Slashdot Mirror
China Crafts Cyberweapons
MitmWatcher writes to mention that a recent report by the Department of Defense revealed that China is continuing to build up their cyberwarfare units and develop viruses. "'The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks,' the annual DOD report on China's military warned. At the same, Chinese armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years."
Only sensible. News because they happen to be communist in name. Everyone else is doing the same things. This is like the revolutionary developments in bio-weapons by the major countries last century. China may actually have a better vision of the future in its defence policy than other nations.
"...ICE patterns formed and reformed on the screen as he probed for gaps, skirted the most obvious traps, and mapped the route he'd take through Sense/Net's ICE. It was good ICE. Wonderful ICE... ...His program had reached the fifth gate. He watched as his icebreaker strobed and shifted in front of him, only faintly aware of his hands playing across the deck, making minor adjustments. Translucent planes of color shuffled like a trick deck. Take a card, he thought, any card.
:)
The gate blurred past. He laughed. The Sense/Net ice had accepted his entry as a routine transfer from the consortium's Los Angeles complex. He was inside. Behind him, viral subprograms peeled off, meshing with the gate's code fabric, ready to deflect the real Los Angeles data when it arrived."
From Neuromancer, by William Gibson, following protagonist Henry Dorsett Case as he uses a Chinese military-made icebreaker to hack a virtual fortress...
If only computer security were really so dramatic
Now we can buy millions of pirated copies of these weapons at almost nothing.
The US will ignore this for the most part, keep trading with them, and allow corporations to send its citizens jobs to the nation that is attacking it. It makes me sick.
I like Linux as much as every other guy here but, if you actually believe that Linux is flawless enough to endure a military funded search for flaws and vulnerabilities and come out immaculate, you must be out of touch with reality.
If "given enough eyeballs, all bugs are shallow", given enough eyeballs (and china has the most), money, military grade technology and bad intentions, every bugs is a potential weapon.
http://www.af.mil/news/story.asp?storyID=123030505
I have an image of thousands of Chineese computer specialists, working tirelessly in huge warehouses of cubicles. I can hear them mumbling now... "Collect metal, collect wood, collect magic talisman of sharpness, rrrun to forge, use skill +5 "Weapon Craft" with added +2 ring-of-the-crafter proficiency." Bingo! a new Shadow Axe of Sharpness, sold for 350 RMB on Ebay. Rinse and repeat.
P.P.S. I'm doing Science and I'm still alive.
Flash forward ten years ... a group of American military commanders are gathered around a conference table deep inside the pentagon to discuss the most recent Chinese cyber attacks on US infrastructure. Voices are raised, tensions are running high, and nobody can seem to reach agreement on the best way forward. But everyone knows that time is running short and that a response is needed.
Suddenly, the huge video conference screen on the wall springs to life. A stern Chinese communist party official appears in a smart beige chairman-Mao suit. The shouting and arguments stop and an eerie silence descends. All eyes turn toward the Chinese official.
He speaks.
"How are you today gentlemen? All your base are belong to us."
Honestly, I am so frustrated with this "its someone else's responsibility to make it work" and other finger pointing paradigms. Its MY stuff, I bought it with legal tender, and if I don't know how to maintain it, do I really have that much business having it?
If my dog made a mess, its obvious to me just what he did and where he did it. If termites made a mess, I can find and put back what they messed up. I feel exactly the same with my computing apparatus, and I highly resent efforts by others ( via DMCA like legal maneuvering ) to keep me ignorant of how my stuff works. It frustrates me to no end to have others make knowledge illegal, enforceable by police at gunpoint, only for the financial gain of blocking off alternative remedies I have for maintenance or customization needs.
Having ANY software vendor locking me in to their "support" is like having the contractor who built my house locking me in for anything I want to do to maintain or modify my house.
Not to say I would want to deprive him of his art of driving nails, but if he was too hard to get along with, or overprices himself, I strongly reserve what I feel is my right to pick up the hammer and saw and do it personally, if need be.
Ignorance is going to be the end of us (US).
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
I am pretty sure the following "news" could be read somewhen in China
"'The US has established information warfare units to develop viruses to attack enemy computer systems and networks,' the annual PLA Defense departement report on USA's military warned. At the same, US armed forces are developing ways to protect its own systems from an enemy attack, it said, echoing similar warnings made in previous years."
This leave me wondering with such a NON-news, what sort of propaganda is theUS trying to kick up. Are there commercial negociation starting soon with China ? Are they trying to put some pressure on China for a better rate ?
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
It is notable here that China is one of the state entities that enjoys access to the source code for Window under Microsoft's SharedSource program. If you're in IT for a government agency in the US, it's your duty to ask 'what does China know about my critical infrastructure that I don't know?'
Unfortunately for the people who rely on you, the answer is undiscoverable.
Help stamp out iliturcy.
or off topic. When a country develops any sort of new military technology that creates increased competition with American military technology there is a political reappraisal. The dramatic example is nuclear technology, but many others exist. The parent poster is pointing out that these revelations of new military technology will not be handled with regard to China as they would with regard to many other nations.
His comment is not particularly insightful, but his assertions are defendable:
Slashdot has reported on attacks apparently coming from within China (titan rain), and attempts by China to disable U.S. spy sats (ground based laser something or other).
The U.S. government continues to grant China 'Favored Trade Nation' status and facilitate the offshoring of work... esecially in manufacturing despite continued resistance from China to enforce safety/humanitarian regulations in those industries (something we require from our other top trading partners, though not from the poorer ones).
The U.S. government continually ignores international organizations such as Amnesty International who attempt to open dialogue about human rights records.
So now China is creating systems designed to realign the BOP on the net. How will the U.S. react? If it's track record holds true, then the U.S. will not react... which is really puzzling. True, if we have it, then others should not be prohibited... but that is now how we treat the non-chinas of the world.
The only disputable or inflamatory statement made by parent is that he actually feels sick about this.
Regards.
BULLCRAP !!!!
1/Europe was a warzone for a thousand years. The moment the EU(actually its predecessors) was founded, war ceased. The economic bonds between these member states prevent any war. No-one in his right mind would think of a war between 2 of the member states, and yet Europe is the least militarized zone in the world.
2/the way people keep thinking of "enemies" is an outdated concept. At least in some parts of the world. Can you point them on the map? And Can you make a link to countries not involved in any war in 50 years ?
Yes, I'm left. You have a problem with that?
Probably not viruses, but worms, and remote-root exploits. If your local equivalent of NSA or GCHQ has found a really nasty bug in, let us say, Apache, which allows root control of the server, they'll quietly code up a worm to exploit it, and keep it in storage against the day they decide they need to knock down a whole bunch of systems.
However, the potential economic gain from owning Apache / MySQL systems is far greater than from owning IIS / SQL Server systems. The reason Windows-based servers are more commonly attacked isn't because they're more numerous, it's because they're more vulnerable. That, and a vulnerability affecting one generally affects all. That's not always the case with the more varied Linux systems, where exploits often depend on a very specific combination of software. So, if you're truly paranoid about informational attack, make sure your crucial systems are as secure as possible, and also varied in configuration, so that no single attack can take out all of them.
Real Daleks don't climb stairs - they level the building.
Are we assuming that our military isn't attacking them, too? It just seems like standard operating procedure to me.
There is an easy solution to cyberwarfare. Just don't keep important parts of your information infrastructure connected to the Internet; and always have offline backups. If people (especially businesses and government) rely too heavily on one medium (like the Internet) then it will become an obvious target. If worse came to worse, we could always just pull the plug. If your main line of business is related to the Internet, then you need to think of contingencies, like at the very least having VPNs for your customers/clients to use.
If people, businesses, governments, or armies cannot function without the Internet, then things have gone to far. I do however believe that the cyberwarefare concept is more hyperbole than a real threat. If I couldn't read Slashdot because of some Chinese government DoS attack, it would be sad for me, but it would not be the end of the world. And remember: the Internet as it is was designed for redundancy and routing around communication problems.
This is one of those irregular verbs:
By developing cyber weapons, US is defending freedom everywhere.
By developing cyber defenses, China is destablising the world.
By having computers, Iran is sponsoring terrorism.
To be serious about it, how can anyone be surprised that a major country is concerned about cyber-security?
# iptables -I INPUT -s 60.0.0.0/8 -j DROP
of course this makes sense now, get the Microsoft windows source code, encourage your citizens to use Red Flag Linux instead, gain a competitive edge when cyber-warefare erupts.
"The Most Fun Possible on 4 wheels" is at SunBuggy in Las Vegas