Slashdot Mirror
Talk On Chinese Cyber Army Pulled From Black Hat
Trailrunner7 writes "A talk on China's state-sponsored offensive security efforts scheduled for the Black Hat conference in Las Vegas later this month has been pulled after concerns were raised by people within the Chinese and Taiwanese government about the talk's content. The presentation was to be delivered by Wayne Huang, CTO of Armorize, an application security company with R&D operations in Taiwan. The talk was billed as an in-depth, historical look at the offensive capabilities and operations of China's so-called cyber-army."
China is directing the single largest, most intensive foreign intelligence gathering effort since the Cold War against the United States.... http://www.securityweek.com/chinas-cyber-threat-growing
Worded quite differently, no? This published summary accuses the Chinese and Taiwanese government about it, while the other one just says they had concerns about their good relationships in the community.
FTA: Caleb Sima, Armorize's CTO and co-founder, said on his Twitter feed yesterday that the talk had been pulled.
"I had to pull our blackhat talk. Taiwanese gov is prohibiting it due to sensitive materials. Unreal."
[Fuck Beta]
o0t!
Black Hat conference cancelled one of their talks due to political pressure? Wow. I thought Black Hat was one of those "we don't care who you are, we're going to talk about this" forums?
Usually one would ridicule other conferences with something like "Do you see Black Hat canceling like this? Grow a pair!" But this is just depressing. Guess Black Hat is experiencing some "shrinkage".
Next thing you know they're going to be cowering over trumped up Cease and Desist orders.
I work for the Department of Redundancy Department.
If the US doesn't start taking the PRC's cyber offensive capabilities seriously, the US is in for a whole world of hurt. Note how, in the article, the author mentions that Titan Rain and Aurora were not viewed as surprising in Asia, but rather more like, 'yeah, yeah, what else is new?' It is widely known in the security industry that China has been pursuing cyber offensive capabilities for quite some time. Why doesn't it get more discussion?
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
I thought Black Hat was one of those "we don't care who you are, we're going to talk about this" forums?
Those types of organizations don't have annual conferences in Las Vegas.
"Black Hat!" I mean, really. Who would you expect to show up at a Las Vegas venue called the "Super-Villain Expo," Lex Luthor, or wannabes in purple-spandex cosplay?
Because publicly traded companies are reactionary.
Until Google stoop up and admitted to getting owned, businesses would say it was only worthwhile to defend against automated worms and viruses. That targeted attacks can get your company owned is not news to anyone in the security space, but justifying the monitoring and defensive measures to detect and respond to malicious attackers was tough without datapoints showing that attacks like that actually happen.
Unless you're Richard Bejtlich, who wrote the book on that. http://www.taosecurity.com/books.html
Here's a great overview article by him on APT.
http://searchsecurity.techtarget.com/magazinePrintFriendly/0,296905,sid14_gci1516312,00.html
Blessed are the pessimists, for they have made backups.
The same talk -- or at least a very similar one, by the same people -- is scheduled to be given at Defcon. Anyone know the status of that? I doubt Defcon is very susceptible to outside pressure, but since the speaker does business in Taiwan he may be reluctant to defy them.
Just because you sold your soul to the devil that needn't make you a teetotaler. --The Devil and Daniel Webster
They want to sell tickets (which cost $2,000). It's hard to sell a $2,000 ticket to an event when you can't even tell people what that ticket will buy them.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.