
  --
  Puteulanus fenestra mortis
5. Re:ClamAV, Open Source Antivirus by Anonymous Coward · 2011-04-18 01:01 · Score: 0
  
  > It's much better to make it difficult or impossible for people
  > to run random software sent to them
  Random software? Software selected through a non-deterministic process?
  ITYM arbitrary software. Someone somewhere made a choice to select it.
6. Re:ClamAV, Open Source Antivirus by rbrausse · 2011-04-18 01:08 · Score: 1
  
  What about false positives?
  do you remember 9/1?
7. Re:ClamAV, Open Source Antivirus by hitmark · 2011-04-18 01:28 · Score: 1
  
  Heh, i was mostly aiming it at the "higher detection rate" AV packages where the detection rate ends up being inflated by false positives and over-reporting "threats" that are more annoyances that have gotten news media coverage...
  
  --
  comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
8. Re:ClamAV, Open Source Antivirus by Compaqt · 2011-04-18 01:28 · Score: 1
  
  Well, I'm not necessarily claiming it's the best. But it does allow you to inspect the code to look for a backdoor.
  Some might find this handy:
  59 Open Source Tools That Can Replace Popular Security Software
  
  --
  I'm not a lawyer, but I play one on the Internet. Blog
9. Re:ClamAV, Open Source Antivirus by npsimons · 2011-04-18 03:03 · Score: 1
  
  But ClamAV is one of the worst engines out there.
  I see this claim all the time, and I always have to wonder: what evidence is there for this claim?
  
  If one need's an antivirus tool (it would be a fair point to call all of them snake oil) use a package with a higher detection rate.
  Really? Please name a few, or even just one, that a) are open source, b) don't consume resources like the machine is some dedicated virus scanning box and c) can easily be integrated to any mail server (at a minimum they have to not require a GUI and run on Linux/BSD).
  
  --
  Nathan's blog
10. Re:ClamAV, Open Source Antivirus by Anonymous Coward · 2011-04-18 03:31 · Score: 0
  
  Odd. When I pass known viruses to virustotal.com, ClamAV seems about as likely to score a hit as any of the big boys.
  Granted, of the past few serious bits of malware I've found, cleaned up, and fed to virustotal, typically only a third of the engines responded, and quite often Symantec, McAfee, Microsoft etc were failing.
11. Re:ClamAV, Open Source Antivirus by Anonymous Coward · 2011-04-18 03:31 · Score: 0
  
  But ClamAV is one of the worst engines out there.
  I see this claim all the time, and I always have to wonder: what evidence is there for this claim?
  I'll give you the best form of evidence - anecdotal :). I used to work in the virus research lab of a major anti-virus firm. All virus samples received by us were scanned by a large range of products automatically to aid research. We kept Clam in because it didn't use much in the way of resources, but it was next to useless for detecting stuff compared to the big boys.
12. Re:ClamAV, Open Source Antivirus by npsimons · 2011-04-18 03:46 · Score: 1
  
  I'll give you the best form of evidence - anecdotal :). I used to work in the virus research lab of a major anti-virus firm. All virus samples received by us were scanned by a large range of products automatically to aid research. We kept Clam in because it didn't use much in the way of resources, but it was next to useless for detecting stuff compared to the big boys.
  I've always wondered why this is. Why don't more people submit viruses when they find them, even if with other tools? Even if you argue that people aren't paid to, I'm sure *some* sysadmins somewhere would like to not have to deal with a virus again, and therefore would submit it for inclusion in the clam database.
  One thing that does bother me, though, is that ClamWin only offers the choices to delete or quarantine a virus, not remove it from a file.
  
  --
  Nathan's blog
13. Re:ClamAV, Open Source Antivirus by rbrausse · 2011-04-18 04:25 · Score: 1
  
  But ClamAV is one of the worst engines out there.
  I see this claim all the time, and I always have to wonder: what evidence is there for this claim?
  okay, according to Shadowserver somewhere in the middle
  
  If one need's an antivirus tool (it would be a fair point to call all of them snake oil) use a package with a higher detection rate.
  Really? Please name a few, or even just one, that a) are open source, b) don't consume resources like the machine is some dedicated virus scanning box and c) can easily be integrated to any mail server (at a minimum they have to not require a GUI and run on Linux/BSD).
  a) only clam, I wasn't aware that open source is a prerequisite for using software
  b)/c) I used trendmicro on mail gateways, usable without X11 and with a quite small resource foot print
14. Re:ClamAV, Open Source Antivirus by npsimons · 2011-04-18 05:49 · Score: 1
  
  a) only clam, I wasn't aware that open source is a prerequisite for using software
  Okay, maybe not required, but I have a very strong preference for software I can check for back doors.
  
  b)/c) I used trendmicro on mail gateways, usable without X11 and with a quite small resource foot print
  I was honestly curious about what people recommend for AV, as it's something I'm not really familiar with. I'll have to look into trendmicro, thanks!
  
  --
  Nathan's blog
15. Re:ClamAV, Open Source Antivirus by rbrausse · 2011-04-18 06:18 · Score: 1
  
  as a side note: I used this product as of company policies. If you're free to choose other vendors take a look at F-Secure and Kaspersky, too. I never had them running in real-world environments but both are nice (CAVE: I installed them only on test systems) and widely used.
GE and Westinghouse Broadcasting by retroworks · 2011-04-18 00:20 · Score: 1

And we thought we had the edge, with our own military industrial complex producing TV sitcoms.

