Slashdot Mirror

← Back to Stories (view on slashdot.org)

Evidence Weakens That China Did the Recent Cyberattacks

Posted by kdawson on from the reasonable-doubt-abounds dept.

click2005 notes an article in The Register calling into question the one piece of hard evidence that has been put forward to pin the Google cyberattacks on China. It was claimed that a CRC algorithm found in the Aurora attack code was particular to Chinese-language developers. Now evidence emerges that this algorithm has been widely known for years and used in English-language books and websites. Wired has a post introducing the Pentagon's recently initiated effort to identify the "digital DNA" of hackers and/or their tools; this program is part of a wide-ranging effort by the US government to find useful means of deterring cyberattacks. This latter NY Times article notes that Google may have found the best deterrence so far — the threat to withdraw its services from the Chinese market.

5 of 197 comments (clear)

  1. Don't Be Foolish by eldavojohn · · Score: 5, Insightful
    Let's check out the official Google word from the official legal chief officer of Google:

    Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists.

    Emphasis mine. Nowhere is he talking about a CRC algorithm or even fingerprinting the attack to a particular country. Instead, the obvious question is simply this: Who else would hack one of the most successful companies in the world only to read the e-mails of Human Rights Activists in China? What possible gain could anyone else have from this information?

    I'm not saying hard evidence has been provided one way or the other (I'm not even sure it could be proven one way or the other unless someone claims ownership) but the only evidence the accuser offered up was this. Not that the "algorithm was only known to Chinese" nor anything as simpleton.

    --
    My work here is dung.
    1. Re:Don't Be Foolish by TheKidWho · · Score: 5, Insightful

      Someone who is trying to discredit China?

    2. Re:Don't Be Foolish by Monkeedude1212 · · Score: 4, Insightful

      Exactly. Thread over. Nothing else to say.

      I certainly didn't think it was the Chinese because the attacks supposedly originated in China. I thought it was the Chinese because it was after the accounts of Chinese Human rights activists.

      Unless THAT part can get discredited, I will still point my finger.

    3. Re:Don't Be Foolish by dgatwood · · Score: 4, Insightful

      You think it's more likely that a CEO made a moral choice? Don't make me laugh. If morals had anything to do with it, they would never have gotten into China in the first place. It's not like Tiananmen Square hadn't happened yet....

      No, I strongly suspect it's more like "Betraying the trust of other people is okay as long as you don't betray mine." And odds are, in a few months, this will all be forgotten and it will be back to business as usual, censorship, spying, and all. I'd love to be wrong about my cynicism, but it happens so rarely these days....

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  2. This isn't a court of law by Sycraft-fu · · Score: 5, Insightful

    Google doesn't have to prove things beyond a reasonable doubt. More to the point they don't have to prove it beyond any and all doubt no matter what, which is the standard many geeks seem to use. Internally, they only have to prove it to their own satisfaction, which it would seem they've done.