Still<p>Let's talk about politics for a little bit - and I'm not a very political person to begin with.</p><p>My stance on China and its people<br>Before I start talking about what's on my mind, I'd like to get one thing out of the way first - *<em>I do not *hate</em> any of the Chinese people, but rather the government that dictates it and those that carry out the attacks without any form of regret or morality.</p><p>I met a really nice transfer Chinese student during my university years. When the topics of the Great Firewall was inevitably brought up, she legitimately believed that it was there to protect them, to protect "harmful" materials from entering their sovereign country. That belief and that we had to exclusively use <a href="https://infosec.exchange/tags/WeChat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WeChat</span></a> to communicate unfortunately means we could not continue our friendship when she returned, as I simply did not feel comfortable with using WeChat knowing the massive surveillance network behind it. The point I'm trying to make here is clearly the civilians are clueless as to what's going on behind the scene, and even when they are fed the truth, they refuse to believe otherwise; after all, how could you expect an outsider to convince someone who's been growing inside this walled garden to understand what their lives are like and let alone their government.</p><p>Personal safety and paranoia<br>As someone who's been working in the field for the short three years, I've become increasingly paranoid over personal safety and the wrongdoings of the <a href="https://infosec.exchange/tags/CCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CCP</span></a>. While I'm sure many fellow researchers are aware of the various attacks launched by various Chinese state-sponsored groups, the forbidden knowledge becomes much more burdensome as someone who is from a country that directly opposes against such an authoritarian government. Not to mention that I'm basically <em>not</em> allowed to talk about most of it (and trust me, there's <em>a lot</em> I'd like to talk about if that doesn't compromise both my personal safety and my job position).</p><p>Being part of a prominent organization that is involved in discovering the threats and curtains behind the scene of CCP means we are susceptible to targeted attacks - and we as an organization had already been part of such an attack few years back (see <a href="https://teamt5.org/en/posts/clarification-on-malicious-disinformation-targeting-teamt5/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">teamt5.org/en/posts/clarificat</span><span class="invisible">ion-on-malicious-disinformation-targeting-teamt5/</span></a>). It's simply the matter of time that anyone in our team gets involved in a targeted attack on a personal level. As such, over the years, I've had to be extremely careful and limit myself with any interaction with China in general; this includes ordering things over Taobao which unfortunately I've had to for a few times for ordering parts for repairing things or straight up electronics that simply aren't available locally; buying figurines from talented Chinese studios which means I've had to fork over my personal info to the customs; playing games created by certain studios in China, or sometimes having to go to the extreme measure to pretend I'm an individual from overseas just to <strong><em>NOT</em></strong>* *play on TW/HK servers managed by China.</p><p>All of this and the knowledge of what the CCP is (potentially) capable of, it's made me feel extremely paranoid, especially when I'm at my computer. I'm always under the assumption that my personal devices have been compromised in some way, and constantly having to check what's running and having to harden my configurations just to make my life much more annoying to deal with (e.g., encrypted drives, hardened Windows safety measures, etc.).</p><p>Why am I making this post?<br>I just felt like getting this off my chest, and might come back to it every now and then to talk about my thoughts on work and CCP in general. I'd also like to mention that I have no intention of offing myself and never will - feels weird that I'd have to say this, but history has proven that CCP is capable of staging one's death before back when the Hong Kong protests broke out. Also, I want to take this opportunity to mention that if I ever fail to verify myself via the PGP signatures available over at <a href="https://stillu.cc/security.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">stillu.cc/security.txt</span><span class="invisible"></span></a>, assume my identity has been compromised.</p><p><a href="https://infosec.exchange/tags/opsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opsec</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>