Do we give China the benefit of the doubt

[Marvin the Martian]

I doubt we do. A GPS built by a Chinese company can be exploited to track vehicles and cut their engines.

Cybersecurity startup BitSight said it found six vulnerabilities in the MV720, a hardwired GPS tracker built by MiCODUS, a Shenzhen-based electronics maker, which claims more than 1.5 million GPS trackers in use today across more than 420,000 customers worldwide, including companies with fleets of vehicles, law enforcement agencies, militaries and national governments. BitSight said in its report that it also found the GPS trackers used by Fortune 50 companies and a nuclear power plant operator.​

...​

The most severe flaw is a hardcoded password that can be used to gain complete control of any GPS tracker, access to vehicles’ real-time location and past routes, and remotely cut off fuel to vehicles. Because the password is embedded directly into the code of the Android app, anyone can dig around the code and find it.​

​

Fortunately, the article says the US is not a particularly big customer, just in the "thousands". But militaries, law enforcement, and nuclear plants, should not use code built overseas unless there is no possible exception.

Security flaws in GPS tracker exposing 1M vehicle locations

Researchers warn that the flaws can be exploited to track vehicles and remotely cut engines

techcrunch.com

 

[larsIU]

I doubt we do. A GPS built by a Chinese company can be exploited to track vehicles and cut their engines.

Cybersecurity startup BitSight said it found six vulnerabilities in the MV720, a hardwired GPS tracker built by MiCODUS, a Shenzhen-based electronics maker, which claims more than 1.5 million GPS trackers in use today across more than 420,000 customers worldwide, including companies with fleets of vehicles, law enforcement agencies, militaries and national governments. BitSight said in its report that it also found the GPS trackers used by Fortune 50 companies and a nuclear power plant operator.​

...​

The most severe flaw is a hardcoded password that can be used to gain complete control of any GPS tracker, access to vehicles’ real-time location and past routes, and remotely cut off fuel to vehicles. Because the password is embedded directly into the code of the Android app, anyone can dig around the code and find it.​

​

Fortunately, the article says the US is not a particularly big customer, just in the "thousands". But militaries, law enforcement, and nuclear plants, should not use code built overseas unless there is no possible exception.

Security flaws in GPS tracker exposing 1M vehicle locations

Researchers warn that the flaws can be exploited to track vehicles and remotely cut engines

techcrunch.com

I'd like to know how often these types of "mistakes" occur (assuming mistake). Not my area so I don't know. But if this occurs somewhat frequently, I think we roll our eyes and laugh at the incompetence. If not, I don't believe in giving China many more chances when it comes to IP theft/reverse engineering or spy adjacent behavior.

 

[Marvin the Martian]

I'd like to know how often these types of "mistakes" occur (assuming mistake). Not my area so I don't know. But if this occurs somewhat frequently, I think we roll our eyes and laugh at the incompetence. If not, I don't believe in giving China many more chances when it comes to IP theft/reverse engineering or spy adjacent behavior.

These sort of errors happen all the time. This one is a bit more egregious than most, but not that much. The real issue I think is with the IT of whatever corporations deployed this. They should have seen it came with a default password and should have changed it. Just like printers, most network printers come with a default password and need changed to prevent anyone and everyone from hacking in.

 

[Ohio Guy]

I doubt we do. A GPS built by a Chinese company can be exploited to track vehicles and cut their engines.

Cybersecurity startup BitSight said it found six vulnerabilities in the MV720, a hardwired GPS tracker built by MiCODUS, a Shenzhen-based electronics maker, which claims more than 1.5 million GPS trackers in use today across more than 420,000 customers worldwide, including companies with fleets of vehicles, law enforcement agencies, militaries and national governments. BitSight said in its report that it also found the GPS trackers used by Fortune 50 companies and a nuclear power plant operator.​

...​

The most severe flaw is a hardcoded password that can be used to gain complete control of any GPS tracker, access to vehicles’ real-time location and past routes, and remotely cut off fuel to vehicles. Because the password is embedded directly into the code of the Android app, anyone can dig around the code and find it.​

​

Fortunately, the article says the US is not a particularly big customer, just in the "thousands". But militaries, law enforcement, and nuclear plants, should not use code built overseas unless there is no possible exception.

Security flaws in GPS tracker exposing 1M vehicle locations

Researchers warn that the flaws can be exploited to track vehicles and remotely cut engines

techcrunch.com

Do we give them the benefit of the doubt? I say no too. Especially not after they're taking all the air we're cleaning and sending us their dirty air.

