Slashdot Mirror
China Crafts Cyberweapons
MitmWatcher writes to mention that a recent report by the Department of Defense revealed that China is continuing to build up their cyberwarfare units and develop viruses. "'The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks,' the annual DOD report on China's military warned. At the same, Chinese armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years."
Only sensible. News because they happen to be communist in name. Everyone else is doing the same things. This is like the revolutionary developments in bio-weapons by the major countries last century. China may actually have a better vision of the future in its defence policy than other nations.
"...ICE patterns formed and reformed on the screen as he probed for gaps, skirted the most obvious traps, and mapped the route he'd take through Sense/Net's ICE. It was good ICE. Wonderful ICE... ...His program had reached the fifth gate. He watched as his icebreaker strobed and shifted in front of him, only faintly aware of his hands playing across the deck, making minor adjustments. Translucent planes of color shuffled like a trick deck. Take a card, he thought, any card.
:)
The gate blurred past. He laughed. The Sense/Net ice had accepted his entry as a routine transfer from the consortium's Los Angeles complex. He was inside. Behind him, viral subprograms peeled off, meshing with the gate's code fabric, ready to deflect the real Los Angeles data when it arrived."
From Neuromancer, by William Gibson, following protagonist Henry Dorsett Case as he uses a Chinese military-made icebreaker to hack a virtual fortress...
If only computer security were really so dramatic
Now we can buy millions of pirated copies of these weapons at almost nothing.
The US will ignore this for the most part, keep trading with them, and allow corporations to send its citizens jobs to the nation that is attacking it. It makes me sick.
not so much war as it is to prevent the US or other capitalist/democratic countries from undermining their regime. china is a known source of some cyber attacks- mainly from less organized hackers but now that it will be more organized- more bang for the buck. they probably wont try to destroy our systems completely as that would likely have a ripple effect on their economy as well- they sell a lot of stuff to us and where they to screw that up it would hurt them quite dearly. there is one thing that we have that they dont and that is oddly enough sheer number- if i remember correctly we out number them in computing power so if we ever needed to we could do a real DOS attack from hell on them.
Sigs are too short to say anything truly profound so read the above post instead.
I like Linux as much as every other guy here but, if you actually believe that Linux is flawless enough to endure a military funded search for flaws and vulnerabilities and come out immaculate, you must be out of touch with reality.
If "given enough eyeballs, all bugs are shallow", given enough eyeballs (and china has the most), money, military grade technology and bad intentions, every bugs is a potential weapon.
1. Convince Chinese government that spam is a plot by Falun Gong.
2. Half a million Peoples Liberation Army Cyberwar Programmers attack!
3. ???
4. Profit?
None of them can see the clouds; The polished wings don't care.
http://www.af.mil/news/story.asp?storyID=123030505
Don't get me wrong, I'm not bashing linux at all, but if my history serves me well here, linux gained a following among, shall we say, highly technical miscreants for a reason. It's powerful and able to be reconfigured to perform most any given task optimally.
I have an image of thousands of Chineese computer specialists, working tirelessly in huge warehouses of cubicles. I can hear them mumbling now... "Collect metal, collect wood, collect magic talisman of sharpness, rrrun to forge, use skill +5 "Weapon Craft" with added +2 ring-of-the-crafter proficiency." Bingo! a new Shadow Axe of Sharpness, sold for 350 RMB on Ebay. Rinse and repeat.
P.P.S. I'm doing Science and I'm still alive.
Flash forward ten years ... a group of American military commanders are gathered around a conference table deep inside the pentagon to discuss the most recent Chinese cyber attacks on US infrastructure. Voices are raised, tensions are running high, and nobody can seem to reach agreement on the best way forward. But everyone knows that time is running short and that a response is needed.
Suddenly, the huge video conference screen on the wall springs to life. A stern Chinese communist party official appears in a smart beige chairman-Mao suit. The shouting and arguments stop and an eerie silence descends. All eyes turn toward the Chinese official.
He speaks.
"How are you today gentlemen? All your base are belong to us."
Honestly, I am so frustrated with this "its someone else's responsibility to make it work" and other finger pointing paradigms. Its MY stuff, I bought it with legal tender, and if I don't know how to maintain it, do I really have that much business having it?
If my dog made a mess, its obvious to me just what he did and where he did it. If termites made a mess, I can find and put back what they messed up. I feel exactly the same with my computing apparatus, and I highly resent efforts by others ( via DMCA like legal maneuvering ) to keep me ignorant of how my stuff works. It frustrates me to no end to have others make knowledge illegal, enforceable by police at gunpoint, only for the financial gain of blocking off alternative remedies I have for maintenance or customization needs.
Having ANY software vendor locking me in to their "support" is like having the contractor who built my house locking me in for anything I want to do to maintain or modify my house.
Not to say I would want to deprive him of his art of driving nails, but if he was too hard to get along with, or overprices himself, I strongly reserve what I feel is my right to pick up the hammer and saw and do it personally, if need be.
Ignorance is going to be the end of us (US).
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
Richard Clarke, top counter-terrorism adviser to presidents of both parties interview.
1 138&sid=222938
Countdown with Keith Olbermann in January '07.
http://www.msnbc.msn.com/id/16771741/
My Summary:
http://politics.slashdot.org/comments.pl?cid=1806
~hylas
I am pretty sure the following "news" could be read somewhen in China
"'The US has established information warfare units to develop viruses to attack enemy computer systems and networks,' the annual PLA Defense departement report on USA's military warned. At the same, US armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years."
This leave me wondering with such a NON-news, what sort of propaganda is theUS trying to kick up. Are there commercial negociation starting soon with China ? Are they trying to put some pressure on China for a better rate ?
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
It is notable here that China is one of the state entities that enjoys access to the source code for Window under Microsoft's SharedSource program. If you're in IT for a government agency in the US, it's your duty to ask 'what does China know about my critical infrastructure that I don't know?'
Unfortunately for the people who rely on you, the answer is undiscoverable.
Help stamp out iliturcy.
or off topic. When a country develops any sort of new military technology that creates increased competition with American military technology there is a political reappraisal. The dramatic example is nuclear technology, but many others exist. The parent poster is pointing out that these revelations of new military technology will not be handled with regard to China as they would with regard to many other nations.
His comment is not particularly insightful, but his assertions are defendable:
Slashdot has reported on attacks apparently coming from within China (titan rain), and attempts by China to disable U.S. spy sats (ground based laser something or other).
The U.S. government continues to grant China 'Favored Trade Nation' status and facilitate the offshoring of work... esecially in manufacturing despite continued resistance from China to enforce safety/humanitarian regulations in those industries (something we require from our other top trading partners, though not from the poorer ones).
The U.S. government continually ignores international organizations such as Amnesty International who attempt to open dialogue about human rights records.
So now China is creating systems designed to realign the BOP on the net. How will the U.S. react? If it's track record holds true, then the U.S. will not react... which is really puzzling. True, if we have it, then others should not be prohibited... but that is now how we treat the non-chinas of the world.
The only disputable or inflamatory statement made by parent is that he actually feels sick about this.
Regards.
It's interesting to hear repeatedly that they are making so much effort in this area. The obvious target is the United States, though they could effectively attack our allies as well.
Coupled with anti-satellite weapons and a developing blue water navy - One could say they are preparing for conquest.
The rewards are enormous. China could completely destroy our networks and economy in a single day with a well coordinated strike.
That's not enough time to move our forces and fight back.
What is DOD doing? Spying on their citizens and making life a living hell for Iraqis.
BULLCRAP !!!!
1/Europe was a warzone for a thousand years. The moment the EU(actually its predecessors) was founded, war ceased. The economic bonds between these member states prevent any war. No-one in his right mind would think of a war between 2 of the member states, and yet Europe is the least militarized zone in the world.
2/the way people keep thinking of "enemies" is an outdated concept. At least in some parts of the world. Can you point them on the map? And Can you make a link to countries not involved in any war in 50 years ?
Yes, I'm left. You have a problem with that?
Probably not viruses, but worms, and remote-root exploits. If your local equivalent of NSA or GCHQ has found a really nasty bug in, let us say, Apache, which allows root control of the server, they'll quietly code up a worm to exploit it, and keep it in storage against the day they decide they need to knock down a whole bunch of systems.
However, the potential economic gain from owning Apache / MySQL systems is far greater than from owning IIS / SQL Server systems. The reason Windows-based servers are more commonly attacked isn't because they're more numerous, it's because they're more vulnerable. That, and a vulnerability affecting one generally affects all. That's not always the case with the more varied Linux systems, where exploits often depend on a very specific combination of software. So, if you're truly paranoid about informational attack, make sure your crucial systems are as secure as possible, and also varied in configuration, so that no single attack can take out all of them.
Real Daleks don't climb stairs - they level the building.
Are we assuming that our military isn't attacking them, too? It just seems like standard operating procedure to me.
There is an easy solution to cyberwarfare. Just don't keep important parts of your information infrastructure connected to the Internet; and always have offline backups. If people (especially businesses and government) rely too heavily on one medium (like the Internet) then it will become an obvious target. If worse came to worse, we could always just pull the plug. If your main line of business is related to the Internet, then you need to think of contingencies, like at the very least having VPNs for your customers/clients to use.
If people, businesses, governments, or armies cannot function without the Internet, then things have gone to far. I do however believe that the cyberwarefare concept is more hyperbole than a real threat. If I couldn't read Slashdot because of some Chinese government DoS attack, it would be sad for me, but it would not be the end of the world. And remember: the Internet as it is was designed for redundancy and routing around communication problems.
This is one of those irregular verbs:
By developing cyber weapons, US is defending freedom everywhere.
By developing cyber defenses, China is destablising the world.
By having computers, Iran is sponsoring terrorism.
To be serious about it, how can anyone be surprised that a major country is concerned about cyber-security?
# iptables -I INPUT -s 60.0.0.0/8 -j DROP
of course this makes sense now, get the Microsoft windows source code, encourage your citizens to use Red Flag Linux instead, gain a competitive edge when cyber-warefare erupts.
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas