Chinese Hacking of American Military Networks On the Rise

Anti-Globalism writes with this excerpt from the Guardian: "China is stealing sensitive information from American computer networks and stepping up its online espionage, according to a US congressional panel. Beijing's investment in rocket technology is also accelerating the militarization of outer space and lifting it into the 'commanding heights' of modern warfare, the advisory group claims. ... A summary of the study, released in advance, alleges that networks and databases used by the US government and American defense contractors are regularly targeted by Chinese hackers. 'China is stealing vast amounts of sensitive information from US computer networks,' says Larry Wortzel, chairman of the commission set up by Congress in 2000 to investigate US-China issues." The full study addresses these issues and others relating to the US-China relationship (PDF).

Obligitory...

[religious+freak]

But how much is the USA ramping up their attacks on China?

Re:Obligitory...

[maxume]

One atomic weapon at a time. Yeah!

Re:Obligitory...

[narcberry]

No no, we need to stop the creation of nuclear weapons by dismantling our nuclear facilities and reducing our workforce of experts. By spearheading this initiative, we can expect other nations to follow suite.

Or they will surpass our technology and stockpiles while we hold hearings on the effects of global climate change. But I am confident they will not do so.

Re:Obligitory...

[maxume]

What I meant was funnier than that.

Re:Obligitory...

[narcberry]

Maybe, but I stand confident in the fact that their are others, like me, who aren't that smart.

Re:Obligitory...

[billsf]

Is this some excuse for another cold war?

If the USA government is poking at China, its more sophisticated and not readily detectable from the civilian nets. Appropriate technology and its proper use is the solution to this 'problem' that is very visible on our nets.

--

No, I can't read your signature, but my computer can. Using 'geek' is nicer than 'nerd' in these parts.

     

Re:Obligitory...

Do we know it's the Chinese doing this, or just that the traffic is coming from China?

I heard somewhere that the Russians supplied the Chinese with hacked Windows software which handily had back doors allowing the Russians in.

Far fetched? Who knows.

Re:Obligitory...

[LingNoi]

Then we can play fallout 4! Weee!!

WTF?

[Ritz_Just_Ritz]

Perhaps I'm just too simple minded, but WHY ON EARTH is ANY of that information even accessible from the interwebz?

Re:WTF?

[aliquis]

My first though to, why is it even accessible if they think it's such a problem? Guess at least the military should know such basic things. (Though I do understand it makes their sharing easier.)

Re:WTF?

[retech]

Those systems are online so that the gov't employees and contractors can get their daily dose of pr0n and /.

Those people have needs while at work and it'd be inhumane to not address them!

Re:WTF?

[ahabswhale]

It's not available. The military has had regulations preventing the placement of confidential information on publicly accessible networks for over 20 years (which is back when I was in the Air Force). I'll leave it to the amazingly brilliant posters of /. to figure out why they might make such statements...

Re:WTF?

[solweil]

It's a pre-release of a congressional report that's a rehash of scare pieces from the last few years of open source reporting, not a super-secret military document.

Re:WTF?

Actually, I remember reading some time ago (it may or may not have been on slashdot), that the US Army had purchased Apple Macintosh computers to replace the PCs, because "they're more secure, and they just work."

Re:WTF?

If you had read the actual paper, they specifically state that the problem lay in niprnet and that although the data is unclassified on that network, much of it is sensitive up to the point of being mission critical-- an example they give is that troop and supply deployment records are stored on niprnet and how the chinese have specifically stated that they observed how we deployed in the last several conflicts and how we tend to amass troops and supplies on the hostile borders whenever we feel we about to be involved with a conflict. Thus, this could be useful information to China in the event of a conflict with them. Other data stored on NIPRNet include things like the daily schedules of generals/admirals/et cetera, troop payroll information, et cetera.

Furthermore, DoD isn't the only agency with sensitive data (and what it has mostly has a pretty short shelf life of sensitivity), whereas other agencies, i.e. DoE have data that has restrictions like 'must remain secret for 100 years after the end of the project'. DoE uses kg-175s to route classified data over the internet ala VPN. Now consider that in the same chapter of the report as the cyber-warfare section it talks about China's expanded interest in space and its subsequent militarization efforts. Consider agencies like NASA which had a long history of all sorts of security problems, and like most research based governmental organizations, also have highly sensitive networks touching things they probably shouldn't. Then consider contractors like Boeing, Raytheon, Bechtel and what their networks look like.

So in short, you really don't know what you're talking about, move on.

Re:WTF?

The short answer?

Money. Consider what it would cost to securely wire (assuming its even doable at this scale) all of the sensitive components of the US government, and their contractors and so on.

The SOP for this type of stuff is 'wrap it in nsa crypto' (kg175s/et cetera), this stuff isn't really the issue though-- its the sensitive but unclassified/yellow networks that are the issue. Read the report, specifically where they talk about NIPRNet; It's DoD specific in that instance and doesn't even cover the range of other networks out there, but that gives you an idea of what's going on

Re:WTF?

[RocketRabbit]

Some dummy hooks a Wifi router up in his office, is sometimes what does it.

Re:WTF?

[aliquis]

Has this been confirmed by Netcraft?

Re:WTF?

[Discrete_infinity]

Think honey pots and disinformation. It also lets us know what information they are interested in and thus maybe what they are up to. Just my 10 cents ;)

Re:WTF?

[Ex-MislTech]

Well there is also these problems:

Counterfeit chips in Cisco gear on military networks:

http://www.infoworld.com/article/08/05/12/FBI-worried-as-DoD-sold-counterfeit-Cisco-gear_1.html

Chinese buying the main fiber network the US military uses:

http://www.hereinreality.com/likashing.html

Stupid is, as stupid does...

Where's The F***?

No you're not simple minded. Why indeed is it anywhere near the internet ESPECIALLY with a report telling us WE KNOW THERE"S A PROBLEM!.

Why would they bother?

[Colin+Smith]

America is sending all of it's wealth to China anyway and is happily enslaving future generations to chinese investors.

"Supreme excellence consists in breaking the enemy's resistance without fighting." Sun Tsu. 2500 years ago so.
 

Re:Why would they bother?

[vux984]

America is sending all of it's wealth to China anyway and is happily enslaving future generations to chinese investors.

Hee hee jokes on them. Its not going to get paid back. And at the end of the day all the stuff they sent us is worth more than all the paper we printed to get it.

I'm only half joking. Seriously... Maybe I'm being too cynical, but I think if this debt spiral continues... when it collapses under its own wate, the US is going to undergo an internal 'revolution', declare that it has no intention or obligation of paying back the previous administrations debts, and if any other country wants to make something of it...well the army is ready.

Re:Why would they bother?

[maxume]

Only if we figure out a way to provide all of our transport fuels on our own.

Invading Canada for oil would be the start of a rather interesting period of history.

Re:Why would they bother?

[Nerdfest]

You can have the oil, but only if you take Celine Dion and Ben Mulroney as well.

Re:Why would they bother?

[Beardo+the+Bearded]

Our countries are brothers. You guys can have all the oil, gas, water, electricity, and uranium you want.

You've got our back; we've got yours.

Re:Why would they bother?

[Ex-MislTech]

Well all you need is fair bit of desert and you can grow
your own oil from algae at the rate of about 100,000 gal/acre.

http://www.youtube.com/watch?v=8hioZ7C6HLs

Re:Why would they bother?

[Ex-MislTech]

One problem with your theory.

The WTO will embargo the US, and if you have not looked
lately we don't manufacture much here.

Also a near worldwide embargo will have an effect on us.

Alot of ppl like to yack on about how we won WW2, but in fact
the Russians bore the brunt of the casualties, and fighting.

The US is vulnerable to having the oil cut off at this point too
as we import 70% of the oil into this country.

Luckily Canada is our #1 oil importer.

Re:Why would they bother?

[cptnapalm]

Dude, that is a totally unfair trade. You have to keep Dion.

Re:Why would they bother?

[cptnapalm]

Yeah, the Russians did a magnificent job fighting the Japanese for all those years.

Re:Why would they bother?

Translation: Please don't kill me.

Re:Why would they bother?

[maxume]

I sure hope so.

The good news is that there is a lot of desert. The bad news is that replacing transport fuels (for the U.S.) at that rate would require something like 4,000 square miles of it (maybe half of that if every vehicle gets more efficient and people conserve some). That's a hell of a lot of infrastructure to build and maintain. His 10% of New Mexico is closer to 12,000 square miles, so something is going on (I made a mistake or the numbers in the video are sloppy).

Still, as far as I can tell, no other alternative fuel even comes close to working.

Re:Why would they bother?

[Ex-MislTech]

I didn't say we did not participate.

I am saying the Russians had far more casualties,
and did the bulk of the fighting.

This pretty much proves that:

http://en.wikipedia.org/wiki/World_War_II_casualties

23 million dead vs. 400k dead is a large difference.

I will grant you the Russian leadership did not value human
life as much as ppl from the US, but never the less.

Re:Why would they bother?

[cptnapalm]

The Russians had the Great Patriotic War, which was exclusively against the Germans and their western allies. They fought in a theater of World War II. Not until very very very late in the day (August 1945) did they do anything whatsoever against Japan.

The reason they had such massive casualties is because the Soviets theory was that if you threw enough people at the Nazis, the Nazis would run out of bullets.

