Slashdot Mirror
China Crafts Cyberweapons
MitmWatcher writes to mention that a recent report by the Department of Defense revealed that China is continuing to build up their cyberwarfare units and develop viruses. "'The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks,' the annual DOD report on China's military warned. At the same, Chinese armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years."
Only sensible. News because they happen to be communist in name. Everyone else is doing the same things. This is like the revolutionary developments in bio-weapons by the major countries last century. China may actually have a better vision of the future in its defence policy than other nations.
"...ICE patterns formed and reformed on the screen as he probed for gaps, skirted the most obvious traps, and mapped the route he'd take through Sense/Net's ICE. It was good ICE. Wonderful ICE... ...His program had reached the fifth gate. He watched as his icebreaker strobed and shifted in front of him, only faintly aware of his hands playing across the deck, making minor adjustments. Translucent planes of color shuffled like a trick deck. Take a card, he thought, any card.
:)
The gate blurred past. He laughed. The Sense/Net ice had accepted his entry as a routine transfer from the consortium's Los Angeles complex. He was inside. Behind him, viral subprograms peeled off, meshing with the gate's code fabric, ready to deflect the real Los Angeles data when it arrived."
From Neuromancer, by William Gibson, following protagonist Henry Dorsett Case as he uses a Chinese military-made icebreaker to hack a virtual fortress...
If only computer security were really so dramatic
Now we can buy millions of pirated copies of these weapons at almost nothing.
The US will ignore this for the most part, keep trading with them, and allow corporations to send its citizens jobs to the nation that is attacking it. It makes me sick.
not so much war as it is to prevent the US or other capitalist/democratic countries from undermining their regime. china is a known source of some cyber attacks- mainly from less organized hackers but now that it will be more organized- more bang for the buck. they probably wont try to destroy our systems completely as that would likely have a ripple effect on their economy as well- they sell a lot of stuff to us and where they to screw that up it would hurt them quite dearly. there is one thing that we have that they dont and that is oddly enough sheer number- if i remember correctly we out number them in computing power so if we ever needed to we could do a real DOS attack from hell on them.
Sigs are too short to say anything truly profound so read the above post instead.
I'm sorry, but I cannot get the image of Stallman bashing a tambourine singing 'Kum by Yar' whilst crossing the battlefield.
Linux is many things, but its not a cyber weapon.
liqbase
I like Linux as much as every other guy here but, if you actually believe that Linux is flawless enough to endure a military funded search for flaws and vulnerabilities and come out immaculate, you must be out of touch with reality.
If "given enough eyeballs, all bugs are shallow", given enough eyeballs (and china has the most), money, military grade technology and bad intentions, every bugs is a potential weapon.
1. Convince Chinese government that spam is a plot by Falun Gong.
2. Half a million Peoples Liberation Army Cyberwar Programmers attack!
3. ???
4. Profit?
None of them can see the clouds; The polished wings don't care.
http://www.af.mil/news/story.asp?storyID=123030505
Don't get me wrong, I'm not bashing linux at all, but if my history serves me well here, linux gained a following among, shall we say, highly technical miscreants for a reason. It's powerful and able to be reconfigured to perform most any given task optimally.
...this should get interesting.
I have an image of thousands of Chineese computer specialists, working tirelessly in huge warehouses of cubicles. I can hear them mumbling now... "Collect metal, collect wood, collect magic talisman of sharpness, rrrun to forge, use skill +5 "Weapon Craft" with added +2 ring-of-the-crafter proficiency." Bingo! a new Shadow Axe of Sharpness, sold for 350 RMB on Ebay. Rinse and repeat.
P.P.S. I'm doing Science and I'm still alive.
There is no such thing as "the perfect weapon", the "invulnerable shield" or, for all that matters, "invulnerable O.S.". If there is an Operational System that is secure enough to be resistant to hostile military attacks, it must certainly be kept 1) developed by the military itself 2) restricted for the general public, for the same reasons strong cryptography was back in the days. Who would be fool to let a tool like that potentially fall in the hands of the enemies (whatever side they are)?
