• jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    11 months ago

    The title is a little sensational.

    Corporate travel policies to China and China controlled regions, for my entire adult life, have always been any data that goes into China is going to be exfiltrated. So clean devices for travel, no sensitive information on those devices, those devices get refreshed when they get back. And not plugged into the main network.

    This is over multiple international corporations, with headquarters in different countries. Many countries, China included, use their national security and spying apparatus for business advantage for national companies. China’s just a little more enthusiastic than everyone else

    The difference between clean devices for travel, and burner devices, is you’re not trying to be anonymous. You’re just minimizing the amount of data you’re exposing. Burner implies people attempting to be anonymous, which isn’t a great idea for a corporations, especially in China. Many corporations have a fiduciary duty to record their communications, so a burner device would imply they’re trying to circumvent their compliance obligations, which they’re not trying to do.

    • cyd@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      11 months ago

      The significance is that Hong Kong used to be exempt from such requirements, because it was viewed as sufficiently separate from China. No longer.

    • pousserapiere@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      I concur. It’s not only China, depending on the company’s market it can also be the US, Russia and probably others.