Hooray for Windows!

[toby]

Jail Gates.

It's not one way

[Caedes.Leighton]

US hacks China, China hacks US, where is the news in that? It's like watching two kids fight and both of them saying "He started it!" when in fact, they're both annoying little bastards.

Re:It's not one way

[moderatorrater]

The news is that they're fighting and that the fighting's escalating. The two kids on the playground are more like Godzilla and Mothra - if they fight, there's going to be lots of explosions and buildings falling over. Plus, there's going to be some terrible dub work and the Japanese are going to somehow be involved. Also, we're going to find out about new powers that Godzilla has that he didn't have in the last movie. And then Steven Spielberg will do a remake that'll flop.

That got out of hand fast. Anyway, just because "they're both annoying little bastards" doesn't mean you shouldn't keep an eye on them. Especially if you live in Tokyo.

Re:It's not one way

[interval1066]

In my opinion, and is just that (but keep reading), China is more than "earnest" in its hacking efforts. Our so-called security and espionage institutions seem rather stuck in a cold war mentality in my opinion, just look at the confusion, ineptitude, and inter-departmental mis-communication after 9-11. So back in the day I used to run an apache server on my own domain, just for fun, and this required me to run my own domain server. I never got much traffic, never intended to as such I left my telnet port wide open- no ssh tunnel, so I could jump in remotely to do reboots or whatever. Security wasn't big on my mind as there was nothing sensitive on the server.
Then early one morning I noticed the dsl modem activity light going nuts, it was never busy early in the morning. I let this go on for three mornings, and on the last morning I audited my name server's system logs. An ip in China had hacked my pw's and re-compiled the server's openbsd kernel completely changing the default nature of the name server. I didn't try to analyze exactly what they had re-programmed my name server to do, I just re-compiled and closed off the telnet port.
But it made me think- I'd never gotten so much as an innocuous hit from a casually surfing American .gov or .mil domain, and here are the Chinese, actively bending a simple, but non-windows, domain server to their will. Just how hungry are such people for a technological presence, or even dominance? And just how asleep at the switch and backward are the leaders of the mighty United States? After everything that's happened since 9/11, the economy, everything, I think we really need to take a very stern look at how the US has been, and is being, run.
This might have been a fly-by-night group of hackers creating a botnet, but I never detected any bot code or strange kernel mods, only the name server hijack. I suspect a nation has to be very hungry to commit resources, private or not, to doing things like that.

Get real.

[Colin+Smith]

This is propaganda. It's simply preparing the public for adding China to the Axis of Evil, erecting trade barriers etc.

 

Re:Get real.

[moderatorrater]

I'd agree with you if this were a few decades ago, but right now we're too dependent on China's production and cheap labor.

Re:Get real.

[zappepcs]

Bang on correct! When do people, especially government types admit that they have a problem and are hemorrhaging data to foreign states? Only when there is an advantage to doing so. In this case, I think you are right, it's part of a ramp up on public information to demonize the Chinese. Specifically who among the Chinese is yet to be determined, but the probably have a short list of targets.

Re:Get real.

[sexconker]

And we'll bust out the phrase "buy american"...once the economy turns around.

Unless...can we convince people that buying american will fix the economy, keep the lead out of their toys, AND stop the chinese from hacking our military?

Re:Get real.

[sowth]

If that is true, then why have I received tons of scans from Chinese IP addresses? When I last looked at my firewall logs, most portscanning crap came from China, so I blocked a bunch of Chinese subnets.

What about the people injured or murdered by fake epogen and tainted food? Are the Chinese private sector and military out of control, or is this a deliberate effort?

Either way, this is a good reason for me to have an unfriendly attitude toward China. Maybe this is propaganda, but there must be some truth to it.

Re:Get real.

[jacquesm]

It could simply be botnet harvesters trying to 'encourage' your machines to join the botnet.

Re:Get real.

[MrNaz]

Actually, according to this list, the top spammers are from the US but perform their nefarious deeds using Chinese servers.

In other words, your claim that "The Chinese are EVIL!" because they portscan you is BS.

I also think that by saying this "this is a good reason for me to have an unfriendly attitude toward China" you qualify for the Dumbest Statement All Week award. Most civilized people have, by now, realized that the "us versus them" attitude between nations is stupid, as no nation's people can be judged according to the deeds of its government or a minority such as it's hacking community. What sort of judgment would the world make regarding the US based on the actions and behavior of your last president?

Well done on being the among the last blind bigots to grow up.

Re:Get real.

[Ethanol-fueled]

You know that some folks higher up are manipulating gas prices to be cheap here in the U.S. so that they can convince Americans to bail out GM and buy their gluttonous pieces of shit as if it's now raining oil or sumthin'.

Signed, a proud Ford and Chevy owner

Re:Get real.

[jeko]

I sure hope so.

Re:Get real.

Why are you proud of the brand of car you own?

Re:Get real.

Come to CCC Congress in Berlin in December; there are two talks which will definitively prove you wrong.

Re:Get real.

[QuantumRiff]

I think its much more that were dependant on China buying our Treasury notes, or else we would literally be bankrupt.

Re:Get real.

[NetNinja]

Trade barriers?

What trade barriers? Everything is made in China now. Go to Walldo Mart and see how much stuff is made in the U.S.

So for the short sighted goal of increased revenue (Greed) we export all mass manufacturing to China.

We are headed for a fall so hard we may never recover. The U.S. can't even make cars anymore, to hear those executives clamering about U.S cars are on par with Japanese cars is so far off the mark they have been breathing to much of thier VOC's. If that was the case why is it they still have to make that statement 40 years later?

I remember when the Japnaese were buying F-16 fighter jets from the U.S. and all they wanted was the airframes. The japanese exact words were our Avionics and radars are better than the American electronics, what they really meant was "we are afraid that the Americans will plant logic bombs in the electronics and all they have to do is flip a switch.

When the war with China starts they already know how to shut down every single electronic component. Cell phones, Routers(netgear,linksys), loss of basic communication will have people running in fear all over the place. Ham radio operators will be in vouge again.

Ever see people have a fit when thier ISP goes down? Lord help us if people loose thier cell phones, crackberrys and MMO online games.

The U.S. knows how to manufacture 2 products so well that countries all over the world will die for.

Weapons

Slot Machines

Re:Get real.

Right, the Chinese have never tried to hack US systems. They'd never try it enough to get their own codename, say Titan Rain. Nope, never. Uh huh.

Re:Get real.

You mean we might revoke the "Most Favored Nation" status we granted them? I'm not even sure it's possible to revoke, but I did find it humorous that our politicians considered them such good buddies, after considering them enemies for years. They seem to be beating the pants off us in capitalism, so I guess we're about ready to call them names again.

Re:Get real.

[mevets]

Demonize the Chinese?

Really, do you think so? I kinda thought when the olympic-team-tards donned breathing masks inside the aeroplane, the US had outed their policy.

In the height of the cold war, the Russian people had a better grasp of global affairs than the US people. The troubling question is who has a better grasp now?

Re:Get real.

[zappepcs]

I think the US was just testing the waters at that point. We signed the commerce deals, opened borders... that sort of shunted the communist thing to ground. Now we have to deal with the 21st century cold war problems. What we are seeing is that effort. Dealing with enemies that cannot be outed without revealing your own discrepancies. Cat and mouse in the age of social networking and video phones is much different than the post WWII cold war.

Everyone has forgotten the mysterious underwater cable cuts. Not before or since has such happened, and it's now just ignored. If you ask me that is bizarre. I'm not saying one way or the other what actually happened, but look at the news, and how news treated such problems before then. It's ... odd.

As for who has a better grasp now? I would think that those who know Obama's social circles know best. I'm fairly disgusted with American politicians and what they have accomplished in the last 30 years. I want my America back and I'm not easily swayed from thinking that those in power are corrupt beyond redemption. It is not easy to get in those positions of power, and getting the backing to get there is not a job for the pious. Sure, it takes a bit of that to make the decisions that are necessary, but the warnings Eisenhower gave us should be printed on coffee cups everywhere so we don't forget. http://leisureguy.wordpress.com/2008/07/31/chalmers-johnson-on-the-military-industrial-complex/

Today, 22 Nov 2008, is the anniversary of JFK's assassination. What better time to stop and think about how many plans within plans our governments weave. It is by no small measure that they benefit from such deceptions. I am fully willing to see and hear evidence from full and impartial investigations into all matters of dodgy repute where government is concerned... and until I see such investigations, I will continue to believe that governments are run by, and staffed by corrupt individuals. If you think your mailman is one of the people I'm speaking about and that they are not corrupt, ok... I'm talking about people that make decisions, sign things into law, or send soldiers to fight etc.

Re:Get real.

[symbolset]

While I'm well educated in the Road to War, I don't think this is it. I think this is merely a military responding to a known threat. They are being attacked by known external entities via seeded USB devices, and that attack is being amplified by ignorance on the part of the rank and file thinking these devices are innocuous or can be made so.

Opsec has been pretty lax. If you read the USB spec, you will get that any device plugged into it can write to arbitrary memory locations. It's wide open. A device that can PWN a milspec computer that allows mounting of USB devices should take more than a few days of idle speculation to design at this point in history.

The military definition of trust: the access you grant another to cause you harm.