Anyway, if there is any O.S. out there that cannot be compromised even by its own creator or by a determined enemy, we do not and will not know and, the most important thing, will not code.
Flash forward ten years ... a group of American military commanders are gathered around a conference table deep inside the pentagon to discuss the most recent Chinese cyber attacks on US infrastructure. Voices are raised, tensions are running high, and nobody can seem to reach agreement on the best way forward. But everyone knows that time is running short and that a response is needed.
Suddenly, the huge video conference screen on the wall springs to life. A stern Chinese communist party official appears in a smart beige chairman-Mao suit. The shouting and arguments stop and an eerie silence descends. All eyes turn toward the Chinese official.
He speaks.
"How are you today gentlemen? All your base are belong to us."
Honestly, I am so frustrated with this "its someone else's responsibility to make it work" and other finger pointing paradigms. Its MY stuff, I bought it with legal tender, and if I don't know how to maintain it, do I really have that much business having it?
If my dog made a mess, its obvious to me just what he did and where he did it. If termites made a mess, I can find and put back what they messed up. I feel exactly the same with my computing apparatus, and I highly resent efforts by others ( via DMCA like legal maneuvering ) to keep me ignorant of how my stuff works. It frustrates me to no end to have others make knowledge illegal, enforceable by police at gunpoint, only for the financial gain of blocking off alternative remedies I have for maintenance or customization needs.
Having ANY software vendor locking me in to their "support" is like having the contractor who built my house locking me in for anything I want to do to maintain or modify my house.
Not to say I would want to deprive him of his art of driving nails, but if he was too hard to get along with, or overprices himself, I strongly reserve what I feel is my right to pick up the hammer and saw and do it personally, if need be.
Ignorance is going to be the end of us (US).
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
That was what I was implying. Linux (and other Unixes like *BSD, Solaris, etc) aren't invincible, but as far as I know they're better than the current alternatives. The fact that enough dedicated attackers could break them seems like a moot point to me.
Richard Clarke, top counter-terrorism adviser to presidents of both parties interview.
1 138&sid=222938
Countdown with Keith Olbermann in January '07.
http://www.msnbc.msn.com/id/16771741/
My Summary:
http://politics.slashdot.org/comments.pl?cid=1806
~hylas
I am pretty sure the following "news" could be read somewhen in China
"'The US has established information warfare units to develop viruses to attack enemy computer systems and networks,' the annual PLA Defense departement report on USA's military warned. At the same, US armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years."
This leave me wondering with such a NON-news, what sort of propaganda is theUS trying to kick up. Are there commercial negociation starting soon with China ? Are they trying to put some pressure on China for a better rate ?
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
It is notable here that China is one of the state entities that enjoys access to the source code for Window under Microsoft's SharedSource program. If you're in IT for a government agency in the US, it's your duty to ask 'what does China know about my critical infrastructure that I don't know?'
Unfortunately for the people who rely on you, the answer is undiscoverable.
Help stamp out iliturcy.
or off topic. When a country develops any sort of new military technology that creates increased competition with American military technology there is a political reappraisal. The dramatic example is nuclear technology, but many others exist. The parent poster is pointing out that these revelations of new military technology will not be handled with regard to China as they would with regard to many other nations.
His comment is not particularly insightful, but his assertions are defendable:
Slashdot has reported on attacks apparently coming from within China (titan rain), and attempts by China to disable U.S. spy sats (ground based laser something or other).
The U.S. government continues to grant China 'Favored Trade Nation' status and facilitate the offshoring of work... esecially in manufacturing despite continued resistance from China to enforce safety/humanitarian regulations in those industries (something we require from our other top trading partners, though not from the poorer ones).
The U.S. government continually ignores international organizations such as Amnesty International who attempt to open dialogue about human rights records.
So now China is creating systems designed to realign the BOP on the net. How will the U.S. react? If it's track record holds true, then the U.S. will not react... which is really puzzling. True, if we have it, then others should not be prohibited... but that is now how we treat the non-chinas of the world.
The only disputable or inflamatory statement made by parent is that he actually feels sick about this.
Regards.
It's interesting to hear repeatedly that they are making so much effort in this area. The obvious target is the United States, though they could effectively attack our allies as well.
Coupled with anti-satellite weapons and a developing blue water navy - One could say they are preparing for conquest.
The rewards are enormous. China could completely destroy our networks and economy in a single day with a well coordinated strike.
That's not enough time to move our forces and fight back.
What is DOD doing? Spying on their citizens and making life a living hell for Iraqis.
If you believe that a Chinese hacker couldn't hack into one of a few million PCs outside of China and then attack you from there, you're probably not giving them enough credit...
BULLCRAP !!!!
1/Europe was a warzone for a thousand years. The moment the EU(actually its predecessors) was founded, war ceased. The economic bonds between these member states prevent any war. No-one in his right mind would think of a war between 2 of the member states, and yet Europe is the least militarized zone in the world.
2/the way people keep thinking of "enemies" is an outdated concept. At least in some parts of the world. Can you point them on the map? And Can you make a link to countries not involved in any war in 50 years ?
Yes, I'm left. You have a problem with that?
Attacking the country that ultimately controls your economy is not a wise move. Shame on the man that has 50K in debt to the bank. Shame on the bank for allowing multi-hundred billions in debt.
Probably not viruses, but worms, and remote-root exploits. If your local equivalent of NSA or GCHQ has found a really nasty bug in, let us say, Apache, which allows root control of the server, they'll quietly code up a worm to exploit it, and keep it in storage against the day they decide they need to knock down a whole bunch of systems.
However, the potential economic gain from owning Apache / MySQL systems is far greater than from owning IIS / SQL Server systems. The reason Windows-based servers are more commonly attacked isn't because they're more numerous, it's because they're more vulnerable. That, and a vulnerability affecting one generally affects all. That's not always the case with the more varied Linux systems, where exploits often depend on a very specific combination of software. So, if you're truly paranoid about informational attack, make sure your crucial systems are as secure as possible, and also varied in configuration, so that no single attack can take out all of them.
Real Daleks don't climb stairs - they level the building.
Are we assuming that our military isn't attacking them, too? It just seems like standard operating procedure to me.
There is an easy solution to cyberwarfare. Just don't keep important parts of your information infrastructure connected to the Internet; and always have offline backups. If people (especially businesses and government) rely too heavily on one medium (like the Internet) then it will become an obvious target. If worse came to worse, we could always just pull the plug. If your main line of business is related to the Internet, then you need to think of contingencies, like at the very least having VPNs for your customers/clients to use.
If people, businesses, governments, or armies cannot function without the Internet, then things have gone to far. I do however believe that the cyberwarefare concept is more hyperbole than a real threat. If I couldn't read Slashdot because of some Chinese government DoS attack, it would be sad for me, but it would not be the end of the world. And remember: the Internet as it is was designed for redundancy and routing around communication problems.
I'm not scared, bring it on! Hope they're ready to find the 3rd (remote) exploit in OpenBSD in 10 years...
If only our government hasn't had it's reputation soiled by crying wolf all the time, perhaps we could trust it when it tries to warn us about national security threats.
This is one of those irregular verbs:
By developing cyber weapons, US is defending freedom everywhere.
By developing cyber defenses, China is destablising the world.
By having computers, Iran is sponsoring terrorism.
To be serious about it, how can anyone be surprised that a major country is concerned about cyber-security?
# iptables -I INPUT -s 60.0.0.0/8 -j DROP
of course this makes sense now, get the Microsoft windows source code, encourage your citizens to use Red Flag Linux instead, gain a competitive edge when cyber-warefare erupts.
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas
Let's see. I can work for Google or Yahoo or Microsoft and get free sushi and massages, or I can go to work for the DoD, where my skills are vitally needed, and for the privilege I can receive two years of hassle over my $50 unpaid phone bill from ten years ago and told to pee in a cup.
TFA is about China. Don't try to read anything into my comment that isn't there. I can be enough of a controversial jerk all by myself, thanks.
Help stamp out iliturcy.