 

[ulrey]

Lol at this thread..

 

[TheOriginalHappyGoat]

These sort of errors happen all the time. This one is a bit more egregious than most, but not that much. The real issue I think is with the IT of whatever corporations deployed this. They should have seen it came with a default password and should have changed it. Just like printers, most network printers come with a default password and need changed to prevent anyone and everyone from hacking in.

Most printers don't come with a default password allowing someone to remotely shut off a PC's power supply. I find any use of the word "error" to be hard to swallow on this one.

 

[Marvin the Martian]

Most printers don't come with a default password allowing someone to remotely shut off a PC's power supply. I find any use of the word "error" to be hard to swallow on this one.

I like the idea of not attributing to malice when incompetence will do, but this one is tough. But at a minimum it shows why we need to write our own code.

 

[IUCrazy2]

I like the idea of not attributing to malice when incompetence will do, but this one is tough. But at a minimum it shows why we need to write our own code.

It is China, I always assume malice with them now.

 

[Marvin the Martian]

It is China, I always assume malice with them now.

And that is fair, and why I am not going ho to assume incompetence.

 

[NPT]

I like the idea of not attributing to malice when incompetence will do, but this one is tough. But at a minimum it shows why we need to write our own code.

We need to start pulling a lot of things out of China.... they could stop us from getting a lot of medicines. The companies and government in this country are just plain stoooopid and all in the name of money.

For example, I don't believe that this is by chance.

 

[Crayfish57]

We need to start pulling a lot of things out of China.... they could stop us from getting a lot of medicines. The companies and government in this country are just plain stoooopid and all in the name of money.

For example, I don't believe that this is by chance.

Neither is Covid

 

[i'vegotwinners]

I doubt we do. A GPS built by a Chinese company can be exploited to track vehicles and cut their engines.

Cybersecurity startup BitSight said it found six vulnerabilities in the MV720, a hardwired GPS tracker built by MiCODUS, a Shenzhen-based electronics maker, which claims more than 1.5 million GPS trackers in use today across more than 420,000 customers worldwide, including companies with fleets of vehicles, law enforcement agencies, militaries and national governments. BitSight said in its report that it also found the GPS trackers used by Fortune 50 companies and a nuclear power plant operator.​

...​

The most severe flaw is a hardcoded password that can be used to gain complete control of any GPS tracker, access to vehicles’ real-time location and past routes, and remotely cut off fuel to vehicles. Because the password is embedded directly into the code of the Android app, anyone can dig around the code and find it.​

​

Fortunately, the article says the US is not a particularly big customer, just in the "thousands". But militaries, law enforcement, and nuclear plants, should not use code built overseas unless there is no possible exception.

Security flaws in GPS tracker exposing 1M vehicle locations

Researchers warn that the flaws can be exploited to track vehicles and remotely cut engines

techcrunch.com

why do you hate capitalism and freedom?

 

[snarlcakes]

I doubt we do. A GPS built by a Chinese company can be exploited to track vehicles and cut their engines.

Cybersecurity startup BitSight said it found six vulnerabilities in the MV720, a hardwired GPS tracker built by MiCODUS, a Shenzhen-based electronics maker, which claims more than 1.5 million GPS trackers in use today across more than 420,000 customers worldwide, including companies with fleets of vehicles, law enforcement agencies, militaries and national governments. BitSight said in its report that it also found the GPS trackers used by Fortune 50 companies and a nuclear power plant operator.​

...​

The most severe flaw is a hardcoded password that can be used to gain complete control of any GPS tracker, access to vehicles’ real-time location and past routes, and remotely cut off fuel to vehicles. Because the password is embedded directly into the code of the Android app, anyone can dig around the code and find it.​

​

Fortunately, the article says the US is not a particularly big customer, just in the "thousands". But militaries, law enforcement, and nuclear plants, should not use code built overseas unless there is no possible exception.

Security flaws in GPS tracker exposing 1M vehicle locations

Researchers warn that the flaws can be exploited to track vehicles and remotely cut engines

techcrunch.com

Get the Nuclear codes. F#ck them!!

 

[i'vegotwinners]

It is China, I always assume malice with them now.

 

[TomEric4756]

I'd like to know how often these types of "mistakes" occur (assuming mistake). Not my area so I don't know. But if this occurs somewhat frequently, I think we roll our eyes and laugh at the incompetence. If not, I don't believe in giving China many more chances when it comes to IP theft/reverse engineering or spy adjacent behavior.

Clearly not a mistake, but an intentional act by the GPS provider, who may have been directed to provide a back door by “authorities”.

 

[sglowrider]

Get the Nuclear codes. F#ck them!!

Then what? America always needs an enemy or a bogeyman to focus on -- otherwise, the country will start to eat itself from the inside.

Not noticed that there is always someone to blame?

Only in the 80s and 90s, it was all about Japan and taking over America.

As long as the country isn't an economic competitor then it is a friendly. That's the reality.

India will be the 3rd largest economic power in the world by 2030. So let's see how long the US remains 'friendly' towards India.

Its all about deflection. That's what teenagers do. Cant fix your own problems, find someone else to blame.

 

[snarlcakes]

Then what? America always needs an enemy or a bogeyman to focus on -- otherwise, the country will start to eat itself from the inside.

Not noticed that there is always someone to blame?

Only in the 80s and 90s, it was all about Japan and taking over America.

As long as the country isn't an economic competitor then it is a friendly. That's the reality.

India will be the 3rd largest economic power in the world by 2030. So let's see how long the US remains 'friendly' towards India.

Its all about deflection. That's what teenagers do. Cant fix your own problems, find someone else to blame.

lol…I actually feel bad now. I wasn’t being serious. I don’t want to nuke any countries

 

[bub-rub]

It is China, I always assume malice with them now.

fair enough but also realize that China has assumed malice w the US since their revolution and is also justified in that stance.

 

[Crayfish57]

fair enough but also realize that China has assumed malice w the US since their revolution and is also justified in that stance.

Justified just how exactly?

 

[bub-rub]

Justified just how exactly?

the Chinese Communist Party won china's last civil war and we've been propping up the defeated regime ever since. I think china's relationship with Taiwan and the US would be somewhat like the Union defeating the Confederates in the US civil war but then Japan supporting the last of the Confederates in Hawaii or the Uk supporting the hold outs in the Bahamas. whatever your opinions are about china, put yourself in their shoes for a moment. we've fought two wars "against Communism" on their borders. these are just a couple of the big geopolitical strokes.

in general, being a big, developing nation while the US played world police the last 70 years has had its challenges. india would also agree.

I think Pax Americana has probably saved the planet from a couple world wars since WW2 but that might not be much comfort to countries that felt held down by US dominance.

 

[Crayfish57]

the Chinese Communist Party won china's last civil war and we've been propping up the defeated regime ever since. I think china's relationship with Taiwan and the US would be somewhat like the Union defeating the Confederates in the US civil war but then Japan supporting the last of the Confederates in Hawaii or the Uk supporting the hold outs in the Bahamas. whatever your opinions are about china, put yourself in their shoes for a moment. we've fought two wars "against Communism" on their borders. these are just a couple of the big geopolitical strokes.

in general, being a big, developing nation while the US played world police the last 70 years has had its challenges. india would also agree.

I think Pax Americana has probably saved the planet from a couple world wars since WW2 but that might not be much comfort to countries that felt held down by US dominance.

Funny most of the US does have their feet in China's shoes these days.

 

[bub-rub]

Funny most of the US does have their feet in China's shoes these days.

and they lent us the money to buy the shoes they sold us. heady stuff.

 

[TheOriginalHappyGoat]

We need to start pulling a lot of things out of China.... they could stop us from getting a lot of medicines. The companies and government in this country are just plain stoooopid and all in the name of money.

For example, I don't believe that this is by chance.

It's incredibly important we don't pull out. We just need to find a way to insulate national security from business. We absolutely need for the US and China to keep making money off each other. We just can't let our security become a victim of that money-making.

 

[Crayfish57]

and they lent us the money to buy the shoes they sold us. heady stuff.

Are you a communist, Chinese or just a d***?

 

[bub-rub]

Are you a communist, Chinese or just a d***?

not following you. China sells a lot of stuff to the US and also holds $1 trillion in US treasuries. They really did lend us the money to buy their stuff. That’s not an anti-US statement. Lol.

 

[sglowrider]

Are you a communist, Chinese or just a d***?

I am Chinese. So does that mean I am a communist and therefore a dick?

You really are quite a simple-minded crustacean.

 

[sglowrider]

not following you. China sells a lot of stuff to the US and also holds $1 trillion in US treasuries. They really did lend us the money to buy their stuff. That’s not an anti-US statement. Lol.

