US Chamber of Commerce Infiltrated By Chinese Hackers

SpzToid writes "The Wall Street Journal is now reporting that a group of hackers in China breached the computer defenses of the United States Chamber of Commerce. The intrusion was quietly shut down in May 2010, while FBI investigations continue. 'A spokesman for the Chinese Embassy in Washington, Geng Shuang, said cyberattacks are prohibited by Chinese law and China itself is a victim of attacks. ... Still, the Chamber continues to see suspicious activity, they say. A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China, they say, and, in March, a printer used by Chamber executives spontaneously started printing pages with Chinese characters.'" According the article, the group "gained access to everything stored on its systems" and may have "had access to the network for more than a year before the breach was uncovered."

errr

a printer used by Chamber executives spontaneously started printing pages with Chinese characters.'"

Did you try switching it off then back on again?

Re:errr

[Artea]

Somehow I suspect these "Chinese characters" were just random ASCII characters you tend to see when a client with a corrupt printer driver tries to print. When some security official comes around asking about anything suspicious, John Executive takes to opportunity to jump up and do his part for national security!

Re:errr

[interfecio]

Corrupt printer driver? Have you ever tried to stop a printer from printing a page?

Re:errr

[RivenAleem]

My ribbon printer (Image writer 2) for my old old Apple Mac used to do that when you asked it to print draft. Never figured out why, but now you make me think of it, it seems like the right reason.

Re:errr

[SJHillman]

I used to get a lot of calls that one of our four LaserJet 4250's was "printing in Chinese" again. Most of the characters were simple ASCII squares, arrows, smiley faces, etc... not even a resemblance to Chinese but that's what people called it since it didn't use the standard English alphabet.

Re:errr

[Talderas]

I have a printer driver that doesn't play nice with Firefox. The printer can't properly recognize the fonts used by Firefox so it prints out garbage characters. Now if I tell the printer to download the fonts rather than using embedded fonts it works just fine. Everyone would call the garbage characters Chinese.

Re:errr

[19thNervousBreakdown]

Everyone who is an idiot, maybe.

Re:errr

[somersault]

Zing

Re:errr

[g0bshiTe]

I'd say install the proper drivers and stop using the PostScript drivers. PS drivers tend to do that with excel spreadsheets.

Re:errr

[trum4n]

Or maybe translating the page it yielded?

Re:errr

Yeah, that part of the summary amused me. It's as if the following took place somewhere in China:

Good work, now print out that data you've discovered.
Yes sir... it should be on the printer now.
There's nothing here, what printer did you send it to?
Doh!!!!

Re:errr

[Megane]

I remember back around '04 or so, there was a virus that wanted to spread itself via SMB shares. If it managed to contact a printer, it somehow thought it was a file share and tried to copy its code over. This would result in hundreds of pages (thank you HP for form feed support in whatever printer language this was) being printed with a few garbage characters on each page. One printer actually wore out some rollers from having to do this.

But yeah, your average ID-10T couldn't identify a Chinese character from any other mojibake even if it tried to cook him fried rice.

Re:errr

[Talderas]

Right. The average user.

Re:errr

[Synerg1y]

The hackers wanted to damage the US physically by using precious toner and paper as well as wearing down the printer parts.

Re:errr

[joocemann]

Investigators are not that naive.

Re:errr

[Anarki2004]

I think that faux Chinese is what some people refer to as "moonspeak". Correct me if I'm wrong here.

Re:errr

[BattleApple]

Even if the person that found the printout was that stupid, I'm hoping think the government translators would have picked up on it.

Re:errr

[operagost]

It translated to, "PC LOAD LETTER".

Filter error: Don't use so many caps. It's like YELLING.

Re:errr

Real chinese is also called moonspeak.

Re:errr

[Wintermute__]

That depends on which investigators you are referring to..

Re:errr

It is common to send socially engineered or internal information to a printer in some sort of cipher so the printer users think the printer has messed up and put those papers in the trash or recycling to later be picked up by an agent. Once you retrieve the documents it is very easy to use OCR software and decipher the text.

Re:errr

[anonymov]

Won't work if all paper trash is unconditionally sent to shredder/incinerator, which should be common sense for any serious business.

Re:errr

[wervr]

Printed moonspeak is moonrunes.

Re:errr

US Chamber of Commerce != government
The name is misleading.

Re:errr

[anonymov]

Maybe it actually printed Quotations from Chairman Mao, or "AHAHAHA, WHITE DEVILS ARE STUPID! PWNED BY LI MING" repeatedly?

Actually, there are a lot of anecdotes along the lines of "Found unsecured printer on the internet, told it to print War and Peace. 10 times."

Re:errr

[kmoser]

So when printers in China start outputting gibberish, do the Chinese complain that it's printing in English?

Re:errr

When some security official comes around asking about anything suspicious, John Executive takes to opportunity to jump up and do his part for national security!

He actually changed his name to Jack.

Re:errr

[joocemann]

I've worked in the field. With the basic principles of investigation, oversight, and review, it is nigh impossible for the suggested conclusion to be drawn. There are far too many checks to the system.

This is good news

a printer used by Chamber executives spontaneously started printing pages with Chinese characters.

Finally we've tracked down that bad printer driver to China.

Re:This is good news

[couchslug]

"Finally we've tracked down that bad printer driver to China."

It can't be in China. The printer is an HP and their software is too bloated to fit.

Re:This is good news

[AmiMoJo]

It's kinda worrying when people see Chinese characters coming out of a printer and assume it is due to hacking. Maybe they have some staff who can speak Chinese, or even Japanese or Korean (because what are the chances they can tell the difference)?

Since there is no translation given of the text printed I'm going to have to invoke the "pics or it didn't happen" defence.

Idiots.

[unity100]

Well deserved. Any organization that handles sensitive data, but puts even thermostats to internet as controllable online, deserve hacking.

Dont blame chinese. the hackers could as well be kiddies. Hell, it could as well be a random bot mistakenly and randomly gaining entry. Since the level of stupidity is as high as to put thermostats online as controllable from internet, go figure how did they treat rest of the network.

Re:Idiots.

[whargoul]

You're sound like the type that would blame the homeowner for keeping their doors unlocked instead of the intruder for going in without permission.

Re:Idiots.

Could not have put it any better.

Re:Idiots.

Doesn't mean it still isn't stupid. I wouldn't blame a homeowner if his house had the thermostat on the outside with a plastic box covering it, and someone smashed the box and turned the AC down to 50 in the summer while he was on vacation and racked up a $1000 electric bill. Wouldn't blame him at all. I'd blame the person who physically smashed the box and turned the dial down. But I'd still call the homeowner a moron for making like that easily accessible..

Some things don't need to be controlled from anywhere in the world. If someone needs to change the thermostat from Dubai, then put them on a private, internal network and control them from a machine with multiple layers of security that sits both on the private network and on one that's accessible from the VPN. It's not fail-safe, but from the way the article sounds, the thermostat probably had a public IP. That's just stupid. Even then, a good firewall restricting access to it from a whitelist of known-good IPs would probably be better than what they had, which I'm sure was very little.

In my example, the thermostat would never be communicating directly with any machines off of the private network set up for them. I would probably take it one step further and restrict access ONLY to the one machine responsible for controlling it, then just give access to that machine to the necessary operators. Yes, I know, someone can still spoof the MAC or IP of the controlling machine, blah blah blah, but that's an internal personnel problem and can be dealt with accordingly.

This goes for all the other control systems that get hacked as well. Not their "fault", per se, but in this day and age, they should have locked the damn door.

Re:Idiots.

[VortexCortex]

As such a home owner, I would blame myself for leaving the door unlocked.
However, I would blame the intruder for getting shot, or mauled by my two pit bull terriers.

Re:Idiots.

"Dont blame chinese. the hackers could as well be kiddies."

Exactly.

China has what, 1/5th the world's population? has the most people on the internet of any country? 1 in 5 or near enough random non state sponsored hack attacks coming from China isn't exactly an unlikely coincidence is it?

Yet each time there's a hack attack "from a Chinese IP address" it's sold as "China hacked into the US".

