• Who controls our tech?

    Home » Forums » Newsletter and Homepage topics » Who controls our tech?

    • This topic has 40 replies, 16 voices, and was last updated 3 weeks ago.
    Author
    Topic
    #2546886

    ON SECURITY By Susan Bradley The other day I spotted a USA Today article by Kim Komando about how to ensure Chinese tech wasn’t spying on you. She wro
    [See the full post at: Who controls our tech?]

    Susan Bradley Patch Lady

    8 users thanked author for this post.
    Viewing 17 reply threads
    Author
    Replies
    • #2546905

      “I think all technology should be investigated.”

      I agree wholeheartedly… but it’s not a chore for the faint-hearted, especially using tools like Wireshark.

      Even more basic tools such as Nir Sofer’s CurrPorts (with logging enabled) produces a log on clean–installed devices that leave you wondering just what the heck is going on in the background.

      It’s easy to see how reliant Microsoft is on third-party providers – content delivery networks like Akamai – but the number of outbound connections from a freshly-installed Windows 10 box is an eye-opener.

      5 users thanked author for this post.
    • #2546958

      At our house we abandoned Windows in favor of Linux Mint when MS threw W7 under the bus.  I object to invasive telemetry by MS and the other mega players in the on-line world- we avoid anything Google-related, for example, and eschew social media.  Having these entities peering in our cyber “windows”, (small w), especially with a profit motive, is off-putting to say the least.

      2 users thanked author for this post.
      • #2547039

        Did you choose Ubuntu? Then you still need to check for telemetry. Same with RedHat and Fedora. I haven’t taken an interest in Mint in this regard, so I won’t post about that distro. My point is, Linux by itself is no guarantee against spying.

        -- rc primak

      • #2547287

        Every platform wants to build in the ability to know if the operating system is working.  Remind me to fire up a distro for a similar test.

        Susan Bradley Patch Lady

        1 user thanked author for this post.
        • #2547437

          Exactly my point. Could you test Mint sometime for telemetry? Some here claim it doesn’t do telemetry; I am skeptical of that claim.

          -- rc primak

          • #2547460

            Per this blog post from founder and lead developer of Linux Mint Clem Lefebvre:

             

            https://blog.linuxmint.com/?p=4030

             

            “We can’t measure anything with precision because there’s nothing in your computer which sends data to us and we don’t configure Linux Mint in a way that even allows us to count how many users we have. In other words, there is nothing in Linux Mint that is common to all users and that we could rely on to establish statistics.”

            Linux Mint 21.1 LTS (Cinnamon). Windows 8.1 Pro virtual machine (with Classic/Open Shell) via VirtualBox.

            7 users thanked author for this post.
    • #2546987

      I doubt that Lenovo machines are phoning home to China. Making allegations is easy; FUD is easy.

      If they were doing this, surely someone somewhere has some logs that show what was happening. When people accused Microsoft (via Windows) of spying on people, there were all kinds of blogs and sites that posted all of the traffic from Windows. When doing a local search resulted in packets being sent to Bing, it was reported. When a fresh install of Windows 10 was sending packets to tracking domains (third party, not MS), that was reported. We know Windows is very “chatty” with Microsoft, because it has been documented.

      There are millions of Lenovos out there. Has anyone got a log from a gateway or router that shows mysterious packets sent to China from any of them, or even to mysterious (unknown) western servers that could be acting as proxies for China? Is there a Wireshark dump somewhere that shows anything unusual that cannot be explained by normal means?

      If there ever was such a thing, I would be very interested to know where on the PC the packets originated. Was it just a modification to the default Windows installation, or does it go deeper? One of the first things I do when I buy a new PC is to wipe the OS it came with and install my own, so if it was just in the OS, it would be gone. But what if there was some kind of spyware apparatus in the UEFI? Would those packets even show up on Wireshark? They surely would be seen by the gateway to the WAN, though, no matter where on the PC they originated.

      Until we actually see such a report, it is pure conjecture, and given how many Lenovos are sold (millions annually) vs. how many reports I have seen (none), it does not look like there’s anything going on.

