Travel Technology - Securing your tech in China

Anyone hear about any special tips/tricks to protect your computers/phones/bberrys from prying eyes while in China?

I'm going to be heading over for the olympics, and have seen some news articles warning people about Chinese intelligence hacking into people's stuff

1) Lock your device - always. Add a PIN protection to your SIM card and enable password protection on your phone
2) If you carry something like an iPhone, keep it in a nondescript case
3) Dump the white iPod headphone - nobody needs to know you have an iPod
4) Don't use open hotspots, and if you, pay for a VPN service
5) Never, ever logon to Ebay, Paypal, bank services or anything else you don't want to share, unless it's on your OWN pc, and on a secure connection. Keysniffers are everywhere in the world.
6) Don't use your primary email address on your phone. If someone DOES find it, they could be changing your Paypal email address in a few minutes. Use a disposable addres. If possible, use Gmail and use their account information feature in the bottom of the window to check for weird account access.
7) If you are carrying files you don't want to share, add them to a Truecrypt file and don't name the encrypted file "top secret files".

FWIW; these tips don't just apply to China, they are applicable everywhere in the world. I wouldn't be too afraid of Chinese intelligence, it's the common scammer you need to worry about.

Anyone hear about any special tips/tricks to protect your computers/phones/bberrys from prying eyes while in China?

I'm going to be heading over for the olympics, and have seen some news articles warning people about Chinese intelligence hacking into people's stuff

There's virtually nothing you can do to genuinely protect your machines or your data from the VERY prying eyes of the Chinese Government (and I have no doubt they will likely be engaging in maximum levels of data 'collection' for the next few weeks) once in China. If the Chinese authorities want to have a look at whatever info. you have, they can and will take that look basically no matter what you do, and the Chinese have numerous ways of doing so without your ever knowing.

Bottom line -- with sensitive commercial or other information that may be of interest to ANY foreign government, keep it in your home country or else don't expect to keep it secret once you're overseas.

However, ScottC's advice is spot-on as to minimizing risk from your run-of-the-mill scammers and petty thieves.

If you data is encrypted, shorting of beating you to death for keyfiles the Chinese are not going to get it.

If you data is encrypted, shorting of beating you to death for keyfiles the Chinese are not going to get it.

Not quite. Data encryption won't do much good in guarding data displayed on the screen of a laptop in a hotel room, for instance.
.

If you data is encrypted, shorting of beating you to death for keyfiles the Chinese are not going to get it.

Because there is certainly no way that they have the resources to perform a brute force attack if they want the data badly enough. :rolleyes:

It is safer than not if encrypted, but there is certainly no reason to believe that encryption - even good encryption that is well implemented - is impenetrable.

Not quite. Data encryption won't do much good in guarding data displayed on the screen of a laptop in a hotel room, for instance.
.

Nothing a hood won't solve. Unless you think they've got the bedsheets themselves wired with fiber optic cameras.

Because there is certainly no way that they have the resources to perform a brute force attack if they want the data badly enough. :rolleyes:

The Chinese, unless they've had a breakthru in parallel processing or quantum computing, cannot brute force encryption any faster than anyone else. If anyone wants to brute force my stuff, they obviously want it more than I want to keep it encrypted. I'm not losing sleep about the prospect.

t is safer than not if encrypted, but there is certainly no reason to believe that encryption - even good encryption that is well implemented - is impenetrable.

Well implemented encryption can be virtually impenetrable, if you one-time it.

However, the Chinese are no more or less likely (or able) to get data from a well managed laptop (for instance) than any other government, short of beating the keys out of you. Serious.

If you really want a secure laptop have your IT people set you up with a VPN connection to a remote machine and use your laptop as a terminal to manipulate the other machine.

That way all of your files and data are on a remote machine and your laptop is just an empty shell.

However, the Chinese are no more or less likely (or able) to get data from a well managed laptop (for instance) than any other government, short of beating the keys out of you. Serious.

But they are more likely than many other governments to beat the keys out of you.

:D:eek::o:(

If you data is encrypted, shorting of beating you to death for keyfiles the Chinese are not going to get it.

If they got into the Pentagon, you are no match for them!!!!!!!

Buy a throw away phone. Take a clean used laptop. Don't go anywhere with sensitive data. Get the strongest Firewall, virus protection and spyware programs that you can find.

Change Passwords before you go and immediately when you get on the plane back home.

A friend of mine, reformats and reinstalls Windows every time he returns from China. He also opens a throw away email acct that becomes the only one he uses when there..Has all mail forwarded to throw-away. He doesn't trust anyone in China when it come to IT.

As has been said many times in news...Nothing is secure in China.

If they got into the Pentagon, you are no match for them!!!!!!!


Meh, that says more about the Pentagon and their poor security than the skills of the Chinese.

I think just the normal security protection will work anywhere as you travel. I don't think the Chinese agents would pry into your info unless they have a reason to.

However, the Chinese are no more or less likely (or able) to get data from a well managed laptop (for instance) than any other government, short of beating the keys out of you. Serious.

I never said they were. But if they want to brute-force attack it they can. And they certainly have resources to throw at the problem.

If you really want a secure laptop have your IT people set you up with a VPN connection to a remote machine and use your laptop as a terminal to manipulate the other machine.

That way all of your files and data are on a remote machine and your laptop is just an empty shell.

This will provide zero protection against a surreptitiously installed keylogger.

In reality, the Chinese (and most others) don't care about your data. And if they want it then they want it badly enough that they'll invest the time and effort to get it. But generally speaking they almost certainly could not care less.

In reality, the Chinese (and most others) don't care about your data. And if they want it then they want it badly enough that they'll invest the time and effort to get it. But generally speaking they almost certainly could not care less.

I agree, and I'm curious where all this suspicion of the Chinese comes from. If I were traveling with sensitive data, I wouldn't trust the Chinese more or less than any other government.

Industrial espionage is everywhere, but I think most of it is done remotely and not by secret agents trying to infiltrate your hotel room.

Industrial espionage is everywhere, but I think most of it is done remotely and not by secret agents trying to infiltrate your hotel room.

I guess it depends on who you are (http://www.timesonline.co.uk/tol/news/politics/article4364353.ece). ;)

Strangely I managed to survive 4 weeks in China and Tibet without anyone hacking my stuff, and without taking any more precautions than I'd take travelling closer to home. You're a paranoid lot.

I agree, and I'm curious where all this suspicion of the Chinese comes from. If I were traveling with sensitive data, I wouldn't trust the Chinese more or less than any other government.

Industrial espionage is everywhere, but I think most of it is done remotely and not by secret agents trying to infiltrate your hotel room.

For the time being, the Chinese are far more aggressive in engaging in industrial espionage and efforts to purvey restricted technologies than any other nation on the planet. The Chinese security services have the will, the manpower, the resources, the know-how, and the freedom to mount pervasive information collection efforts, and they do just that against Western businesses and businessmen all the time, located both in China and indeed around the world.

Strangely I managed to survive 4 weeks in China and Tibet without anyone hacking my stuff, and without taking any more precautions than I'd take travelling closer to home. You're a paranoid lot.

In fairness, there are some people in and around these parts who currently or formerly had to spend a great deal of time and attention to this and related issues, and I can assure you the "paranoia" is well-founded and indeed very reasonable.

For the time being, the Chinese are far more aggressive in engaging in industrial espionage and efforts to purvey restricted technologies than any other nation on the planet. The Chinese security services have the will, the manpower, the resources, the know-how, and the freedom to mount pervasive information collection efforts, and they do just that against Western businesses and businessmen all the time, located both in China and indeed around the world.

:rolleyes:

Tom Clancy called.

He said he wants to know how you got a copy of his latest draft.

Nothing a hood won't solve. Unless you think they've got the bedsheets themselves wired with fiber optic cameras.

Thats definitely a good idea

If you really want a secure laptop have your IT people set you up with a VPN connection to a remote machine and use your laptop as a terminal to manipulate the other machine.

I am able to access my work network through a VPN authenticated by a SecurID - but I guess that still leaves whatever is on my machine vulnerable to the types of attacks others have mentioned

He also opens a throw away email acct that becomes the only one he uses when there..Has all mail forwarded to throw-away.

This idea is brilliant - I will definitely do this. I was going to pretty much forgo accessing any personal accounts/email while over there, but doing that should make it safe (enough)

As has been said many times in news...Nothing is secure in China.

Yea, I guess the overall answer is going to be leaving behind any non-essential tech at home, making sure the stuff I do bring is as secure as I can make it, and as much as possible not letting anything with a microchip in it out of my sight

I just received a memo from our legal department indicating that China was one of the countries where it was illegal to carry an encrypted notebook into. We were told to use a clean harddrive for China trips. I don't know how true it is.

The implication was that this ban was from China -- not the US bar on exportation of encryption

I just received a memo from our legal department indicating that China was one of the countries where it was illegal to carry an encrypted notebook into. We were told to use a clean harddrive for China trips. I don't know how true it is.

The implication was that this ban was from China -- not the US bar on exportation of encryption

This is kind of true. This is my understanding:

The Chinese, in theory, want to be able to keep Chinese nationals from using encryption. They are much more lenient with foreign nationals, particularly those working for large corporations with a presence in China.

What they reserve the right to do is ask you (or your company, more specifically) for keys on demand. My firm does over $2 billion USD/year in China. They've never asked. If they did, or if we are unable to conduct business because of a restriction like that, we'd leave China, and they know it. I suspect this helps somewhat.

As a practical matter, the level to which the Chinese will work with a particular company is usually directly related to the amount of business a company brings to China. They've cleared us for strong encryption (network and disk based) as well as backhauling internet access out of China (and thus bypassing the "Great Firewall") for quite some time, but we are growing like a weed there. We also don't let nonprofessionals access the internet, so I guess they figure it's fewer minds being polluted with the uncensored version of the internet...