Slashdot Mirror

← Back to Stories (view on slashdot.org)

Experts Closing In On Google Attack Coders

Posted by samzenpus on from the sniff-them-out dept.

ancientribe writes "The targeted attacks out of China that hit Google, Adobe, and other US organizations are still ongoing and have affected many more companies than the original 20 to 30 reported. Security experts now say they are getting closer to identifying the author or authors of the malware used to breach Google and other organizations."

11 of 141 comments (clear)

  1. Would you run unknown code? by fluffy99 · · Score: 3, Interesting

    Why on earth would I download and run the "inoculation" removal software from some unknown company? It might actually be installing more crap! Why not just give us a shell script if it's just wmi calls?

  2. Re:Propaganda by mysidia · · Score: 1, Interesting

    So shouldn't they go get the Exemption Firefox got, or replace their crypto code with Firefox's code?

    Or (since Chrome is Windows-only)... use the CSPs in Windows for crypto operations, instead of shipping crypto code with their browser..

    Sorry, the US Law excuse doesn't really hold water here.

  3. Re:Apology by AliasMarlowe · · Score: 3, Interesting

    I failed to do enough research. Is there a way I can delete the parent post?

    Join the Scientologists. Claim your post is part of their dogma. Threaten legal action.
    http://slashdot.org/yro/01/03/16/1256226.shtml

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  4. I tried securing my Win2k Program Files folder by MichaelCrawford · · Score: 1, Interesting
    I set it all so it was Read-Only to regular users, then removed my own Administrator privileges. When I logged in as "Mike", I was just a regular user, and had to log in explicitly as Administrator to do anything administrative.

    Well that didn't last long. Nothing worked anymore.

    To get my box back, I had to both make my Program Files folder writable, and I had to give my "Mike" account administrative priveliges.

    That's just plain wrong.

    --
    Request your free CD of my piano music.
  5. Re:Gotta be a Chinese military virus. by MichaelSmith · · Score: 4, Interesting

    For a long time it looked like William Gibson had the wrong view of the future with the Sprawl series. But now we have duelling Russian botnets which fight for exploited systems and AI captcha crackers. Major corporations base their income on the reduction and on-sale of found information. Infrastructure is increasingly dependent on information technology, and likely to be connected to the Internet.

    Science fiction writers tend to over estimate short term progress and under estimate long term progress. I think Neuromancer is coming back.

    The charge? Conspiracy to augment an artificial intelligence..

    --
    http://michaelsmith.id.au
  6. Re:Propaganda by rtfa-troll · · Score: 2, Interesting

    Just to be a little clearer about the grandparent's points about chrome. Google could probably get a similar exception for Chromium to the firefox one and still have to export control Chrome. The use of Windows crypto functions also won't help since software which uses crypt functions is just as much controlled as software which implements them.

    Controls on use of crypt (as well as implementations) actually kind of make sense. a) it's very easy to mess up a use and use a secure crypto function insecurely b) the actual value of a crypto function is in your use of it. In terms of the crazy world of crypto embargos, a typical wish would be to allow the Iranians to do cryptographic signatures, but not to encrypt. However, it can be shown that any signature algorithm can be used to encrypt (well actually hash algorithm). This means that the only control that could possibly be effective is on delivery of software, not delivery of algorithms.

    Of course none of the embargo stuff actually is very effective since there are plenty of people (e.g. China) who are more than happy to treat unilateral US embargoes as a business opportunity.

    --
    =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
  7. not sure its a good idea to say this by Anonymous Coward · · Score: 3, Interesting

    In retaliation to the investigations and accusations, BAE Uk got a massive attack wave this weekend, much larger than anything Google saw. All the attacks came from proxys, but deeper probes showed all the traffic was from china.

    BAE had all their systems crippled and apprently had shut the whole network down(we are talking about thousand upon thousands of machines), reset all passwords and wipe a lot of boxes. You wont hear this in the news though. It would be seriously bad for business if the US and Uk governments got wind of it.

    China* wont go down without a fight.

    *whoever is organising it.

    1. Re:not sure its a good idea to say this by RMH101 · · Score: 3, Interesting

      This happened in Manchester, UK: the police networks were shut down, apparently due to Conficker: http://news.bbc.co.uk/1/hi/england/manchester/8492669.stm

  8. Re:Gotta be a Chinese military virus. by djtachyon · · Score: 2, Interesting

    http://en.wikipedia.org/wiki/Ghost_in_the_Shell

    --
    "What's the use of a good quotation if you can't change it?" - Doctor Who
  9. authors by Anonymous Coward · · Score: 1, Interesting

    forget the authors, who paid them?

  10. Re:Chinese "Echelon" by Anonymous Coward · · Score: 1, Interesting

    "Maybe it makes sense to lead by an example?"

    By example?

    Hmm, the West should probably get right on executing domestic protesters, then.