Let's not pretend its some intellectual discussion.
It's just a chest-beating, flag-waving discussion; that is based on the premise -- if you are not with me, you are against me. US versus the latest enemy. So hardly objective nor worth of any real intellectual discussion then.

As mentioned before, people are manipulated by the media, and government into thinking that some Johnnie foreigner is always wrong -- like the US has never fecked up seriously badly in the past 100 years and thus losing its moral high ground.
People who live in glass houses should not throw stones.

US foreign policies have been botched up, immorally driven and lied to the public. It needs to own up and have some humility and self-awareness. From slam dunks to Afghanistan to installing puppet regimes who killed thousands of people.
These silly discussions about how immoral China or whoever is its just dumb when the US has done all sorts of shit over the past century.
The US had previous stolen IP from the Europeans back at the turn of the last century to help propel its industrial might. So now we are accusing China of the same.

Shoes on the other foot now.

Learn some history.

When we own up to the shit then we can actually have a proper discussion. Then you will realise that there are no good versus bad actors in global politics. They are all shit but just degrees of stench.

Otherwise it just reaks of xenophobia.

 

[snarlcakes]

I am Chinese. So does that mean I am a communist and therefore a dick?

You really are quite a simple-minded crustacean.

Are you a communist?

 

[ulrey]

Are you a communist?

I’m guessing he’s American

 

[snarlcakes]

I’m guessing he’s American

He already stated he was Chinese, which is a nationality. And there are plenty of Americans who are communist (Democratic part…..just a joke).

 

[JamieDimonsBalls]

I doubt we do. A GPS built by a Chinese company can be exploited to track vehicles and cut their engines.

Cybersecurity startup BitSight said it found six vulnerabilities in the MV720, a hardwired GPS tracker built by MiCODUS, a Shenzhen-based electronics maker, which claims more than 1.5 million GPS trackers in use today across more than 420,000 customers worldwide, including companies with fleets of vehicles, law enforcement agencies, militaries and national governments. BitSight said in its report that it also found the GPS trackers used by Fortune 50 companies and a nuclear power plant operator.​

...​

The most severe flaw is a hardcoded password that can be used to gain complete control of any GPS tracker, access to vehicles’ real-time location and past routes, and remotely cut off fuel to vehicles. Because the password is embedded directly into the code of the Android app, anyone can dig around the code and find it.​

​

Fortunately, the article says the US is not a particularly big customer, just in the "thousands". But militaries, law enforcement, and nuclear plants, should not use code built overseas unless there is no possible exception.

Security flaws in GPS tracker exposing 1M vehicle locations

Researchers warn that the flaws can be exploited to track vehicles and remotely cut engines

techcrunch.com

Giving China the benefit of the doubt for an endless amount of blatant IP theft and security risks seems stupid, to be frank.

The Chinese have shown they are worthy of nothing other than complete distrust (see COVID, IP theft, governmental control and abuse, etc.).

 

[JamieDimonsBalls]

not following you. China sells a lot of stuff to the US and also holds $1 trillion in US treasuries. They really did lend us the money to buy their stuff. That’s not an anti-US statement. Lol.

Dumb

 

[IUCrazy2]

Let's not pretend its some intellectual discussion.
It's just a chest-beating, flag-waving discussion; that is based on the premise -- if you are not with me, you are against me. US versus the latest enemy. So hardly objective nor worth of any real intellectual discussion then.

As mentioned before, people are manipulated by the media, and government into thinking that some Johnnie foreigner is always wrong -- like the US has never fecked up seriously badly in the past 100 years and thus losing its moral high ground.
People who live in glass houses should not throw stones.

US foreign policies have been botched up, immorally driven and lied to the public. It needs to own up and have some humility and self-awareness. From slam dunks to Afghanistan to installing puppet regimes who killed thousands of people.
These silly discussions about how immoral China or whoever is its just dumb when the US has done all sorts of shit over the past century.
The US had previous stolen IP from the Europeans back at the turn of the last century to help propel its industrial might. So now we are accusing China of the same.

Shoes on the other foot now.

Learn some history.

When we own up to the shit then we can actually have a proper discussion. Then you will realise that there are no good versus bad actors in global politics. They are all shit but just degrees of stench.

Otherwise it just reaks of xenophobia.

Yeah, so you want to run through the list of the wrong things China has done over its history?

