>From - Sat Mar 02 00:57:21 2024
Received: by 10.224.27.222 with SMTP id j30mr1237266qac.13.1253111856045;
Wed, 16 Sep 2009 07:37:36 -0700 (PDT)
Received: by 10.224.27.222 with SMTP id j30mr1237265qac.13.1253111856011;
Wed, 16 Sep 2009 07:37:36 -0700 (PDT)
Return-Path: <ber..._at_netaxs.com>
Received: from newmx1.fast.net (newmx1.fast.net [209.92.1.31])
by gmr-mx.google.com with SMTP id 25si1140960qyk.7.2009.09.16.07.37.35;
Wed, 16 Sep 2009 07:37:35 -0700 (PDT)
Received-SPF: neutral (google.com: 209.92.1.31 is neither permitted nor denied by best guess record for domain of ber..._at_netaxs.com) client-ip=209.92.1.31;
Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 209.92.1.31 is neither permitted nor denied by best guess record for domain of ber..._at_netaxs.com) smtp.mail=ber..._at_netaxs.com
Received: (qmail 14700 invoked from network); 16 Sep 2009 14:37:35 -0000
Received: from unknown (HELO localhost) ([216.48.8.17]) (envelope-sender <ber..._at_netaxs.com>)
by newmx1.fast.net (qmail-ldap-1.03) with SMTP
for <tscm-..._at_googlegroups.com>; 16 Sep 2009 14:37:35 -0000
Received: from 72-60-230-46.pools.spcsdns.net (72-60-230-46.pools.spcsdns.net [72.60.230.46])
by webmail.uslec.net (IMP) with HTTP
for <ber..._at_popcorn.netaxs.com>; Wed, 16 Sep 2009 10:37:33 -0400
Message-ID: <1253111853.4ab0f82dabe3c_at_webmail.uslec.net>
Date: Wed, 16 Sep 2009 10:37:33 -0400
From: ed <ber..._at_netaxs.com>
To: tscm-l2006_at_googlegroups.com
Subject: US IT execs advised to weigh laptops & discard phones after China travel
References: <c47c30070909121029h75e65162laa1cf98d60afb530_at_mail.gmail.com> <1252914208.4aadf4203cfb9_at_webmail.uslec.net>
In-Reply-To: <1252914208.4aadf4203cfb9_at_webmail.uslec.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 3.2.1
I think it's more likely that compromised laptops would have spyware (software)
installed rather than hardware devices that actually have mass. And I would
think that Chinese spies would be more likely to target the *contents* of US
execs' smart phones than installing spyware on them.
-ed
http://www.crn.com.au/News/155836,safety-first-for-it-executives-in-china.aspx
Safety first for IT executives in China
Sholto Macpherson | Sep 16, 2009 7:51 AM
US Government recommends weighing laptop before and after each visit.
Senior executives in US IT companies have been advised by the US Government to
follow extremely strict policies for visits to China which extend far beyond
standard software protection.
The policies encourage them to leave their standard IT equipment at home and to
buy separate gear only for use in China.
Mark Bregman, chief technology officer at security firm Symantec said he left
his MacBook Pro behind in the US and took his MacBook Air whenever he flew to
China. Bregman said he only ever used the Air in China and re-imaged the machine
every time he returned home.
However, he said he was "pretty relaxed" when it came to following the security
policies. "I don't let my IT department near my laptop," he said.
"I was advised by people in three-letter agencies in the US Government to weigh
the machine before I left and when I got back," Bregman said.
"They also don't want me to take my phone. They said to buy a mobile phone in
the US and throw it away when you come back."
Bregman said the US was also concerned about its companies employing Chinese
coders, particularly in security.
He said the "software supply concern" was due to fears that Chinese developers
would insert malicious code into software sold to American companies or the US
government.
"If you're a big company doing development in China the US government asks, Why
should we trust you? We won't buy from you.'"
However, he said every software company used developers in China including
Microsoft, Oracle and others.
And Bregman asked why the US should fear Chinese developers but not US
developers, when terrorist attacks were carried out in the US by American citizens.
Instead of worrying about the software products produced in China, the US
Government should look at the tools and processes software vendors use to test
their code, he said.
Symantec, as a security vendor which analyses code for malware, should be
considered very reliable, said Bregman.
Bregman said the US had never asked Symantec to gather evidence using its own
products.
"I'm not paid by the US Government. Why would I do it?
"I want all governments and customers to be assured that the software I'm
selling them does what I say it does and nothing more."
Received on Sat Mar 02 2024 - 00:57:20 CST