      For the average user, I don’t think there is any threat from China even if it was true, as I have posted in the past. Most of the people of the world are of no interest to a foreign government. If we were privy to information vital to national security, that would be different, but most of us by far are not in that group. Given the choice, I would rather have China spy on me than Microsoft, Google, or Apple.

      Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
      XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

      3 users thanked author for this post.
    • #2546997

      What controls your public utilities? What controls your federal and state programs, physical sites, and computer sites? What controls commercial sites? What controls aviation communication? What controls stop lights? What control emergency communication?

      Think computer fire sale.
      https://www.urbandictionary.com/define.php?term=fire%20sale

      Carpe Diem {with backup and coffee}
      offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
      offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
      online▸ Win11Pro 22H2.22621.1778 x64 i5-9400 RAM16GB HDD Firefox114.0b8 MicrosoftDefender
      1 user thanked author for this post.
    • #2547014

      I would rather have China spy on me than Microsoft, Google, or Apple.

      I still vote for “none of the above.”

      8 users thanked author for this post.
    • #2547040

      RE. Chinese spyware controversy in laptops by Lenovo and Apple:
      Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way
      UPDATED FRI, OCT 5 2018
      CNBC
      https://www.cnbc.com/2018/10/04/chinese-spy-chips-are-said-to-be-found-in-hardware-used-by-apple-amazon-apple-denies-the-bloomberg-businessweek-report.html

      Will Wireshark pick this up? While this was never definitively proven, the US government sent back a lot of orders. That was allegedly going on at the Foxconn plant in China.

      IoT devices are notoriously insecure, so they actually pose a far greater threat than fully-functional computers or phones. IoT needs its own sub-net, if not a separate network of its own. Moving the Roomba to the sub-net is prudent. I do suspect that there is something residual creating the traffic with the HP identifiers.

      -- rc primak

      3 users thanked author for this post.
    • #2547074

      RE. Chinese spyware controversy in laptops by Lenovo and Apple:
      Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way
      UPDATED FRI, OCT 5 2018
      CNBC
      https://www.cnbc.com/2018/10/04/chinese-spy-chips-are-said-to-be-found-in-hardware-used-by-apple-amazon-apple-denies-the-bloomberg-businessweek-report.html

      It is fake news by Bloomberg. Has been denied by all and never proved to be true.
      Not a single such chip has been presented.

      2 users thanked author for this post.
    • #2547114

      Due to the nature of our work, we removed all of our Lenovo computers from service years ago and replaced them with HP devices.

      Yes, the retired PCs remain in storage and are updated periodically. But if we pull them off the shelf, we do not use them if sensitive material is involved.

      Take a look at the Forbes’ 2020 article entitled Why Is U.S. Policy Tough On Huawei And TikTok But Not Lenovo?

      https://www.forbes.com/sites/roslynlayton/2020/06/26/why-is-us-policy-tough-on-huawei-and-tiktok-but-not-lenovo/?sh=3b472e827b6e

      Or the Computerworld’s article U.S. State Department to limit use of Lenovo PCs.

      https://www.computerworld.com/article/2545522/u-s–state-department-to-limit-use-of-lenovo-pcs.html

      When there are alternatives – why purchase PCs made by a Chinese company?

      • #2547189

        When there are alternatives – why purchase PCs made by a Chinese company?

        IMO, the more appropriate question should be,” Why avoid PCs made by a Chinese company?” The reasons given so far are nothing more than FUD and innuendo. If there is some evidence that they are compromised, let’s see it and base our discussion on facts. Otherwise, what are we even doing here?

        If you have to avoid the purchase of certain brands because your company is involved in government contracts and has to respond to their political directives, that would be a valid concern at the company level– though not necessarily so at the level of those government critters who made the decisions in the first place, unless they are just trying to harm China with the FUD.

        If that is the goal, to reduce the money flowing into the coffers of our largest geopolitical rivals, that is certainly a reasonable goal… but how realistic is it? My Dell XPS was made in China. Apple iThings are made in China. Every HP I have owned was made in China.

        If  the connection to China makes a device suspect, then we’re really in trouble. Are there any that are not made in China?

        Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon
        XPG Xenia 15, i7-9750H/16GB & GTX1660ti, KDE Neon

        4 users thanked author for this post.
      • #2552357

        Due to the nature of our work, we removed all of our Lenovo computers from service years ago and replaced them with HP devices.

        Yes, the retired PCs remain in storage and are updated periodically. But if we pull them off the shelf, we do not use them if sensitive material is involved.

        Take a look at the Forbes’ 2020 article entitled Why Is U.S. Policy Tough On Huawei And TikTok But Not Lenovo?

        https://www.forbes.com/sites/roslynlayton/2020/06/26/why-is-us-policy-tough-on-huawei-and-tiktok-but-not-lenovo/?sh=3b472e827b6e

        Or the Computerworld’s article U.S. State Department to limit use of Lenovo PCs.

        https://www.computerworld.com/article/2545522/u-s–state-department-to-limit-use-of-lenovo-pcs.html

        When there are alternatives – why purchase PCs made by a Chinese company?

        And putting them online for the update make you feel MORE secure??
        Of course it could be off line but what would be the point??

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
    • #2547230

      Big fan of Nirsoft software. Did not know that Currports had a logging feature. For spying on Windows as it spies on us, I use two DNS programs from Nirsoft

      https://www.nirsoft.net/utils/dns_query_sniffer.html
      https://www.nirsoft.net/utils/dns_lookup_view.html

      and another program that logs all outbound TCP requests
      https://www.nirsoft.net/utils/tcp_log_view.html

      The telemetry/spying is brutal as these programs illustrate. Here is an example

      Windows 10 spies on your use of System Settings
      https://michaelhorowitz.com/Windows10.spying.onsettings.php

      Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

      2 users thanked author for this post.
    • #2547231

      I think that Susan’s premise is flawed. Any spy software from China would not phone home to an IP address in China. That’s too obvious. If I was writing such software, I would phone home to a large data center in the US and use a name like these

      s.ntv.io
      tag.bounceexchange.com
      live.rezync.com
      logx.optimizely.com
      a6709203f34992a5095d2bc7ceaf2ec504f651a8.cws.conviva.com

      which were all seen in the CNN.com home page (thanks to DNS tracing by a Nirsoft.net program)

      Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

      2 users thanked author for this post.
      • #2547247

        Didn’t see anything but what I wrote about.

        Microsoft.

        Irobot pinging me

        HP scanner software left behind on my Sisters computer (AH HA FOUND IT).

        Nothing else.

        Susan Bradley Patch Lady

        1 user thanked author for this post.
      • #2552507

        And only be triggered when something interesting was going on.
        ‘If they could they did’ would be my mantra. Of course same with us…

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
    • #2547277

      Didn’t see anything but what I wrote about. Microsoft. Irobot pinging me HP scanner software left behind on my Sisters computer (AH HA FOUND IT). Nothing else.

      Umm… what?

      Sorry but… your post makes no sense.

      1 user thanked author for this post.
      • #2547281

        Michael said “Any spy software from China would not phone home to an IP address in China”.  I only saw the computer phoning home to Microsoft, receiving pings from my irobot vacuum cleaner (mistakenly set up on the same wifi) and an HP scanner software loaded up on my Sister’s computer looking for the now missing HP scanner/printer.  What I wrote about.

        Susan Bradley Patch Lady

        1 user thanked author for this post.
        • #2547285

          What the heck are you on about? I understand Michael’s post. Your response is incomprehensible.

          1 user thanked author for this post.
          • #2547435

            What is incomprehensible about only seeing three types of pings? None of which is suspect.

            Are you saying a ping to a known Microsoft server could be Chinese spying?

            Or that the iRobot or HP pings are phoning home to China?

            -- rc primak

    • #2547296

      What the heck are you on about? I understand Michael’s post. Your response is incomprehensible.

      Many very many times posts here at Woody’s were (are?) deleted and banned in a xenophobic way, telling that they are/were politically driven (telling that they were unthermining the U.S. way of thinking and freedom, perhaps? [Just thinking openly…])
      Now there is this Wireshark’ed “poof” in a bit larger article, that isn’t conclusive at all and softening the datamining-thoughts; this is not politically driven?
      It might be interesting to publish thoughts about why the Ukrainian electronical warfare is resulting in …. , In what actually?
      …. On the edge or in the middle of WW3 (that nobody is paricipating), the electronical one, in Europe and Asia? Again Wireshark will not help and prove anything.

