Some people my server admin uncle included believe that bringing any device to China automatically compromises it even if you reinstall a new OS. Is this warranted as some random person?
Can I go to my public sites and/or VPN into my servers?
Edit: I go there all the time. Also, I can take these precautions but I can’t expect my family to take them. What about family members phones?
A lot of great replies, thank you! Would love the read more specifics so I can know exactly the threats and my actions
Also, this is not an anti-China post. My field is Chinese related. Just learning more about the hosting side :)
It’s definitely warranted as a random person.
See https://security.stackexchange.com/questions/262444/should-i-worry-about-compromised-firmware-when-reinstalling-an-os from an admin point of view and also https://www.binarydefense.com/resources/blog/running-malware-below-the-os-the-state-of-uefi-firmware-exploitation/ for a technical discussion on how such compromises work and can survive even a new OS reinstall.
Also note that things like your mac address could be leaked out and collected (as per https://theprepared.com/forum/thread/turn-off-your-wifi-when-you-dont-need-it-and-other-tips-on-how-to-prevent-hacking-and-tracking/ ) though Apple specifically has a private mac address spoofing feature to combat this. A lot of this collection is automated, as to cast as wide a net a possible.