DHS advises companies to avoid Chinese hardware and software services

Posted:
in General Discussion edited December 2020
The U.S. Department of Homeland Security is urging US companies to completely avoid using hardware or services produced or linked to Chinese state corporate ownership because of data theft concerns.

Credit: Jason Redmond/AFP
Credit: Jason Redmond/AFP


In a business advisory published on Wednesday, the DHS said that Chinese products and services could contain backdoors or other data collection systems. It also said that data theft could occur via insider threats and business partnerships. The goal is to harvest data from western companies for use in furthering China's economic goals, the department added.

The DHS urged U.S. companies to take care when sharing data with Chinese firms; using equipment produced or maintained by Chinese companies; and even when working with companies that have Chinese citizens in "key leadership and security-focused roles."

According to the DHS, local Chinese national security laws allow the government to force domestic companies or citizens to engage in espionage or intellectual property theft.

Acting Homeland Security Secretary Chad F. Wolf said on Wednesday that "for too long, U.S. networks and data have been exposed to cyber threats based in China which are using that data to give Chinese firms an unfair competitive advantage in the global marketplace."

On Monday, Wolf also called China a "clear and present danger" to the U.S. that it couldn't ignore.

In addition to the harvesting of data from western companies and citizens, the advisory also highlights China's "history of manipulation, misuse, and exploitation of that data to serve PRC business and economic goals."

"Any person or entity that chooses to procure data services and equipment from PRC-linked firms, or store data on software or equipment developed by such firms, should be aware of the economic, reputational, and, in certain instances, legal, risks associated with doing business with these firms," the DHS said in a press release.

The U.S. government has also taken action against specific Chinese firms because of espionage concerns. In May 2019, it levied two bans on Chinese phone maker Huawei that blocked it from using U.S. technology and blocked U.S. firms form using its hardware. Earlier in December, the Federal Communications Commission told certain U.S. carriers to remove all Huawei equipment in their infrastructure.
«1

Comments

  • Reply 1 of 32
    DAalsethDAalseth Posts: 2,783member
    However advisable this may be, my first reaction is "good luck with that". I doubt in the retail space there is much that isn't linked to the PRC directly or indirectly.
    watto_cobra
  • Reply 2 of 32
    sflocalsflocal Posts: 6,092member
    We had a company install a bunch of security cameras on one of our apartment properties.  They installed cameras made by Hikvision.  100% full Chinese company.  I was not a fan of it but it is what it is.  I removed all the defaults in their NVR system that pointed to Chinese IP addresses.  They were everywhere and supposedly to make it "easy" for the user to just plug in and get it working.  No f**king way.

    What (was) a concern is the client software.  The first thing the software asked was for elevated access to my Mac which had zero need for.  That raised my eyebrow even more.

    I just don't trust anything put out by Chinese-owned companies.  I look forward to the day I upgrade the cameras and NVR to something NOT from China.
    Beatsanantksundaramwatto_cobra
  • Reply 3 of 32
    I have a Roborock S6 robot vacuum which I completely love and has performed better than any previously owned. I've always been concerned with their software though.  Their newer robots have cameras which could be a concern for some.  I keep my network as locked down as possible and careful what I agree to but I know that may not be enough.  It's a risk you take when you have a bunch of internet connected devices automating your home. 

    anantksundaramwatto_cobra
  • Reply 4 of 32
    BeatsBeats Posts: 3,073member
    In other news...

    Avoid snake bites!!
    Avoid walking on stilts in traffic!!
    Avoid walking a tightrope over New York City!!
    Avoid cutting yourself while chopping vegetables!!
    anantksundaram
  • Reply 5 of 32
    Beats said:
    In other news...

    Avoid snake bites!!
    Avoid walking on stilts in traffic!!
    Avoid walking a tightrope over New York City!!
    Avoid cutting yourself while chopping vegetables!!
    Damn. That last one is something I have painfully experienced more than a few times.... why did you have to remind me of it...
  • Reply 6 of 32
    genovellegenovelle Posts: 1,480member
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    muthuk_vanalingamwatto_cobraGeorgeBMacDAalseth
  • Reply 7 of 32
    genovelle said:
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    Or it’s simply because the US rarely buy computer hardware and software from Russia. 
    jeez..
    edited December 2020 viclauyycwatto_cobraelijahg
  • Reply 8 of 32
    matrix077 said:
    genovelle said:
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    Or it’s simply because the US rarely buy computer hardware and software from Russia. 
    jeez..
    That's a pretty uninformed response.  I rarely agree with anything genovelle posts, but in this instance their quote is 100% right.  We're making all kinds of noise about what China could possibly-might-maybe-sorta kinda do regarding our economy.  Yet we're conspicuously ignoring the actual and possible ongoing breach from Russia that focused on our tech and government.  Ars Technica has an illuminating article about the breach. https://arstechnica.com/information-technology/2020/12/only-an-elite-few-solarwinds-hack-victims-received-follow-on-attacks/
    Excerpt: " Of the 18,000 organizations that downloaded a backdoored version of software from SolarWinds, the tiniest of slivers—possibly as small as 0.2 percent—received a follow-on hack that used the backdoor to install a second-stage payload. The largest populations receiving stage two were, in order, tech companies, government agencies, and think tanks/NGOs. The vast majority—80 percent—of these 40 chosen ones were located in the US." 

    This has nothing to do with where we buy computer hardware and software.  It's about actual infiltration vs narrative building FUD.  Jeez.
    muthuk_vanalingamGeorgeBMac
  • Reply 9 of 32
    matrix077 said:
    genovelle said:
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    Or it’s simply because the US rarely buy computer hardware and software from Russia. 
    jeez..
    That's a pretty uninformed response.  I rarely agree with anything genovelle posts, but in this instance their quote is 100% right.  We're making all kinds of noise about what China could possibly-might-maybe-sorta kinda do regarding our economy.  Yet we're conspicuously ignoring the actual and possible ongoing breach from Russia that focused on our tech and government.  Ars Technica has an illuminating article about the breach. https://arstechnica.com/information-technology/2020/12/only-an-elite-few-solarwinds-hack-victims-received-follow-on-attacks/
    Excerpt: " Of the 18,000 organizations that downloaded a backdoored version of software from SolarWinds, the tiniest of slivers—possibly as small as 0.2 percent—received a follow-on hack that used the backdoor to install a second-stage payload. The largest populations receiving stage two were, in order, tech companies, government agencies, and think tanks/NGOs. The vast majority—80 percent—of these 40 chosen ones were located in the US." 

    This has nothing to do with where we buy computer hardware and software.  It's about actual infiltration vs narrative building FUD.  Jeez.
    Blah blah blah.. did you even understand “ buy computer hardware and software”. What you’re talking about is hacking, entirely different to what DHS objective in the article. 
    What do you want DHS to say? Avoids Russia hacking? Like there are companies out there purposefully wants Russia to hack them? Jeeezzzz...

    In case you’re too stupid to understand (how would I know? Your response seem to point that way), there ARE companies purposefully buy Chinese computer hardware an software because they’re cheaper. That’s what the point of this warning. 
    edited December 2020 watto_cobra
  • Reply 10 of 32
    matrix077 said:
    genovelle said:
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    Or it’s simply because the US rarely buy computer hardware and software from Russia. 
    jeez..

    No, it's that Trump is upset that his buddy got busted attacking our country -- again.
    So, he's going back to his go-to distraction for his base: China
    edited December 2020 DAalseth
  • Reply 11 of 32
    matrix077 said:
    matrix077 said:
    genovelle said:
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    Or it’s simply because the US rarely buy computer hardware and software from Russia. 
    jeez..
    That's a pretty uninformed response.  I rarely agree with anything genovelle posts, but in this instance their quote is 100% right.  We're making all kinds of noise about what China could possibly-might-maybe-sorta kinda do regarding our economy.  Yet we're conspicuously ignoring the actual and possible ongoing breach from Russia that focused on our tech and government.  Ars Technica has an illuminating article about the breach. https://arstechnica.com/information-technology/2020/12/only-an-elite-few-solarwinds-hack-victims-received-follow-on-attacks/
    Excerpt: " Of the 18,000 organizations that downloaded a backdoored version of software from SolarWinds, the tiniest of slivers—possibly as small as 0.2 percent—received a follow-on hack that used the backdoor to install a second-stage payload. The largest populations receiving stage two were, in order, tech companies, government agencies, and think tanks/NGOs. The vast majority—80 percent—of these 40 chosen ones were located in the US." 

