Should I be concerned about using American made computers for sensitive work?

[gravenewworld]

Are there any computer makers out there that make and assemble everything in America? I've been reading more about computer products that are made in China that are being implanted with malcious code in order to spying purposes. I don't want to sound like a conspiracy spook, but wouldn't it be wiser to make sure the equipment I use during grad school is clean, especially if anything we discover in the lab end up becoming IP?

 

[Greg Bernhardt]

Assembled or all parts made in US?

Maybe this?
http://www.computersmadeinusa.com/

 

[gravenewworld]

Assembled or all parts made in US?

Maybe this?
http://www.computersmadeinusa.com/

Assembled and all parts made in the US.

 

[Evo]

Are there any computer makers out there that make and assemble everything in America? I've been reading more about computer products that are made in China that are being implanted with malcious code in order to spying purposes. I don't want to sound like a conspiracy spook, but wouldn't it be wiser to make sure the equipment I use during grad school is clean, especially if anything we discover in the lab end up becoming IP?

Do you have examples of where this has been found to be true? Mainstream publications, not blogs or conspiracy websites.

 

[gravenewworld]

Just watched a dateline program on cyberware fare. Quite interesting. They interviewed one guy who was in charge of scanning all the new equipment bought and used in high security areas of the government and he estimated that 10% of all the code found in new computing equipment coming into the facilities were implanted with malicious code specifically designed for spyware purposes.

http://technolog.msnbc.msn.com/_news/2011/07/08/7043349-us-official-says-pre-infected-computer-tech-entering-country

Confirming years of warnings from government and private security experts, a top Homeland Security official has acknowledged that computer hardware and software is already being imported to the United States preloaded with spyware and security-sabotaging components.
The remarks by Greg Schaffer, the Department of Homeland Security's acting deputy undersecretary for national protection and programs, came Thursday during a tense exchange at a hearing of the House Oversight and Government Reform Committee. The panel is considering an Obama administration proposal to tighten monitoring and controls on computer equipment imported for critical government and communications infrastructure.

And I will be doing work in biotech that will probably be of considerable interest if there are ever good results.

 

[Pengwuino]

Just watched a dateline program on cyberware fare. Quite interesting. They interviewed one guy who was in charge of scanning all the new equipment bought and used in high security areas of the government and he estimated that 10% of all the code found in new computing equipment coming into the facilities were implanted with malicious code specifically designed for spyware purposes.

There's a good chance China had nothing to do with it... that is, if a Dateline story could even be considered credible.

 

[gravenewworld]

Also, it wasn't that long ago when some consumers noticed that digital picture frames came preloaded with malware:

http://www.securityfocus.com/news/11499

Going forward, infections may no longer always be accidental, said Sachs, who is also the executive director of government affairs at telecommunications provider Verizon.

"I think that supply-side attacks are going to go from zero to some small percentage," he said. "It is obviously not going to be as dangerous as mass mailing e-mail infections, but you could have some really clever targeted attacks."

In the latest incidents, three photo frames made by Tuscaloosa, Ala.-based Advanced Design Systems, and bought from different Sam's Club stores, each contained a Trojan horse, according to reports to the SANS Internet Storm Center. The malicious code appears to act like a rootkit, hiding itself and disabling access to antivirus resources.

(security focus is owned by symantec and is also includes a former Dept. of Justice prosecutor for cybercrimes as one of it's writers so it isn't some crazy blog).

http://www.computerworld.com/s/arti...cted_digital_picture_frames?source=rss_news50

 

[Evo]

Just watched a dateline program on cyberware fare. Quite interesting. They interviewed one guy who was in charge of scanning all the new equipment bought and used in high security areas of the government and he estimated that 10% of all the code found in new computing equipment coming into the facilities were implanted with malicious code specifically designed for spyware purposes.

http://technolog.msnbc.msn.com/_news/2011/07/08/7043349-us-official-says-pre-infected-computer-tech-entering-country




And I will be doing work in biotech that will probably be of considerable interest if there are ever good results.

Why on Earth is the US gov, buying computers from China?

 

[gravenewworld]

Why on Earth is the US gov, buying computers from China?

Because it is cheap and part of free trade?

Actually that would be an amazingly brilliant strategy, undervalue your currency to dominate economically and get the US addicted to your imports. Package those imports literally with trojan horses that could cripple the entire infrastructure or reveal secrets. Once you've dominated economically, it would then be easy to dominate militarily if you could crash your opponent's entire infrastructure.

I mean these reports that are starting to come out that are finding preinstalled spyware in consumer electronics are really only the examples of the ones that have been caught. Who knows how much infected electronics are really out there. How much have foreign made products infiltrated our way of life? It's really a scary thought.

 

[Pengwuino]

Who builds in China thought? Taiwan and Korea are where all your computers come from.

 

[Chronos]

I doubt any real spyware or malware is being directily implanted by foreign sources. It would be much easier and effective to 'forget' to close security holes. Plausible deniability is the name of the game.