Given the above definition and a clear reading of the standard, the availability of USB and Firewire ports on military use computers is an oversight that should have and could have been prevented.

WRT granting Internet access to military computers, I don't know. Intuitively it would be better if the systems used for command and control were electrically and signally separated from the systems that were used for general purposes. It was once thus, back in my day with the military. The Internet and the subset that was once Milnet have grown far more reachable since then. This is handy for some, a screaming disaster for others.

Re:Get real.

[piemcfly]

Trade barriers on a country with a coastline of 14500KM, in an economically interlinked multi-polar world system highly dependant on Chinese production capabilities?

For some actual insight into possible future policies and trends, read the new report from the National Intelligence Council that just came out a few days ago.

Re:Get real.

[RocketRabbit]

You're living in fantasy land if you believe the Chinese aren't spying on us to the best of their ability. Yes, this includes network sweeps and all kinds of other shit that you can see, right in your own logfiles! You can read about it in the paper if you wish.

I don't think the poster was saying "All people of Chinese heritage including people who are genetically Chinese but were adopted by American parents are evil!" He was saying "The People's Republic of China is spying on us."

Get a grip, man. Save yourself the effort and relax. The Chinese, Israeli, Canadian, French, and Mexican states are all spying on us all the time. We spy on them too. States are like pigs at a trough, always jockeying for position among each other. Sometimes they bite each other. I hear there are a few people who manage to make obscene amounts of money all the while.

Were the Rockefellers or Morgans or Chases or Vanderbilts or the Fords ever eating meatloaf because they had to stretch their meat ration?

Re:Get real.

[Findeton]

But China is "Evil". I mean, it's a dictatorship, workers have no rights, citizens have no free speech, the government trades with the organs of living prisoners, and most of their economy is planned by the government (capitalist china? read more, china is still communist!) and when we buy their products we are supporting the dictatorship.

Re:Get real.

[LingNoi]

They are already buying American and they are still hacking the military.

Whose operating system do you think is getting hacked if not Microsoft's or Apple's ?

Re:Get real.

[LingNoi]

What about the people injured or murdered by fake epogen and tainted food? Are the Chinese private sector and military out of control, or is this a deliberate effort?

This is really old news, the chinese standards where found to be taking bribes and the main guy got sentenced to death. What more do you want? He's dead.

Now if only people in the US got executed for fucking up like that. I bet if the same thing happened in the US no one would have even got a jail sentence, they'd have just been fined.

In fact that's exactly what the US needs some fucking responsibility. Like this whole hacking thing. Why is no one to blame for not securing the networks?

It's not rocket science however we can only guess at the amount of windows xp machines they have out there with bonzi buddy and other useless shit with no regards to keeping the data secure.

Re:Get real.

I think you are right, it's part of a ramp up on public information to demonize the Chinese.

I think this is more a reaction to the fact that policy wonks have already demonized the Chinese for the last decade. China is the new Japan.

Re:Get real.

[Ex-MislTech]

Verified:

http://www.infoworld.com/article/08/05/12/FBI-worried-as-DoD-sold-counterfeit-Cisco-gear_1.html

http://www.hereinreality.com/likashing.html

http://www.fas.org/news/china/1998/h980618-prc8.htm

Re:Get real.

[Ex-MislTech]

If your the right person you will not even get fined.

http://www.fas.org/news/china/1998/h980618-prc8.htm

Selling Loral's guidance system for Nuclear Weapons to
China for some campaign contributions was A-OK.

Re:Get real.

[indi0144]

Lame astroturfer is lame

Re:Get real.

[Ex-MislTech]

The low tech masks the team was wearing was for the
output of the numerous coal plants in China.

The particulate matter in the air is very high.

So high in fact that they had a massive algae bloom
mess they had to clean up in the waters right before
the olympics that was quite embarrassing to them.

http://www.guardian.co.uk/environment/2008/jun/30/pollution.olympicgames2008?gusrc=rss&feed=networkfront

This has been linked to the coal:

http://www.sfgate.com/cgi-bin/blogs/green/detail?blogid=49&entry_id=27705

The air quality in China at times has been hideous.

Re:Get real.

[sowth]

You have good points. I agree you shouldn't be prejudice against specific people because of something which may apply to a group, but I meant the Chinese government and Chinese companies.

All those problems are caused by either the action or inaction of those two entities. Granted, one shouldn't make blanket statements (not all Chinese companies are bad), but with such an environment, one cannot trust chinese products or chinese IP addresses.

At some point, you have to say boycott and block them all, which is what I am starting to do. I also read in a report (was it the one in this article?) the Chinese are using prison labor and trying to get around US import laws against such labor. The Chinese government also requires massive censorship (while hiding it), so I don't see why blocking chinese IPs will make things worse for them. Maybe they will then start to ask why they can't access anything outside of their country.

It also says something that the scumbags in the US who are attacking computers have to go through China. It says US ISPs/government are watching criminals, while Chinese ISPs/governemnt are not.

Communist China! Your days are numbered!

[Cathoderoytube]

It's pretty obvious this would qualify as an act of war. I think it's in everybody's best interest if the United States retaliated by saying they're not going to pay off their debt to China. Also maybe putting up some sort of trade embargo against them.

I mean what's China gonna do? What's the worst that could happen in a situation like that? I think China would probably learn their lesson and become good.

Re:Communist China! Your days are numbered!

[Sta7ic]

What's the worst that could happen [if we put up a trade embargo against China]?

When was the last time you went into a Wal-Mart and looked at the 'Made In..." tags? 70%-plus of the stuff in that store is from China, from trash cans to seasonal stuff to lego-like shelving units.

Re:Communist China! Your days are numbered!

There are -zero- smelting plants for steel based alloys in the US.

Similar with electronics manufacturing, which is all done overseas.

All China would have to do is not export goods or raw alloys, and the US would be in a world of hurt.

Or China could just bomb Taiwan and cause the US more pain because of the sheer amount that the US depends on their manufacturing for electronic items.

China has the ball in this game.

Re:Communist China! Your days are numbered!

When was the last time you went into a Wal-Mart and looked at the 'Made In..." tags? 70%-plus of the stuff in that store is from China, from trash cans to seasonal stuff to lego-like shelving units.

When was the last time any of that stuff was actually necessary to our survival? Sure embargo China and we'll all have to do without cheap plastic rubbish bits for awhile, and start patching cloths instead of buying new ones for a bit. Eventually somebody else starts making stuff (or god forbid we get off our asses and do it ourselves) and we can buy from them instead. Now ask what it would do to China.

Re:Communist China! Your days are numbered!

I think that's the point - who gets hit more? We can get crap anywhere, but where can they sell it if there's no US market.

Re:Communist China! Your days are numbered!

[Loibisch]

Major "woosh"

Re:Communist China! Your days are numbered!

[uberjack]

I propose we stop celebrating Chinese New Year, put an end to Chinese Fire Drill and stop playing Chinese Checkers (Go). That'll lurn 'em to bust our tomater.

Re:Communist China! Your days are numbered!

[vvaduva]

It's all about how spicy the mala chicken will become!

Re:Communist China! Your days are numbered!

[djradon]

chines checkers != go

http://en.wikipedia.org/wiki/Chinese_Checkers

Re:Communist China! Your days are numbered!

[idlemachine]

Chinese Checkers (Go).

Chinese Checkers & Go are two entirely different games.

Re:Communist China! Your days are numbered!

[sexconker]

There are -zero- smelting plants for steel based alloys in the US.

Completely false.
I won't even read the rest of your comment.

Re:Communist China! Your days are numbered!

[bleh-of-the-huns]

This sends the message to the rest of the world that the US may not pay its debt to them if they do something the US does not like.... That would be a bad precedent, as we would soon find ourselves very isolated when it comes to finance and commerce...

Re:Communist China! Your days are numbered!

[xant]

Jesus Christ, all you people need a sarcasm detector adjustment. If you thought the parent was serious, you may in fact be a retard.

Re:Communist China! Your days are numbered!

[sowth]

Electronics manufacturing is not done in the US? Then what is Wolf Electronix? Were the semiconductor facilities run by Intel and Philips just my imagination? Holy shit! I must be really fucked up to have hallucinated all that!

Re:Communist China! Your days are numbered!

[adamofgreyskull]

I proposed restored celebacy for Chinese, yeah. Putin endured knee surgery, and speared plain Chinese crackers, yo. Their labernum is bustier than your mother.

I propose we ban Chinese Whispers. That's how things really get out of hand.

Re:Communist China! Your days are numbered!

[Ex-MislTech]

Ditto to Texas Instruments and a few others.

Re:Communist China! Your days are numbered!

[Ex-MislTech]

Whispering was not required when you can trade campaign
donations for guidance systems for ICBM's.

http://www.fas.org/news/china/1998/h980618-prc8.htm

act of war

isn't that an act of war?

Time to do what we did to the USSR

[istartedi]

One of the largest non-nuclear explosions ever came as a result of US technology that was stolen by the Russians. Except, the CIA knew it was happening and instead of stopping it they decided to plant faulty chip designs. Once the USSR knew the tech was unreliable, they were stuck with one helluva an auditing problem, beyond their capability.

How much do you want to bet that somewhere on a "vulnerable" network, there are some designs that are just... a little... bit... off.

Re:Time to do what we did to the USSR

[wigginz]

I believe that would be called counter-intelligence. That's one of my favorite stories BTW.