    This has nothing to do with where we buy computer hardware and software.  It's about actual infiltration vs narrative building FUD.  Jeez.
    Blah blah blah.. did you even understand “ buy computer hardware and software”. What you’re talking about is hacking, entirely different to what DHS objective in the article. 
    What do you want DHS to say? Avoids Russia hacking? Like there are companies out there purposefully wants Russia to hack them? Jeeezzzz...

    In case you’re too stupid to understand (how would I know? Your response seem to point that way), there ARE companies purposefully buy Chinese computer hardware an software because they’re cheaper. That’s what the point of this warning. 

    Not really.   As was pointed out:   The Trump administration continues its hystrionics over his China "might, maybe, coulda" allegations and ignores the ongoing serious criminal attacks on our country by his friend and partner.   It's obviously to keep his base distracted.   And it's obviously successful.

    From Trump and his shills we get:
    China:   Shout the unsubstantiated allegations from the roof tops.
    Russia:   Complete silence.  Not only complete silence but attacks on those who DO make the mistake of speaking up.

    Trump complains about "Russia, Russia, Russia" -- even though it has committed three known, documented attacks on our country.
    And  instead all you here from him and his shills is:  "China, China, China"
  • Reply 12 of 32
    DAalsethDAalseth Posts: 2,783member
    genovelle said:
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    Trump built his career on misdirection, and once a grifter always a grifter. China is a threat, but Russia is as well. 
  • Reply 13 of 32
    blastdoorblastdoor Posts: 3,258member
    My view — BOTH China and Russia are major threats. I hope the new administration takes both very seriously.
  • Reply 14 of 32
    tzeshantzeshan Posts: 2,351member
    DHS is trying to protect American data? LOL What did they do about the Spams telephone calls Americans are receiving daily? None! Nahda! Nil! Why DHS cannot catch any of these criminals? America will be a much safer place if DHS can eliminate these Spam criminals. 
    GeorgeBMac
  • Reply 15 of 32
    DAalsethDAalseth Posts: 2,783member
    tzeshan said:
    DHS is trying to protect American data? LOL What did they do about the Spams telephone calls Americans are receiving daily? None! Nahda! Nil! Why DHS cannot catch any of these criminals? America will be a much safer place if DHS can eliminate these Spam criminals. 
    I saw through the BS when DHS was created and I thought it was a bad idea then. Just an excuse for domestic spying. They're more concerned about American Enemies of the People (as W put it) than any threat from abroad. 
  • Reply 16 of 32
    GeorgeBMacGeorgeBMac Posts: 11,421member
    DAalseth said:
    tzeshan said:
    DHS is trying to protect American data? LOL What did they do about the Spams telephone calls Americans are receiving daily? None! Nahda! Nil! Why DHS cannot catch any of these criminals? America will be a much safer place if DHS can eliminate these Spam criminals. 
    I saw through the BS when DHS was created and I thought it was a bad idea then. Just an excuse for domestic spying. They're more concerned about American Enemies of the People (as W put it) than any threat from abroad. 

    But then domestic terrorists and terrorism have replaced foreign ones as our biggest threat.
    When a lead scientist (Dr Fauci) and election and state officials have to have 24 hour protection, something is very, very, wrong.
  • Reply 17 of 32
    GeorgeBMacGeorgeBMac Posts: 11,421member
    DAalseth said:
    genovelle said:
    Interesting. China huh? Nothing about the massive on going widespread Russian breach that had been going on for 9 months undetected. Could it be that they are being directed to focus on China while ignoring all other threats. Even as the attack is happening in real time, they are focusing on China. No one else finds that to be odd?
    Trump built his career on misdirection, and once a grifter always a grifter. China is a threat, but Russia is as well. 

    Equating a competitive threat to a military one like is a false equivalency.   Plus, they require opposite responses.   A militarized, weaponized threat requires a militarized, weaponized response.   A competitive threat simply means you need to become more competitive -- responding with militarized, weaponized responses simply pushes them to do the same -- which is a lose-lose situation and solves nothing.
  • Reply 18 of 32
    GeorgeBMacGeorgeBMac Posts: 11,421member
    DAalseth said:
    tzeshan said:
    DHS is trying to protect American data? LOL What did they do about the Spams telephone calls Americans are receiving daily? None! Nahda! Nil! Why DHS cannot catch any of these criminals? America will be a much safer place if DHS can eliminate these Spam criminals. 
    I saw through the BS when DHS was created and I thought it was a bad idea then. Just an excuse for domestic spying. They're more concerned about American Enemies of the People (as W put it) than any threat from abroad. 
    DAalseth said:

    Trump built his career on misdirection, and once a grifter always a grifter. China is a threat, but Russia is as well. 


    This is the REAL threat posed by China.  It's not a military threat.   It's not a cyber threat.   It's economic.

    China will overtake the US to become the world's largest economy by 2028, five years earlier than previously forecast, a report says.

    The UK-based Centre for Economics and Business Research (CEBR) said China's "skilful" management of Covid-19 would boost its relative growth compared to the US and Europe in coming years.

    Meanwhile India is tipped to become the third largest economy by 2030.

    Although China was the first country hit by Covid-19, it controlled the disease through swift and extremely strict action, meaning it did not need to repeat economically paralysing lockdowns as European countries have done.

    The US economy, by contrast, has been hit hard by the world's worst coronavirus epidemic in terms of sheer numbers.


    US and Chinese economies 2010-2035 Gross domestic product in US trillions constant prices Chart shows Chinese and US economic output over time with China overtaking the US around 2028

    https://www.bbc.com/news/world-asia-china-55454146

    You can argue with any one set of numbers.  But it's pretty well agreed throughout the world that's it's not IF China will assume the #1 role, but WHEN.

    The U.S has not only not done much economically for the last 20 years, it's been living off of borrowed and printed money.   It needs to step up its game.  The question is:   How does it do that?   We need a GOAT to lead the country, but all we've had over (soon to be) 4 administrations are average players.   At best.




    edited December 2020
  • Reply 19 of 32
    tzeshantzeshan Posts: 2,351member
    DAalseth said:
    tzeshan said:
    DHS is trying to protect American data? LOL What did they do about the Spams telephone calls Americans are receiving daily? None! Nahda! Nil! Why DHS cannot catch any of these criminals? America will be a much safer place if DHS can eliminate these Spam criminals. 
    I saw through the BS when DHS was created and I thought it was a bad idea then. Just an excuse for domestic spying. They're more concerned about American Enemies of the People (as W put it) than any threat from abroad. 
    DAalseth said:

    Trump built his career on misdirection, and once a grifter always a grifter. China is a threat, but Russia is as well. 


    This is the REAL threat posed by China.  It's not a military threat.   It's not a cyber threat.   It's economic.

    China will overtake the US to become the world's largest economy by 2028, five years earlier than previously forecast, a report says.

    The UK-based Centre for Economics and Business Research (CEBR) said China's "skilful" management of Covid-19 would boost its relative growth compared to the US and Europe in coming years.

    Meanwhile India is tipped to become the third largest economy by 2030.

    Although China was the first country hit by Covid-19, it controlled the disease through swift and extremely strict action, meaning it did not need to repeat economically paralysing lockdowns as European countries have done.

    The US economy, by contrast, has been hit hard by the world's worst coronavirus epidemic in terms of sheer numbers.


    US and Chinese economies 2010-2035 Gross domestic product in US trillions constant prices Chart shows Chinese and US economic output over time with China overtaking the US around 2028

    https://www.bbc.com/news/world-asia-china-55454146

    You can argue with any one set of numbers.  But it's pretty well agreed throughout the world that's it's not IF China will assume the #1 role, but WHEN.

    The U.S has not only not done much economically for the last 20 years, it's been living off of borrowed and printed money.   It needs to step up its game.  The question is:   How does it do that?   We need a GOAT to lead the country, but all we've had over (soon to be) 4 administrations are average players.   At best.




