From: Tomas L. Byrnes Sent: Saturday, February 13, 2010 6:24 PM To: 'Robert Portvliet' Subject: RE: [funsec] Can you trust Chinese computer equipment? It depends on what level of "Trust" you require. That doesn't just apply to China, although their recent behavior RE Google (as if Moonlight Maze wasn't bad enough) means that their default/baseline trust level should be much lower than , say equipment made by our NATO allies captive government owned companies. At the very least, you should audit and baseline firmware to whatever you consider acceptable and have tested in your network. It all depends on what your required level of security, mitigation strategies, and acceptable level of risk is. That's what the "Residual Risk Matrix" in DITSCAP/DIACAP is all about. From: [email protected] [mailto:[email protected]] On Behalf Of Robert Portvliet Sent: Friday, February 05, 2010 9:31 AM To: [email protected] Subject: [funsec] Can you trust Chinese computer equipment? http://hardware.slashdot.org/story/10/02/05/1548226/Can-You-Trust-Chines e-Computer-Equipment
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