Re:Time to do what we did to the USSR

[turkeydance]

well, of course B're Rabbit. "please don't throw me into that brier patch." (old USA folk tale concerning the Tar Baby) hey....it works on the domestic front as well: example: wife says to wash the dishes. i complain, but do it anyway, and break a few. no more dishwashing duties for a while. of course, she wants to buy new dishes. i consider that the cost of doing business.

Re:Time to do what we did to the USSR

[19061969]

Do you have a link to this? It's not that I don't believe you, but it sounds like a very interesting story and worth a read.

Re:Time to do what we did to the USSR

[easyemail]

hey. the model maybe off but the model does offer new insights which with some trial and error would produce the correct answer. im pretty sure china has fu**ed up on a couple of roc=kets and got it right eventually.

Chinese are stealing tech of proven models. What they have not learned to do for many fields is to create new models. When that happens. .....they will be superior.

Well, you just saw the first propaganda salvos

[Colin+Smith]

They'll escalate it from there.

From TFA:

"says Larry Wortzel, chairman of the commission"

Larry Wortzel was:
http://www.heritage.org/about/staff/larrywortzel.cfm

who are:
http://www.heritage.org/about/

"Our Mission
Founded in 1973, The Heritage Foundation is a research and educational institute - a think tank - whose mission is to formulate and promote conservative public policies based on the principles of free enterprise, limited government, individual freedom, traditional American values, and a strong national defense."

Yah got to have a bogeyman.

Re:Well, you just saw the first propaganda salvos

[jlarocco]

Convenient that you left out the tiny detail that half of the commitee was Democrat.

What were you saying about having a bogeyman?

I'm also curious which part of the quoted "mission statement" you find so terrible?

Re:Well, you just saw the first propaganda salvos

[jacquesm]

Convenient that he mentioned neither republicans nor democrats.

Conservative simply means to preserve the status quo, American Democrats are just about as conservative as the Republicans, so that's why there is a 50/50 split.

If the Democrats where as 'leftist' or 'liberal' as is usually spouted around on the intarwebs then no sane democrat would like to be seen near this group.

Re:Well, you just saw the first propaganda salvos

[MrNaz]

In the democratic theater that is modern western politics, the two governments that the population choose between (Republican/Democrat in the USA, Liberal/Labour in Australia, Conservative/Labour in the UK) need to be effectively identical in order that the real decisions get made not by the people, but by the neo-nobility.

There's no difference between modern western politics and autocratic regimes such as monarchy or even dictatorships. It's just that the ruling class hides behind the veil democratic system, and like the Wizard of Oz, pulls the string without the vastly dumbed down population being any the wiser.

They are kept in this subjugated state with a combination of bread and circuses to keep them politically passive as well as carefully constructed media content that portrays a monoculture as though it's freedom.

This is actually an on-topic point, that meandered for a bit. The point I'm trying to make is that only a fool would believe that the US does not have a cyber-warfare (ugh, idiotic term) program, and all this reporting on online attacks by the Chinese is an example of the media reporting bias.

Re:Well, you just saw the first propaganda salvos

[rhakka]

How about that all of it is geared towards plutocratic, militaristic, nationalistic, socially conservative repression?

I'm a fan of a strong national defense. Too bad whenever I see anyone use that phrase, they really seem to mean a strong national Offense. I guess "that's the best defense" in some minds.

Can you possibly figure out why someone might find that terrible?

Re:Well, you just saw the first propaganda salvos

[TubeSteak]

The point I'm trying to make is that only a fool would believe that the US does not have a cyber-warfare (ugh, idiotic term) program, and all this reporting on online attacks by the Chinese is an example of the media reporting bias.

The burden of proof is upon you to show that the US has a cyber-warfare apparatus which is attacking foreign governments in the same way that the Chinese are attacking the US government.

The are only 2 reasons you shouldn't be able to provide credible support for your claims:
1. The US government doesn't actually conduct Chinese style hacking raids.
2. Foreign governments hacked by the USA do not publicly talk about it.

I'll accept any news stories from credible foreign or domestic media.

Re:Well, you just saw the first propaganda salvos

[religious+freak]

hides behind the veil democratic system

Well, that's your problem right there... we are not a democracy, we are a republic. And a republic functions exactly as you describe. The older I get, the more appreciation I have for this too. Some of the dumbass ideas I've seen and heard over the years that most everyone would support (if they actually voted) would ruin this country. There's a reason the founding fathers set us up this way.

If you and your ideas are truly worthy, you can get your message out and past the gatekeepers who keep dumb shits out (not trolling you personally, by any means - just saying).

Irrespective of your opinion of him, Obama is evidence of this fact - he was not supported by the elites in EITHER party until he passed the tests and demonstrated his ideas could withstand critical scrutiny. The average citizen cannot provide this skilled scrutiny - the average citizen's job is to keep the elites accountable.

Re:Well, you just saw the first propaganda salvos

Spoken by someone who has only ever lived in the west. There's a difference. I'd definitely feel freer in a country like England that others I've lived in.

Re:Well, you just saw the first propaganda salvos

How about 3, or any other of a number of possible explanations?

No government will make public attacks made upon it unless it is politically expedient to do so, nor will any attacking government make public its attempts.

In fact there are a large number of explanations, including that the Chinese government's reporting of attacks upon them are all reported to their local media.

Given that there is much to be gained (intelligence, sabotage) politically and militarily, and given the US's history of military adventurism, the burden of proof is actually upon *you* to prove that the US is exercising restraint in this area, for some reason. I, for one, simply don't believe that that would be the case.

That was a pretty pathetic attempt to railroad your particular point of view though, most non-idiots would be a little more subtle about it.

Re:Well, you just saw the first propaganda salvos

[MrNaz]

Some of the dumbass ideas I've seen and heard over the years that most everyone would support (if they actually voted) would ruin this country

Such as an insanely expensive unnecessary war of conquest that costs more than it could possibly ever yield and actually reduces the security of the US, perhaps?

The people very loudly clamored against that, to no avail. Perhaps those gatekeepers you speak of thought that advising against invading a country for no good reason was a dumb idea.

Re your point about Obama, we'll see how much real change he can effect. My position is that the government is window dressing for a de-facto plutocracy, and that Obama *can't* change much because the presidency doesn't hold real power over the private sector any more.

I hope I'm wrong. Lets talk again in 4 years.

Re:Well, you just saw the first propaganda salvos

[Gunnhild]

Regardless of how friendly or unfriendly relations would be between the US and China, the US is the country with the more creative, inventive talent and that is where the technology and patents are that the Chinese want to steal. It is all in line with their lack of innovative talent, and tradition of plagiarism. They would steal ideas from their best allies or enemies equally. Just do a search for "Chinese plagiarism". They have been spying on the US like this for decades.

Re:Well, you just saw the first propaganda salvos

[RocketRabbit]

Believe it or not, the Democrats have historically been the War Party.

Re:Well, you just saw the first propaganda salvos

[LingNoi]

The burden of proof is upon you to show that the US has a cyber-warfare apparatus which is attacking foreign governments in the same way that the Chinese are attacking the US government.

It's called "Windows Vista", however the US gov made a mistake and all countries have to suffer. :D

Re:Well, you just saw the first propaganda salvos

[LingNoi]

Parent speaks truth, where Asian countries have the strongest talents is in being able to provide great services at cheap prices. When I say that I don't mean because they're poor, I mean because the Chinese are extremely inventive and respectful to customers. They follow the money, when the iPhone came out it was a big race for the first company to clone it and provide it to the Asian markets.

You could say that the Chinese compare this to subbing pirated anime from Japan. It's illegal however no one cares because you weren't ever going to get a sale anyway, well.. you weren't going to get enough sales to make it profitable.

Re:Well, you just saw the first propaganda salvos

[TheLink]

"The people very loudly clamored against that, to no avail"

Bush still got reelected.

So either the voters didn't object to it that much, or the elections got significantly Diebolded...

You will have a problem as long as voters keep voting for candidates mainly because those candidates get a lot of money from greedy companies. Go figure.

Democracy is window dressing if the voters abdicate. Which is what many do.

Re:Well, you just saw the first propaganda salvos

"Democracy is window dressing if the voters abdicate. Which is what many do."

I believe the point was that voters are coerced into abdicating by being given a choice between two parties that are pretty much the same.

Re:Well, you just saw the first propaganda salvos

If you really want to get to the root of it, simply follow the money. The most expensive, exploitable governments in the world are the ones which are highly centralized in "choice". The ones where the "competing" parties benefit from each other and work together to strengthen their collective power. The ones where no matter who wins the election, the business of government wins.

This is why the rare politician who actually works against the status quo is mocked, derided, and written off as "radical" and "childish". The blind populace follows, parroting whatever the status quo shouts from the top of the power pyramid. Make no mistake, the republicans are MUCH happier with the democrats in office than any third party, and there's a very good reason for that.

A few of the elite at the top of the pyramid are obsessed with power and control, but ALL of them are filthy rich. You do the math.

Re:Well, you just saw the first propaganda salvos

No government will make public attacks made upon it unless it is politically expedient to do so, nor will any attacking government make public its attempts.

