Re: Recent experience traveling China

[Shawn Merdinger <shawnmer () GMAIL COM>]

Clearly a challenging environment.

A few US Gov't resources...not that anything official will provide
clear answers or solutions.

http://travel.state.gov/content/passports/en/country/china.html

"Surveillance and Monitoring:  Security personnel carefully watch
foreign visitors and may place you under surveillance. Hotel rooms
(including meeting rooms), offices, cars, taxis, telephones, Internet
usage, and fax machines may be monitored onsite or remotely, and
personal possessions in hotel rooms, including computers, may be
searched without your consent or knowledge.  Security personnel have
been known to detain and deport U.S. citizens sending private
electronic messages critical of the Chinese government."

https://www.fbi.gov/about-us/investigate/counterintelligence/student-brochure

Several tips, but imho the most important:

"n most countries, you have no expectation of privacy in Internet
cafes, hotels, airplanes, offices, or public spaces. All information
you send electronically (fax, computer, telephone) can be intercepted,
especially wireless communications. If information might be valuable
to another government, company or group, you should assume that it
will be intercepted and retained. Security services and criminals can
track your movements using your mobile phone and can turn on the
microphone in your device even when you think it is turned off."

Cheers,
--scm

On 3/3/16, Nasir Hakeem <nasir.hakeem () cgu edu> wrote:
> Our group has 2 options, one is the open DNS client that is tied to umbrella
> (uses our approved DNS ips anywhere reachable) and second we have our
> standard Cisco vpn service. Have not had any reported issues with users
> outside the US. This includes China and Middle East.
>
> Nasir Hakeem | Sr. Systems and Network Administrator
>
> Sent via a mobile device
>
>
> On Mar 3, 2016, at 8:56 AM, Hudson, Edward
> <ehudson () CALSTATE EDU<mailto:ehudson () calstate edu>> wrote:
>
> Tread carefully. We have had experiences with university personnel traveling
> to China and using "purchased" VPN clients which are malware laden.
> We tend to encourage taking a loaner device, stripped down to bare
> essentials and no sensitive data. Also there are potential ITAR issues with
> encryption.
>
> Ed Hudson, CISM
> Director, Information Security
> California State University
> Office of the Chancellor
>
> 401 Golden Shore
> Long Beach, CA 90802
> Tel 562-951-8431
> ehudson () calstate edu<mailto:ehudson () calstate edu>
>
>
>
>
>
>
>
>
>
> On 3/3/16, 8:40 AM, "The EDUCAUSE Security Constituent Group Listserv on
> behalf of Emily Harris"
> <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () listserv educause edu> on
> behalf of emharris () VASSAR EDU<mailto:emharris () vassar edu>> wrote:
>
> All:
>
> Vassar has about 40 people taking a trip to China and we are attempting to
> advise them on a number of issues, including maintaining a safe and secure
> computing posture while abroad.
>
> We are a Google school, and as you know, China blocks access to Google
> applications.  I am wondering if anyone on the list has recent experience
> traveling to China and using their own institutional VPN.  An article I read
> recently indicated that China is cracking down on corporate VPNs and many of
> them do not work.  Can anyone speak to experience in this realm?  We are
> weighing our options for recommendations to these 40+ people.  Thank you!
>
> --
> Emily Harris
> Interim Information Security Officer, CIS
> Vassar College
> 845-437-7221