Just a few months back at my old employer I had an automated attack attempt on one of our web servers from an IP in Colombia, and one from the US. Does this mean Colombia and the US were trying to hack into us?

America needs to stop trying to turn China into some demon country that's trying to destroy it. Really, if China wanted to destroy the US it could, it basically financially owns it. It's economy is doing pretty well regardless of whatever the fuck the US Chamber of Commerce is doing.

It's exactly the same type of bollocks Argentina tries to pull "Oh crap, we're in a political/economic mess at home, I know let's stir up some resentment over the Falklands again to divert attention". It's boring, it doesn't wash, and it only causes more problems in the world, so fucking quit it.

Re:Idiots.

Getting shot by your two put bull terriers?

That sounds like the best home defense system ever.

Re:Idiots.

[jythie]

Not as effective as a laser shark, but probably a lot more versatile.

Re:Idiots.

[swalve]

There is plenty of blame to go around. I would expect that a non-moron LAN admin would make sure the thermostats can't see or be seen from the exterior of the LAN.

Re:Idiots.

[mcneely.mike]

Constipated? Not enough sleep?

Someone is cranky....

Re:Idiots.

[KhabaLox]

Attractive Nuisance.

If you have a honeypot you know the script kiddies will want to play in, you should protect it.

Re:Idiots.

[DriedClexler]

From my end, he sounds more like the type that would blame a homeowner that would put up a sign on his front door that says, "Door unlocked; combination to safe with valuables is ... . On vacation until ..."

Re:Idiots.

[AngryDeuce]

You're sound like the type that would blame the homeowner for keeping their doors unlocked instead of the intruder for going in without permission.

Blame? Nope. Call a retard? Abso-fucking-lutely.

I have a good friend that lives out in the sticks, he used to brag all the time to us city folk how he left his doors unlocked routinely because it was just so much safer out there and how we were all suckers for living 'like prisoners' in the crime-infested city. Then one day he forgot to shut his garage door and half the shit in there walked away, thousands of dollars worth of tools, exercise equipment, and other crap. Boy did we have a laugh at his expense the next day.

He doesn't brag about leaving his doors unlocked anymore. Go figure...

Re:Idiots.

[anonymov]

Home owner? You mean bank owner. In both cases thief get the blame, but in the second, owner deserves his share as well.

Your analogy would work for "$some_random_person mail account was hacked" - and you'll notice there's usually just expected schadenfreude and "I've got same combination on my luggage!" jokes, but no blame assigned to the owner in that case.

Re:Idiots.

[couchslug]

Blaming the intruder for their choice to exploit the CHOICE of the homeowner to be vulnerable is appropriate, but the homeowner still CHOSE vulnerability.

We live in a bad fucking world, and if you don't prepare accordingly that indicates you are stupid.

Re:Idiots.

[DarwinSurvivor]

The only relation between Attractive Nuisance and this thread is the word "Attractive". The summary is talking about something happening to your stuff because someone messed with it, "attractive nuisance" is something happening to a child because they didn't know better (nothing to do with damage to your stuff).

Re:Idiots.

[DarwinSurvivor]

So 75% of facebook, twitter and foursquare users.

Re:Idiots.

[KhabaLox]

A good lawyer could make the connection. True, a better case could be made if the script kiddie contracted a virus while crawling around your system.

Re:Idiots.

[DarwinSurvivor]

Which would be absolutely hilarious and proof that there IS justice in the world!

Re:Idiots.

[plover]

You're making a lot of assumptions here based on very thin statements above, and I wouldn't arrive at the same conclusion. The report is only that the thermostat is communicating with a Chinese address. It doesn't say the thermostat was or wasn't behind a firewall. It doesn't say the origins of the sessions with a Chinese server originated from China. It doesn't say they hacked into the thermostat from outside. It doesn't say the thermostat is even available via external access -- IP might just be the protocol it uses natively to talk to the internal HVAC systems, or to allow an internal building operator to run the system.

If I were hacking inside a network and trying to remain hidden, I'd look for ways to cover my tracks. nmap would let me identify my surroundings and help find a weak little system to act as a staging area or communications relay. Printers are often used for this purpose because they're surprisingly capable systems. They have hard disks that can temporarily store large volumes of data while not being noticed by everyday users, lots of patterns of ad hoc network traffic, and are often left unsecured for the convenience of the users. They're often overlooked as security risks, and are commonly left out of patching plans. Because they're expensive, they're not often replaced, and companies may have some older unpatched ones hiding under users' desks. What's important is that any IP device that can be compromised can be abused by an intruder. It's not just printers or thermostats, but could be lighting controllers, security systems, door access control systems, machine tools, video games, you-are-here kiosks, signs and advertising systems, timeclocks, network switches, photo frames, or any of a hundred stupid devices you might find on a network behind a firewall.

Someone might have an IDP watching their high security network, and they might have it set to alarm if they see traffic talking to anything but a 10. address. If they don't look any deeper (and they often don't), they might not notice that one of those addresses is a thermostat that shouldn't be talking to it. Meanwhile, as the hacker, you hope that nobody is doing security audits on thermostats or printers, so nobody will notice that you're using them to communicate outside the organization. It's a guessing game for the hacker when their relay will be discovered, but every bit of misdirection they apply can help delay their discovery, and so lets them derive more value from the hack.

Could they do something different to protect themselves? Of course. They could create a VLAN for their heating and cooling systems that doesn't bridge to their business network. Their thermostats could use SCADA instead of IP, because we all know how secure SCADA systems are. They could have a dozen honeypot thermostats set up as tripwires. They could have an IDP that looks for secure traffic through the simple unsecured thermostat systems, indicating someone's using them for nefarious purposes. They could monitor the traffic volume to their thermostats: after all, how much data does a thermostat really need to send and/or receive? But these aren't necessarily lessons that were taught in CISSP school.

I don't see the problem

[overshoot]

The US Chamber of Commerce is a lobbying organization -- it's not like they have Industrial Super Secrets. Besides, a high proportion of their clients are Chinese anyway and presumably have pretty good access to the organization already.

Re:I don't see the problem

Yes, but the hackers probably got to see entire drafts of legislation before even the bills' Congressional sponsors did.

Re:I don't see the problem

Yeah but grabbing and leaking a few documents detailing bribery & coercion of politicians would have been nice.

Re:I don't see the problem

I think you mean, "I don't see why this is a bigger problem than cracking other people's networks." It's obviously a problem for people to be breaking into others' systems; it's just that you're saying that the USCoC is nothing special. Right?

Re:I don't see the problem

[fuzzyfuzzyfungus]

I think you mean, "I don't see why this is a bigger problem than cracking other people's networks." It's obviously a problem for people to be breaking into others' systems; it's just that you're saying that the USCoC is nothing special. Right?

It sounds, to me, like a combination of "Remember, no matter how hard they work to imply otherwise, the 'US Chamber of Commerce' is just a private lobbying group, not part of the government" and "Awww, so sad, couldn't have happened to a nicer bunch of people."

I'm not a huge fan of internet security being a total free-fire zone; but the USCoC are pretty much slime, have been known to use dirty tricks themselves, so it just isn't feasible to exude too many tears for them.

Re:I don't see the problem

Considering this is the chamber of commerce, who seems to trumpet anyone who profits from selling jobs overseas to dubious countries, I'm still wondering if they didn't just sell access and later claim they were hacked.

Sorry but that organization simply cannot be trusted at face value.

Re:I don't see the problem

[mark_elf]

They are a very influential lobbying organization. A lot of what they hand congressmen (in paper bags full of money) turns directly into policy and law. Intelligence on economic policy is extremely vital, so their emails and whatnot would absolutely be worth reading by the Chinese government.

Maybe not kiddies this time.

Re:I don't see the problem

just undoing wrong mod... (wanted to click "Insightful" on parent, but ended up on redundant)

And

That is why we need SOPA, oh wait a minute!!

"US Chamber" of Commerce

[lexman098]

I'd just like to take this opportunity to point out how insidious it is to purposely label a highly partisan think tank with a name that is obviously meant to seem like a legit government agency.

