this post was submitted on 16 Nov 2024
57 points (95.2% liked)

Selfhosted

40313 readers
186 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Some people my server admin uncle included believe that bringing any device to China automatically compromises it even if you reinstall a new OS. Is this warranted as some random person?

Can I go to my public sites and/or VPN into my servers?

Edit: I go there all the time. Also, I can take these precautions but I can’t expect my family to take them. What about family members phones?

A lot of great replies, thank you! Would love the read more specifics so I can know exactly the threats and my actions

Also, this is not an anti-China post. My field is Chinese related. Just learning more about the hosting side :)

you are viewing a single comment's thread
view the rest of the comments
[–] Moonrise2473@feddit.it 18 points 5 days ago

When you enter China, you have to run their application on your phone to fill the immigration form. Way more convenient compared to the paper slip, right? 😉

It's this https://apkpure.com/zhong-guo-ling-shi/com.gov.mfa

Luckily, you don't need to install full malware but only medium malware, there's a way to run it as a web app inside tencent WeChat by scanning a special qr code.

I run this stuff inside insular because tencent is tencent and even on fully patched Android 15 without any file access permission they still manage to drop fingerprinting files disguised as images in /pictures/.gs_fs0

For connecting to my servers, technically ssh on standard ports isn't blocked (otherwise it would hurt their bots, no?) but I don't want to show my server IP address, so I use a hysteria2 proxy hosted on a Oracle VM in the Japan datacenter. There are services like doggygo that rent access to those proxys for literal pennies (like $2 per month) but payment need to do with alibaba's alipay or tencent wepay which is ultra traceable (linked to Chinese id+Chinese bank account+Chinese phone number) and very stupid. Honeypot?

There are reports of evil maid attacks where a secret service agent poses as room cleaner in your hotel room and tampers with your laptop when you're away, but for normal people this seems unlikely. Keep your electronics with you at all times, always use a VPN, check hashes of executables if really need to run them (better not) and you're going to be ok