| 發表文章 | 發起投票 |
| 下一頁 |
聯想電腦安「後門」美英澳等五國情報機構禁用
近日澳媒報導,中國個人電腦製造商「聯想」,已被澳大利亞、美國、英國、加拿大、新西蘭等五個國家的情報機構禁止使用。大量的實驗室測試顯示,聯想電腦的硬盤設有「後門」和存在芯片漏洞,可被他人在沒有用戶個人信息的情況下遠程操作。
據《澳洲金融報》報導,英國和澳大利亞的多家情報和國防消息來源證實,存在一個書面禁令,禁止這家中國製造商的電腦進入「機密」網絡。這項禁令在2000年代中期推出。大量的實驗室測試顯示,聯想電腦的硬盤存在「後門」,芯片含有「固件」漏洞。
一位國防部發言人證實,聯想電腦產品,從未被澳大利亞的秘密和絕密網絡授權使用。
絕密禁令凸顯了對中國電腦公司生產的芯片中「惡意電路」和不安全固件(Firmware,固化在了硬件中的軟件)的擔憂。固件是計算機硬件和操作系統之間的接口。
聯想的總部在北京,並在2005年收購了IBM的個人電腦業務。
IBM繼續出售服務器和獲得秘密以及絕密網絡認證的主機。不過,國防部的一位發言人說,聯想從來沒有申請過認證。
中國科學院擁有38%的聯想控股(Legend Holdings),聯想控股擁有34%的聯想集團股權,為最大的持股方。
聯想電路惡意修改 木馬程序可在數月或數年後發動攻擊
英國情報機構的實驗室在聯想產品的研究方面發揮主導作用。
英國和澳洲的國防部門以及情報機構表示,聯想電路的惡意修改,超越一般典型的漏洞,可允許他人在沒有任何個人用戶信息的情況下遠程進入用戶的電腦。
不過,聯想在一份聲明中說,對禁令一事不知情。
華盛頓DC布魯金斯學會(Brookings Institution)的科技專家 John Villasenor教授表示,半導體市場的全球化「使得芯片被有意和惡意的修改,包含隱藏的木馬電路,被插入供應鏈中。」「這些木馬電路可以在數月或數年之後被觸發以發動攻擊。」
專家:硬件「後門」防不勝防
高科技研究公司IBRS的IT安全行業分析師特納 (James Turner)表示,硬件「後門」如果精心設計,將很難被監測到。
他說,它們通常被設計得看起來像一個小的設計或者是製造缺陷。為了避免被發現,它們一般通過遠程傳輸來被激活。
特納說:「大多數組織沒有足夠的資源來監測這種形式的滲入,需要高度專業化的實驗室測試,通過一定的程式測試硬件和軟件。」他說,聯想套件被機密網絡禁止是很顯然的,一些私人領域,也應該對此多加留意。
Villasenor教授說,惡意電路就像「殺死開關」,可以用來中止設備運行,並建立「後門」。法國的國防承包商報告說,安裝在芯片中的「殺死開關」可遠程操控和使壞。
西方情報聯盟:聯想電腦禁令
《澳洲金融報》得到的消息顯示,「五眼」西方情報聯盟,包括美國國家安全局、英國的GCHQ ,澳大利亞的國防信號局等,這些機構的部份秘密和絕密電腦網絡相連,允許彼此進行溝通交流。這意味著安全禁令通常在這五個國家實施。
聯想電腦的禁令同樣適用於英國國內和外國安全機構,軍情五處、軍情6處以及澳大利亞安全情報組織和澳大利亞秘密情報局等。
據披露,出於安全上的擔憂,美國國務院2006年決定不在機密網絡上使用1萬6千台聯想電腦。
聯想電腦依然是「非機密」政府網絡主要電腦供應商
但據悉,聯想電腦在西方國家,依然是「非機密」政府網絡的主要電腦供應商,包括澳大利亞和新西蘭的國防部。
一些專家表示,阻止一些公司產品進入機密網絡不是應對安全威脅的萬能藥。
很多西方供應商在中國有半導體工廠或者「代工廠」,這帶來受干擾的風險。
因安全問題,華為科技被排除在澳大利亞國家寬帶網絡之外。美國中央情報局和國家安全局(NSA)的前負責人海登 (Michael Hayden)指控,華為為中共充當間諜。
(責任編輯:孫芸)
http://home.gamer.com.tw/creationDetail.php?sn=2180678
據《澳洲金融報》報導,英國和澳大利亞的多家情報和國防消息來源證實,存在一個書面禁令,禁止這家中國製造商的電腦進入「機密」網絡。這項禁令在2000年代中期推出。大量的實驗室測試顯示,聯想電腦的硬盤存在「後門」,芯片含有「固件」漏洞。
