58
submitted 1 month ago* (last edited 1 month ago) by ComradeMiao@lemmy.world to c/selfhosted@lemmy.world

Some people my server admin uncle included believe that bringing any device to China automatically compromises it even if you reinstall a new OS. Is this warranted as some random person?

Can I go to my public sites and/or VPN into my servers?

Edit: I go there all the time. Also, I can take these precautions but I can’t expect my family to take them. What about family members phones?

A lot of great replies, thank you! Would love the read more specifics so I can know exactly the threats and my actions

Also, this is not an anti-China post. My field is Chinese related. Just learning more about the hosting side :)

you are viewing a single comment's thread
view the rest of the comments
[-] neatchee@lemmy.world 45 points 1 month ago* (last edited 1 month ago)

Do not bring your normal personal devices to China. They are notorious for injecting spyware on foreign devices at every opportunity. Use a freshly formatted device and create all new accounts to use with it.

Regarding services: do not use self-hosted services unless you you spin up fresh, isolated instances of your services for use while abroad and spin them down afterwards, including formatting any OS they were hosted on.

Regarding VPN: because we are assuming that any device used in China is compromised, do not connect to your VPN unless you have set up a segregated VLAN and are connecting through a VPN server instance created specifically for use while in China.

Basically, assume anything you use in China is compromised. And assume your connections are being monitored. And assume that any device you are connecting to from China is at risk of being compromised. So everything needs to be segregated from the rest of your network and set up specifically to be deleted after you're back home.

[-] ComradeMiao@lemmy.world 14 points 1 month ago

Do you have any links to read more about this? Thanks for a very detailed response.

Is there anyway to bring my phone and laptop without this risk? I can totally format my laptop completely but can’t do that with my phone.

[-] neatchee@lemmy.world 20 points 1 month ago

Unfortunately, no, not really. They are absolutely able and willing to confiscate your devices at any time once you're on Chinese soil, and once you've lost physical control, that's the end of trust for that device. Even beyond that, it's not unheard of for there to be vulnerabilities in Wi-Fi, Bluetooth, etc that make your device susceptible to wireless attacks. IMO it's not worth the risk.

Here is just one example of this type of thing uncovered by The Guardian, New York Times, and others in a joint investigation: https://www.theguardian.com/world/2019/jul/02/chinese-border-guards-surveillance-app-tourists-phones

[-] AustralianSimon@lemmy.world 4 points 1 month ago

I know both Australia and UK have laws that allow border to take and copy your phones, laptops and storage devices. It's not unusual.

[-] psmgx@lemmy.world 4 points 1 month ago

Most countries give customs and border agents broad latitude to do stuff like that. I've had it happen in Vietnam, the US, and Turkey, among others.

Burners, all the way

[-] AustralianSimon@lemmy.world 1 points 1 month ago

Agree - better safe to not risk it when crossing borders. Even if you don't have anything incriminating your identity can be stolen and used.

this post was submitted on 16 Nov 2024
58 points (95.3% liked)

Selfhosted

40734 readers
398 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS