Some people my server admin uncle included believe that bringing any device to China automatically compromises it even if you reinstall a new OS. Is this warranted as some random person?

Can I go to my public sites and/or VPN into my servers?

Edit: I go there all the time. Also, I can take these precautions but I can’t expect my family to take them. What about family members phones?

A lot of great replies, thank you! Would love the read more specifics so I can know exactly the threats and my actions

Also, this is not an anti-China post. My field is Chinese related. Just learning more about the hosting side :)

abff08f4813c
link
fedilink
English
31M

It’s definitely warranted as a random person.

See https://security.stackexchange.com/questions/262444/should-i-worry-about-compromised-firmware-when-reinstalling-an-os from an admin point of view and also https://www.binarydefense.com/resources/blog/running-malware-below-the-os-the-state-of-uefi-firmware-exploitation/ for a technical discussion on how such compromises work and can survive even a new OS reinstall.

Also note that things like your mac address could be leaked out and collected (as per https://theprepared.com/forum/thread/turn-off-your-wifi-when-you-dont-need-it-and-other-tips-on-how-to-prevent-hacking-and-tracking/ ) though Apple specifically has a private mac address spoofing feature to combat this. A lot of this collection is automated, as to cast as wide a net a possible.

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 260 users / day
  • 494 users / week
  • 1.09K users / month
  • 3.79K users / 6 months
  • 1 subscriber
  • 3.91K Posts
  • 79.2K Comments
  • Modlog