Journalists' Yahoo E-Mail Accounts Compromised In China

andy1307 writes "According to this article in the New York Times, 'In what appears to be a coordinated assault, the e-mail accounts of at least a dozen rights activists, academics and journalists who cover China have been compromised by unknown intruders. The infiltrations, which involved Yahoo e-mail accounts, appeared to be aimed at people who write about China and Taiwan, rendering their accounts inaccessible, according to those who were affected. In the case of this reporter, hackers altered e-mail settings so that all correspondence was surreptitiously forwarded to another e-mail address. ... The victims of the most recent intrusions included a law professor in the United States, an analyst who writes about China's security apparatus and several print journalists based in Beijing and Taipei, the capital of Taiwan."

Is anyone surprised?

China is a totalitarian state. Has been since 1949. What free trade has done is to make it a rich totalitarian state instead of a poor one. I never understood the argument that capitalism would lead to anything like democracy. Democracy [usually] leads to at least some level of capitalist/free-enterprise economy, but not the other way around.

Re:Is anyone surprised?

[dkleinsc]

I never understood the argument that capitalism would lead to anything like democracy.

The reason you can't understand that argument is that it's complete BS. It was created to try to convince Americans that the reason our government is making it extremely easy to trade with China is to spread democracy, not increase corporate profits at the expense of American workers' careers.

And historically at least, the system of government best suited to corporate profits is not democracy, but fascist-leaning dictatorships. That's true whether we're talking about Mussolini, Hitler, Franco, Pinochet, or Batista.

Re:Is anyone surprised?

[Hijacked+Public]

I don't understand it either, mainly because I think the climate in China is closer to free market capitalism than the climate in the US. In relative terms China is a capitalist utopia, particularly from a producer's perspective.

Re:Is anyone surprised?

[jav1231]

We should have shit-canned our trade with China when Tienanmen Square happened. Period. Everything after was hypocrisy.

Re:Damn Chinese!

[Marcika]

Don't you know that you should do your wiretapping directly at the ISP level, like real Americans?

I'm sure that they know and they do. But wiretapping at the ISP level doesn't help if their victims use HTTPS or SSL IMAP/POP like pretty much all Gmail (and Yahoo?) users do. Real Americans(TM) subpoena Google or Yahoo records directly over their convenient law-enforcement interfaces -- China can't do that...

Re:This is why you don't do business with China

[east+coast]

This is all the more reason to actively avoid their product; so that we can make it profitable for other countries to take up the production of items that only seem to sell at the lowest price point possible. It may cost us a little today but in the long run we won't be so attached to one provider that we have to put up with their abusive nature if we need to "cut the cord."

Re:This is why you don't do business with China

[u38cg]

The quickest way to sort out the human rights situation in China is to create a population with enough of a stake in society for it to be worth standing up and be counted. Free speech means very little when you're on the breadline. Even if your boycott had any meaningful effect, it would just make government repression easier, not harder - and China is quite easily big enough to run a closed economy if it wanted to.

Re:Damn Chinese!

[muckracer]

> https is very easy to MITM if you can inject bogus signed certificates.

agreed

> For that you need to control a CA.

agreed

> for example, CNNIC whose root certificate is included in MSIE and Firefox.

agreed

> Bug 542689 - Please remove CNNIC CA root certificate from NSS

agreed BUT: Why do you single out this particular CA when the valid issues you raised APPLY TO ALL OF THEM?!

Re:So let's get this straight:

[Asic+Eng]

for 20 years now malware targets mostly DOS/Windows, yet these guys still use exactly that

Like everyone else on the planet. Not that it matters whether you access webmail via Linux or via Windows.

the main vector of malware coming in is via e-mail attachments, yet these guys keep clicking on them

Webmail cracked - that's almost certainly not clicking-on-attachments territory, more likely poor password choice. Access to company servers from the inside (employees collaborating with the attackers) is another possible path of attack.

signed e-mails and attachments would make reception thereof fairly safe, yet these guys have no idea about it

Works only on a node-to-node basis. If their contact doesn't have the tools, then they can't use it. Same applies to encryption obviously. Is PGP freely available in China? How long till the government detects that you are using PGP and takes you in for questioning solely based on that fact?

but then these guys probably would feign complete ignorance and amazement over the fact, that especially the totalitarian governments of the world don't exactly work with white gloves

If the Chinese government attacks western computer systems, that's news. It might require a political response, that should be in the public discussion. Regardless, it's certainly worth reporting.

...don't give a shit about your self-aggrandized ego of 'a journalist' and the hallowed freedom of press

Freedom of the press is vital for my freedom and for yours. I think your disdain is completely inappropriate here.