--
Gently reply
a little paranoid? by Simulant · 2011-04-18 00:20 · Score: 1

Seems like there are already plenty of reasons to avoid Symantec. Just sayin'....
Instead of back doors... by geobeck · 2011-04-18 00:22 · Score: 4, Funny

Why not just make Symantec products such bloated resource hogs they slow down western computers, reducing US productivity as workers wait for their cursor to follow every mouse movement?
Um... How long has Symantec had ties to China?

--
Find environmentally and socially responsible products on http://buy-right.net
My First reaction is... by Fallen+Andy · 2011-04-18 00:26 · Score: 4, Insightful

Holy Fuck ....
I don't often say that, being a polite englishman, but - so many of the USB telecoms dongles using UMTS/HSPA are *made* by Huawei (here in Greece from last night, the WIND dongle i was using ...)
But after a moments thought, how would i be reassured if it was U.S. manufactured? or indeed anywhere else?
Chill out dudes - most of what you see is manufactured by 4-5 manufacturers with names like FoxConn, Compal etc...
...and conspiracy theories aside, I personally see the Chinese as being 21st century versions of what happened in my own country in the 19th...
Mind the alligators and have a nice day
Andy
1. Re:My First reaction is... by JasterBobaMereel · 2011-04-18 00:52 · Score: 4, Insightful
  
  Made in China - checked by the NSA, found to be clean
  Made in the USA - checked by the NSA, backdoor working correctly ...
  
  --
  Puteulanus fenestra mortis
2. Re:My First reaction is... by dbIII · 2011-04-18 01:35 · Score: 2
  
  Also guys remember that the aeroplane you flew in some time ago was made by a company with very close ties to the US military. In other words "close ties to military" really means buggerall in some cases and this looks like one of them.
Witch-hunt by DNS-and-BIND · 2011-04-18 00:27 · Score: 4, Insightful

I am shocked to see such jingoism on Slashdot. Just look at the summary, it drips with a false "us/them" mentality. On one side, the side of goodness and light, "the West" (whatever that means) and on the other side, "the Other", which takes the form of the main villain of the 21st century, those scary Chinese. It is simply assumed that "the Chinese" will sabotage any network they come in contact with...because...well, because uh...why, exactly? It's just the Western mindset of "everyone is always out to get us" that requires the creation of these scarecrows. Much like the McCarthy witch-hunt, this is going in search of a scary monster that doesn't exist. There was no WMD in Iraq, there were no communists in the State Department, and the Chinese are not out to get us. The parallels between these situations are eerily similar.

--
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
1. Re:Witch-hunt by erroneus · 2011-04-18 00:45 · Score: 1
  
  Yes. The USA no longer wears a white hat and as it turns it, never really did. But the Chinese are slightly more evil. They have an established reputation for luring companies (like Symantec) into business deals and then after getting what they wanted, cut ties and go out on their own. This has happened more times than can be counted starting with seizures of manufacturing facilities of companies that were previously invited into China to set up shop there and moving on to various technologies most notably high speed rail. Soon we will see a competing Chinese airliner based in no small part on technologies it will steal from Boeing.
  And the fact that nearly everything is being made in China anyway, it should be of little surprise to see "knock-offs" of the same quality and design of the popular brands of everything... it happens a LOT already.
2. Re:Witch-hunt by ti1ion · 2011-04-18 01:11 · Score: 4, Insightful
  
  So, why exactly is the parent comment moderated as a "troll?" It only points out the obvious! Oh, wait, it's the mock sarcasm, that must be it. Although, perhaps the author genuinely felt that this "sophisticated" tech audience, that delights in ripping apart knee-jerk statements/policies on other topics, would so easily join the herd on this ridiculous topic.
  Upon reading the summary, my first thought was writing "Oh no! The Chinese! The Chinese! Protect your wives and daughters against the Chinese!" What a bunch of nonsense.
  American corporations have been making and selling computer software for decades -- how many here are worried about government bugs in that software? Should the Chinese buy US made software? How about the Russians, or anyone else? How is it that Windows has 90% percent market share all over the world and governments are not screaming to have it removed? Talk about an opportunity to install secret access! And, if we assume the US government *has* been installing secret bits into US made software, what makes the US (from a foreigner's perspective) any better than China?
  And the most amusing thing about this is that it was the US that pushed, and pushed hard, to open China to US trade. When Nixon made his trip to China, it was historic. So, after opening Pandora's Box, the US desperately wants to close it. Got it. Nothing shows decline like trading confidence for fear.
  That's right, the Chinese are coming to get you. And you know what, you are so stupid (look at your education system!) that you wouldn't even be able to figure it out! That's what this story indicates to me. Forget actually having the knowledge and integrity to prove something, we'll just go on accusations. After all, everyone knows Linux is made by/for Communists and is anti-American. It's also full of security holes and opens the user up to all sorts of expensive lawsuits because those Linux Commies stole code from the good, America loving, closed-source corporations that only have the end user's best interests in mind when creating exceptional software.
3. Re:Witch-hunt by TheRaven64 · 2011-04-18 01:12 · Score: 4, Insightful
  
  It is simply assumed that "the Chinese" will sabotage any network they come in contact with...because...well, because uh...why, exactly? It's just the Western mindset of "everyone is always out to get us" that requires the creation of these scarecrows.
  Because we've learned from history? It used to be that people flying to France on business were advised not to discuss anything commercially sensitive on their flights - Air France had a habit of allowing bugging of the business class seats and commercial information was passed on to other French companies. We almost certainly did the same thing on British Airways flights, although we seemed to be better at not getting caught.
  Inserting back doors into networks is just the next step in this same approach. We assume that they're doing it, because we've been doing it for the last few decades and it would be surprising if any country that had the capability to do so didn't.
  
