Slashdot Mirror
Chinese Government Accused of Hacking Congress
Alotau writes "Chinese hacking is getting some serious Congressional attention. Two House members said Wednesday their Capitol Hill computers, containing information about political dissidents from around the world, have been hacked by sources apparently working out of China. Virginia Rep. Frank Wolf says four of his computers were hacked. New Jersey Rep. Chris Smith says two of his computers were compromised in December 2006 and March 2007. The two lawmakers are longtime critics of China's record on human rights."
The U.S. makes a lot of money off doing business with China, something like $386 billion in 2007. Retailers like Walmart and Target, manufacturers of every description, and shippers all have a huge stake in U.S.-China trade, even though China enjoys a growing surplus with the U.S.
Under these circumstances, it's not surprising that some mischievous hacking of Congressional computers is overlooked by the people who are supposed to care about such things. Where it gets more serious is the hacking of Pentagon systems that seems to be originating from sites in China.
China's government today is trying to juggle a growing nationalism among younger Chinese, a nationalism that is not friendly toward the West and the U.S. in particular, despite our close economic ties. They have fostered a hostile attitude toward the U.S. through years of propaganda, and this, too, the Americans have ignored in the interests of making money.
It will be interesting to see what happens come the day that China's huge internal market is affluent enough and their technology level high enough that they no longer need the U.S. as either a customer or investor. But in the meantime, it would be advisable for these Congressmen and other officials like Carlos Gutierrez (whose laptop was compromised during a trip to Beijing) to switch away from easily hacked systems like Microsoft Windows, and maybe keep their systems offline or only on a secured and firewalled intranet.
I also think that the U.S. government should not be using home computers like Dells running Windows. The hardware components are largely manufactured in China these days and who knows what evil back doors might be implanted in ROMs, akin to the compromised printers that were shipped to Iraq from the U.S. in the pre-Gulf War days.
it's = "it is"; its = possessive. E.g., it's flapping its wings.
Having not read TFA but read the summary, it only says that they were working out of China. That could mean that any person in China with access to a computer and *possibly* access beyond the great firewall of China could have done it. The summary sounds like if a US hacker hacked the Chinese government it would have to be the US government and not some ordinary hacker.
Taxation is legalized theft, no more, no less.
So what makes China any different. Lobbyist groups have been "hacking" congress for ages.
When our name is on the back of your car, we're behind you all the way!
Jebus...can we leave the OS wars out of it? Just this once?
From the line you quoted, it sounds like they had physical access to the machine to do the copying. Any and every OS will fall if you have the thing in your hands.
Because I think its going to be a useful skill given the way the wing is blowing.
Only a few years ago the eclipsing of the US by China was seen as a far off, ad even an unlikely, contingency. Now it is looking almost certain. They've quietly kept their heads down, developing their economy and their military, whilst the US has blown trillions of dollars on a pointless war, fumbled its economy and trashed its international reputation.
What kind of superpower can't do anything in response to such an open violation of its national security? It is the same kind of powerlessness that was demonstrated by the UK when the Russians openly murdered someone in the middle of London and we did nothing of consequence.
We in the west have squandered our soft power and shown our hard power to be just about adequate for securing two barely armed third world shitholes. This fact hasn't been missed by Russia and China.
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
I have a server the size of a double CD case locked in a dark generator shed on a tiny island miles from anywhere that sits alone 9 months of the year reporting battery bank voltages to me.... Chinese hackers attempt to break into it several times a day.
The fact is, there is a metric shitload of Chinese hackers out there. Just because you think you are something special doesn't mean they are targeting you.
(of course the hacker may not be from China, they are just using a machine in China as the most recent hop.)
Suppose China were found unequivocally guilty by this congressional hearing, what kind of punishment/sanction is our pro-business government (both parties) going to impose? There'll surely be economical retaliation and Walmark are not going to like that.
Just like suppose Windows were found to be running on most of the hacked computer, is our government going to to tough enough to demand replacing all our military computers with something more secure? Not when a multi billion contractor from Redmond has anything to say about it.
This raises another point. Surely our enemies with resource (and computer resource is cheap and abundant) are going to try to hack us. Shouldn't we be more focused on securing our system: something we can do pro-actively. Instead of blaming the attacker, over whom we have to jurisdiction (or unwilling) to punish, shouldn't we punish those people who leave us vulnerable here, at home, when we are paying them shit load of tax money to secure our infrastructure? And if the infrastructure is to blame, should we blame congress?