    Long time ago Chinese elites once blamed western world as the cause of its perils. It is evident now the real enemy is Chinese itself. I think it is the same here in US. Democrats is practicing communism by doling out things to the lower class of people instead of encouraging them to work. And the human rightists are distracting Americans of its own domestic problems. 
  • Reply 20 of 32
    tzeshan said:
    DAalseth said:
    tzeshan said:
    DHS is trying to protect American data? LOL What did they do about the Spams telephone calls Americans are receiving daily? None! Nahda! Nil! Why DHS cannot catch any of these criminals? America will be a much safer place if DHS can eliminate these Spam criminals. 
    I saw through the BS when DHS was created and I thought it was a bad idea then. Just an excuse for domestic spying. They're more concerned about American Enemies of the People (as W put it) than any threat from abroad. 
    DAalseth said:

    Trump built his career on misdirection, and once a grifter always a grifter. China is a threat, but Russia is as well. 


    This is the REAL threat posed by China.  It's not a military threat.   It's not a cyber threat.   It's economic.

    China will overtake the US to become the world's largest economy by 2028, five years earlier than previously forecast, a report says.

    The UK-based Centre for Economics and Business Research (CEBR) said China's "skilful" management of Covid-19 would boost its relative growth compared to the US and Europe in coming years.

    Meanwhile India is tipped to become the third largest economy by 2030.

    Although China was the first country hit by Covid-19, it controlled the disease through swift and extremely strict action, meaning it did not need to repeat economically paralysing lockdowns as European countries have done.

    The US economy, by contrast, has been hit hard by the world's worst coronavirus epidemic in terms of sheer numbers.


    US and Chinese economies 2010-2035 Gross domestic product in US trillions constant prices Chart shows Chinese and US economic output over time with China overtaking the US around 2028

    https://www.bbc.com/news/world-asia-china-55454146

    You can argue with any one set of numbers.  But it's pretty well agreed throughout the world that's it's not IF China will assume the #1 role, but WHEN.

    The U.S has not only not done much economically for the last 20 years, it's been living off of borrowed and printed money.   It needs to step up its game.  The question is:   How does it do that?   We need a GOAT to lead the country, but all we've had over (soon to be) 4 administrations are average players.   At best.




    Long time ago Chinese elites once blamed western world as the cause of its perils. It is evident now the real enemy is Chinese itself. I think it is the same here in US. Democrats is practicing communism by doling out things to the lower class of people instead of encouraging them to work. And the human rightists are distracting Americans of its own domestic problems. 

    The advantage of a democracy is that it can right itself -- correct its direction -- if it starts going wrong (or goes too far wrong).
    The disadvantage is that conflicting ideologies and interests can keep it floundering like a ship out in a storm with a broken engine.

    Autocracies (whether socialist or capitalist) have the exact opposite:
    They have the advantage to react swiftly and effectively to the long term needs of the people and changing conditions. 
    Their disadvantage is, with bad leadership, they can sail off in a bad direction and there is simply no stopping them short of insurrection and revolution.

    China, since its communist takeover, has had the advantage of good leadership that has pulled its people out of poverty (and saved them from the virus).  That is shown in their economic development as it becomes the world's #1 economic power.  They are operating like a very large, well run corporation and its economic results prove it.   The question is:  how long will that good leadership last?   Because, once its good leadership is taken over by bad leaders, it has no way to right itself.

    But you say:  "Democrats is practicing communism...".  That statement confuses socialism with communism.   Communism merges a socialist economic model with an autocratic form of government.   Socialism can exist in either a democracy or an autocracy.   The United States since its inception has been a mix of socialism and capitalism -- and that has been part of its strength:  When Benjamin Franklin organized Community Fire Departments and Community Libraries and ran the government Post Office he was practicing socialism.   When he printed and sold his books and newspapers he was an entrepreneur practicing capitalism.   Today, the right wing in America has become so radicalized and hateful of its own government that any hint of government intervention is claimed to be a socialist (or worse, a communist) takeover.  So, while they keep the country paralyzed in the grips of the virus, China effectively eliminated the problem and is soaring ahead both in both its physical health as well as its economic health.

Sign In or Register to comment.