Okay, so maybe it would not be politically expedient for China to accuse the USA of hacking. But what of other countries? Iran, for example. If the USA is launching cyber-warfare attacks on anyone, it's safe to assume it'll be going after Iran, the sole remaining member of the Axis of Evil. And Iran is known for being very vocal in its opposition to what it perceives as American aggression.

Therefore, the fact that Iran is not accusing the USA of cyber-warfare attacks indicates that the Iranians have not discovered any evidence that they are being attacked. Either we assume that American cyber-warriors are implausibly skilful, or that the Iranians are implausibly stupid... or maybe we apply Occam's Razor and deduce that the silence probably indicates nothing's happening?

In fact there are a large number of explanations, including that the Chinese government's reporting of attacks upon them are all reported to their local media.

Curse the Chinese and their local media, which is apparently written in a secret language, so that not even the most anti-American of Westerners is capable of reading it and reporting what it says!

No, really, if that was the case then we'd have heard about it.

Re:Well, you just saw the first propaganda salvos

[jcuervo]

I'm a fan of a strong national defense. Too bad whenever I see anyone use that phrase, they really seem to mean a strong national Offense. I guess "that's the best defense" in some minds.

That saying didn't come from nowhere, y'know. Though some people seem to forget that the first word in the saying is "sometimes".

Re:Well, you just saw the first propaganda salvos

[Criminally+Insane+Ro]

Are these even attacks or just spying? Are they targeting just us or?

Re:Well, you just saw the first propaganda salvos

[Criminally+Insane+Ro]

Bush was the lesser of two evils, in the eyes of the dimwitted fundamentalists who put him in office. Rambling on here, I just wish the U.S. had a vote of no confidence, like europe. Eg: I don't like either of them, so neither gets in office.

Re:Well, you just saw the first propaganda salvos

[rhakka]

You can find a saying for nearly anything. "Violence never solved anything" is similarly common and ignorant.

I prefer a traditional definition of "defense". You know; defending yourself from aggressors. Not, aggressing so you don't have to defend yourself from aggressors, which should expose a basic moral dilemna fairly quickly with just a moment's consideration..

Re:Well, you just saw the first propaganda salvos

[religious+freak]

I don't disagree with what you're saying, but our country's policies are based on a proactive approach with the rest of the world. This stems entirely off of the events that lead up to WWII, and how the USA buried its head in the sand, prior to that war.

Striking only when struck is as equally misguided as invading a country halfway across the world because you can.

Bush has pushed the pendulum so far in one direction, I suspect we will be headed way too far for a swing in the opposite direction (isolationism) and that will lead to a truly devastating war down the road.

Re:Well, you just saw the first propaganda salvos

[rhakka]

Not hitting first means you get hit first sometimes. That's a basic truth, no arguement.

However, you get hit a lot less than you do if you just go around hitting people whenever you think they might be a bit sketchy. That's why you don't hit first, not because it guarantees that you will never be hit.

I'm not saying we can never intervene to repel an aggressor on anyone but ourselves. However, the bar has got to be pretty damn high for me to support it. And it should be done with a military sized for defense, not worldwide imperialism, to further ensure that it is only done in times of great need.

Re:Well, you just saw the first propaganda salvos

[religious+freak]

I agree with you.

WTF?-Tasters Choice.

[Ostracus]

"Those people have needs while at work and it'd be inhumane to not address them!"

Well that explains the secret ingredient in MREs.

attack

Time to stop the games and attack them.

The real truth (As opposed to the fake truth)

All the online computers are there only to hack into other terminals, all the secret data is kept in a "reservoir" data center deep underground in the Adirondack mountains. It's just like all of those laptops and thumb drives you hear getting stolen all the time, there's nothing on them. When they transport secure data, it's on a solid state hard drive transported in a container marked radioactive waste aboard a C17, where it is delivered by hazmat trucks to its destination after it lands, or crate dropped to a location if the location is secret. The government doesn't even use a known operating system or file structure.

Re:The real truth (As opposed to the fake truth)

[The+Yuckinator]

Where's the "+1 Crazy" when you need it?

Re:The real truth (As opposed to the fake truth)

[compro01]

"+1 Wishful Thinking" would be nicer.

Re:The real truth (As opposed to the fake truth)

heh, yeah-- the truth is fedex gets used a lot to ship classified drives back and forth (no joke)

Re:The real truth (As opposed to the fake truth)

[compro01]

Then again, I find many people who think Fedex is a government department.

Boo!

[ISoldat53]

Every age needs bogey man.

Re:Boo!

[neuromanc3r]

What? Is terrorism already burned out?

Here's the Link

[istartedi]

It was part of the Farewell Dossier

All the traffic I get from China is crap anyways

Setup an ACL and block the country.

Perhaps...

Perhaps I'm just too simple minded, but WHY ON EARTH is ANY of that information even accessible from the interwebz?

Bait?

While we're at it, is there any irrefutable proof or must we just blindly trust the storyteller?

Old School Security

[Plekto]

Perhaps this seems a bit extreme, but exactly WHY are these military computers even connected to the Internet? If it's really secret information, shouldn't they have their own network or just not put these things online?

Re:Old School Security

[Ant+P.]

That is old-school security - the admins probably still think it's called ARPAnet.

This TF

[fm6]

Really, really sensitive information isn't available that way. I'm told that organizations like the DoD that have separate networks with no physical connection to the Internet for the "burn before reading" stuff.

But you can't hide all your sensitive data behind that kind of security. Your organization would grind to a halt. Besides, not all data really merits that level of protection. You don't want the bad guys to have it, but it isn't the end of the world if they do.

Security is always a tradeoff of cost (including the cost of making it hard for your own people to get the information they need) versus risk. If you have a good security policy and enforce it properly, you can do a reasonable compromise between the two. The problem is that many organizations either don't have the policy or are sloppy about enforcing.

Re:This TF

[tcopeland]

> I'm told that organizations like the DoD that have
> separate networks with no physical connection to the Internet

Yup, it's the SIPRNET as opposed to the NIPRNET.

From that same Wikipedia article, it looks like the Coast Guard Academy has a SIPRNET node... kind of surprising... but the cadets might as well get used to working with classified materials. CMS officer on a ship, there's a job with court martial potential!

Re:This TF

[fm6]

According to the article you link, the Coast Guard Academy is the only service academy with a Spirenet node. I'd be very curious to know why the CG thinks their cadets need access to classified information on this level. After all, the CG is primarily a law enforcement and safety entity these days.

Re:This TF

[tcopeland]

> After all, the CG is primarily a law enforcement and safety entity these days.

Perhaps... but they still carry all the comms gear and COMSEC and whatnot so's they can do joint ops.

Re:This TF

[Diag]

I worked at a defence org a couple of times.

I just wrote a post about my experience there, but then thought "maybe I shouldn't do that", and deleted it before posting.

All I'll say is ....

separate networks with no physical connection to the Internet

....correct. And they take it very seriously.

Re:This TF

SIPRNET only goes up to the Secret level. The good stuff is on JWICS, which can do up to TS//SCI.

Re:All the traffic I get from China is crap anyway

[bleh-of-the-huns]

because most of the attacks do not come directly from them, they come via proxies from infected systems the world wide....

good

[stonedcat]

good

Beijing's investment accelerating militarisation?

[krou]

Beijing's investment in rocket technology is also accelerating the militarisation of outer space

Funny, I thought it was the US stance of space dominance that was accelerating militarisation of space.

WTF?

Insightful! What the fuck?

Mod parent funny!

For chrissakes!

[erroneus]

Why don't we just take measures to sanction China? Oh wait, we let our economy fail to the point that China owns us. Somehow all this business-favoring government has managed to allow everything to get outsourced and allowed everyone to source everything from China.

China's internet link needs to be severed or otherwise blocked from passing through U.S. routers. US influence should also persuade similar actions in other nations as well. This sort of behavior should not be tolerated. CUT CHINA OFF. The alternative is to dive in with them and go all the hell out.

Re:For chrissakes!

[Ex-MislTech]

If most of your military traffic goes over the old
global crossing network, don't allow the public sale of
that network to a foreign nation with an opposing ideology.

http://www.hereinreality.com/likashing.html

When you do stupid things, bad things happen.

Re:For chrissakes!

You realize that China holds a permanant security council seat at the UN right? That means you can't strong arm them as you have Latin American and Africa.

The Word

[MoparMark]

Frenemy. It's a love hate relationship. Colbert rocks.

That is W's fault

As a favor to BILL GATES, he pushed the gov towards MS. CIA and NSA use to laugh at the idiots at DHS for standardizing on MS. Until W told the rest of the intel world that they had to move towards WIndows as well. Combine moving inept corrupt people into agencies, with corrupt people from Microsoft and the CEO of companies like GE, walmart, Target, GM, etc and you have the downfall of American civilization and probably the west.

Re:That is W's fault

[IHC+Navistar]

"Combine moving inept corrupt people into agencies, with corrupt people from Microsoft and the CEO of companies like GE, walmart, Target, GM, etc and you have the downfall of American civilization and probably the west."

-You forgot ".....and using corrupt programs written by a corrupt software company."

Very off-topic pdf, except part of ch. 2

[billsf]

The pdf may be of interest to those studying relationships with China, but very little mention of any "cyber war" except part of chapter two that stresses its 'non-classified' information. The biggest hole in US computer security is Windows and how people use it. It is very common for 'users' of Windows not to set passwords, which just makes it even easier easier to penetrate the whole network. Hopefully, no Windows machine can even access classified information in the first place.

