Slashdot Mirror


The Trouble With Bringing Your Business Laptop To China

snydeq writes "A growing trend faces business executives traveling to China: government or industry spooks stealing data from their laptops and installing spyware. 'While you were out to dinner that first night, someone entered your room (often a nominal hotel staffer), carefully examined the contents of your laptop, and installed spyware on the computer — without your having a clue. The result? Exposure of information, including customer data, product development documentation, countless emails, and other proprietary information of value to competitors and foreign governments. Perhaps even, thanks to the spyware, there's an ongoing infection in your corporate network that continually phones home key secrets for months or years afterward.'"

9 of 402 comments (clear)

  1. That's only one of the problems by dtmos · · Score: 4, Interesting

    The other -- and, I would submit, more important -- reason for not taking your business laptop to China (if you're from the US) is US export control laws. The definitions of "export" and "controlled technology" have been so generalized that it is an even-money bet that the laptop of a given technologist contains information that, were he to travel to China, would result in at least a technical violation of the law -- and the penalties are severe.

    1. Re:That's only one of the problems by neyla · · Score: 4, Interesting

      True !

      Fun Fact

      encryption*SOFTWARE* was classified as munitions and restricted, meanwhile free speech laws meant that printed words could very seldom be stopped.

      I was part of exporting PGP from USA legally, by way of printing the (zipped, uuencoded + checksums) source-code, mailing it physically to norway, scanning it, OCRing it and manually proofreading all lines where the checksum failed.

  2. throw away laptops by lophophore · · Score: 5, Interesting

    Any serious exec is going to use a throw-away laptop for travelling to China. A $400 special will keep you online abroad, and then it can be destroyed as a business expense. Cheap insurance against hacking.

    --
    there are 3 kinds of people:
    * those who can count
    * those who can't
    1. Re:throw away laptops by Anonymous Coward · · Score: 5, Interesting

      Yup, that's how we deal with it. We're frequently in China to do software and hardware testing at our facilities (I work for a large US transportation company), and we have "China laptops". These are encrypted machines that are specifically loaded with the bare minimum stuff we need when we leave and immediately blown away when we get back. Installation of anything beyond the bare minimum (which is pretty much Win7 and VS2005) is strictly disallowed. Source is kept on a separate, encrypted sd card which is not to be kept in the machine, but even then it's just not that interesting. It's all internal source for package sort controllers and such, and we don't even have the ability to check code back in from these machines. It's purely for debugging and sending problem reports back home.

      There's a big sticker on them that even says "China laptop, do not connect to corporate network"

  3. Industrial espionage by Taco+Cowboy · · Score: 4, Interesting

    I travel all the time, for business.

    China is not the only country where industrial cloak and dagger stuffs happen.

    The other countries that I've personally encountered industrial espionage activities includes Japan, Korea, Vietnam, France, Italy, India, Indonesia, Egypt, Turkey, and you will be surprised, I had had similar encounters in Canada, UK, Australia, and also US of A, although not that often.

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:Industrial espionage by hendridm · · Score: 5, Interesting

      I've surprised by many of the countries on your list.

      Can you give some examples of what you've observed that we non-travelers might find surprising/interesting?

    2. Re:Industrial espionage by AaronW · · Score: 4, Interesting

      As you said, France is also notorious for this sort of thing which surprises a lot of people.

      --
      This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
  4. Re:encryption by lister+king+of+smeg · · Score: 4, Interesting

    better yet live cd let them try installing malaware on there then, encrypt the whole drive and only use it for data storage, when chinless agents tries booting and no OS is found so he simply images you drive for later analysis let him stew for a few billion years trying to decrypt it.

    --
    ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
  5. Re:encryption by Qzukk · · Score: 4, Interesting

    And if the laptop has a firewire port, i'm fairly certain RAM can be dumped on ANY operating system.

    --
    If I have been able to see further than others, it is because I bought a pair of binoculars.