The only possible interpretation of any research whatever in the 'social sciences' is: some do, some don't
In any case, they had physical access to the machine, so unless you're encrypting the HDD, it's game over. Your stock Debian laptop would have been compromised as quickly as the one with Windows XP. Bastille Linux is just the same type of protection that can be had for Windows if you want or need it, and I'm guessing in this case they do want and need it. But it's not Windows' fault, and it's not Microsoft's fault, no matter how much you want that to be the case.
The twitter monologues. Click on my homepage and be amazed.
Does working out of China mean they work FOR the Chinese government? Or is it just speculation?
The greatest revenge in life is massive success.
This has been happening since China first got IP space. Their defense department was the origin of their first (very amateurish) hacks, those against pro-Tibet web sites. Thousands have happened since and have been reported, and it's no more likely to end than any other intrusions.
If the US wanted it to stop they'd put up honey pots with credible but artificial data and then wait for it to get used. This is how you catch the intruder and protect the real data at the same time. And the US knows this. This is first semester psyops. Fact is, they're almost certainly doing it, making this announcement utterly meaningless. And it is, unless you stick around for second semester psyops. That's when they teach you how to craft a story that makes such a big splash that something more important but entirely unrelated gets missed.
The present administration rarely hides its efforts along these lines, or Jon Stewart wouldn't have nearly as much material to work with. It's when something is really threatening to them that they work in the grey. Just as a possible for instance, in how many sources can you find this story, and in how many can you find the story of Kucinich's reading of articles of impeachment? And which is the more important story?
When something gets way too much coverage than it deserves, look around and see what's not getting enough. It'll be there because they can't make it go away. All they can do is tie a bell around the media's neck and wait for the sheeple to follow it.
"I may be synthetic, but I'm not stupid." -- Bishop 341-B
I work at a place that is routinely attacked. As someone else noted there's a load of hackers in china, most script kiddies, but when you work at a nice juicy target you get thousands more hits. Where I work I've watched the hack attempts come in and regardless of other posts saying "Oh, China's actual government would be more careful", most of the time they are pretty brazen, easily traceable and there isn't a damn thing we can do about it. We tried to run it up the chain once and after a lot of complaining we got sat down and told:
"Even if we confront someone from the Chinese government they'll just look at us and deny it."
but we have the logs.
"They'll say we faked them."
but we'll let them pull the logs themselves.
"They'll say that we are staging the attacks to frame the chinese."
I didn't have a response to this.
"We've done this before. Don't feel bad. Everyone who gets assigned to monitoring thinks they will be the first person to prove the chinese government is allowing its employees to target us. You get used to it after a while. Next year come to the import meeting and we'll let you hear how we are obviously setting up insecure servers just to tempt moral citizens to hack us." said the PHB.
George Bush and his crew of incompetence have NOTHING on the chinese when it comes to flat out lying, ignoring evidence, and blaming the target of the attacks.
Bastile-Linux. Great tool. It doesn't prevent you from booting the laptop with knoppix or something of the like, then mounting the drive and dd'ing it. They should be using multi-tier'd security for any system that leaves the premises. With considerations for different types of attack vectors. Physical and virtual. JMO. Also... If they can fry the electronics in a plane with the flip of a switch why can't they make the laptops self destruct when something cracks or penetrates the case? You could easily kill anything that would of had data on it by frying it if someone tries to remove it. Or better yet... Don't carry a laptop with data on it. Get the data via some secure channel and have it armed with a TTL, so it removes itself from existance. But what do I know, all my important stuff lives on the flash drive in my pocket and its encrypted.
I notice the article doesn't mention if any of the data on these computers was encrypted. It's one thing to hack into a Windows desktop. It's quite another to have to break a 1024-bit AES cipher to actually make use of the data you find. This should be (yet another) wakeup call that any data of any importance should be encrypted with a strong cipher. It's not like it's difficult to do, and it's not like the software is expensive (TrueCrypt, anyone?). I encrypt all my personal data, and if it was compromised, worst case scenario my identity might be stolen. These idiots (sorry, that's Representatives...) are storing personal information about political dissidents and refugees. If THAT data is compromised, worst case scenario people get killed, and entire political movements are quashed by force.
We have nothing on China. According to the BBC's annual poll of nations opinions of other nations influence, 90% of Chinese think China has a positive influence on the world. Ninety percent. That's not only provocative, but outrageous. That's surely similar to 1940s-era America, hardly like now, where only 56% of Americans believe that America has a positive influence on the world.
