Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

US Government Fears China Bugs Lenovo PCs

Posted by ScuttleMonkey on Mon May 22, 2006 04:25 AM
from the gosh-we-didn't-think-of-that dept.
Privacy Government Politics
An anonymous reader writes "After approving the sale of IBM's PC Division to the Chinese Corporation Lenovo, the US Government has realized China could bug Lenovo PCs destined for US Government customers. Would the US have done the same to China? With American businesses so eager for business in China no matter what, where are we headed?"
+ -
story

Related Stories

[+] Lenovo Completes Acquisition Of IBM's PC Division 192 comments
karvind writes "Chinese computer maker Lenovo has completed its $1.75 billion purchase of IBM's personal computer division, creating the world's third-largest PC maker. Under the deal, IBM takes an 18.9 percent stake in Lenovo. Lenovo paid $1.25 billion for the IBM PC unit and assumed debt, which brought the total cost to $1.75 billion. Slashdot timeline: Dec 3, 2004: IBM Puts PC Business Up for Sale, Dec 4, 2004: Chinese PC Maker Looks to Buy IBM's PC Business, and Mar 9, 2005: U.S. Approves IBM/Lenovo Sale"
[+] News: U.S. Approves IBM/Lenovo Sale 217 comments
MartinB writes with the "Committee on Foreign Investment in the United States (CFIUS) review result: unanimous approval for the sale to go ahead, with no further external approvals needed. No compromises were required over the location of Lenovo facilities in sensitive research areas, nor were limits put on Lenovo's ability to sell PCs to U.S. agencies."
[+] IT: Lenovo Under U.S. Probe for Spying 327 comments
BigControversy writes "The DailyTech has a report indicating that Lenovo, the giant Chinese PC manufacturer, is under a probe by the U.S.-China Economic Security Review Commission (USCC) for possible bugging. Apparently, the government has ordered 16,000 PCs from Lenovo but is now requesting that Lenovo be investigated by intelligence agencies. The fear is of foreign intelligence applying pressure to Lenovo to equip its PCs so that the U.S. can be spied on." From the article: "Despite the probe, Lenovo says that its international business, especially those that deal with the US, follow strictly laid out government regulations and rules. Lenovo also claims that even after purchasing IBM's PC division, its international business has not been affected negatively. Interestingly, in an interview with the BBC, Lenovo mentioned that an open investigation or probe may negatively affect the way that the company deals with future government contracts or bids." There just has to be better uses of our intelligence community's time.
[+] Politics: Lenovo Banned by U.S. State Department 474 comments
chrplace writes "The BBC is reporting that the Chinese-made Lenovo PCs are not allowed inside secure US networks." From the article: "Assistant Secretary of State Richard Griffin said the department would also alter its procurement process to ensure US information security was guaranteed. His comments came after Rep Frank Wolf expressed national security concerns. The company Lenovo insisted such concerns were unwarranted and said the computers posed no security risk."
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

US Government Fears China Bugs Lenovo PCs 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • While I have no doubt that the US & China spy on each other constantly:
    But after angry objections from the US-China Economic and Security Review Commission, a bipartisan panel of experts appointed by Congress, the department opted this week to pull the computers from the network. [emph mine]
    I really do have to ask. Is the US-China Economic and Security Review Commission really unaware that the vast majority [com.com] of PCs (including Apple, dell, hp, gateway, etc) are manufactured (or at least part manufactured) in China?

    I find it hard to believe that they don't, so this punishment is not for the computers being manufactured in China, rather for the company not being US owned anymore. In other words, it's fine for the Chinese to do the manufacturing, but it has to be Americans making the real money (and again, this sort of chauvinism is pretty common & not unexpected, but it would be nice for the US to be a little more honest about its motivations).
    • Americans have a hard time adjusting to the fact that the computer world doesn't revolve around them anymore. It's a general problem right now that American companies will not buy software and hardware from companies not perceived to be American.
      In many ways it's just like the automobile industry in the 70's and 80's

    • So how does this supposed bugging scam work? (Score:5, Insightful)

      by Savage-Rabbit (308260) on Monday May 22 2006, @06:33AM (#15379151)
      ...the vast majority of PCs (including Apple, dell, hp, gateway, etc) are manufactured (or at least part manufactured) in China?

