this post was submitted on 20 Aug 2024
3 points (60.0% liked)
Linux
4928 readers
492 users here now
A community for everything relating to the linux operating system
Also check out [email protected]
Original icon base courtesy of [email protected] and The GIMP
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
(There it is, the needed china = malware comment)
Lol meanwhile trusting US software?
The difference is that laws in China require companies doing business in China provide the Chinese government with means to access all data crossing Chinese borders or involving persons of interest. You can read the DSL of China yourself; and consider that nearly every executive of any significant Chinese company also holds an office of some sort in the Chinese government, there are a vast number of Chinese nationals who are considered "persons of interest" to the national security of China and therefore fall under the DSL purview.
Any company building or selling software in China has to provide the Chinese government with access to data collected in China, or outside of China if it involves persons of interest for national security. Like I said, find the DSL and read it yourself, or read an InfoSec analysis of it from a company you trust - you don't have to take my word for it.
This immediately puts Chinese software into a different category of risk than non-Chinese software. Of course, the US could twist arms to get companies to put backdoors in software. But it's a false equivalency to say that they're the same. When the US does it, they have to do it covertly, and there's always the risk of a leak. When Chinese companies do it, they're doing it because Chinese data laws require them to.
Thanks for the clarification. If they dont collect data that would be unproblematic. If they do, of course this is extremely problematic.