一位國防部發言人證實,聯想電腦產品,從未被澳大利亞的秘密和絕密網絡授權使用。
絕密禁令凸顯了對中國電腦公司生產的芯片中「惡意電路」和不安全固件(Firmware,固化在了硬件中的軟件)的擔憂。固件是計算機硬件和操作系統之間的接口。
聯想的總部在北京,並在2005年收購了IBM的個人電腦業務。
IBM繼續出售服務器和獲得秘密以及絕密網絡認證的主機。不過,國防部的一位發言人說,聯想從來沒有申請過認證。
中國科學院擁有38%的聯想控股(Legend Holdings),聯想控股擁有34%的聯想集團股權,為最大的持股方。
聯想電路惡意修改 木馬程序可在數月或數年後發動攻擊
英國情報機構的實驗室在聯想產品的研究方面發揮主導作用。
英國和澳洲的國防部門以及情報機構表示,聯想電路的惡意修改,超越一般典型的漏洞,可允許他人在沒有任何個人用戶信息的情況下遠程進入用戶的電腦。
不過,聯想在一份聲明中說,對禁令一事不知情。
華盛頓DC布魯金斯學會(Brookings Institution)的科技專家 John Villasenor教授表示,半導體市場的全球化「使得芯片被有意和惡意的修改,包含隱藏的木馬電路,被插入供應鏈中。」「這些木馬電路可以在數月或數年之後被觸發以發動攻擊。」
專家:硬件「後門」防不勝防
高科技研究公司IBRS的IT安全行業分析師特納 (James Turner)表示,硬件「後門」如果精心設計,將很難被監測到。
他說,它們通常被設計得看起來像一個小的設計或者是製造缺陷。為了避免被發現,它們一般通過遠程傳輸來被激活。
特納說:「大多數組織沒有足夠的資源來監測這種形式的滲入,需要高度專業化的實驗室測試,通過一定的程式測試硬件和軟件。」他說,聯想套件被機密網絡禁止是很顯然的,一些私人領域,也應該對此多加留意。
Villasenor教授說,惡意電路就像「殺死開關」,可以用來中止設備運行,並建立「後門」。法國的國防承包商報告說,安裝在芯片中的「殺死開關」可遠程操控和使壞。
西方情報聯盟:聯想電腦禁令
《澳洲金融報》得到的消息顯示,「五眼」西方情報聯盟,包括美國國家安全局、英國的GCHQ ,澳大利亞的國防信號局等,這些機構的部份秘密和絕密電腦網絡相連,允許彼此進行溝通交流。這意味著安全禁令通常在這五個國家實施。
聯想電腦的禁令同樣適用於英國國內和外國安全機構,軍情五處、軍情6處以及澳大利亞安全情報組織和澳大利亞秘密情報局等。
據披露,出於安全上的擔憂,美國國務院2006年決定不在機密網絡上使用1萬6千台聯想電腦。
聯想電腦依然是「非機密」政府網絡主要電腦供應商
但據悉,聯想電腦在西方國家,依然是「非機密」政府網絡的主要電腦供應商,包括澳大利亞和新西蘭的國防部。
一些專家表示,阻止一些公司產品進入機密網絡不是應對安全威脅的萬能藥。
很多西方供應商在中國有半導體工廠或者「代工廠」,這帶來受干擾的風險。
因安全問題,華為科技被排除在澳大利亞國家寬帶網絡之外。美國中央情報局和國家安全局(NSA)的前負責人海登 (Michael Hayden)指控,華為為中共充當間諜。
(責任編輯:孫芸)
http://home.gamer.com.tw/creationDetail.php?sn=2180678
本貼文共有 46 個回覆
此貼文已鎖,將不接受回覆
遇正 IBM SERVER 系統 賣俾 lenovo 前夕 , ![[slick]](/face/hkg/slick.gif)
好多人用緊Lenovo 啲機回POST
可能中共個個都有加後門 
apple, MS, google ![[shocking]](/face/hkg/shocking.gif)
apple, MS, google ALARMING: Routers Made in China Monitor Your Internet Activities
The "Backdoor Programming" in a Chinese brand router
was recently exposed by the media.
Through this "Backdoor Programming," files, trojans and hacks can
be uploaded and download via the router,
This makes it easy to steal data from computers
by entering the IP address on the network.
On August 30, overseas online media newmobilelife.com
reported that TrendLab published a report on August 28.
The report indicated that routers made by a Chinese company
Netcore have backdoor programming that change routers' settings.
as well as installing coding to facilitate service attacks,
and monitoring and reporting users online activities.
The report indicated that the backdoor programming is
on the UDP.
TrendLab used ZMAP to scan and found two million
UDP IP addresses. Most of these routers are located in China.
Netcore's products are sold overseas as the Netis brand.
TrendLab analaysed that both Netcore and Netis routers
have backdoor programming.
Online technology expert Li Li: "At present, many
European and American Internet service providers give
their customers cheap Chinese brands routers to reduce cost.
For example, I know many companies in the Netherlands
use products made by "Huawei."
Even Taiwanese brand products or brands of other countries
are made in communist China.
It is very easy to install backdoor coding to these products,
but very difficult to find out.
Commentators pointed out that the Chinese Communist Party
fosters a large and powerful online army to steal secrets from
overseas,
as well as steal personal information from Chinese citizens and
monitor their speech.
Twitter user Guhe thinks all routers made in China
have backdoor programming.
He found a problem when installing fiber wide band last year.
Gu He: "It had another account name,which was created by
the administrator of the router.
Nobody tells you what is the account name or the password.
This account has permission to modify the router.
The situation is clear that backdoor programming is open.
I can get into your machine through this account and
conduct monitoring and restriction activities, etc."
Netizen Sun Lin's home had spying equipment installed in his
home by the authorities.
Last year, his router was installed with back-door programming.
Sun Lin: "They came to my home. One of them was a woman.
She worked on my computer and installed a program to
prevent "crossing the wall"in my router.
One of my Apple routers could not cross the firewall.
They used every means. They sent policemen and special agents
to work on my equipments.
I sent it to the Apple store. They told me that they could not
recover it. This means that the implant is very advanced."
Chairman of Next Media Jimmy Lai wrote in the
latest issue of Next Magazine that:
on July 1 Next Media server was attacked by hackers
at 143 million queries per second.
All private accounts, documents, company e-mails were stolen.
Later it was revealed that he donated money to
Pan-Democracy members and political groups.
World Wide Free Network founder Zhang Xinyu: "HK's
pro-democracy supporter Next Media's computers was hacked.
The CCP used "the galaxy supercomputer" to hack or open up
other's computers at hundreds of millions of times per second.
It is hard for anyone to guard, because it has huge amounts of
human and material resources to do this."
It is understood that China's communication device
manufacturers Huawei has the background and capital
from the People's Liberation Army (PLA).
It is wide scale worry that Huawei might steal user's data
through technology or configurations.
In October, 2012, U.S. House of Representatives issued a report
stating that:
China's Huawei and ZTD might pose a threat to U.S. national
security and blocked the two companies outside the U.S. market.
In March, 2012, the Australian government also banned Huawei
to compete in the national broadband network infrastructure
construction projects.
Zhang Xinyu: "The hardware of China's routers were
directly installed with hacker programming, which is unknown to
the outside world.
So Chinese routers, including Huawei's products cannot be used
in the U.S. recently.
Because something was programmed into it for political purpose.
So no one dared to use it."
TrendLab pointed out to consumers that there is a lack of
resources to solve back-door programming.
Users cannot close the back door on their own.
The only possible solution is to replace the equipment.
Interview/ChenHan Edit/ChenJie
The "Backdoor Programming" in a Chinese brand router
was recently exposed by the media.
Through this "Backdoor Programming," files, trojans and hacks can
be uploaded and download via the router,
This makes it easy to steal data from computers
by entering the IP address on the network.
On August 30, overseas online media newmobilelife.com
reported that TrendLab published a report on August 28.