      True enough, the whole suggestion of PC bugging is almost funny. If the Chinese were to bug every single computer that gets assembled in China just on the off chance that it happens to end up in a secret US.Govt facitlity they would leave a footprint so large that the operation would be blown wide open pretty quickly. How many amateurs and computer engineers are there around the world picking their computers apart? One would expect such a scam to be discovered pretty quickly. Besides that how are the Chinese going tell which of the tens, if not hundreds, of thousands of computers the US.Govt buys end up in secret facilities. Do the computes phone home? Do they have self activating bugging devices that phone home (through how many layers of firewalling and network security?) when they some how automatically detect that they are in a US Govt facility? The whole suggestion of the Chinese bugging computers wholesale is ridiculous. That leaves us with the possibility of a sophisticated Chinese sting operation that uses the Lenovo distribution network to spike only those computers Lenovo and its distributors (distributors which would have to be staffed by the Chinese intelligence) know are likely to be destined for sensetive facilites. That would minimize the likelyhood of the scam being discovered unless US intel started randomly sampling computers and checking them for bugs but it still seems collossally impractical. If I were Chinese intelligence I would stick to working the most vulnerable part of any US.Govt operation. I would, for example, look for that inevitable disappointed, bored out of his skull, stuck in a dead end career pencil pusher and bribe him/her. It has worked in the past and it will work today. There have to be a thousand more practical ways of spying on the US than bugging computers.
          • Holy cow. Replace every instance of 'Bush' in that article with 'Kennedy' and the story doesn't change a bit.

            Another American family political dynasty. Who'da thunkit?

            Seriously, the Bush bashing is getting old. It only works if you really expected something better from them in the first place. Can you honestly say that you do?

  • Bugged, you say? (Score:4, Informative)

    by gowen (141411) <gwowen@gmail.com> on Monday May 22 2006, @04:28AM (#15378897) Homepage Journal
    My computer's bugged. It keeps regurgitating the same information over and over again [slashdot.org].
    • Judging by my remote scan of your computer, it seems to have picked up a bad case of Dupeware. Have you been clicking on links on slashdot recently?

      Also, this is Scuttle's second dupe in 8 hours. He duped the article about the new New York Applestore. He managed to remove that quickly enough [slashdot.org], though, and I don't think many saw it.

      Scuttle Monkey, I give you editors a hard time, but usually it's all in good fun*. But you're just pathetic. Hang it up and go back to work at McDonald's, man! I want my fries hot
    • It's cool ... the new /. CSS will fix dupes. :-)
  • Isn't this about the third time we've seen this 'story'?
    • Yep,

      But soon this will be over.
      The new lenovo pc will automagicly connect through the great firewall of China and deliver the chinese the coordinates to nuke slashdot dupe posters.

      Just making the internet a safer place :)

  • You better believe they'd do it ... (Score:5, Insightful)

    by vandan (151516) on Monday May 22 2006, @04:33AM (#15378906) Homepage
    It's not like the US government has exactly been leading the way on demonstrating restraint with respect to bugging.
    They bug everyone calling into and out of the US. They keep aggregate data for the purpose of dragnetting the stuff later for evidence of links to terrorism.
    They even bug members of the United Nations ( not that I have a great deal of respect for them, but still ... at least most other people do ).
    Why wouldn't they bug China. And yes, why wouldn't China bug the US.
    It's an insane system. A paranoid, power-hungry system.

  • Tin foil time! (Score:5, Funny)

    by madnuke (948229) on Monday May 22 2006, @04:37AM (#15378913)
    Wrap your laptop in foil, it will protect it from Chinese bugs and boost your wifi signal by 40%!

  • Yes (Score:5, Interesting)

    by Samir Gupta (623651) on Monday May 22 2006, @04:37AM (#15378915) Homepage
    The USA did it to China indeed [slashdot.org].

  • and now that I think about it... (Score:5, Insightful)

    by macadamia_harold (947445) on Monday May 22 2006, @04:39AM (#15378919) Homepage
    what's with all the speculation? With their domestic spying program [infoworld.com], wouldn't the NSA know whether the PCs were "phoning home"?
    • Not necessarily. Bugs can be designed to be passive, and nearly undetectable. Information can be leaked via intentional flaws in the shielding and filtering. Covert information channels can be very subtle and difficult to detect. They aren't going to stuff a bunch of bytes in a packet and ship it off to hq.pla.cn.

