JDPFu.com 2025

I realize reading my notes above that I didn’t provide much information.

The article is about corporate and government espionage by modifying hardware, drivers and software on computing equipment.

What it covers

• network drivers on cell phones being clandestinely changed with a cell network push. Probably to route all calls and data through government servers.
• key scrapping software being loaded on laptops when the person is in the shower or napping.
• hardware modifications being added to laptops to capture sensitive network information and forward it somewhere.

It also talks about never taking your own computing devices overseas. Take loaners that can be wiped when you return by the IT department.

Expect that if your devices have been out of your sight at all, then they are compromised.

Loading a keyboard logger requires less than 5 seconds of access on a running, non-encrypted PC. That will hack in, install the spy software, set it up to run and re-run at reboot, report any data back to the control servers. 5 seconds. That’s it. I’ve seen security professionals with tools that do this.

Expect that if you use any non-secure network, then all your traffic is being inspected. It is less clear as to whether a strong VPN connection would alleviate this risk or not. As long as DNS is not part of the VPN security and only private key are used, I’m not too concerned. Basically, if the client and server keys are only known between your client and server, not dependent on any 3rd party or DNS, I think you are secure. Always worry about HTTPS keys that don’t match what you’ve seen in your home country. DNS can be spoofed anywhere, but especially overseas and on hotel networks.

Personally, I think taking a Windows PC overseas is simply crazy. There are too many ways to compromise those systems AND there are probably millions of experts at doing it in the world. iOS and Linux systems can also be compromised, but the number of skilled crackers that can will be many orders of magnitude less.

My travel security techniques

1. Take the cheapest, lightest netbook, not a full laptop.
2. No Window or Apple operating systems; make it harder for the cracking experts.
3. Encrypted disks for the Linux OS – encrypted disks solve many security concerns.
4. No sensitive data taken on the system at all. Last trip, I formatted the machine 2 weeks prior, did a fresh OS install with new, different login passwords.
   1. Only program installed was an NX client – this is the remote desktop client that I prefer right now. It feels about 2x-4x more efficient than either VNC or RDP even over the ssh tunnel that it uses.
5. My desktop OS never leaves the private cloud where it normally runs. The netbook is a remote display device only. Email, web surfing, editing files, everything happens back in the USA, not overseas.
6. Remote access is through a key-based authenticated ssh connection, with a password check to login to a specific session. Not reliant on DNS. FreeNX is the server and NoMachine’s nx-client is the client. They make clients for most OSes, just not Android. sniff, sniff.
7. Only use the netbook to remote back and run all apps on the remote desktop. No local apps run on the netbook except to get a network connection and the nx-client. Never email, never web browsing, never any social apps.

So, there you have it. My travel computer security techniques. Last trip, I took a $20 unlocked dumb-phone and only borrowed a GSM-SIM card to make 1 call that trip.

What about Smartphones?

I’m torn about smartphone use overseas. If I had a strong VPN like OpenVPN or an IPSec VPN back to the private cloud and forced all data traffic through it, perhaps then I’d trust it. Remote wipe would be mandatory. Fully encrypted storage would be mandatory. A strong, complex, login to the device would be mandatory with automatic locking.

Even with all these techniques, I don’t know if I’m paranoid enough.