  --
  I am TheRaven on Soylent News
4. Re:Witch-hunt by Anonymous Coward · 2011-04-18 01:30 · Score: 0
  
  And the US sends in troops to help with X crisis and never leave.
  Both countries can be dicks.
5. Re:Witch-hunt by Anonymous Coward · 2011-04-18 01:32 · Score: 0
  
  And the USA is not copying foreign technologies with Echelon
6. Re:Witch-hunt by Anonymous Coward · 2011-04-18 01:38 · Score: 0
  
  Short answer. The US does this, so we assume that other countries do as well. It's a good heuristic, that has worked for us in the past.
  Actually, among the cloak and dagger sort, you always assume your adversary has slightly more capability than you do.
7. Re:Witch-hunt by Dr_Barnowl · 2011-04-18 01:43 · Score: 1
  
  They have an established reputation for luring companies into business deals and then after getting what they wanted, cut ties and go out on their own.
  Like Microsoft? Seriously, the above could refer to any cut-throat capitalist enterprise.
  What people are really ticked off about is that the Chinese have learned all our dirty tricks, which just doesn't seem fair to, after we generously sent them all our manufacturing capacity n'all.
8. Re:Witch-hunt by Inda · 2011-04-18 01:46 · Score: 1
  
  "The West" from where I'm sitting means: USA.
  
  There is not a hatered of the Chinese in the UK. Most of us have enjoyed their cheap shit over the past ten years and their food is lovely.
  
  The USA needs an enemy to feel important. When they work out that they are the enemy, the world will be a better place.
  
  --
  This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
9. Re:Witch-hunt by KnownIssues · 2011-04-18 01:49 · Score: 3, Interesting
  
  Cold War II. Now that we can't rely on the Soviet Union to instill fear and hate and competition in us, we've had to find the next imaginary (or at least, self-created) threat. If the Chinese are a "threat" to anything it's our imagined political and economic importance in the world. In that sense, the threat might be real. Rather than convince ourselves that we will maintain our position by virtue of being more ethically pure than them, perhaps we should focus on improving our own economic and political position.
10. Re:Witch-hunt by Anonymous Coward · 2011-04-18 02:03 · Score: 1
  
  I am so frustrated with people who don't realize it's us vs them. BECAUSE IT IS. They want our jobs, our way of life, etc, and they'll do everything they can to get there. And they DON"T CARE if it takes the way we currently live away from us. I don't begrudge them that desire. What I begrudge is us HELPING THEM! Why are we helping a direct competitor? WHY!? I hear all the time that I have to look out for other people, look out for someone else. I want to look after Americans first. If it's good for us, then we can do it, and if it helps other people so much the better.
11. Re:Witch-hunt by erroneus · 2011-04-18 02:15 · Score: 1
  
  They should have patented the dirty tricks.
12. Re:Witch-hunt by Anonymous Coward · 2011-04-18 03:00 · Score: 0
  
  ...there were no communists in the State Department...
  Right. Now they're in all branches of the US government.
13. Re:Witch-hunt by Anonymous Coward · 2011-04-18 03:09 · Score: 2, Informative
  
  Hate to say it, but you'll need to check some facts.
  China is an autocratic state- as a result they have hands in the corporate boardroom of any business that operates there- which results in a scenario where the possibility of "sabotaged" gear not only possible, but likely. False Us vs Them mentality?? I can point to a scary number of hacks against American and South Korean interests which have been traced roughly to China and North Korea. Hell, China has an entire military division that devotes itself to web-warfare- just check out the most recent Janes edition....
  So- hate to burst your bubble- but they are infact out to get us. They just deny it with a smile.
14. Re:Witch-hunt by Anonymous Coward · 2011-04-18 04:03 · Score: 0
  
  Newsflash: they often do steal trade secrets.
15. Re:Witch-hunt by nmosfet · 2011-04-18 07:10 · Score: 1
  
  They want our jobs, our way of life, etc, and they'll do everything they can to get there. And they DON"T CARE if it takes the way we currently live away from us.
  
  Let me get this straight, you think that you are entitled to the "western lifestyle" and that no one is allowed to take that away from you even if they worked to get it? Are you racist by any chance or just psychotic?
  Also, everyone else in the world wants the "western lifestyle" (which isn't even a strictly limited resource; there are reource limitations that come into play in very limited aspects but it is generally worked around by, and even promotes innovation, like right now what is going on with electric cars and alternative energy; improvements in quality of living over there will also allow more minds to work on the problems in society, but i digress). That is why people immigrate here. Do you hate all non americans?
  
  Why are we helping a direct competitor?
  I take it you don't understand economics. US does hundreds of billions of dollars of trade with China both ways. They sell stuff to us, we sell stuff to them. By buying stuff from them, we not only get inexpensively produced items, we increase the buying power there, allowing them to buy more of our products (esp high end products like Apple), and hence increases revenues of US corporations and jobs over here. Similarily, the Chinese also want us to have jobs and more spending power as it increases the amount of stuff we would buy from them. Trade increases the standards of living for both parties involved.
16. Re:Witch-hunt by nmosfet · 2011-04-18 07:22 · Score: 1
  
  they tried but we had prior art
17. Re:Witch-hunt by AK+Marc · 2011-04-18 07:49 · Score: 1
  
  The US needs a villain. Politics only works when we have someone to agree to fight. Whether the Irish, the Jews (wait, that was another country), the Japanese, the Mexicans, the Blacks, the Russians, the Muslims, the Chinese, etc. We have to hate someone. You can't get votes from happy people. You only get votes from scared or angry people (better both). So everyone with power in the US requires we hate someone to keep their power.
  