  • US, welcome to the rest of the world... (Score:5, Insightful)

    by danro (544913) on Monday May 22 2006, @04:41AM (#15378923) Homepage
    China may bug US government PCs?
    Welcome to the rest of the world!
    Everyone else has to keep the same thing in mind when they use Windows in government and industry.
    • Just Windows?

      What about Solaris? What about AIX? Irix? UNICOS (especially this one)?

      What about the specialized sh*t loaded on Rockwell vector processors used in radars by everyone but the russians?

      What about...

      Let's be real here.

      What goes around comes around and it is very nice to see the US govt being repayed in its own currency. It is only a matter of time until it gets more of it with everyone and his dog moving manufacturing to China and R&D to India and Russia.

  • Aw, these Americans... (Score:5, Insightful)

    by liangzai (837960) on Monday May 22 2006, @04:44AM (#15378925) Homepage
    They say they want free trade, but they won't buy IBM PCs after China bought the brand (no other difference).

    They say they want democracy in the Middle East, but when there is democracy in the Middle East, they don't respect the outcome (Hamas).

    They say other nations should respect human rights, but they themselves don't (Gitmo, torture flights, numerous examples).

    Anyone still wonder why the rest of the world spits on America?

    • For the record, the whole world spits on China, too.

      America may be a mess, but it's not like China is a shining example of how to run a country. Your country sucks just as much as mine, and probably more so.

      At least I can say America is a mess without worrying about a knock on my door from the thought police. America may be poorly mistreating those captured on the war on terror, but at least we don't have "strike hard" campaigns where our own citizens are sentenced to death in stadiums and executed minu

      • So seriously, shut the fuck up, Chinese guy. You have no right to talk.


        Chinese guy? Pure Viking blood here, dude...
      • For those who missed it, devnull17's post can be summarised as:
        America - still more rights then China!

      • Re:Aw, these Americans... (Score:5, Insightful)

        by Eivind (15695) <eivindorama@gmail.com> on Monday May 22 2006, @06:19AM (#15379117) Homepage
        Agreed. Neither foreign policy, not human rigths is something China should be proud of.

        But here's the thing -- noone acts as if China are doing particularily well in these areas, neither do China currently act as "world police", waving the banner of freedom and democracy, and claiming to be chief protector of those values.

        For that matter, China doesn't even particularily seem to care if other countries ignore human rigths.

        When you go out in the world, invade other countries, wave the banner of freedom and democracy around, it is to be excepected that people will be bothered by this "image" and see it as fake when they're confronted by stuff like Gitmo.

        There are (lots of!) places worse than Gitmo in China, no doubt about it.

        But the thing is, like you say, US citizens are free to protest Gitmo. They're even free to toss out those politicians responsible for trampling americas reputation in the mud. Yet they do not. To me that's a mystery.

        Most americans I know are *proud* of their freedoms. Consider human rigths *important*. Want the world to have more freedom and less torture, less inhumane punishments, less repression, less people in jail without a fair trial. That's why I don't understand why you tolerate such abuses from your own government.

        At last: "We may be bad, but atleast we're better than China" is true. But it makes you wonder, doesn't it ? If you have to compare yourself to *China* to come out the winner, just how deeply have you sunk ?

        Sure, you're not alone in refusing to sign the convention on childrens rigths, you share that honor with Somalia. That give a warm cuddly feeling ?

        The thing is, I don't get it. I'm absolutely positive, if you where to read the declaration (available here [ohchr.org]) for the US public and ask if they're in favor or not, literally 95% (or more) would be in favor, and you're a democracy, so I don't understand why you don't demand your government gets with the program.

        • Oh, I totally agree with you. I despise Bush et. al. (and yes, I voted in 2004), and I think we'll look at the word "terrorism" in forty years in the same quaint, cringing way we look at mentions of "communism" from the 60's. Regardless, I love my country and its history, and I'm getting really tired of having to answer, as an American, for the actions of my government. It's understandable, I suppose, but hearing it from someone who seems so eager to embrace Chinese culture strikes me as a bit hypocritic

              • I'm quite familiar with my country's history, TYVM.

                No, you're not familiar with your countries history, if you were, you would not have said:
                We may have sided with some real bastards in the Middle East in the early 1980's, but China's the one blocking action against everyone's favorite nascent nuclear theocracy in the UN Security Council.
                When it is perfectly clear to most of the world, that America is still supporting some real bastards in the middle east (not to mention an illegal nuclear power).

                Chances are you live in a country whose system of government is based on the one we first implemented. I'd also imagine you're enjoying not living under a Kaiser or a Fuhrer, something for which the United States is largely responsible.

                1) The first democratic country was New Zealand. [ipu.org] Prior to that, there was no democratic nation (as less then 50% of the population could vote).

                2) I live in a country that's enormously grateful for the Marshall plan, no doubt about it, that was a good thing for the world (thanks to your grandfather's generation)

                3) Why do you have to bring up WWII? 'cause you have not fought any wars where you were clearly in the right since?

                The OP said something that I found offensive about Americans, while quite clearly trumpeting his association with China. I felt obligated to point out the hypocrisy there. That's where the China connection came from.

                Incorrect. The OP said something that you found offensive about Americans, and you looked at his website and jumped to the conclusion that he was chinese. You couldn't attack his argument, so you attacked what you thought he was instead.

        • Re:Aw, these Americans... (Score:5, Insightful)

          by devnull17 (592326) * on Monday May 22 2006, @06:26AM (#15379128) Homepage Journal

          I'm totally ashamed of my government's actions. I can't think of a single good idea that's come out of Washington in the past five years. I'm a registered Democrat; I vote in every election, and I donate money to politicians in every election cycle. Short of armed revolt, I don't see what more I can do.

          But hearing things like "the world spits on America" makes my blood boil. I love my country, and I'm proud of (most of) its history. Blaming all Americans for the poor decisions our government makes is no different than blaming all Muslims for the activities of al-Qaeda.

          Karma Kablooiieee!

          My thoughts exactly when I made my first post on this article.

          • Re:Aw, these Americans... (Score:5, Insightful)

            by aussie_a (778472) on Monday May 22 2006, @07:16AM (#15379280) Journal
            Slight difference. Muslims didn't democratically elect the Al-Qaeda. The American people supposedly did elect their government.

          • Re:Aw, these Americans... (Score:4, Insightful)

            by be-fan (61476) on Monday May 22 2006, @08:27AM (#15379677)
            Muslims don't vote for al-Queda, nor do they, en masse, continue to support them with campaign contributions.

            Moreover, as an American, I must point out that its a little silly to be proud of America's history. The US has done a lot of very bad things in its history, specifically the genocide of the native people and continued intervention into the affairs of Latin America. Being a proud American, thus, means either being ignorant of history, or swallowing some of the simpler ideas about fairness, humanity, and democratic freedom. Of course, that is not to say that the latter is that unusual a state of mind for people. Certainly, the Chinese, the Japanese, the British, the French, nor the Germans (or whomever else sees it fit to criticize America as of late), cannot say with a clear conscience that their dark history is any better than ours.
    • They say they want democracy in the Middle East, but when there is democracy in the Middle East, they don't respect the outcome (Hamas).

      Bullshit. Holding a democratic election does not absolve you of responsibility for the outcome. If "the People" want Hamas to run the P.A., they will have to live with the consequences of that decision. The rest of the world is under no obligation to underwrite the operations of a group of terrorists, whether democratically elected or not.

  • The thief's mentality... (Score:5, Insightful)

    by jkrise (535370) on Monday May 22 2006, @04:48AM (#15378935) Journal
    He suspects everyone else is a thief... or atleast a potential thief. Why would the US fear Chinese 'bugs' in Lenove PCs? And if indeed the fear is valid, then why was IBM allowed to contract it's manufacturing outside of the US, and in particular, China? If laws could be framed to control export of things like encryption etc, why not h/w manufacturing as well? So many jobs could be kept within the US.....

    • I've been doing manufacturing in China for a few years now, and I can confirm that this sort of thing is exactly what the Chinese would do.