Re:"US Chamber" of Commerce

I'm sorry I don't have mod points today or you would get a +1 informative from me. Most non-Americans don't know that small "detail".

Re:"US Chamber" of Commerce

"Think tank" is a bit generous, don't you think? "Bribery factory" is more like it.

Re:"US Chamber" of Commerce

[StuartHankins]

Thank you. I was uninformed. Sadly, I'm not surprised.

Re:"US Chamber" of Commerce

[JWW]

Legit government agency?

Most cities of any reasonable size at all have Chamber of Commerce organizations. These are always made up of groups of businesses that belong to the private Chamber organization. Sure they work with government in their municipalities, but they are private organizations.

The name US Chamber of Commerce strikes me as being a national incarnation of the local concept. As such, I don't think its name construes that its a government group.

Re:"US Chamber" of Commerce

Hell, most Americans don't know that small "detail".

Re:"US Chamber" of Commerce

[oh_my_080980980]

The Chamber of Commerce uses the name US to mislead people into thinking it is a federal agency. As such it should be removed.

Re:"US Chamber" of Commerce

Wouldn't we then have to rename USBank and USAToday?

Re:"US Chamber" of Commerce

[lonecrow]

Its not a "think tank" there are chambers of commerce all around the world. It is a member driven organization with local chapters that also support regional and national committees. I am on the board of directors of my local chapter. All chapters and regional/national organization carry the name of the city or region they serve. Nothing insidious about it.

The nefarious business we get up to locally is running small business trade shows in the mall, and having one hell of a Christmas party :)

With that said our national organization here in Canada is constantly spewing out stuff that our local chapter directors disagree with. Welcome to large distributed organizations.

Thank you China

Do you think China will be willing to shut down the rest of our lobbies for us too? Then we maybe able to accomplish something in government.

Re:Thank you China

Do you think China will be willing to shut down the rest of our lobbies for us too? Then we maybe able to accomplish something in government.

I want our government accomplishing as little as possible! Everytime they get their butts in gear it's something like SOPA or DMCA or... OH! Sorry... I see your point now.

Re:Thank you China

The irony is the US Chamber of Commerce is a pro-China lobbying group. This hacking effort is accidental... someone probably plugged in a rootkit USB picture frame, like those that target and root Microsoft-branded operating systems.

Oh dear

It sounds like a cheesy horror film, a parody should be made.

Don't be confused

[minderaser]

The US Chamber of Commerce is a LOBBYING organization (y'know, some of the folks behind SOPA and other crap) and is NOT the US Department of Commerce, the cabinet department that (supposedly) promotes economic growth.

I'm having trouble feeling bad or worried about this.

Thermostat Infiltration Attack!!!

[germansausage]

"A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China".

Hey Larry, does it seem a little warm in here today?

Yeah, it is kinda warm.

Oh my God! We've been hacked by the Chinese!!!

Re:Thermostat Infiltration Attack!!!

That or its a preview of their vacation I'd love to send them on... You want SOPA? Go to hell

Re:Thermostat Infiltration Attack!!!

[alphred]

It was trying to phone home for additional instructions. Don't they all do that?

Re:Thermostat Infiltration Attack!!!

You do realize they could attack the thermostat in the White House and get Obama to catch pneumonia?

Re:Thermostat Infiltration Attack!!!

First it's adjusting the thermostat at the Chamber of Commerce, next Global Warming!

Re:Thermostat Infiltration Attack!!!

[AmiMoJo]

The first thing I'd do if I wanted to have some lulz playing with their thermostat is find a proxy in China.

Presumably the first thing any serious government sponsored Chinese hacker would do is find an overseas proxy to work from. If this stuff even happened it was probably just script kiddies or people searching for accessible control pages on Google. Seriously, if you type in the title of any common CCTV control software's web interface you will find thousands of unprotected cameras to watch and even control if they are motorized.

Chamer of Commerce isn't a GOVERNMENT agency

[tekrat]

It's a lobbying group for businesses. Therefore, the Chinese can hack away all they want with my blessing. No harm done.

In fact, considering the harm brought onto US citizens by the Chamber of Commerce, the more damage done to them by the Chinese, the better it is for American citizens.