In part. Should the Red Army come storming west out of Russia towards Poland, the EU will surely be glad of NATO. These days, however, the Russians are more likely to apply pressure by cutting off the gas supply.
And isn't the free security it provides the continent the main reason that we get to hear these over-protected adolescent political ideas coming from there.
That's probably more because a generation of Europeans have grown up to whom ideas like 'nationalism' are kind of old-fashioned - they're what got us to kill each other off by the millions in the last century, and to be honest such tribalist notions seem rather childish. 'My country, right or wrong'? Please.
Not that I'm saying everyone's massively in favour of immediate establishment of a European federal republic, but that the boundaries of nationality have become blurred. We don't do flag-waving so much. We don't differentiate between Americans killed and Iraqis killed when deciding who to grieve for, so now that about twenty times as many Iraqis have died as Americans did on 9/11, the balance of sympathy is no longer very much in America's favour.
Real Daleks don't climb stairs - they level the building.
Please tell me they don't have anything at Kuang Grade, Mark Eleven yet - we are so fucked if they do.
sic transit gloria mundi
...then it should be subject to the rules of war. If one nation attacking the network infrastructure of another nation were considered to violate the rules of war, they would think twice. It would hardly be worth it for China to DDoS a few connections if it meant we would start executing their PoW's.
Stasis is death. Embrace change.
Our economies are NOT tied together. In fact, China is doing all that it can to avoid that. China exports roughly 250 BILLION to usa yearly. OTH, they import about 50 Billion from USA. They ARE making us dependent on them. Right now, China has more than 1 trillion dollars and has the means to buy some of our technology to move to a green environment. But are they? Nope. They are insisting that EU and America should give them the tech knowledge to clean up. They do not want to have an intertwined economy. They DO want USA dependent on them. Otherwise, they would release their money from being tied to ours.
In addition, another big issue is that China is creating a generation that will have 10-15% of their males without having brides. Chinese leadership is NOT stopping this. Instead, they are encouraging the single males to join the military. They are aware that they have 5 x the size of the military, but it is our tech that gives us an edge. But that is why China is busy stealing it, and even approaching Bill Gates to give them tech. and have America open up our knowledge to them. The only high-tech that is kept from them has either dual-use or even just single use of military.
No doubt you view it as cold war era. But the difference is that as long as a small group of ppl in control a country AND we are not intertwined, then we are heading towards a problem.
I prefer the "u" in honour as it seems to be missing these days.
They're tired. Tired nations with no-growth-to-speak-of economies, huddling together for a while like exhausted boxers in a ring. They're defended by better nations, so their younger idealists have the freedom to talk about Pax Europa and disarmament. The costs of rampant Socialism keep them from developing further, but NATO gives them a temporary umbrella while they catch a breather.
Don't think for a minute that peace is inevitable... There are still European troops acting as peacekeepers in the Balkans, and another poster has mentioned the French immigration problems (which seem to be growing in Germany as well). Europe is not the least militarized zone, not by any margin. It's simply the most hopeful in that respect. The US Army doesn't practice against the Chinese military...it practices against the highly professional German army.
"*giggle* Good news... I figured out what the thing you just incinerated did..."
'My country, right or wrong'? Please.
If you're going to quote someone, at least bother to make an accurate quotation.
The Chinese are the vulnerable ones as long as they run Windows. Technically speaking, the US Govt can ask MS to provide a backdoor in Windows/Vista. In case of war, the backdoor can be used to format all hard disks by a simple patch Windows downloads all the time from the internet. The effect of millions of computers in the country crashing at the same time. Or even worse, doing crazy things will leave the military in a very vulnerable position where they cannot depend any longer on their computers. Which leaves them with what??
O this learning! What a thing it is - William Shakespeare
I'm not sure if this is exactly on topic, but is anyone ever concerned about how much of our computer equipment is manufactured by foreign countries? I would actually be surprised if China hasn't approached chipset or motherboard manufacturers to implement some kind of espionage or remote control feature into their products. Of course, the U.S. has Intel and AMD, so it could be doing the same thing.
Prov 9:8 Do not rebuke mockers or they will hate you; rebuke the wise and they will love you.