      The strange part is that Lenovo doesn't even need to do that - the Chinese are stealing American technology left and right, and they're doing just fine without bugged PCs.

  • A bit ironic (Score:2, Insightful)

    by Anonymous Coward
    Earlier this year the Bush administration was very disappointed as they weren't able to sell your harbours to an Saudi company because of the senate's fear of terrorism but are afraid of computers manufactured and _owned_ by a Chinese company.

    Using the chinese as manufacturers on the other hand, that's all right since the money goes to US companies.
  • where are we headed?

    Above the neck?
  • Doesn't the US Government re-image the machines once they're in-house? If so, then the threat of bugs is somewhere near 0. Maybe they're talking about the normal Windows adware/spyware stuff?

    • Bugs don't need to be software. (Score:4, Informative)

      by cduffy (652) <charles+slashdot@dyfis.net> on Monday May 22 2006, @06:03AM (#15379082)
      Maybe they're talking about hardware that, say... logs keystrokes, and can be summoned to retrieve them by a later software infection (or by a low-power radio request -- if these machines make it into an embassy or somesuch, it's entirely reasonable to have a feet-on-the-ground representative carry a piece of hardware that transfers the logs off the box).

      Look at some of the ways the US bugged equipment exported to Russia during the cold war -- there's a lot of ingenuity going on there.

  • Tit for Tat? (Score:4, Insightful)

    by N8F8 (4562) on Monday May 22 2006, @05:02AM (#15378963)
    Could it be a little revenge for China helping Irans nuclear program [google.com] and supporting its military in general? More specifically, supplying high grade Uranium gas?

  • This is stupid... (Score:5, Insightful)

    by Bert64 (520050) <bert@@@slashdot...firenzee...com> on Monday May 22 2006, @05:05AM (#15378967) Homepage
    A huge proportion of computer hardware is manufactured in China and has been for years, not to mention countless other things... What's to stop the Chinese from sending bugged components instead of full machines?

    However it raises an interesting point, it's much easier to hide back doors in software, so by this reckoning china should ban the use of american software... If this started happening, i`m sure microsoft would make it's pet government back down.

  • History repeats: Venice and the Turks (Score:3, Insightful)

    by Flying pig (925874) on Monday May 22 2006, @05:36AM (#15379020)
    The Venetian Empire was constantly threatened by the Turkish Empire...but their traders just couldn't resist doing business with the vast expanse of Asia Minor. And the long term outcome? Venice lost.

    Interestingly Dubai looks like its ruler is consciously aiming at becoming the next Venice, and his relations with the US are going the same way (trying to obtain harbours in the Turkish empire==trying to buy ports in the US).

    The parallels are considerable. Venice relied on seapower and built the greatest manufacturing business in the world - the Arsenal, which employed 16000 men and could turn out three ships a day at its peak. But when it tried to rely on dominating trade and took its eye off manufacturing and naval power, it went into decline. The current US emphasis on creating a world of "intellectual property" and slowly de-emphasising manufacturing is not a good long term trend, at least for the US. Look at the UK, which is now a very third class power dependent on managing financial flows.

    It looks like Marx was right; US capitalism may be destroyed by the internal contradictions, in that the interests of capitalists are contrary to the security of the country. Meanwhile, China while claiming to be business friendly is using Lenin's approach of using capitalism against itself.

  • US citizens fears gov bugs internet (Score:3, Interesting)

    by pubjames (468013) on Monday May 22 2006, @05:42AM (#15379035)
    Today, Wired published the full evidence of the AT&T/NSA domestic surveillance program. It is fascinating reading:

    http://www.wired.com/news/technology/0,70944-0.htm l [wired.com]
  • Given that the rest of the world has to worry that the US might bug any of Windows, MacOS, and a huge range of hardware we are not sympathetic.

  • We have a saying... (Score:4, Interesting)

    by Serious Simon (701084) on Monday May 22 2006, @05:47AM (#15379046)
    In the Netherlands we have a saying that can be translated into English as "The way the innkeeper is himself, he suspects his guests"...
  • Would the US have done the same to China?

    The Chinese dpo no trust Windows unless they have the source code.