Unix isn't perfect either and again, its the human aspect that is the biggest risk. Anyone caught using an account with access to 'sensitive' or 'classified' without an adequate password should be warned, explained what a good password is and fired if they can't comply. It would seem that there is high compliance and regular audits anywhere 'classified' information can be accessed. Chapter 2 of the pdf only mentions 'unclassified' material, never mind all 'classified' material is created from 'unclassified' resources. Truly classified data should never be accessible from The Internet in any way, in the first place. Any information placed on, or close to The Internet should be considered 'public' on a worldwide basis.

Generally speaking, China uses the simplest, known techniques, to penetrate servers. Any admin can tell you how many dictionary attacks come from China. It is impossible to determine which ones are just 'script kiddies' or students and which are serious organized efforts. There is a very small rate of success from this method. Today it seems that these (Unix) machines are simply used to spread the simple scripts on a wider scale. Simply moving off port 22 (even to port 23) will stop 99% of the problem. Statistical programs that temporarily deny access to a certain IP address can be very effective as most scans never return, even if the access is denied for as little as five minutes. To combat the hardcore attempts where the attack returns, simply increase the 'access denied' time and ultimately blacklist the IP address and the whole net if necessary. (It is very rare it ever goes that far.)

In conclusion: Don't put classified information in the reach of The Internet. Never use any Microsoft product to view 'classified' or 'sensitive' information unless it can be assured there will never be any Internet connections of any sort. It is highly unlikely any government secrets leak out unless that was the intention, such as a "trial balloon". At this time, this is a non-problem that can be stopped. If absolutely nothing is done, it could escalate in much the way spam did. The official report appears to draw the same conclusion, however that is buried in a pile of irrelevant and off-topic material.

BillSF

                       

Re:Very off-topic pdf, except part of ch. 2

"It is very common for 'users' of Windows not to set passwords, which just makes it even easier easier to penetrate the whole network."

Enough FUD. On XP+ this would make it HARDER to penetrate the network because usernames with blank passwords CANNOT log on remotely. http://www.microsoft.com/protect/yourself/password/create.mspx

Re:Very off-topic pdf, except part of ch. 2

"Never use any Microsoft product to view 'classified' or 'sensitive' information unless it can be assured there will never be any Internet connections of any sort."

You mean, "never use Microsoft product to view 'classified' or 'sensitive' material until your administrator figures out how to secure your network."

Re:Very off-topic pdf, except part of ch. 2

The biggest hole in US computer security is Windows and how people use it. It is very common for 'users' of Windows not to set passwords, which just makes it even easier easier to penetrate the whole network. Hopefully, no Windows machine can even access classified information in the first place.
  Never use any Microsoft product to view 'classified' or 'sensitive' information unless it can be assured there will never be any Internet connections of any sort.
                     

That's some very flagrant "i like to hear myself talk, especially when I bash windows" syndrome. What happened, Microsoft reject your resume?

The biggest hole will always be user, regardless of Windows or *nix.

DoD users can not use computers that have access to the NIPRNET (Non-Secure Internet Protocol Router Network) a.k.a. Internet without a CAC (Common Access Card). Once you insert a CAC, you need to enter *gasp* a password.

Additionally, there is a DoD mandate that states all systems have a password requirement, which includes lower case, upper case, numerical, special characters, and minimum length.

The DoD issues a SDC (Standard Desktop Configuration) for computers used on the NIPRENET. For better or worst (hopefully, better) security and admin privileges are not controlled by the end user. The computer is fairly locked down, i.e. unapproved flash and activex content are blocked, unapproved applications can not be installed. Modification of root and system directories are not allowed.

I don't work with classified material and even I have 2 computers. 1 for Internet access, 1 for work. Work PC is connected on a LAN with the rest of my group. Work stays on work PC.

The biggest security hole will be from users that do not follow the rules, not from the OS.

Re:Very off-topic pdf, except part of ch. 2

I can't help but wonder if you have any clue of what youre talking about; People should read the PDF if they're interested although youre right it does more outline the current state of economic warfare/et cetera and the cyber stuff is about half a chapter mixed in with the space stuff. That all said, password cracking? The majority of these attacks come from targeted exploits against MS Office, and while you may go $#%$#%#$%OPEN OFFICE$#%$%$ the issue isn't that they can only attack ms office, but rather that is what we use, if we switched they would just start using attacks against open office, which has its own plethora of bugs (hint: go pull down the old PoCs against MS Office that have been patched 3+ years and try them against OpenOffice and get surprised at how many of them still cause it to segfault)

To suggest that the fix is just a move to another operating system (which is plagued by its own security problems and actually has a less secure overall 'stance' than the competitor (i.e. vista) is just naive. To confuse the password cracking attempts you get from chinese botnets and spammers with the attacks that the government receives is just stupid. In other words, stick to what you know about, which I'm going to guess is amateur perl/python/ruby scripting and modifying files in /etc.

No, it is not propaganda.

[WindBourne]

I have seen this. I used to work in a start-up and saw 2 seperate incidents. In one case, I was hiring for coders. Found a gal who was interesting. She had married a GI and moved to Northern Colorado Springs. Since we could do the work over the line, not an issue. I interviewed her and she was not interested. That is, until I mentioned taht we were doing work for DOD and NSA. Then her attitude changed dramatically. She very much wanted the job. Ok, not a big deal.

But a year later, we were looking for funding. Found a Tawain born guy from Loveland who use to own the chinese restaurant there. He wanted to invest. But he insisted on getting control of the hardware (which was the important part) if we defaulted. When would company be considered defaulted? When he said so. Told him no way. So, then he wanted to buy hardware and said that he would sell it in mainland china and we could all be worth 30 million or more. The hardware was only 1M. But he explained that mainland was willing to pay 30 for it and might go higher. I was actually shocked since I considered him Tawainese and would not do that. My opinion changed when at a slashdot posting, a tawain native said that the chinese who came there STILL consider themselves chinese, not tawainese. The original guy may not have been a spy. But, he was all too happy to sell tech to them. More interestingly, he indicated that he had been in touch WITH mainland china.

No, this is absolutely not propaganda. This is VERY real. Chinese ppl are happy to see their country coming up. And I understand that. But chinese gov is STILL in a cold war with us. They are very much spying on the west and buying tech. whenever possible. And yes, it is the west, not just America. That includes countries like Japan, Australia, Canada, France, UK, Israel, etc and even Russia. In fact, I consider your statement far more propaganda, because you have NO IDEA of what you are talking about.

Re:No, it is not propaganda.

[Watson+Ladd]

Every nation does that. The French government in particular is known for industrial espionage to benefit French companies. Does that mean we have a cold war with France?

Re:No, it is not propaganda.

We wouldn't have to if you didn't screw us around
http://www.news.com.au/story/0,23599,22451478-2,00.html

And that was back then, it's still a pain in the ass now

Re:No, it is not propaganda.

No, because we're not fighting back.

Re:No, it is not propaganda.

Is it necessary to attribute these two anecdotes to some overarching Chinese conspiracy?

For number 1, is it possible that DOD and NSA work may result in my interesting work? Hell, it also may mean more stable work given the current environment. I was under the impression there would be a security clearance needed anyway.

For number 2, I don't see how greed can be dismissed. There are ultra nationalistic Taiwanese and Chinese, but if you're making 30x profits, will that only motivate ultra nationalists to make the sell?

And judging the actions of an ethnicity because of something you read on a Slashdot post seems off.

Re:No, it is not propaganda.

Wait, THOSE are your anecdotes? A gal who wants a job as a coder after you offer her a job as a coder? And a guy who wants to import hardware into China and who you find out is a spy after reading Slashdot comments?

I can't decide what's more astounding: your stupidity or your paranoia.

Re:No, it is not propaganda.

[LingNoi]

My opinion changed when at a slashdot posting, a tawain native said that the chinese who came there STILL consider themselves chinese, not tawainese.

Are you kidding me? Your evidence is based on a slashdot post?! The biggest hive of Asperger syndrome whining twitter morons on the internet? That's your proof?!

Re:No, it is not propaganda.

This is correct. I monitor the network for an aerospace engineering company, and the attacks have been steadily on the rise over the past two years I have been in charge.

The real problem is that most of the military infrastructure is being converted to an all Windows scheme, and the people manning it are usually fresh out of high school types who were assigned communications duties or network admin duties and have no clue whatsoever about network security or even best practices for that matter.

This is what happens when you take a bunch of lazy program manager types, assign them to a military base, and then they farm tasks off to literally kids with no real experience.

This is not a propaganda scheme. My servers get hit with a variety of attack methods daily. I have a full time job monitoring this activity, and keeping ahead of them is not easy.

We are still in a cold war. You can deny it if you want to, but Red China has no interest in our feelings about the RIAA or the Patriot Act. They want our advanced technology. Plain and simple.

Ever wonder why there are no American students pursing careers in Computer Science or Computer Engineering? It's easy. All the spots have been filled by Chinese or Indian students. My fellow countrymen are all too fucking stupid to realize what is going on around them.

I for one do not welcome my future Sino-Chinese overlords.

Re:No, it is not propaganda.

[Sfing_ter]

just for clarity - was that your comment or your sig?