China has an unquestionable horrifying nationalism problem. This can be seen in issues such as Tibet and Taiwan. What's troubling isn't that Chinese want Tibet and Taiwan to be part of China, I can view that as acceptable. What isn't acceptable, however, are such obvious propaganda-induced lines of reasoning such as "Tibet has always been a part of China and forever will be a part of China." Not only is that false -- Tibet was its own country until China marched in there 50 years ago and took it, but that's how it works in war; winner takes all. But then the Chinese government proceeded to educate their entire 1+ billion population that, indeed, Tibet had always been a part of China, and that anyone who questioned otherwise was not Chinese and was siding with the Dalai Lama, who isn't even human.
Another Nationalism-brought issue outlined by the BBC poll is its hatred of Japan. There are only two important countries in the world that hate Japan -- China and South Korea. One might argue that it's because of Japan's war-time atrocities that they never properly atoned for. They have apologized many times, however poorly, and Japan is not elegant in international relations. That said, my argument is, East Asia was hugely and negatively affected by the Japanese Empire. China and South Korea aren't the only countries affected with horrendous atrocities. But why then, have all of the other South-East nations forgiven Japan, but China and South Korea haven't? Only 12% of Chinese carry a positive view of Japan's influence on the world -- not opinion of Japan, but opinion of the positiveness of Japan's influence on the world. Whereas in Taiwan, Japan's very popular culturally, even though many elderly people still speak Japanese from being forced to learn it during occupation!
And my last argument -- Anti-Anti-Chinese protests? VIOLENT Anti-Anti-Chinese protests, with prevalent stalking and death threats of anyone that criticized China? C'mon, that's pitiful.
And to any Chinese that might be reading this, my message would be that there's nothing wrong with being proud to be Chinese. There's nothing wrong with wanting the Chinese people to be united and patriotic. But people and government are separate. Just because you're Chinese doesn't mean you have to defend your government for no other reason than that it's my government, just how Americans don't have to defend President Bush just because he's my President. Nationalism is good in small doses for the morale of a country, but in large quantities like currently present in China, war is almost certainly inevitable. Think about the nationalism of 1940s America, 1940s Japan, 1940s Nazi Germany (hah, Godwin's law strikes again!). Unchecked Nationalism only brings horror and foolish decisions, all for the sake of being Chinese, or being American, or being Japanese, or being German.
Jebus...can we leave the OS wars out of it? Just this once?
No, we can't. And we shouldn't.
People in the government are putting life-critical and national-security-critical information on computers driven by a software system that is notorious for a multi-decade history of being riddled with security holes, some of which are architectural and unfixable.
Doing this - and CONTINUING to do this when they should know better - is a major part of the issue under discussion.
In this case it has resulted in the disclosure of the identities of dissidents to the intelligence agencies of foreign governments who wish them eliminated. This will probably result in a number of incarcerations, tortures, and deaths.
In other cases it may even lead to outcomes as serious as the US losing a war, being conquered, or being destroyed.
This is an important issue. Failing to fix it may result the deaths of multiple millions of people and creating a future consisting of a jackboot on humanity's neck for generations to come.
For us to refrain from discussing it because you're sick of "OS wars" would be beyond criminal. It only lacks a declaration of war to qualify as treason.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
"Microsoft recall" - search pulls 711k results.
Yeah, Chinese companies are not meeting standards, and they are probably cutting corners. BIG shock.
As far as openly executing executives? I've heard of one case where that's happened, and - I don't have any sources handy - it was for something egregious, like intentionally shipping a product resulting in hundreds of deaths (I'll stop because admittedly, I don't remember the details. I wouldn't say the guy deserved to die, but that's just me). So what are you suggesting with the "kill themselves" in quotes? That the Chinese government is running some secret program whereby company execs who embarrass the name of the country are killed off?
Someone needs to drink less of the Western media kool-aid.
But well, China is clearly a world threat, given its aggressive tendencies...you know, Red China ramping up their military, how dare any country do such a thing. But we're in no position to point fingers here, because we've been the country going around, occupying other countries, for - as time goes by - reasons which become more and more farcical.
There's a much stronger argument that the US is the biggest threat to the world, but thankfully, this could change with a new administration. (+1 for democracy).
But you know what, China's economic and military growth IS a threat to the US's status as a superpower, something which we would very much like to hold on to, so you bet the US government and our "free, independent" media wants us all to think of China as a dangerous, evil "dragon" waiting to rise and destroy us all. That's propaganda.