    Do you really know what Windows is doing? They is this blob of unknown code that is running on 90% of the world's computers, all under the control of one corporation in the US, a corporation that receives special treatment from the US government.

    • Even if you've got the source code, it won't help you determine if there is remote surveillance embedded in it. That source has to be compiled by a compiler that is controlled by MS. Ok, so lets say you have the source for that. It was compiled by itself, and I'm sure everyone here knows of the paper by Ken Thompson concerning hiding code in a compiler such that it is no longer in the source code.

      As Ken Thompson says; "No amount of source-level verification or scrutiny will protect you from using untrusted

  • This could become a case of chickens coming home to roost with China and other U.S competitors and adversaries using the TCP (Trusted Computing Platform) [cam.ac.uk] to have a back door to computers they produce and which are sold to businesses and governments all over the world.

    All they need to do is to make note of the keys or signatures from the TPMs(Trusted Platform Module) [infineon.com] that are embedded in every modern PC.

    In fact this illustrates the greatest challenge of TCP based DRM. Who will be the key escrow / signing

  • US bugs Chinese "Airforce 1" Okay?! (Score:5, Interesting)

    by didiken (93521) on Monday May 22 2006, @06:34AM (#15379155) Homepage
    Funny that US has bugged a Boeing 767 purchased from the US [bbc.co.uk] for use by former President Jiang Zemin [sptimes.com].

    Didn't hear the Chinese stop buying jumbo jets.

  • Detection of such a scheme (Score:3, Insightful)

    by mwilliamson (672411) on Monday May 22 2006, @07:08AM (#15379245) Homepage Journal
    Ok, first of all for a bugged machine to communicate with its makers it would need some conduit to send its data. Since China is on the other side of the world any RF emissions can probably be ruled out, besides, the machine has got to be FCC certified to be sold here and if it were really RF-noisy, it wouldn't pass compliance.

    This leaves network traffic. Now I really hope there aren't many machines that stradle classified networks and unclassified networks. Real, physical separation could guarantee no crosstalk between classified and non-classified systems. A while back I recall some discussion that VMWare was being used to virtualize systems of different classifications, so maybe this is not the case anymore. Nevertheless, a firmware bugged system would have to report home, and any self-resperting network admin _should_ be able to notice periodic network connection attempts to its destination, especially in a very controlled enviroment where arbitrary tcp/ip connections just aren't the norm.

    This leaves the approach of using stenographic techniques to attempt to hide important data in files that the Chinese would hope to become declassified and published. Talk about hit and miss, not to mention the processing power and overhead such a scheme would take, but this is about the only way out I can think of this morning before my coffee. The firmware could be looking for keyword triggers, record big blocks of text around the keywords found, then embed in numerous other documents in hopes to leak it. Talk about a crapshot, but maybe it is worth adding to a paranoid agency's list of things to watch for.

    -Michael

  • Let's just hope total war is obsolete (Score:3, Interesting)

    by Enrique1218 (603187) on Monday May 22 2006, @01:04PM (#15382233) Journal
    I really don't how a services economy is going to mobilize for the next big war. How many financial analysts does it take to build F22? How many systems administrator does it take to build a submarine? I am going to mention the lower class who are alcoholic, drug-addicted, or just plain disillioned as their jobs are ship over seas or given to illegal immigrants. I am sure we can round up all the prostitutes, strippers, and drug addicts and train them to build a tank. Computer components are vital part our warfighting ability and exactly how much of that is manufacture in the continental US? I guess we are assuming that in a war with China, we can always have them make our weapons for us so we can in turn drop on them. Seems logical and we don't have top pay for shipping. Spying is the least of our problems. China hasn't asserted itself so far because it still needs to grow some but what about 20 years from now? We can always hope China evolves into a pluralistic democracy but then again we are one and we still invaded Iraq.
    • Having a link in the uber-parent to one of Chomsky's endless rants against the United States strikes a terrible blow to the overall seriousness of the issue at hand.

      My thoughts exactly, more so if you notice that his essay is dated 2003 and is about the Middle East situation, it has absolutely nothing to do with the USA government using computers made in China other than stating Chomsky's opinion that the USA has an interventionist foreign policy. In the context of this discussion, that link is 80% off-top

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2010 Geeknet, Inc.