The report indicated that routers made by a Chinese company
Netcore have backdoor programming that change routers' settings.
as well as installing coding to facilitate service attacks,
and monitoring and reporting users online activities.
The report indicated that the backdoor programming is
on the UDP.
TrendLab used ZMAP to scan and found two million
UDP IP addresses. Most of these routers are located in China.
Netcore's products are sold overseas as the Netis brand.
TrendLab analaysed that both Netcore and Netis routers
have backdoor programming.
Online technology expert Li Li: "At present, many
European and American Internet service providers give
their customers cheap Chinese brands routers to reduce cost.
For example, I know many companies in the Netherlands
use products made by "Huawei."
Even Taiwanese brand products or brands of other countries
are made in communist China.
It is very easy to install backdoor coding to these products,
but very difficult to find out.
Commentators pointed out that the Chinese Communist Party
fosters a large and powerful online army to steal secrets from
overseas,
as well as steal personal information from Chinese citizens and
monitor their speech.
Twitter user Guhe thinks all routers made in China
have backdoor programming.
He found a problem when installing fiber wide band last year.
Gu He: "It had another account name,which was created by
the administrator of the router.
Nobody tells you what is the account name or the password.
This account has permission to modify the router.
The situation is clear that backdoor programming is open.
I can get into your machine through this account and
conduct monitoring and restriction activities, etc."
Netizen Sun Lin's home had spying equipment installed in his
home by the authorities.
Last year, his router was installed with back-door programming.
Sun Lin: "They came to my home. One of them was a woman.
She worked on my computer and installed a program to
prevent "crossing the wall"in my router.
One of my Apple routers could not cross the firewall.
They used every means. They sent policemen and special agents
to work on my equipments.
I sent it to the Apple store. They told me that they could not
recover it. This means that the implant is very advanced."
Chairman of Next Media Jimmy Lai wrote in the
latest issue of Next Magazine that:
on July 1 Next Media server was attacked by hackers
at 143 million queries per second.
All private accounts, documents, company e-mails were stolen.
Later it was revealed that he donated money to
Pan-Democracy members and political groups.
World Wide Free Network founder Zhang Xinyu: "HK's
pro-democracy supporter Next Media's computers was hacked.
The CCP used "the galaxy supercomputer" to hack or open up
other's computers at hundreds of millions of times per second.
It is hard for anyone to guard, because it has huge amounts of
human and material resources to do this."
It is understood that China's communication device
manufacturers Huawei has the background and capital
from the People's Liberation Army (PLA).
It is wide scale worry that Huawei might steal user's data
through technology or configurations.
In October, 2012, U.S. House of Representatives issued a report
stating that:
China's Huawei and ZTD might pose a threat to U.S. national
security and blocked the two companies outside the U.S. market.
In March, 2012, the Australian government also banned Huawei
to compete in the national broadband network infrastructure
construction projects.
Zhang Xinyu: "The hardware of China's routers were
directly installed with hacker programming, which is unknown to
the outside world.
So Chinese routers, including Huawei's products cannot be used
in the U.S. recently.
Because something was programmed into it for political purpose.
So no one dared to use it."
TrendLab pointed out to consumers that there is a lack of
resources to solve back-door programming.
Users cannot close the back door on their own.
The only possible solution is to replace the equipment.
Interview/ChenHan Edit/ChenJie
咁仲買唔買ThinkPad好![[banghead]](/face/hkg/banghead.gif)
咁仲買唔買ThinkPad好
果啲後門唔關一般用家事
Security backdoor found in China-made US military chip
A microchip used by the US military and manufactured in China contains a secret "backdoor" that means it can be shut off or reprogrammed without the user knowing, according to researchers at Cambridge University's Computing Laboratory.
UPDATE: However, one security consultancy has said that the implication that the backdoor might have been secretly inserted by the Chinese manufacturer is "bogus", and that malicious intent is unlikely.
In a draft paper, Cambridge University researcher Sergei Skorobogatov wrote that the chip in question is widely used in military and industrial applications. The "backdoor" means it is "wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan", they said.
The discovery was made during testing of a new technique to extract the encryption key from chips, developed by Cambridge spin-off Quo Vadis Labs. The "bug" is in the actual chip itself, Skorobogatov wrote, rather than the firmware installed on the devices that use it, meaning there is no way to fix it than to replace the chip altogether.
"The discovery of a backdoor in a military grade chip raises some serious questions about hardware assurance in the semiconductor industry," wrote Skorobogatov.
However, Robert Graham, of US security consultancy Errata Security, wrote yesterday that the backdoor is unlikely to have been added maliciously. He claims that the entry route discovered by Skorobogotov is likely to be a debugging tool deliberately installed by the manufacturer.
"It's remotely possible that the Chinese manufacturer added the functionality, but highly improbable. It's prohibitively difficult to change a chip design to add functionality of this complexity."
He also questioned the description of the chip as "military grade". "The military uses a lot of commercial, off-the-shelf products. That doesn't mean there is anything special about it."
Graham writes that the backdoor could pose a security threat, however. "It not only allows the original manufacturer to steal intellectual-property, but any other secrets you tried to protect with the original [encryption] key."
- See more at: http://www.information-age.com/technology/security/2105468/security-backdoor-found-in-china-made-us-military-chip#sthash.XKGue7Cx.dpuf
A microchip used by the US military and manufactured in China contains a secret "backdoor" that means it can be shut off or reprogrammed without the user knowing, according to researchers at Cambridge University's Computing Laboratory.
UPDATE: However, one security consultancy has said that the implication that the backdoor might have been secretly inserted by the Chinese manufacturer is "bogus", and that malicious intent is unlikely.
In a draft paper, Cambridge University researcher Sergei Skorobogatov wrote that the chip in question is widely used in military and industrial applications. The "backdoor" means it is "wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan", they said.
The discovery was made during testing of a new technique to extract the encryption key from chips, developed by Cambridge spin-off Quo Vadis Labs. The "bug" is in the actual chip itself, Skorobogatov wrote, rather than the firmware installed on the devices that use it, meaning there is no way to fix it than to replace the chip altogether.
"The discovery of a backdoor in a military grade chip raises some serious questions about hardware assurance in the semiconductor industry," wrote Skorobogatov.
However, Robert Graham, of US security consultancy Errata Security, wrote yesterday that the backdoor is unlikely to have been added maliciously. He claims that the entry route discovered by Skorobogotov is likely to be a debugging tool deliberately installed by the manufacturer.
"It's remotely possible that the Chinese manufacturer added the functionality, but highly improbable. It's prohibitively difficult to change a chip design to add functionality of this complexity."
He also questioned the description of the chip as "military grade". "The military uses a lot of commercial, off-the-shelf products. That doesn't mean there is anything special about it."
Graham writes that the backdoor could pose a security threat, however. "It not only allows the original manufacturer to steal intellectual-property, but any other secrets you tried to protect with the original [encryption] key."
- See more at: http://www.information-age.com/technology/security/2105468/security-backdoor-found-in-china-made-us-military-chip#sthash.XKGue7Cx.dpuf
咁仲買唔買ThinkPad好
果啲後門唔關一般用家事
大多數西方供應商在中國有半導體工廠或者「代工廠, 好多ROUNTER都比中共加了後門,
可以開"後門" "看"你上網, 中共與全球各地的網絡供應商共同合作, 香港網絡供應商ISP全用華為ROUTER啲機,
只有西方政府禁止ISP用華為router。
所有中共國牌子的電腦和有關產品我一律唔用的
所有中共國牌子的電腦和有關產品我一律唔用的
買野你好難拆開睇下入面的controller ic先買,好難防,支那可以用國家暗中補貼,嚮價格上打沉晒其他牌子,到其他牌子死晒,全球都可以監控
咁仲買唔買ThinkPad好
果啲後門唔關一般用家事
大多數西方供應商在中國有半導體工廠或者「代工廠, 好多ROUNTER都比中共加了後門,
可以開"後門" "看"你上網, 中共與全球各地的網絡供應商共同合作, 香港網絡供應商ISP全用華為ROUTER啲機,
只有西方政府禁止ISP用華為router。
WISEKEY 以前的香港寬頻全部網都係用CISCO。
咁仲買唔買ThinkPad好
果啲後門唔關一般用家事
大多數西方供應商在中國有半導體工廠或者「代工廠, 好多ROUNTER都比中共加了後門,
可以開"後門" "看"你上網, 中共與全球各地的網絡供應商共同合作, 香港網絡供應商ISP全用華為ROUTER啲機,
只有西方政府禁止ISP用華為router。
你講 notebook 定 router 先 ?
