From today's SANs Newsbites (http://www.sans.org/):
--Gordon Brown Aide's BlackBerry Stolen on China Trip (July 20, 2008) An aide to UK Prime Minister Gordon Brown fell prey to a likely "honeytrap" scheme in January when his BlackBerry phone was stolen after he brought a woman he met at a disco in China back to his hotel room.
The aide was accompanying the PM on the trip; he reported the device missing the next morning. Officials suspect the incident was orchestrated by Chinese intelligence. It was not disclosed whether the device held top-secret information, but even so, it could potentially be used to gain access to the Downing Street server. Blackberrys used by Downing Street staff are password-protected but most are not encrypted. The aide has been informally reprimanded.
[Editor's Note (Ullrich): A nice reminder to leave electronic devices at home when traveling abroad. And if you are geek enough to take them, being all for sudden popular with women is a dead giveaway for an intelligence operation.
(Northcutt): Classic! If you know anyone going to the Olympics, please share this story with them and suggest they leave their laptops and other electronics at home. This will be a field day for Chinese intelligence gathering. They have been targeting people and are quite
(Paller) Or take "travel-tops" and "travel-phones" that are throw-aways without sensitive data or access to sensitive systems.
I especially liked the comment "being all for sudden popular with women"! That one raised a chuckle.
Unless the chinese telco's block the IPsec ports then this probably couldn't happen with a WM6.1 device running under SCMDM and better yet you'd be able to wipe it remotely to eliminate the risk of compromise. If the vpn comes up you're golden.
And as for the bit about Gubmit employees using phones that aren't encrypted, that's a bit of a shocker. WM6.1 would have taken care of that nicely, too.
Better would be using your phone with a Redfly (what the editor referred to as a "travel-top", although I hadn't heard it called that before). No need to take your laptop with you at all. Link here: http://www.celiocorp.com/
 Not the same kind of compromise as the article speaks to ;-)