<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>I'm a nobody, but I once drew personalized, physical attention of
some Chinese internal state security organization. </p>
<p><br>
</p>
<p>At the time I worked for a company that did avionics for small
aircraft. I have always been interested in security and practice
pretty careful security myself, more as a thought exercise than
for real reasons. I caught their attention.</p>
<p>My wife and I were on a trip to China over the holidays, 2008 to
2009. A couple-ish weeks, traveling alone, not on a tour. This was
before the Great Firewall was so robust, and I brought my Linux
computer with me. I could use the wifi in tourist hotels. When I
did use the wifi it was for web stuff, and also encrypted
connections (SSH, I suspect also IMAP at that point) to my
personal server at home, on a static IP address, in the USA. This
was before the "only bring disposable electronics to China"-rule,
but I kept my computer with me at all times. Almost.</p>
<p>I also brought my handheld GPS hiking receiver with me and used
it a lot, because I like my toys. (The embedded Garmin maps of
China seemed to always about a ¼-mile offset from reality.) I most
likely had a tiny shortwave radio with me, too. A Sony SW-1, or
more likely the fancier Sony SW-100, both very nice little radios.
We took a lot of pictures, too, because "film" (flash memory) was
suddenly so cheap!</p>
<p>Very early in the trip I was attacked by an evil bowl of soup at
dinner and was quite sick for a few days, holed up in our hotel
room in the French Quarter of Shanghai, my wife was out and about,
bringing me back some simple foods that she hoped wouldn't make me
worse.</p>
<p>We were in Hangzhou and West Lake over Christmas where, as the
only foreigners (only intelligence targets?) at the hotel's
Christmas dinner event, we were treated like celebrities. I
remember being up on stage at one point, my wife, too. Though I
would have carried the silver "Bubbleope" the computer was in with
me, like a woman's clutch. Or, maybe not. Maybe I left my computer
and my "purse" with my wife, but then she got called up later and
it was left alone for a couple minutes. Not enough time to tamper
with my computer, but enough time to mess with my purse.</p>
<p>After our visit to Xian to see the Terracotta Warriors we
returned to Shanghai, and one sight that was still a must-see on
our list was their fabulous archeology museum. But they wouldn't
let me bring in my computer in. I had to check it.</p>
<p><br>
</p>
<p>[Wonderful museum. In galleries with delicate scrolls the light
on the art would be kept extremely dim if no one was in the room,
but when we entered the lights would come up enough to see the
art, but in a kind of sequence around the room. I would be looking
at one spot and it would be okay level of brightness, then it
would dim considerably—I could still kind of see what I was
looking at because I was still looking at it, and a few seconds
later out would get brighter again. My mind could integrate over
the span. Very clever, the total light exposure was kept very
low.]</p>
<p><br>
</p>
<p>When we decided we were done with the museum and were about to
leave suddenly a young man in a suit appeared out of nowhere and
recited from memory, in a thick Chinese accent, one of Obama's
famous speeches. (We had been Obama donors and volunteers.) We
were startled and delighted. Turned to each other with big smiles,
and when we turned back he had vanished.</p>
<p><br>
</p>
<p>It took me an embarrassingly long time to realize that this was a
well prepared contingency, a delaying tactic. I think they wanted
time to get my computer back into the cloakroom before we got
there. (This was a kinder, gentler time, when they didn't want to
be caught in their snooping.)</p>
<p><br>
</p>
<p>I don't know what they did to my computer, nothing obvious. It
was a cute, tough, little Panasonic "Lets Note" marketed only in
the Japanese market (complete with my Obama '08 sticker on the
lid). I had Red Hat (?) Linux on it, which was very unusual
behavior, particularly back then. Fully encrypted disk, including
swap—but not the boot partition. My user password was not known to
them, not recycled from other purposes, not typed out in the open
without hunching over the keyboard, my encryption passphrase also
unknown to them and a lot longer than the password. I had left it
at the museum in sleep mode, when I woke it up I was sensible
enough to be observant it seemed to be exactly as I left it, same
software running, windows in the same position, it had not been
rebooted. I do know there was later discovered to be a DMA
vulnerability on the PCMCIA card slot. Or maybe it was the
Firewire. Or probably both. My guess at the time is they had some
exploit ready to install, but were pissed to discover I wasn't
running MS Windows. Maybe they imaged the live RAM. We were in the
museum probably for over an hour but I think less than two, not
sure.</p>
<p>We flew home a couple days later.</p>
<p><br>
</p>
<p>They went to a <i>lot</i> of effort, presumably tracking us
across the country, trying to catch my computer alone in a hotel
room and failing, they did their research to know were were Obama
supporters, someone memorized that speech for us. This was not a
cheap operation.</p>
<p><br>
</p>
<p>I still have the computer, right here (it was a <i>very</i> nice
machine), I haven't booted it in years, I think I still have
record of the passphrase and password, I think I even still have
the power supply…</p>
<p>Back then I kept my passwords encrypted in a Palm Pilot, but I
transferred them over to something more modern since. So I have
passwords records going back a long time. I don't recycle
passwords, my online accounts have never been compromised via
anything other then a site itself being incompetent, such leaked
passwords from, say, Myspace, are worthless elsewhere, I suppose
that also makes me suspicious. (The Palm Pilot really did stay on
me at all times. Or was it alone in the dark briefly on Christmas
Eve?)</p>
<p><br>
</p>
<p>And I'm still just a nobody. But I caught their attention.</p>
<p><br>
</p>
<p>-kb, the Kent who probably would not return to China and if he
did would have to go barefoot, so speak, with only disposable
electronics; but the Kent who also would love to meet those who
were on the other side of the operation, they must be getting old,
too.</p>
<p><br>
</p>
<p>P.S. These days my computer is <i>fully</i>, fully encrypted. No
unencrypted boot partition anymore. No boot partition at all, in
fact. I keep that in my pocket, on a little UBS device, with my
keys.</p>
</body>
</html>