Re:Chamer of Commerce isn't a GOVERNMENT agency

Harming business is good for American citizens? Care to explain how that works?

Re:Chamer of Commerce isn't a GOVERNMENT agency

Harming business is good for American citizens? Care to explain how that works?

Harming the US Chamber of Commerce is good for American citizens. There. All better now? Or do you need further explanation?

Re:Chamer of Commerce isn't a GOVERNMENT agency

When business does better, it's good for all Americans. The Chamber lobbies for less government burden on business. Less burden on business will mean more successful businesses, and that's good for me and you. Is this not clear? Or does your warped worldview prohibit you from understanding how this works?

There is certainly plenty of lobbying organizations that lobby for causes I am against, however, lobbying is enshrined in the first amendment of the Constitution, so I'm not against lobbying in general. Those on your side tend to want to ban lobbying when it comes from conservatives, but are perfectly happy with left wing lobbying organizations and union lobbying.

Re:Chamer of Commerce isn't a GOVERNMENT agency

[swalve]

Yeah, darn those pesky burdens. It's not like the legislature put them there for a reason.

Re:Chamer of Commerce isn't a GOVERNMENT agency

[Arcana+Fu]

Oh yeah, they are there for a reason all right. To line a congressman's pockets or ensure his reelection.

Tripe

[qualityassurancedept]

This story is ridiculous. It's not like the US Chamber of commerce does anything meaningful at all other than lobby for no taxes. Anyway, does anyone doubt that the NSA and CIA also hack into foreign servers and desktops to steal corporate data? I am sure that back when the Russians were developing MiG fighters the US "hacked" into their computers and stole all the blueprints or if they didn't, they would... and Boeing was/is the beneficiary of that. So honestly gimme a break. Why wouldn't the chinese develop their ability to attack american tech infrastructure? Since the US and China is probably going to go to war over Taiwan within 50 years, and the US will be attacking from the sea with Drones while a million chinese try to literally row their way over from the mainland, I think their best strategy is to learn to disable the American computer systems somehow.

Re:Tripe

sure we could hack into china's servers but they have nothing to steal

Re:Tripe

Since the US and China is probably going to go to war over Taiwan within 50 years.

Why on Earth would they do that? 90+% of Taiwanese people support reunification with mainland China - their only disagreement is when. The hyped-up "conflict" exists solely to allow US companies to sell more weapons.

Re:Tripe

[sesshomaru]

Hacking into the Chamber of Commerce would let you know which government officials had shown themselves open to graft and bribery to sell out their constituents.

This is useful information for a foreign power to have.

Why hack the government, when you can hack the ones who really control the government?

Re:Tripe

[Type44Q]

I am sure that back when the Russians were developing MiG fighters the US "hacked" into their computers...

Yep, I can just picture a 60's-era NSA math nerd trying hacking into an abacus, using nothing more than a slide rule...

Re:Tripe

[HungWeiLo]

At least 5%-10% of Taiwanese now live and work in China. With close economic ties like this, your US/China war scenario is pretty darn near impossible.

They're not anything even remotely close to North and South Korea.

The Obvious

[TheSpoom]

A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China

What the fuck is a thermostat doing being accessible from the internet?

Re:The Obvious

[g0bshiTe]

That's not the point, the point is that they can now use it's webcam to snap compromising photos of them.

Re:The Obvious

[GameboyRMH]

Also, to be fair, anything given a public IP address will be communicating with an Internet address in China before long.

Re:The Obvious

A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China

What the fuck is a thermostat doing being accessible from the internet?

The thermostat is controlled by computer, remotely. We have those on my school site. Which means the Chinese could be hacking my classroom right now and laughing over my students final exam scores...

Re:The Obvious

[TheSpoom]

I knew someone would say something like this. I have absolutely no problem with the thermostat being networked. I have a problem with it being remotely accessible from the internet at large.

If there's some reason it has to be accessible from outside the firewall (and is there, really?), tunnel through a VPN.

Re:The Obvious

Good question... for example I found this one with a simple Google search...

https://intranet.utahfoodbank.org/warehouse/index.php/temperature/admin

Re:The Obvious

[tomhath]

Once their servers were compromised it's hard to tell what all was communicating with China, probably every device on the LAN (since the thermostat and printers were almost certainly made in China to begin with). Chinese probably went through a proxy too, sounds like it took a while to sort out what all was happening.

Re:The Obvious

Firmware update?

Re:The Obvious

[gratuitous_arp]

A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China

What the fuck is a thermostat doing being accessible from the internet?

I know. Don't they secure these things using NAT?

Have the chineese never heard of proxies?

[BlueCoder]

Seems to me it's more likely to be various Chinese teenage hackers.

The professionals are smart enough to realize that IP addresses from China are readily noticed.

Re:Have the chineese never heard of proxies?

[NicBenjamin]

I'm sure they've heard of proxies. That is how one gets around the Great Firewall, after all. I'm not sure they really care to keep their tracks covered. When you air videos of yourself doing a denial-of-service attack, using publicly available tools, on state TV OpSec is probably not your highest priority.

Their highest priority seems to be annoying influential people, who will then complain to the media. The media being technical doofuses breathlessly report that the Chinese Military owned Important American X, Chinese glory will be increased, the Chinese people will not think their government has sold out to American Corporations, etc.

Re:Have the chineese never heard of proxies?

[GameboyRMH]

The professionals are smart enough to realize that IP addresses from China are readily noticed.

...and just as readily written off as "dirty Chinese hackers!" instead of being investigated.

Re:Have the chineese never heard of proxies?

[P-niiice]

I doubt the certainty of that. Anyone smart enough to hack a thermostat is smart enough to use proxies before doing so.

Dear Hackers: Thank You!

[Anonymous+Meoward]

To The Hackers This May Concern:

On behalf of all American citizens who understand the poisonous effects of lobbying on American democracy and society, I would like to thank you for your hard work. The US Chamber of Commerce is not a government agency, but may as well be so for all intents and purposes. It lobbies our elected officials to adopt policies that favor only big business, with the misguided belief that only laissez-faire capitalism will improve the American way of life. Nothing is further from the truth.

In short, you're doing us a favor.

If it's not too much to ask, could you please submit your findings to Wikileaks, or just post them on a publicly accessible blog? I think more of my countrymen should know about the inner workings of this nefarious herd of swine, and their attempts to sell naked greed as enlightened self-interest.

May we also interest you in targeting other groups, such as "The Club for Growth", "Americans for Prosperity", and "Crossroads GPS"? I'm sure you'd find them just as interesting.

Thanks again,
- Meoward

Re:Dear Hackers: Thank You!

As a none American I dont understand all the fuss. It's just another undeclared war you have fought and lost. just use basic American poltical doctrine.

Declare victory and go home. Ah now I see the problem.

Re:Dear Hackers: Thank You!

[P-niiice]

Funny how your comment basically states that opposition to the Chamber is equivalent to hatred of the right wing. The chamber isn't a partisan group, right........? Also, I don't understand why anyone with any slight opposition to 150% control of all aspects of American life by corporations/people with excess money is automatically a nutbag communist socialist (heh) hellbent on enslaving god-loving conservatives and forcing them personally deliver their personal property and guns to illegal immigrant crack babies on welfare.

Re:Dear Hackers: Thank You!

>> As a none American I dont understand all the fuss

We as Americans don't understand the fuss either... as OP pointed out, US Chamber of Congress is just a private lobbying firm for corporations. So they had a printer hacked (or maybe it was a bad print driver) and a thermostat communicating with an IP in China (which even if it is true is pretty inconsequential.) There is nothing to fuss about... I am baffled as to why this is newsworthy to anyone outside of their IT department. Frankly, even if I were working in their IT department, I wouldn't be losing any sleep over it.

>> It's just another undeclared war you have fought and lost.

I'd hardly call an unsubtantiated claim of a Chinese hacker accessing a private firms thermostat as having "won" anything. What war are you referring to, and how does this show that we have fought and lost in it?

Re:Dear Hackers: Thank You!

... It's easy to get modded up if you support a radical leftist/socialist/marxist viewpoint or attack conservatives or religious believers.

Your forgot to mention secularist/environmentalist/Darwinist and a few other "ists". But don't be mad, bro...here, this will make it all better: www.foxnews.com

Re:Dear Hackers: Thank You!

[Arcana+Fu]

Technically, partisan refers to Democrat or Republican... not conservative or liberal, so you're confused on that point. This is the technique all 'non partisan' organizations use to get tax exempt status. ThinkProgress is a 'non-partisan' organization, but they say on their website they are proudly liberal. However, I think the non-partisan label is ridiculous, because these days Republicans are entirely right-wing and Democrats are entirely left-wing. I am against 150% control of all aspects of my life from any entity, however I disagree with your characterization that corporations or people with money have that power. I could never buy another Pepsi for the rest of my life and Pepsi would have no power or control over me to do otherwise. The only entity with real power or control over my life is the government. I will never understand why you lefties don't realize that. You are perfectly happy with government reducing your freedoms in a real and draconian way, yet you wring your hands or march in the street because a company has the right to run an ad on TV supporting a political cause? Illogical.

Re:Dear Hackers: Thank You!

[140Mandak262Jamuna]

The Karl Rove strategy was to put together a group of single issue voters, energize the heck out of them, and shoot for narrow margin victories. Problem with that strategy is two fold.

The first is, these single issue voters would make it impossible to govern, if they win. The second is the demographic trends are against them.

Since 2000, 45 million Americans have attained voting age. About 15 million older Americans have passed away. Remember how they used anti-gay voter initiatives to increase their voter turn out in 2000 and 2004 elections. Notice they are largely absent from today's Republican moves. Forget the rhetoric and talk. Look at what they do and choose not to do. Republicans don't have the anti-gay vote block. Their margin of victory is too small to sustain too many of such vote-block losses.

The Democrats have surrendered on the gun issue. (Abjectly or strategically depending on your personal view point). Pro-gun initiatives and legislative action does not energize the base as much, does not produce as much donations and campaign contributions as it used to in 2000/2004 cycles.

The seeds of fracturing and long term collapse of the Republican party were sown by Karl Rove in 2000. Add to the mix the totally self serving media players, Limbaugh, Fox News etc whose interests do not coincide with the interests of the Republicans they are heading for serious trouble.

Re:Dear Hackers: Thank You!

And while you're at it, can you also target SEIU, Acorn, Teamsters, etc. We'd like to know what kind of special deals they're going to get in the next bankruptcy of a rustbelt company. Oh wait... there are only a handfull of rustbelt companies left. Between the rightwing assholes and the leftwing assholes, they've all been run off. Nevermind.

Re:Dear Hackers: Thank You!

[Arcana+Fu]

Care to apply your analysis to the Democratic party? Most Republicans can agree on a core set of values. Democrats have built their base up of various victim groups, minorities and special interests. Many time these groups won't agree on issues. Take the recent example of the Keystone pipeline, where two Democratic voting blocks are at odds (environmentalists and unions). Obama has been largely unsuccessful in the eyes of Democrats because he refuses to take any bold stands for fear of pissing off one group of Democrats or another. The OWS 'movement' is another great example. They are unfocused, unorganized and incoherent for the same reason - too many passions. Democrats are in far worse shape than Republicans IMO. We'll see who's right in less than a year from now...

Re:Dear Hackers: Thank You!

The only entity with real power or control over my life is the government.

Other way around. The only entity you can control is government, because a government is made by the people, and (supposed to be) for the people. The power to change government is in your hands.

If you don't like your government, go protest, vote, lobby even, or if worst comes to worst start a rebellion. You got the right to bear arms don't you?

People can exist without government, but government cannot exist without people. I'd say it's you "righties" who don't realize this.

The reason why the US government today is neither by the people nor for the people is precisely attitudes like yours, thinking government controls you when you the people are supposed to be the ones controlling government.

It's a self fulfilling prophecy. Good honest hard working people (and I do sincerely think "righties" are good honest hard working people, and so are "lefties") think they can't control government (and think government controls them), so they don't even try. This leaves only crooks and leeches (who don't matter if they're right or left) trying to control government, and they did.

Re:