你篇報導講果隻「後門」有指定對象的
所有中共國牌子的電腦和有關產品我一律唔用的
買野你好難拆開睇下入面的controller ic先買,好難防,支那可以用國家暗中補貼,嚮價格上打沉晒其他牌子,到其他牌子死晒,全球都可以監控
唔好買最低階果啲 router , 專揀 broadcom wifi chips , 可用自制 rom 果啲
咁仲買唔買ThinkPad好
果啲後門唔關一般用家事
大多數西方供應商在中國有半導體工廠或者「代工廠, 好多ROUNTER都比中共加了後門,
可以開"後門" "看"你上網, 中共與全球各地的網絡供應商共同合作, 香港網絡供應商ISP全用華為ROUTER啲機,
只有西方政府禁止ISP用華為router。
你講 notebook 定 router 先 ?
你篇報導講果隻「後門」有指定對象的
想講係 notebook 同 router.
如ROUTER 加了後門可任意上下載檔案等等..
所有中共國牌子的電腦和有關產品我一律唔用的
買野你好難拆開睇下入面的controller ic先買,好難防,支那可以用國家暗中補貼,嚮價格上打沉晒其他牌子,到其他牌子死晒,全球都可以監控
唔好買最低階果啲 router , 專揀 broadcom wifi chips , 可用自制 rom 果啲
你知堆OPEN WRT 無植入後門嗎
![[369]](/face/hkg/369.gif)
咁仲買唔買ThinkPad好
果啲後門唔關一般用家事
大多數西方供應商在中國有半導體工廠或者「代工廠, 好多ROUNTER都比中共加了後門,
可以開"後門" "看"你上網, 中共與全球各地的網絡供應商共同合作, 香港網絡供應商ISP全用華為ROUTER啲機,
只有西方政府禁止ISP用華為router。
WISEKEY 以前的香港寬頻全部網都係用CISCO。
以前係用CISCO,但而家可能已退役
所有中共國牌子的電腦和有關產品我一律唔用的
買野你好難拆開睇下入面的controller ic先買,好難防,支那可以用國家暗中補貼,嚮價格上打沉晒其他牌子,到其他牌子死晒,全球都可以監控
唔好買最低階果啲 router , 專揀 broadcom wifi chips , 可用自制 rom 果啲
你知堆OPEN WRT 無植入後門嗎
咁你係咪完全唔撚用先 ? 如果你驚只能選擇機率較少嘅去用
傻閪屌整都仲有
而家成日有啲5 毛傻閪不斷話後門無得防 , 等人索性完全唔去防 , 5 毛死全家啦陷家鍹
咁仲買唔買ThinkPad好
果啲後門唔關一般用家事
大多數西方供應商在中國有半導體工廠或者「代工廠, 好多ROUNTER都比中共加了後門,
可以開"後門" "看"你上網, 中共與全球各地的網絡供應商共同合作, 香港網絡供應商ISP全用華為ROUTER啲機,
只有西方政府禁止ISP用華為router。
WISEKEY 以前的香港寬頻全部網都係用CISCO。
以前係用CISCO,但而家可能已退役
退役 ? 成個網由上而下都係CISCO,點退。
公司機 ![[sosad]](/face/hkg/sosad.gif)
所有中共國牌子的電腦和有關產品我一律唔用的
買野你好難拆開睇下入面的controller ic先買,好難防,支那可以用國家暗中補貼,嚮價格上打沉晒其他牌子,到其他牌子死晒,全球都可以監控
唔好買最低階果啲 router , 專揀 broadcom wifi chips , 可用自制 rom 果啲
你知堆OPEN WRT 無植入後門嗎
咁你係咪完全唔撚用先 ? 如果你驚只能選擇機率較少嘅去用
傻閪屌整都仲有
OPEN WRT 係人都參與得,仲要永遠BETA,出咗事又無人要負責,邊個改個CODE都唔知,中共大把人參與計劃你估危唔危。
中國同西方交惡 睇下仲玩得幾耐
秒後自動載入第 2 頁
| 下一頁 |
| 發表 |