And completely disagree that there are no good versus bad actors in global politics.

 

[IUCrazy2]

I’m guessing he’s American

He told you how he identifies in his post. No need to guess. Everything he says should be filtered through that lens.

 

[anon_6hv78pr714xta]

Let's not pretend its some intellectual discussion.
It's just a chest-beating, flag-waving discussion; that is based on the premise -- if you are not with me, you are against me. US versus the latest enemy. So hardly objective nor worth of any real intellectual discussion then.

As mentioned before, people are manipulated by the media, and government into thinking that some Johnnie foreigner is always wrong -- like the US has never fecked up seriously badly in the past 100 years and thus losing its moral high ground.
People who live in glass houses should not throw stones.

US foreign policies have been botched up, immorally driven and lied to the public. It needs to own up and have some humility and self-awareness. From slam dunks to Afghanistan to installing puppet regimes who killed thousands of people.
These silly discussions about how immoral China or whoever is its just dumb when the US has done all sorts of shit over the past century.
The US had previous stolen IP from the Europeans back at the turn of the last century to help propel its industrial might. So now we are accusing China of the same.

Shoes on the other foot now.

Learn some history.

When we own up to the shit then we can actually have a proper discussion. Then you will realise that there are no good versus bad actors in global politics. They are all shit but just degrees of stench.

Otherwise it just reaks of xenophobia.

But by writing that there are different “degrees of stench,” aren’t you admitting that we can, in fact, morally differentiate between global actors or actions?

Can’t the US say “hey, we did X in the past and were wrong. So China don’t do X?” Your reasoning implies the US couldn’t chastise a country in 2022 for implementing slavery, for example, or using a nuclear bomb, or denying women suffrage.

I think this type of argument runs into the same type of error that some in the reparations community endorse. That is, I don’t believe anyone is morally responsible for actions their ancestors engaged in. Nor do I think 2022 Nation X= 1922 Nation X on these analyses. (I realize many disagree.)

 

[Univee2]

why do you hate capitalism and freedom?

Moneyed interests and Comcast!

 

[Univee2]

lol…I actually feel bad now. I wasn’t being serious. I don’t want to nuke any countries

They all hate us anyhow.
Let’s drop the big one now.

 

[bub-rub]

Giving China the benefit of the doubt for an endless amount of blatant IP theft and security risks seems stupid, to be frank.

The Chinese have shown they are worthy of nothing other than complete distrust (see COVID, IP theft, governmental control and abuse, etc.).

agree but, again, look at it from China's point of view. we keep selling arms to Taiwan (and india and other Chinese rivals), we keep parking the 7th fleet in Japan. we keep developing missile shields near their borders. the dollar keeps dominating the world economy for mostly our benefit. we blame china for slavery and genocide but when strategic US allies like Saudi Arabia do similar crap we call it the cost of doing business. the US state department labels both Saudi Arabia and china tier 2 countries for human trafficking. Saudia arabia also buys a large amount of arms from the US and then uses them to commit a huge numbers of war crimes in Yemen. we start trade wars as political stunts. we subsidize our industries via tax breaks vs china's direct investment but then complain they aren't playing fair.,

trust goes both ways.

 

[i'vegotwinners]

It's incredibly important we don't pull out. We just need to find a way to insulate national security from business. We absolutely need for the US and China to keep making money off each other. We just can't let our security become a victim of that money-making.

translation,

"we need to have our cake and eat it too".

unfortunately, that's not possible here.

if making us less totally dependent on China makes them marginally less dependent on us, so be it.

the false fairy tale that we have to be their btch to peacefully co-exist, is just that.

we have to bring our manufacturing base back on shore.

and while some industries are more vital than others, even said "others" always turn out to be important as well, and we can't just single out chips and pharma, and let the rest ride.

all manufacturing is inter connected.

and all industry, is dependent on manufacturing.

it's not just about the jobs and tax bases. it's about national security.

and it's not just the chips and pharma.

 

[bub-rub]

we have to bring our manufacturing base back on shore.

and while some industries are more vital than others, even said "others" always turn out to be important as well, and we can't just single out chips and pharma, and let the rest ride.

all manufacturing is inter connected.

it's not just about the jobs and tax bases. it's about national security.

and it's not just the chips and pharma.

talk about inflation. aye aye aye. the cost for everyday items would go through the roof. there's a price to pay for safer work places, cleaner air & water, workers with health insurance, workers who can sue their employers, etc x 1000.