  So it isn't racism or such, as much as rabid insane nationalism pushed by everyone with any power in the US. Nationalism is the worst quality in the US right now. It blinds us to the solutions others already employ. It pushes us to irrational fear and hatred. And it keeps us placated for those in power to continue to hold their power.
  
  --
  Learn to love Alaska
18. Re:Witch-hunt by AK+Marc · 2011-04-18 08:00 · Score: 1
  
  I like the western lifestyle. That's why I left the US. Let's see how western the lifestyle is in the US in 15 years when 50% of the budget and rising is debt service.
  
  --
  Learn to love Alaska
19. Re:Witch-hunt by Anonymous Coward · 2011-04-18 08:08 · Score: 0
  
  Actually, the virtue of being ethically pure does have a lot to do with improving both economic and political position in the world, because both involves dealing with people and trust is a significant component.
  Of course it has to be valued at more than just superficial levels. An attitude of fear and rejection without solid ground does not necessarily justify one's own 'ethnic purity', nor does it do much other real good.
20. Re:Witch-hunt by Anonymous Coward · 2011-04-18 09:37 · Score: 0
  
  Okay, I used to think like this and I would like to think like this still. But you have to understand that the Chinese GOVERNMENT is still actively repressing its people in order to maintain control (look at recent news articles about the reaction to the Japanese disaster). The US and China are not on the same level of conspiratorial evil. They are still "them" until their people have freedom of speech, right to a fair trial, etc...
21. Re:Witch-hunt by guanxi · 2011-04-18 11:29 · Score: 1
  
  As the author of the post, I'm glad someone raised this point, but either you didn't read the last sentence or it didn't have the effect (on you) that I intended.
  I'm aware of some anti-Chinese sentiment in the US (and from what I understand, it goes both ways), to which I'm strongly opposed -- it's not only ignorant, it's illiberal and unfair to the people of China, who deserve just as much as anyone else, and it leads to dangerous political decisions. It's also true that the Chinese government and possibly others in China have a pretty well-documented reputation for aggressive IT espionage, and several diverse, credible sources connect Huawei to the PLA.
  I hoped people would first be seized by the implications of Symantec's (indirect) relationship with the Chinese gov't, which are real and serious (but read on before you object). Perhaps I even meant to provoke a little. But I hoped that the last sentence would make people reconsider and that the more jingoistic their response, the more of a non-sequitur it would seem and the bigger its impact:
  Wouldn't they be crazy not to? That's not a question of good or evil, but of smarts and pragmatism. And you can't avoid the thought that if it's smart and pragmatic for the Chinese gov't, it's the same for others. And we know well that other gov'ts indeed do similar things, so are the Chinese wrong? It's pragmatism, not evil. I also hoped it would raise the question of just how widespread these threats are; how can anyone secure anything without completely DIY IT (which is impossibly expensive)?
  I think both issues are central questions of the day.
22. Re:Witch-hunt by Anonymous Coward · 2011-04-18 23:24 · Score: 0
  
  Being all politically correct is nice and all, but seriously? The article is about security software; you would be a fool to use security made by your competition, no matter the circumstance. You assume that the US fear sabotage, but in actuality, the fear is espionage. China has massive manpower and increasing infrastructure, the US seems to be declining in both areas. What is keeping the gap? All the trade secrets, process techniques, etc built up over years of experience.
  To put it another way, say we both own bakeries and I had the best house special signature pie. If you offered to rent me a safe to keep my secret recipe safe, would you really expect me to take you up on that offer?
  The Chinese aren't out there to get "us", but "their" industrial expansion will make life difficult if we don't stay on top of our game.
Re:Chi.comz fav back-door by ThunderBird89 · 2011-04-18 00:27 · Score: 1

[...] unkil Wong has a pheasant for you ....
How did you prepare it? I like mine with cranberry sauce and mashed potatoes.

--
Hyperbole: I use it liberally!
I can still access the tiananmen square wiki page by Drakkenmensch · 2011-04-18 00:27 · Score: 2, Funny

So I'm gonna guess mine isn't.
Prejudice by RyanFenton · 2011-04-18 00:30 · Score: 2, Interesting

Presumed dishonorability = prejudice.
In know we tend to always paint our current perceived rivals as THE MOST EVIL THING EVAR, but China is pretty much the same thing as most groups of people - some corrupt, some fairly virtuous and kind to their fellow human beings, and a whole lot of mix in between.
China has had a lot of revolutions and shifts - and as their demographics continue to change, they're in the middle of several now, and they'll have more. Pretending that they're just bogey-men isn't going to help anything, or improve those shifts in anyone's favor.
Judgements with reason and evidence can be fair... but conjecture and prejudice aren't helpful.
Ryan Fenton
1. Re:Prejudice by HungryHobo · 2011-04-18 00:58 · Score: 1
  
  I'd be very surprised if there aren't back doors into US made systems, hell wasn't there a crypto scheme a while back which was being pushed by the US government where it turned out that due to a relationship between 2 numbers in the spec there could be a master key which could only be known by whoever wrote them into the spec.
  I view it as stabilising, nothing like lots of trade and owing each other money to keep everyone smiling and not shooting, shooting your debtors is bad for business.
  Both sides having back doors into the others secrets just makes sure they're not worried the other is planning to attack them.
  It does surprise me how racist and protectionist many slashdot posters are. They're terrified of losing their job to someone abroad who's more competent so they've convinced themselves that the Chinese are incompetent and that it's (somehow)morally wrong for anyone but pure blooded Americans to get good jobs.
2. Re:Prejudice by bedwards · 2011-04-18 00:58 · Score: 1
  
  Presumed dishonorability = worst case scenario? The article is in a way right, but singling out the Chinese is prejudice. The article could just as easily end with;
  Wouldn't the Indian software developer be crazy not to put in a back door?
  Wouldn't the low - paid US code monkey be crazy not to give details of his work if paid enough?
  A good security regime assumes everyone possesses limitless dishonesty and incompetence without prejudice. To give a pretty minimal chance of data theft a security regime has to prevent data from ever leaving the site. That means packet monitoring firewalls that disallow anything that is not plain-text HTML into the cloud, no tele-commuting, no printers, operating systems loaded onto ROMs that do not allow code execution full stop, and modified PCs fitted with case alarms, no drives, and the USB connectors removed from the motherboards. That would do for a start
3. Re:Prejudice by Stradivarius · 2011-04-18 03:45 · Score: 2
  
  Presumed dishonorability = prejudice.
  The worry about Chinese espionage is not prejudice.
  First, nobody's presuming dishonorability. They're presuming that nation-states will do what they have always done, whether from the West or East, which is espionage. There's a long history, even among supposed Western allies like the French and the US, or the US and Israel, of spying on each other. The spying isn't always for strictly "national security" concerns either, it has also included economic espionage performed to advantage companies from the spying country.
  Second, if you consider espionage dishonorable; given that every nation does it, that would make all nations "dishonorable", in which case worrying about it isn't prejudice against any particular player, it's just reality.
  Re: the Chinese in particular... if countries where industry is privately-owned do economic espionage, do we really expect that a country where the major industries are state-owned would not? Especially given the enormous advantage it would provide over having to invent technologies the hard way? Do we think the Chinese would worry less about their national security concerns than we do about ours? Would not backdoors in foreign equipment be a potent countermeasure in the event of military conflict?
  Do the Chinese get a disproportionate share of media attention for espionage? Probably - it's not like the other world powers have stopped doing these sorts of things. Media attention tends to go in fads, and the incredible rate of economic growth the Chinese have had in recent years has brought a lot of attention. But it doesn't mean the threat isn't real.
4. Re:Prejudice by Anonymous Coward · 2011-04-18 04:17 · Score: 0
  
  China is much worse in this respect than any other country I can think of. I read many reports of foreigners working in China who'd come to work one day just to see their desktops neatly stacked in the corner of the room - the hard drive copying took too long that night and "they" didn't have enough time to return everything back in place.
  A friend of mine, whose company has business there, was warned to never put anything on his laptop he doesn't want to share with Chinese.
  Of course you can say "this is racism" and "why should we trust the US/British/Japanese/whatever made product" - and this is all good and valid points - but the truth is, Chinese industrial espionage is rampant. Just recall the Google debacle not too long ago. Also, even the goods produced domestically under their own brand names are often direct copies of competing Western and Japanese products.
5. Re:Prejudice by AK+Marc · 2011-04-18 08:04 · Score: 1
  
  They're terrified of losing their job to someone abroad who's more competent
  Competency isn't in question. I'm sure that in billions of Chinese, there's someone more competent than me. The issue is whether they are cheaper. And yes, for what I do, I'm sure they are cheaper, but there's value lost in having to have them telecommute. So where's the overall value land? Right now, I'm a better value. But that may change. Even if they were less competent, at some point they could be cheap enough that they'd be preferable to me. It's not a unreasonable fear. It's real and justified. And it happens every day.
  
  --
  Learn to love Alaska
6. Re:Prejudice by Anonymous Coward · 2011-04-18 13:39 · Score: 0
  
  China is known to engage in governmental and business espionage. But being reasonably concerned about something that has happened in the past, is continuing to happen, and will almost certainly happen in the future - something that is damaging to oneself and one's business - is prejudice? What planet do you live on, and can I ride the magical unicorns there when I visit?
7. Re:Prejudice by HungryHobo · 2011-04-18 21:54 · Score: 1
  
  It's not the fear of being outsourced that's unfair, it's all the things that often leads to.
  people are afraid so they tell themselves things like "all work from that country is crap" or "just about all of them are incompetent" or even "it's morally wrong to give my job to someone overseas" to try to make themselves feel safer.
  but they come to believe it.
  the initial worry is perfectly justified so skill up and get yourself some good blackmail material but the things people make themselves believe as a result often aren't justified.
  There's pretty much the same spread of ability in Chinese workers: I spent a fair portion of my undergrad neck and neck with one of a group of Chinese students doing the course for the top of the class, (he won in the later years) but there was pretty much the exact same spread amongst the other Chinese students as amongst the rest of the class: some more interested in partying, some who did well, some who did not so well.
It's only logical by Anonymous Coward · 2011-04-18 00:34 · Score: 1

Who would you trust to make a better antivirus, if not the people who make the viruses themselves?
Does your chewing gum... by bmo · 2011-04-18 00:34 · Score: 1

lose its flavor on the bedpost overnight?
Seriously. Infowars.com levels of paranoia is the best they can come up with to avoid Symantec products?
On rumors even.
Symantec should be avoided because their software suites have been turning the fastest machines into boat anchors and doorstops for 20 years.
If you're worried about the Chinese, how worried are/were you about _nsakey/key2?
--
BMO
1. Re:Does your chewing gum... by Anonymous Coward · 2011-04-18 00:40 · Score: 0
  
  It doesn't really matter what kind of anti-virus software you're running, so long as you've got competent anti-anti-virus software watchdogging it.
Symantec Verisign by Anonymous Coward · 2011-04-18 00:36 · Score: 0

Symantec now also owns Verisign's SSL cert business. Uh-oh!
Friends Don't Let Friends... by Anonymous Coward · 2011-04-18 00:38 · Score: 0

...Install Antivirus Software.
LOL by Anonymous Coward · 2011-04-18 00:38 · Score: 0

EVERYTHING is made by the Chinese goverment.
THE REST is worse crap or unaffordable.
Re:MUCH OF LINUX KERNEL IS CHINESE AS WELL !! by Anonymous Coward · 2011-04-18 00:39 · Score: 0

The devil you say. If that's true, there must be 3 billion chinamen taking note of what I write and read? Hm. What an audience I have. That's a good thing. Right?
dont worry by pinkishpunk · 2011-04-18 00:40 · Score: 2

symantec antivirus products dont spare enough cpu cycles for the backdoor to do any real work, so you should be perfectly safe, its a good as locked up.
Everything Else Is by Anonymous Coward · 2011-04-18 00:45 · Score: 0

Everything else is made by them, why not our AV? Pretty sure they could include entire hardware backdoors on a lot of our stuff without anyone being the wiser.
they can, so they will by kubitus · 2011-04-18 00:46 · Score: 1

Echelon proofed to be too costly and difficult.
So place Trojan Boot Loaders into networking equipment and activate them via serial No through a Google ( or similar ) search engine answer to load some specific trojan coming along with the search engines answer.
secret services ? if can do it, they will do it!.
Not the biggest risk by HangingChad · 2011-04-18 00:49 · Score: 1

Would the Chinese or other governments take the opportunity to create back doors into western IT networks?
Let's face it, if a government is trying to spy on pc's around the world, they can do it without the need for someone to purchase a specific software product. The interesting question is if they even need to bother? Big corporations send your personal information and other sensitive data all over the planet. Server farms in India, Pakistan, Singapore and other low rent parts of the globe have your credit card records, medical records, anything they could want is just sitting right there. Wells Fargo might not backup your transaction records in Singapore, but what about the outsource provider they hire? There's no downside for them picking the low bidder, no encryption standards, no auditing.
Another big risk area is the potential for back doors in hardware components. Circuit boards, chips, things that might go into satellites, drone aircraft, or other military hardware. Supposedly the US makes those components locally, but what about all the defense contractors? None of them ever tempted to cut corners and buy components from overseas suppliers? Don't count on it. A hardware back door in mass produced PC's would be a much better spy tool than a software solution.
Our whimsical attitude toward data security is an IT Pearl Harbor just waiting for the sneak attack.

--
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Uh no, my AV is NOT made by China, by halfdan+the+black · 2011-04-18 00:49 · Score: 1

Because I don't have an anti-virus, I don't use MS Windows.
China is so bad... by Anonymous Coward · 2011-04-18 00:50 · Score: 0

And what are these western nations doing in, Lybia, Ivory Coast, Afghanistan, Iraq, Gaza... and where are those chinese bombs... I'm not worried about the chinese or their backdoors.. I'm more worried about western imperialism..
1. Re:China is so bad... by idamaybrown · 2011-04-18 01:31 · Score: 1
  
  Tibet & Taiwan may have a different opinion
Re:Chi.comz fav back-door by Anonymous Coward · 2011-04-18 00:53 · Score: 0

How did you prepare it?
Peking pheasant?
bend over by Anonymous Coward · 2011-04-18 01:03 · Score: 0

This is not a Chinese issue (some here feel better if they got ass raped by Swedish hackers, preferably female).
If you use closed source you deserve to reap what you've sown.
It's baseless by Anonymous Coward · 2011-04-18 01:06 · Score: 0

I think it's baseless, why we have to suspect china in every aspect ?
Oh, I don't know... by Anonymous Coward · 2011-04-18 01:12 · Score: 0

maybe stuff like this:
http://searchsecurity.techtarget.com/news/1378755/Chinese-hacker-attacks-target-Google-Gmail-accounts-top-tech-firms
1. Re:Oh, I don't know... by Anonymous Coward · 2011-04-18 07:19 · Score: 0
  
  Yes, it has to be a Chinese hacker, cuz google said so, especially duing a time when Google is having dispute with the Chinese government and is having trouble competing in getting marketshare in China. That has got to be true, no logical flaws here!
  
  I assume you are knowledgable enough about networks that jsut becuase something originates from an IP does not mean it is caused by the person sitting behind the computer at that IP. If the Chinese gov't wants to hack something, i'm pretty sure they are aware of this fact and will used a compromised system in another country (since they are soo good at hacking).
I have less trust in US by Anonymous Coward · 2011-04-18 01:12 · Score: 0

Chineese AV soft is as good and trusty as every US made AV.
I just do know and remember that my windows system is open.
Still expecting some privacy from virtual 'systems in systems'.
Untrustable by Anonymous Coward · 2011-04-18 01:21 · Score: 0

This is "just my opinion" and maybe even some paranoia, but I won't:
a) Install any closed-source software not made by US, Canada, UK, Japan, Australia, NZ or South Korea HQ'd companies
b) Install any antivirus product that "comes with the pc"
c) Install any open source software that isn't documented in English
d) **Purchase** ANY software that HQ's in China. So as much as I love the (withheld) software as a toy I'm not willing to purchase it since I'm not able to check what information it may send back to China. IMO When China lays a heavy hand down on the piracy of american software, movies and games, maybe I'll give a shit about buying chinese developed software, till then I really don't care, and don't feel bad when I see cracks for chinese software on the internet.
If Chinese developers want American's to buy their products and not steal them like their domestic customers, they need to have someone over here actually do the selling and throw some american flags on the product.
How long by __aaxtnf2500 · 2011-04-18 01:25 · Score: 1

How long does the PRC have to engage in massive coordinated intrusions into western military, defense contractor, and commercial computer systems until people get it through their head that this is no conspiracy theory and it the only reason the west puts up with it is the economic barrel the chinese have us over.
If a country has invested multiple billions of dollars into the development of weapons capable of killing most of the population of the united states, I will not install black-box security software developed in that nation.
Justifiable by Anonymous Coward · 2011-04-18 01:37 · Score: 0

Chinese hackers are permited to hack outside their country as long as they don't hack inside China and do what their Gvt. points them at. So yes... them vs us mentality is justified.
Stupid is as Stupid does... by Anonymous Coward · 2011-04-18 01:51 · Score: 0

Would people continue to be stupid enough to install Symantec software
Absolutely. Especially govt IT managers in every branch of US govt from local, to state, to federal.
Outsourcing is an inherent security problem... by gestalt_n_pepper · 2011-04-18 01:56 · Score: 2

...and always has been. You get software coded in India, who then themselves outsource to Pakistan, Vietnam, etc. and they put in backdoors. You get chips made in China and they put in backdoors or transmitter capability. You give financial information to India or the Phillipines and they can hold it hostage for either money or political concessions. Only a damn fool, a politician, or an executive focused on this quarter's bonus is dim enough to think otherwise.

--
Please do not read this sig. Thank you.
1. Re:Outsourcing is an inherent security problem... by Anonymous Coward · 2011-04-18 05:19 · Score: 0
  
  ...and always has been. You get software coded in India, who then themselves outsource to Pakistan, Vietnam, etc. and they put in backdoors. You get chips made in China and they put in backdoors or transmitter capability. You give financial information to India or the Phillipines and they can hold it hostage for either money or political concessions. Only a damn fool, a politician, or an executive focused on this quarter's bonus is dim enough to think otherwise.
  You could not be more correct. Outsourcing is a cancer. It has destroyed the economy of many major nations around the world who engage in its disgusting practice and these economies WILL NOT RECOVER until such time that these nations realize that they need to employ from within FIRST and they need to build their products from within FIRST.
  Read this:
  http://www.theonion.com/articles/chinese-factory-worker-cant-believe-the-shit-he-ma,1343/
2. Re:Outsourcing is an inherent security problem... by Anonymous Coward · 2011-04-18 07:52 · Score: 0
  
  and our politicians have backdoors made in Israel.
No, it's made by the AV companies by Anonymous Coward · 2011-04-18 02:06 · Score: 0

> Is Your Antivirus Made By the Chinese Government?
No, it's made by gray-hat hackers who are drip-fed exploits by the AV companies ...
Good experiences with Huawei by Anonymous Coward · 2011-04-18 02:26 · Score: 0

I've worked with Huawei's mobile comms research group and they were more open about their networks than Ericsson or Nokia ever were.
Japan? by khasim · 2011-04-18 02:27 · Score: 4, Insightful

Yeah, but it's probably happening at layer 2 and 3, since a lot of American networks are being offshored to Japan who in turn hires the cheapest third country nationals (Chinese CCNA's) to administrate.
Japan? Why Japan? Most companies I now (including the one I work at) have gone straight to China. And the network is via China's telco. And the guys running the systems are Chinese.
This isn't "back door". This is inviting them in the front door and giving them the keys to house so they can look after it for you.
Racism by Crock23A · 2011-04-18 02:56 · Score: 0

I see a lot of anti-Chinese stuff these days. It almost amounts to racism. People seem to hate on the Chinese because they're Chinese. Won't this mindset just further propagate any tension that already exists between our countries?
1. Re:Racism by Anonymous Coward · 2011-04-18 05:33 · Score: 0
  
  I see a lot of anti-Chinese stuff these days. It almost amounts to racism. People seem to hate on the Chinese because they're Chinese. Won't this mindset just further propagate any tension that already exists between our countries?
  Go fuck yourself. Racism? Because people are PISSED OFF that our nations send our employment over to China means we are "racists"? Stop throwing that word around like its water because at this point in time in 2011, that word means NOTHING anymore - the way people abuse it. Grow up and use your brain.
What's that? by Anonymous Coward · 2011-04-18 03:36 · Score: 0

I simply don't have one. It isn't that hard to not run unknown programs, or one of those macros hidden in an office file (is there a real use for these, or are macros just 100% a vector for unwanted crap?), or to not click 'yes' when asked to install bonzi buddy. A simple little NAT firewall also complicates things enough to render all this poorly written code (not just viruses) useless.
1. Re:What's that? by Builder · 2011-04-18 20:14 · Score: 1
  
  Do you use Flash? Or Adobe Reader for PDFs ?
Why should anyone care? by Anonymous Coward · 2011-04-18 03:41 · Score: 0

Back in 2007 both old and new 3g PCMCIA modems that were labeled as Vodafone in a nice shinny red box were actually made by Huawei. Orange also uses in any device not made by their Sagem friends Huawei. Hmm... weren't the Western telecom companies the ones that shut down Internet in the troubled Arab countries by their own choice and a day earlier than the government decision? So the answer would be why would you care? In a crazy run of getting "the best" price you get nothing than that.
I'm no techie... by Anonymous Coward · 2011-04-18 03:56 · Score: 0

I'm no techie, but wouldn't people be suspicious (hence this post on /.), and wouldn't they then look into the code and find backdoors and dodgy stuff. If so, the resulting bad publicity would be a killer for the company and the Chinese government. ok, so maybe searching through code can't be done, and maybe the Chinese wouldn't give a crap about bad publicity anyway, ... just sayin'.
huawei hardware *IS* very shaddy... by Anonymous Coward · 2011-04-18 04:02 · Score: 0

