Google Attackers Identified as Chinese Government 651
forand writes Researchers, examining the attacks on Google and over 20 other companies in December, have determined 'the source IPs and drop server of the attack correspond to a single foreign entity consisting either of agents of the Chinese state or proxies thereof.'"
Finally above ground (Score:5, Interesting)
Our response is? (Score:4, Interesting)
1. a body of corporations (those 20 or so affected)
2. a nation
3. a global community of nations (UN)
4. a cybercommunity
What can we do, and what is most likely to happen?
No, Seriously... (Score:5, Interesting)
If a foreign government had attacked non-digital assets of any US corporation, you would expect some kind of formal reprisal. Maybe not an airdrop of Marines, but certainly something more than Hilary Clinton threatening to write a stern letter.
What I have not doped out yet to my own satisfaction is whether the tepid response from Washington is the fault of the current administration, confusion regarding the digital nature of the breach and assets, or a little of both.
SHOCKING (Score:5, Interesting)
Who didn't see that one coming from a mile away? I called it the moment I read that there was a sophisticated attack on Google.
Whether its all fabricated or not, I like the idea of Google pulling out of China. Google is one of the leading innovators in the western world - and by keeping their services out of China it sends a message to the government: Stop Oppression.
Re:Finally above ground (Score:3, Interesting)
Re:Finally above ground (Score:2, Interesting)
Re:can't say i'm surprised (Score:1, Interesting)
Re:can't say i'm surprised (Score:5, Interesting)
What did China do when they found all the bugs the US government put in the plane we sold them?
Nothing.
http://articles.latimes.com/2002/jan/20/news/mn-23796 [latimes.com]
Re:No, Seriously... (Score:2, Interesting)
Although it's something of a sign of the administration holding conflicting opinions (increasing the legal value of digital content in copyright cases, while still being more dismissive of it in corporate espionage), I think it's just human nature to treat intangible digital assets differently from physical property, even when their differences are slight from a practical standpoint (secret documents, for example).
It's somewhat similar to the problem that the big media companies are having: most people who download content illegally probably don't really feel that they're "in the right", but they don't really care that much either. The intangible nature of the product seems to contribute to that - we're wired to place value on things we can hold, or stand on, or whatever. Making a big purchase in cash feels far more real than putting it on a card, too, for that matter. If someone had physically gone into Google's offices and looked through their filing cabinets people would have much more of a gut response to the issue.
One question that does raise, however: is it the case that we under-respond to issues without that gut reaction, or that we are simply over-responding in other cases?
still no evidence linking the goverment (Score:2, Interesting)
After RTFA it seems the only thing solid is that command server was located in China, them belonging to "agents of the Chinese state or proxies thereof" remain pure speculation at this point unless some one come out and provide evidence that links to the government ,such as registration records or money trail etc. This could still well be the works by some local hacker groups, and since the servers being attacked is outside of China they are not even breaking local laws there. Though I wouldn't be surprised they have a wink-wink relationship with the local police.
Unleash the hounds (Score:5, Interesting)
The Wall Street Journal had a great article about some of the details behind the scenes of this particular incident, and also another article that did a good job of summarizing what has been discussed here over the last couple of years. The main stream media is openly stating that the People's Liberation Army is actively encouraging "citizen cyber militias" to conduct "cyber attacks" (good Lord how I hate that term) against foreign (read, United States) corporations. Although they haven't gone so far as to state that those militias have active backing of the government, they have said that the government is turning a blind eye to their activities. Furthermore, the WSJ goes on to state that there are United States agencies involved in similar espionage activities.
Given that background, it seems like hacking Chinese companies should be fair game for up and coming "security researchers" here in the United States. In the 1990s the United States government made it quite clear that they were going to come down hard on people who mess with government and Fortune 500 systems. Given the option between really securing the systems and punishing those who exploit the lack of security, they went with the latter. A lot of people, myself included, decided that once we turned 18 and faced the threat of real Federal prosecution, the wise move was to turn off the war dialers, stop snarfing ESN/MIN pairs out of the air, and stop trying to run exploit code against computers that we don't control.
We can't hone our craft in the United States anymore. Although there is a whole market for securing IT resources against attack, there isn't a playground to pick up skills in. My suggestion is that China is that playground. My suggestion is that Chinese corporations in the United States are the targets. I mean lets face it, there are hundreds of thousands of compromised computers in the United States. The United States government can't be held accountable for malicious activity directed toward Chinese corporations. It would be unfortunate for those entities to be DDoS'd. It would be unfortunate for their internal workstations to be the target of vulnerability research.
Re:What if *google* was was being used for espiona (Score:3, Interesting)
Gmail, the aspect of Google that was being hacked is not available in China.
Why would China do this? (Score:4, Interesting)
The premise is that China hacked Google to access the accounts of these Chinese Human rights activists. Given that Google already complies with Chinese law, why did China not openly contact Google over this?
Re:No, Seriously... (Score:5, Interesting)
Re:Our response is? (Score:3, Interesting)
1. Corporations will leave China, and forgo any possible profit there, or they won't. Up to them. Google seems to have made their choice.
2. The nation has some soul-searching to do. I expect that the US government will do exactly nothing for a long time, while pleading that other crises are taking up all their attention. (Which, actually is a pretty good excuse right now.)
3. The UN will do nothing. Cyberwarfare is not something the UN is chartered to police, and not something they care about, and even if it were they already know what China is and they're not going to risk making them tantrum.
4. The cybercommunity? Well, if the non-chinese cybercitizens want to start a war over this, the chinese cyberwarriors will gladly take part. But this might not be much different than the status quo.
Revealing China as corporate espionage hackers surprises exactly no one. So nothing will change. Everyone already lives with the truth of chinese malfeasance. All that will change will be one or two companies deciding that they've had enough and they're pulling out of that broken country.
Re:can't say i'm surprised (Score:2, Interesting)
Ridiculous. Both the EU and the U.S. have much larger economies than China. We are witnessing them gaining some footing, not taking over.
Re:Of course they are "proxies of the government"! (Score:3, Interesting)
Re:No, Seriously... (Score:3, Interesting)
In circulation, maybe.
But, they hold the vast majority of the U.S. federal debt obligations. The federal government is reliant on China to finance it's operations because of the massive deficit in the budget. If China were to stop buying the federal debt instruments, interest rates in the U.S. would soar and the value of the dollar would drop.
If China dumped all the U.S. federal debt instruments it owns on to the open market, it would take a hit in the wallet, but the United States would experience hyperinflation on par with Zimbabwe. The U.S. would be bankrupt and it will take thousands to millions of dollars to buy a cup of coffee.
It is not the circulating dollars they hold that is the problem. It is all the paper they hold that says we owe them trillions of dollars.
Re:But... (Score:2, Interesting)
Re:This is probably why (Score:2, Interesting)
Actually I think they removed the filters because they want to leave China but it will hurt they stock, so they're trying to get kicked out. Then they can blame China for it and get the good will of various groups.
Identified by a US asset. (Score:1, Interesting)
Identified by a US asset.
don't forget that.
No Big Surprise (Score:2, Interesting)
Re:World War III - The Cyber War (Score:2, Interesting)
Holy shit. You just gave governments the ultimate idea for complete Internet control.
Re:Our response is? (Score:2, Interesting)
I hear this quite often. I'm still under the impression that when presented with the information and an alternative, most will take it.
For example take chocolate. Lots of chocolate is made through unfair labor, including child labor. Then there's fair trade chocolate. If you walk up to somebody and say, "you can have the slave-produced chocolate for $5 or the fair trade chocolate for $6," do you honestly believe people will still go for $5?
But again, it requires two things: the information about what's going on and the alternative that is at least in a competitive range.
Re:No, Seriously... (Score:1, Interesting)
The problem with this theory of winning the new cold war simply by buying the opponent is that it doesn't, and can't, lead to any kind of victory.
By investing in US debt China has bound themselves in an unholy blood pact to the U.S. economy. We on some level need them to continue pouring money into the economy to pay for poorly thought out foreign policy, they on the other hand need us to continue to prosper or all of their investments become worthless. If one side wins both sides win, if one sides loose both sides loose. The Chinese have already shown their realization of this in their effort to keep interest rates low to prevent inflation from devaluing their assets.
The U.S. can win by refusing to pay their debt and leaving China holding the bag. Sure it would cause chaos and put some serious damage on the reputation of the country, but there's no reason why the U.S. could not do this. So technically the U.S. can win and completely destroy China and the rest of the world economically becoming a tiny bubble above a rising tide of debt
Re:can't say i'm surprised (Score:3, Interesting)
One major reason that health care is growing to such a huge percentage of our expenses is that it is a service that is not exportable and relies mainly on products and technologies that are highly developed and thus only come from the developed world where things are expensive. Everything is cheap in China: Goods, services and lives are all had for a pittance. If we fail to rely on our own industry in our own regime of regulation, we will ultimately reduce the value of what we own and who we are to the same level as the Chinese or the Cambodians or the Malaysians or whoever else pops up as the next country stable enough to build factories in to exploit wage slaves and ruin the local lands and seas. China has had a tremendous stimulus by sucking the money out of us for over 20 years. They will have the rest of the world to as their market and they will have most of our technology to use to continue their ascension. Without the tidal wave of money flowing from our coffers, they will have to figure out how to grow in organic, sustainable ways and how to do it without outlandishly rewarding their upper class while exploiting their lower classes. They may even decide that the one-party system isn't all it's cracked up to be. Whatever happens will be better for us and better for them. We wont have lead or cadmium infested toys and jewelry. We won't have toxic drywall, or deadly dried milk or malware-infected routers. If we don't wake up and start doing this, we're going to have to stop trying to live in a developed nation with all of the rules and regulations that we put upon ourselves because no one is going to be able to afford it. You're about to travel to the third world. Just sit back on your couch and watch the decent continue. When you go out the front door in 10 years. It will be your neighborhood. Thank you George, Bill, George and Barak.
Re:No, Seriously... (Score:5, Interesting)
Hyperinflation, though likely in my opinion, is still not inevitable, nor can any foreign power unilaterally cause it; it is caused by massive and accelerating expansion of the money supply, which is completely within the control of the Federal Reserve and hence the federal government. The reason we will likely get it is that it is the politically easier of the only two options available for addressing the massive debt, including off-book future liabilities, of the U.S. government.
The other option would be for the central government to accept that in order to survive, it must accept an eventual return to rule of law and to Constitutional principles. It must accept a much smaller role in the economy. It must accept that the only way for its share of the pie to grow bigger is to let the pie itself grow, which requires, at least in the short term, getting its hands out of that pie, and allowing the economy to grow bereft of any regulations at the federal level save, at most, those that are necessary to protect basic human rights. It must forever give up its present role of purposely enriching some at the expense of all others. It must forever give up its alleged "right" to manipulate the economy through the Federal Reserve. None of this seems likely to happen on its own, but, like all institutions, governments value their own survival above all else, and as the economy collapses and the prospect of widespread revolt and even civil war looms large, it will adapt (or it will die, and the states will take over).
blatant Chevrolet copy (Score:2, Interesting)
Check out
http://paultan.org/2006/02/18/chery-qq-crash-test/ [paultan.org]
and http://en.wikipedia.org/wiki/Daewoo_Matiz [wikipedia.org]
Re:No, Seriously... (Score:5, Interesting)
he reason we will likely get it is that it is the politically easier of the only two options available for addressing the massive debt, including off-book future liabilities, of the U.S. government.
Oh, for mod points. This person gets it. Historically, one of the major drivers for government laxity towards inflation (Argentina, Mexico, Pre WWII germany, etc) is that the government owes more in nominal terms than it can fund through taxes. Allow a few years of 10% inflation, and that burden is eased significantly, as tax revenues rise with inflation, while the size of the debt remains the same. We will see 6-10% inflation for 3 to 8 years sometime in the next 15 years, because that is the ONLY way the US government can get out of the financial hole we are in. This will in turn hurt the Chinese, who are holding vast amounts of dollar demoninated debt.
Re:No, Seriously... (Score:2, Interesting)
Oh for fuck's sake...
What you see as tepid, I see as extremely diplomatic. There's an open investigation into this, the Dept. of State surely doesn't have all the details yet. What would you prefer they do, issue a hawkish, threatening letter? Or perhaps demands?
8 years of poor foreign policy and unnecessary demands got us very little sympathy or friends on the global stage. I think maybe you should give the Dept of State time to process all the details before they issue an ultimatum.
Re:No, Seriously... (Score:3, Interesting)
This is a circular argument. Supply of basic consumer goods in the US is at this point nearly entirely based upon imports
Yes and no. The US produces quite a few basic consumer goods - food in particular. A plastic toy supply shortage will not cripple the US. Granted, the US does depend on imports for a number of fairly critical practical things. But...
The world's economy is at these days pretty much a gigantic Ponzi scheme whereby "value" of currencies and goods is in its entirety based on make-believe wishful thinking. US currency has "value" only because enough people globally wish to pretend that it is so.
Arguably, then the US is in the best place of all. For the last decade we've been receiving useful and practical basic goods in exchange for pieces of paper that you believe are worthless. Is it any surprise that US companies don't want to bother making these goods if others are willing to do so just for pieces of paper?
As long as supplies of these goods were not cut off overnight, the US could make them on its own. Right now manufacturing in the US tends to not be as cheap as it is elsewhere, but it isn't like the US couldn't build enough cars or whatever for its own needs. Oil is probably the most critical imported resource, but the problems of oil aren't so much that the US depends on foreign supplies so much as that the entire world depends on a resource that will be limited everywhere at some point. If anything the relatively untapped US local oil reserves will put the US in a good strategic position when everybody else is running out.
As far as all the stuff about controlled versus natural currencies and that - every system has its pros and cons. A well-managed paper currency has a lot of advantages over something like gold in that you can actually regulate the supply of money in accordance with its demand to keep prices stable. Virtually all currencies tend to be artificial - at least since they stopped paying people in salt. It isn't like a lump of gold has any practical use. If there is ever a nuclear winter the guy who will be able to barter isn't the guy with all the gold bricks in his basement, but rather the guy with a lot full of functional cars/fuel (that he can defend) or the guy who knows how to perform basic surgeries. Anything other than a truly practical item or skill is just a currency of convenience, and there is nothing wrong with that either.
Re:Fight China -- the capitalist way! (Score:2, Interesting)
Since China is a full-fledged member of the WTO, MFN has now become a right of China, guaranteed by multilateral treaty. Attempting to enact trade sanctions against China would result in the U.S. being sanctioned in the WTO dispute process.