Can i use if for my sig? AHAHAHAHAHAAHAAHAHHA

That is possibly the best comment I have ever read.

Re:No, it is not propaganda.

[WindBourne]

No; the evidence was NOT based on the post. The evidence was how he acted. The post explained his actions better than I could. His actions was wanting to sell China hardware that they were prevented from having (and our prevented from taking out of this country by ITAR). The man could have made 30 million or more selling it to any other country. He was interested ONLY in one. Your's and I am guessing his country.

Re:No, it is not propaganda.

[Randall311]

This makes perfect sense to me. Probably neither one of them were "spies" per se, but I'm sure they were out to make a quick buck (selling your hardware to the highest bidder) and of course the highest bidder is the one looking for adversary technology. I bet the guy looking to make a quick buck by selling sensitive information doesn't feel any particular duty to his homeland at all. Rather it's all about greed.

And even that is faked

[WindBourne]

The reason is that China controls the currency and pretty much fixes it against the dollar. When the euro rises against the dollar, then yuan rises a bit as well. BUT, China is the one with the monster holding of our dollars and increasing at exponential rate. The yuen should be rising against the dollar if it was traded freely. But it is not. BTW, same issue with India.

Re:And even that is faked

[wisty]

Don't be to hard on them. China holding dollars gave the west cheap finance, which triggered an asset bubble, and encouraged overcapacity building in China (overcapacity and debt are the two main causes of depressions, depending on which economists you ask). Then they didn't pass on the wealth to their grunt workers, so Chinese demand won't be able to cushion the fall. Oh wait, that was pretty hard on them.

Re:And even that is faked

[WindBourne]

If I had points, I would mod you up. Great points. But for global trading to work, we need the money to float freely. Otherwise, it allows countries like India and China to determine what happens.

zeros

[cpankonien]

the DoD network will continue to be vulnerable as long as they insist on using windows. lest you think i'm a peacenik or something, i was a boom operator in the USAF for 20 years. i retired in 1997, and joined the local LUG. Alot of the members were NCO sysadmins from the base, who related that "all the officers coming out of the zoo (USAF Academy) only knew windows, and policy did not allow for anything else". So, being good NCOs, they snuck linux in the back door and had it running all over the place, as proxy servers, firewalls, etc. their officers didn't know about it, but as long as nobody complained and it made them look good, they were happy. then when they found out, and had it removed. problems increased dramatically soon thereafter. fuckin' zeros...they don't listen! MSgt, USAF (Ret.)

Re:zeros

Let's see. Without any sort of support and no defined infrastructure of protection (no enterprise architectural protection or IAVM) I'll replace known issues with unknown issues. I'll leave all my firewall rules sets and admin to underpaid, overworked enlisted guys with 8 jobs. I won't tell anyone about these therefore the current security mechanisms you probably don't know about will be broken. No IAVAs come out for these machines so they will in all likelihood never be patched. No issues were probably noted because the logging was turned off, never reviewed, or they were rooted and the logs were cleaned.

Security is a process and not a brand.

Fuckin' Es. Only trust a W or a mustang.

I wonder if it is personal?

[victim]

The DoD takes everything personally, and for good reason, but I have a steady stream of chinese hackers attempting to break into the router in my tool shed that reports battery voltage and temperature at a cabin that is inaccessible for 6 months of the year.

I really should put a webcam in there so they can see what they have achieved if they ever do manage to get in.

(22.1F, batteries 25.3V, 600 watt hours of energy stored today.)

Re:I wonder if it is personal?

I usually don't like geek stuff, but that is pretty durned cool. Where do you live?

Re:I wonder if it is personal?

Hmm, how about this? You look like a power grid monitor/controller. Wouldn't they like control of that during warfare?

stupid question

why cant they just firewall chinese addresses?
thats what I do.. ;)

-dirtbag

Really?

[Frosty+Piss]

Really? There are LOADS of Linux and other *nix running at McChord. Of course email and SharePoint run on exchange. But as a Boom Operator, surely you know that much of the maintenance management applications as well as ARMS (you know, the application that tracks your flying hours) runs with Oracle on Unix minis. Right. And there are many many many more non-Windows applications I can think of. But of course as I said, email and SharePoint are on Windows (obviously).

This is real.

It's not just that.

Look, I wouldn't put it past Bush to pull a stunt like that. But the fact that Chinese hackers have been engaged in organized hacking is well known to the security community and we have nothing to do with Bush or his political goals.

It's not just China that does this, of course, but they're probably the highest profile country in terms of the number of incidents (or perhaps I should say they just get caught more often...).

So I won't fault you for mistrusting Bush. Hell, I wish we'd done a lot more of that in retrospect. But the hacking is real. It's organized. And it's well-known to all of us in the security community.

Re:This is real.

[zappepcs]

The really funny part about conspiracy theories is that they are all bullshit until enough information comes to light to show they are not. There are many things in the world that happen which the general public as blissfully unaware of. This is a good thing in some cases, a bad thing in others. Since WWI, the US and western countries have had a habit of building up bad press against the people they don't like. Demonizing them as axis of evil etc. This is all about manipulating public opinion.

Personally, I think Al Queda has contracted the Chinese to poison our toys and food supplies. In short, the Chinese are terrorists! But that is just a tin foil hat beer drinking wtf did you say kind of thing.

If you were to play connect the dots with financial data, physical world events, political maneuvers, other significant events, I'm certain that you could come up with better stories than any news station ever could. If you want to have some fun just get a list of the 15 biggest corporations, the 15 most influential politicians, and the 15 most influential world leaders. Now find out how many ways you can connect them. The results would scare the pants off the pope if he wasn't on the lists... but hey, that's all conspiracy crap... right?

Mr. Orwell, I miss you!

Re:This is real.

[wisty]

Never attribute to malice that which is adequately explained by stupidity.

Re:This is real.

[zappepcs]

A very good mantra, but one that was written before malicious stupidity became the default modus operandi of political figures. Yes, I realize there were both maliciousness and stupidity long ago. The trick is that in recent decades there are certain political figures who have managed to combine the two in a publicly accepted manner. They use is both to defend themselves and to push for ever more bizarre legal changes. When we believe them too stupid to pull the wool over our eyes they have the perfect opportunity to stick the knife in our backs. I refer you to Pink Floyd at this point:

You have to be trusted by the people that you lie to
so that when they turn their backs on you
you'll get the chance to stick the knife in

It was something about pigs and sheep if I remember rightly.

Stupid people don't get the backing needed to be in the halls of power except through serious complicity of high crimes and misdemeanors. When someone in the halls of power is making stupid mistakes that cost tax payers or the country money or influence, you can bet your autographed picture of Nero that Brutus is using his knife on you/us. There is no such thing as a naive president. Stupidity is ONLY a defense, not something on their todo list.

When Paris Hilton gets elected... meh, perhaps I'll change my tune. Till then, the old white guys club is not letting stupid people in..... yet.

Re:This is real.

[Pranadevil2k]

Since WWI, the US and western countries have had a habit of building up bad press against the people they don't like.

Since World War 1? Try a little earlier.

That's Jefferson Davis dancing with Benedict Arnold and Satan. Truth is, there have been political cartoons in America just like this one demonizing our enemies for as long as there has been political dissent (read: As long as there has been America). I just can't find any on Google that are actually readable. The difference of course being this news story is a 'news story' and a political cartoon is generally more of an opinion piece.

poisoned Honey pots

[dotmax]

And you guys claim to read Schneiier?? Consider this: if the Chinese are spying on our tech, we can stick it to them rather badly by lettng them find pointless dead end projects upon which to waste their treasure. everything is an opportunity... .max

Re:poisoned Honey pots

[Ada_Rules]

Oh, so that was the point of Windows Vista. It makes sense now.

Re:poisoned Honey pots

lulz

Nuke 'em now!

It's the only way to be sure.

They mostly come at night.

[actionbastard]

Mostly.
Because most admins are home watching reruns of 'Lost'.

Yes, Sir.

I just hope they don't make me eat any of those damned fried grasshoppers. Sir!

This thread is a lot more amusing...

[ricegf]

...as soon as you realize that nobody who actually knows what's really going on is allowed to post about it on Slashdot.

Re:This thread is a lot more amusing...

Now that you mention it, yes it is. You are of course completely correct as well.

this is a joke .. right ?

" While witnesses concluded that China's behavior, compared to several
years ago, has improved, they also expressed the judgment
that China still has a distance to travel in demonstrating its full
commitment to preventing the spread of weapons of mass destruction
(WMD), WMD delivery systems, and the technologies that support
them. Furthermore, it remains important for the United
States to engage with China on this issue and, in some cases, to
use diplomacy to encourage China to improve its behavior. This
section of the Report addresses the proliferation of WMD, their delivery
systems, and related technologies. It does not address China's conventional arms sales. "

These are figure for 2006 .. in an article referencing the UK's Moving into first place for 2007 with it's export agreement to Saudi Arabia ..

" Traditionally, American arms companies have occupied the top spot in the global arms market, with Britain, Russia and France vying to be the runners-up. Over the past five years the top arms exporters have been the US, with $63bn worth of sales, UK ($53bn), Russia ($33bn), France ($17bn) and Germany and Israel ($9bn each), according to government figures." (per year figures)

and with about a 50% increase in the value of US exports since 2001 on average .. with the 2007 estimates for the US of $75 odd Billion ..

Democracies: imperfect but not like dictatorships

[thaig]

IMHO Western countries are *not* comparable to dictatorships at all - not in the slightest. I am from Zimbabwe - that's all I claim as qualification.

Whether or not they are heavily influenced by powerful individuals, there are a lot more powerful and rich people in democracies so there are many interests to be satisfied and compromises to be made to keep parties in power. i.e. nobody can have it all their own way.

In dictatorships, anyone who appears even as if they *could* provide some challenge is mown down. This way the dictator *can* have everything the way they like it and in my country's case that turns out to be a very bad thing for everyone else.

Re:Democracies: imperfect but not like dictatorshi

[MrNaz]

Well hello there, neighbor, I'm from South Africa, soon to be Zimbabwe v2.0 :P

That's ReThuglican Jew thinking

That's ReThuglican Jew thinking

Huh?

[TheLink]

"Chinese ppl are happy to see their country coming up"

And that Taiwanese guy was also "all too happy" to sell something that costs 1 million to the Chinese Government for 30 million.

30 million dollars. Not 2 million, not 1.5 million.

Oh yeah, it was because of patriotism or "The Love of China" that he gave them 50% off the original price of 60 million. That must be it eh?

Given what I know of Chinese people, it's far more likely that the Taiwanese guy was just seeing it as a great business opportunity - a chance to make lots of money.

You were the one with the "love for your country (or other thing)" which got in the way.

The Chinese government was willing to pay for US secrets. And chinese people (and other free market loving people ;) ) are very happy to sell it to the Chinese government, for the right price.

"I was actually shocked since I considered him Tawainese and would not do that"

Why wouldn't he do that? He's Taiwanese not American. Selling US tech to China _might_ only negatively affect Taiwan in the future, and even if it did, he and his family would have millions in the bank - so they could move to Australia or Singapore or wherever.

You appear to be joining the dots the wrong way.

Re:Huh?

[WindBourne]

The man already had millions in the bank. Remember, investor? He was trying to intice the rest of us with the money.

Re:Huh?

[TheLink]

Not surprised he had millions in the bank. It's good business if you can keep selling 1 million dollar stuff for 30 million.

So what's your point? That he'd stop trying to make lots more money because he already had millions in the bank?

That's hilarious if you knew how a typical chinese businessman thinks.

Most Chinese care about Family and Money (for some - Money first then Family ;) ), Country at most is a distant 3rd place. Yes they will get that patriotic spirit from time to time, but that's about it.

Just go visit a chinese temple and see what they ask for. Count how many ask for good fortune and $$$, or healing/blessings for their family members, and count how many ask for "China to be blessed".

Take a close look at the Chinese New Year festivities and see what it's all about. The names of the food. The reasons for doing stuff.

Think those chinese in China putting melamine in everything and everywhere were doing it because they loved China? Or hated America? They were doing it to make themselves richer.

I bet if the French government also offered the Taiwanese guy 20 million for the designs, he'd make copies and sell them to both the French and Chinese governments. Unless he was getting enough extra money for an exclusive deal and goodwill.

get someone else

You know what, perhaps we could give them a bunch of these defaulted homes no one is in. That would take care of two problems home prices, and having our currency not backed up by anything.

Personally, we could get other nations to manufacture our stuff. In fact it would be better to do so, since it would be an economic stimulous to them.

We can have two

[justinlee37]

There's nothing stopping us

Counterfeit IC's in Cisco Routers

[Ex-MislTech]

It is not too hard to hack a network if you got
counterfeit hardware inside the network giving
you a backdoor in.

http://www.infoworld.com/article/08/05/12/FBI-worried-as-DoD-sold-counterfeit-Cisco-gear_1.html

So once they got in, they learned what they needed
to know to stay in, and put other methods in place
to stay in.

They are going to have to rebuild their network one segment
at a time from the ground up.

They need several things with one of them being segment
monitoring IDS system that can detect the outbound traffic.

Something that can track all outbound traffic against
a white-list of acceptable IPs, think a reverse peer guardian
that tracks what IP's are reached and snds alarms if they
are not on the list.

In any event they will have a monumental task of clearing
all the backdoors in the system, and should consider going
totally to a secure hardware+software encrypted VPN that
does not even travel over the public internet.

There is enough dark fiber out there to do it for the classified
material they transmit.

Also if most of your military traffic goes over the old
global crossing network, don't allow the public sale of
that network to a foreign nation with an oppposing ideology.

Namely China !

http://www.hereinreality.com/likashing.html

When you do stupid things, bad things happen.

Vast Amounts ?

Fool me once, shame on you. Fool me twice, shame on me.

Re:Didn't Bill Sell....

[Ex-MislTech]

Not most, just the advanced guidance systems for Nukes.

Nothing important or anything.

http://www.fas.org/news/china/1998/h980618-prc8.htm

LOL

Re:Blackouts: Learn Mandarin now.

[Ex-MislTech]

Ppl mod this troll but this is right in line with
what Rockefeller has said at CFR meetings, but
ppl don't pay attention to anything that isn't
entertainment these days.

Oh well...

There are more than two parties

[TheLink]

There are more than two parties. Voters who aren't aware of that have abdicated especially if they don't want to vote for either of the two parties.

If the other parties are worse than the Two and there is nobody better amongst the available citizens who wants to be a candidate, then by definition you are getting the best choice, Democracy is working as well as it can and it's the citizens who are crap.

If there indeed is a better candidate, then vote for him/her.

In the 2004 election, approximately 62 million voted for Bush, 59 million for Kerry, and about 78+ million eligible to vote didn't bother to vote.

In the 2008 election, 67M for Obama, 59M for McCain, and about 70M didn't bother.

If those 70+ million figured that someone else was better, even if their votes were split in two or three, I bet the Two parties would start paying a bit more attention and might shift their position accordingly.

As it is, why should the Two parties bother? Between the two of them they've got the support of 98-99% of the voters who can be bothered to vote.

http://en.wikipedia.org/wiki/United_States_presidential_election,_2004
http://en.wikipedia.org/wiki/United_States_presidential_election,_2008

The people are getting what they voted for.

dSociety/dt

[Dire+Bonobo]

There's no difference between modern western politics and autocratic regimes such as monarchy or even dictatorships.

From which I can only conclude that you know very little of dictatorships, or of democracy.

Major parties will tend to cluster around the centre in their country's political spectrum. This isn't due to some exciting "conspiracy" by "The Man", it's simply due to the fact that most people in most modern western nations don't want their countries to change too much too quickly. (For obvious reasons - times of rapid change tend to be stressful and difficult, and most people have more than enough stress and difficulty in their personal lives without the government adding more.)

Roughly speaking, if most people want no more than C amount of change in a governmental term, then any party which positions itself outside the interval [-C,+C] (centre=0) is inherently saying that it does not intend to reflect the will of the majority, and consequently will not be considered a major party.

It's not a conspiracy; it's just social dynamics.

without the vastly dumbed down population being any the wiser

I have yet to see any reference to "the dumbed down population" or "the sheeple" be anything other than a straw man used to bolster a crackpot argument.

Perhaps you'd like to offer some data to support the notion that today's population is "dumbed down"? In particular, you may wish to focus on demonstrating that today's population is more compliant than the population of McCarthy's era, or the population which would forcibly and repeatedly shock a screaming man at the request of an authority figure.

To the best of my knowledge, there's no evidence today's population is any more dumbed down than the populations of every other generation. Feel free to provide evidence to the contrary; note, however, that "why, when I was a boy..." does not constitute evidence.

all this reporting on online attacks by the Chinese is an example of the media reporting bias.

Or attentional biases on your part - this is the first media report which mentions it that I've seen in quite some time, and it's not actually a report on Chinese hacking, but rather a report on the current activities of the US government.

Not, of course, that seeing vastly more reporting on China-vs-US hacks than US-vs-China hacks should be at all surprising, since
  - (a) information is much more available in the US, so news media is simply more likely to hear about an event,
  - (b) information in the US is predominantly in English, so those of us reading in English are much more likely to hear of it,
  - (c) the US is either the country of or a treaty ally of most readers of English-language news media, and attacks on entities we are legally obligated to defend are naturally of rather more interest than attacks on other entities,
  - (d) the US is militarily more technologically advanced than China, meaning that China has vastly more to gain from this kind of espionage.

And so on. The simple fact of the matter is that we're more likely to hear of a Chinese hack on the US for a great many reasons which have nothing to do with any purported "media bias". Such a bias may or may not exist, but it's a sign of intellectual laziness and/or dishonesty to simply invoke "teh MSM iz bias!1!" rather than actually thinking about the underlying factors.

Not that intellectual laziness and dishonesty is surprising to find in an argument equating democracy with dictatorship.

[OT] sig

I was expecting a rickroll. That's actually kind of cool.

Infrastructure stimulus

[Stephen+Ma]

That's why China is embarking on a $580 billion stimulus program.

A great aspect of the stimulus is that they won't be wasting the money the way the U.S. has: the Chinese will be using their stimulus funds to build some desperately needed infrastructure such as roads, water pipes, railways, airports, and so on. So not only will they continue growing strongly, they will also emerge from the global financial crisis at a higher stage of development and will be stronger than ever.

I welcome pre-war security stress-testing

[peter303]

Its going to be much nastier to discover software weaknesses after war begins.