I had to get Internet on a laptop in the middle of nowhere... Somewhere in eastern europe. I ended buying a SIM and putting it in a small USB 3G device made by Huawey.
Even when I'm not logged in there are countless Huawei processes generating reports and whatnot in the background: I can see these because they're obviously very crappily Java-coded thinggies. I see a huge number of unobfuscated Java exceptions in OS X's logs (for example using Console.app) and they all contain "huawey" and stuff like "report-to-XML...".
I consider my GMail account (basically the only account I logged to) to be compromised and I'll change its password as soon as I get back.
I'll also re-install OS X.
A chinese company having strong ties with the chinese military is *not* a good company to use cheaply crap from.
Oh, yup, the credit-counter is pretty flawed too, I saw my balance going up and now for no reason.
An overall piece of crap probably spying on its users...
Pogo quote... by Anonymous Coward · 2011-04-18 04:39 · Score: 0

Actually, we in the USA should start looking at ourselves. Pogo had it right when he said "We have met the enemy, and it is us!"
Funny thing is by Anonymous Coward · 2011-04-18 04:51 · Score: 0

Many people around the world are wary of using any cloud service that involves American companies. Specially after wikileaks.
China Needs To Kiss Our Collective Asses by Anonymous Coward · 2011-04-18 05:11 · Score: 0

Nothing that comes from China is good. Time to kick China's ass.
Only one thing to do... by GameboyRMH · 2011-04-18 05:16 · Score: 1

Tag article "yellowperil" and close tab.

--
"When information is power, privacy is freedom" - Jah-Wren Ryel
Yes, we did. by MrEricSir · 2011-04-18 05:25 · Score: 1

Yes, the US government did install a backdoor. It's not an AV though; it's called Windows.

--
There's no -1 for "I don't get it."
The correct response by graulund · 2011-04-18 06:01 · Score: 1

"The correct response is to say that there are indicators we cannot safely ignore that poor cybersecurity and weak responses to economic espionage have created an opportunity for significant intelligence breaches that we would be well advised to remedy." From: http://csis.org/publication/does-chinas-new-j-20-stealth-fighter-have-american-technology
Chinese problem by Anonymous Coward · 2011-04-18 07:07 · Score: 0

i work in IT in an american university. who gets the most viruses? chinese grad students and faculty. they use baidu and have chinese software installed. nuff said.
The US government is more of a concern by Anonymous Coward · 2011-04-18 07:14 · Score: 0

The US government has shown just as much, if not more propensity for mass surveillance, and violation of individual rights as the Chinese government.
All things considered, to an outsider to both countries, it looks like the Chinese government is trying to do more to improve the standard of living of ordinary people, than many western governments, and most certainly significantly more than the regime that has governed the US for the past several decades (like many outsiders to the US, I classify republican/democrat as one regime, since they have many of the same financial backers, and have the same utter disregard for the general populous)
The lesson, if you want security, is to install open source software. Install software that is not controlled by a US commercial entity. Use strong encryption to transmit all commercially sensitive attachments & email - even over VPN connections. Avoid any software from known espionage heavy regimes (USA, Israel, China are probably the worst?)
Questions by conscarcdr · 2011-04-18 09:33 · Score: 1

I don't see any.
Very misleading indeed by grainofsand · 2011-04-18 12:36 · Score: 1

The /. headline screams "Is Your Antivirus Made By the Chinese Government?"
By the first paragraph that is watered down to an "IT company with close ties to the Chinese military".
The linked BBC article says nothing about Huawei being government owned, controlled or even related. The only tie the BBC mentions is that Huawei was founded (over 20 years ago) by an "ex-Chinese army officer".
I am not an apologist for the Chinese government nor am I necessarily in favour of Huawei being able to make investments outside of China but deliberately misleading reporting of reporting does not help anyone's understanding of the issues here.
The BBC got it right; /. didn't.

--
A dream is good. A plan is better.
is my AV chinese? by Anonymous Coward · 2011-04-18 13:42 · Score: 0

Hell no! It's Russian!
Chinese AV firms by Anonymous Coward · 2011-04-18 15:10 · Score: 0

Hello,
A very incomplete and quick list of Chinese owned/operated AV firms:
Beijing Rising
Fortinet (Beijing office--some sort of R&D there)
Jiangmin
Kingsoft
Qihoo
Trend Micro (R&D office?)
Regards,
A/C
You have to be an idiot to trust a Chinese company by WindBourne · 2011-04-18 17:19 · Score: 1

The CHinese gov. is in a cold war with the west. They show this daily with their manipulation of the yuan, their subsidization, their dumping, etc. More importantly, there is little doubt that the crackers in China are working for their gov. This is all the while they have the largest military build up in history.
Hell, even google has been cracked by insider spies.

It is time for American gov. and ideally, western gov. to pull back all of their hardware and require that they be manufactured in friendly nations.

--
I prefer the "u" in honour as it seems to be missing these days.
baloney by Anonymous Coward · 2011-04-18 21:43 · Score: 0

Huawei Symantec is a storage company !! It has nothing to do with Symantec's security business or Huawei's telecommunication business.
malware by Anonymous Coward · 2011-04-19 02:17 · Score: 0

long gone are the days when you could be sure of security. The potentials for having access to the worlds IT resources is an infinite motivator. I think we are long past being able to ascertain anything unless off line, and the threat of hardware malisciousness (scientific american) is a fact whose parameters are not yet assessable... and you think the u.s. has not coerced ms into having implemented this long ago? smile for the nsa cameras ladies.
Get up to speed with your performance stats by Datomes · 2011-04-19 02:42 · Score: 1

Really, still using those outdated "Symantec is slow" crap. Get up to speed. Symantec has been kicking ass performance wise for a little while now. This isn't 2004. http://www.enpointe.com/images/assets/pdf/SEP2011-performance-testing-Enterprise-ed5%5B1%5D.pdf