      * _ the metaverse is poisonous _ *
      • This reply was modified 2 months ago by Fred.
      • This reply was modified 2 months ago by Fred.
      • This reply was modified 2 months ago by Fred.
    • #2547401

      Taking a step back, there is potential spying by China and the well known spying by Microsoft/Windows.

      I would think it is very hard to track down any spying by China, assuming it exists. There are many advanced tricks that can be applied and I would think any phoning home activity would  be hidden from Windows itself. One example of a potential trick:  I often see data leaving the WAN port of my router with a private IP address (think 10.x.x.x) as the destination. Maybe a bug, maybe spying. No way for me t know.

      As for the spying that Microsoft does, there is a ton of it. This is easily seen with the DNS logging programs from Nir Sofer at nirsoft.net.

       

      Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

      2 users thanked author for this post.
      • #2547416

        For those averse to MS data collection, time to move on.  Once the usual lot of mega internet players saw what a revenue cow that practice is, (q.v. Google), they got on board.

        Linux Mint is a better system, can be had without cost if you wish, and there is no telemetry.  I as a non-tech user am pleased to be there.

        2 users thanked author for this post.
      • #2547436

        10.x.x.x IP addresses are used by Comcast for their modems and equipment. Comcast also assigns this range of IP addresses to everything on the user’s home network, unless you manually reset things.

        -- rc primak

        1 user thanked author for this post.
        • #2547523

          Mis-understanding.

          I was referring to a 10.something IP address leaving the WAN port. In theory, this should never happen as it is one of a group of IP address (along with 192.168.x.x and others) that are reserved for internal use only. No doubt, you are referring to internal (LAN side) use which is normal. I often see internal-only IP addresses trying to leave the WAN port and get out on the Internet. Puzzling. This is not something a consumer router makes visible.

          Again, just an example of advance tricks the hardware manufacturer might pull to hide their spying. IPv6 might be another. I am sure there are many other schemes that I can not even imagine. Simply looking for IPs in China seems simplistic.

           

           

          Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

          1 user thanked author for this post.
    • #2547540

      Ever consider that the Chinese uploads the info to spy balloons and not thru the internet?

       

       

    • #2549817

      Forced the company to respond

      http://news.lenovo.com/article_display.cfm?article_id=2080

      That URL returns a ‘404 Not found’ error so maybe Lenovo pulled the plug on it.

    • #2552504

      Warning: Nerdy.

      IoT really needs two seperate subnets, one where the devices can see each other and one where they can not.  More about VLANs here

      https://routersecurity.org/vlan.php

      Michael may I ask why 2 are needed?

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      • #2552587

        One VLAN/subnet one where IoT devices can not see each other is a given (in my opinion). That is, each IoT device can only access the Internet. Any malicious device in this group will think it is the only device on the LAN.

        But there are also IoT devices that need to communicate with other devices in your home. Perhaps wireless speakers that you control with a mobile app. You could lump all of these in the same VLAN/subnet and while way better than nothing, is not the absolute best isolation. If only one or two devices fit this profile, isolate them in their own VLANs and give them their own SSID. But, this assumes a router can create 3 or 4 or more SSIDs.  And, it assumes you don’t mind connecting to a different SSID to talk to just one device.

        Security will always be the enemy of convenience.

        Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

        1 user thanked author for this post.
    • #2552877

      Obvious now that you explained it. Thanks Michael

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
    • #2557732

      Hi Susan, your preference to the Lenovo laptop keyboard struck a chord with me as I too have preferences regarding the hardware that connects us to our computers. Since I spend countless hours using these systems I strive for optimal efficiency, functionality, and comfort. I do not have experience with Lenovo but will be checking soon as I’m ready for an upgrade. Which specific  model or models have you used and are currently using?

      Thank you!

      Alan

    Viewing 17 reply threads
    Reply To: Who controls our tech?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: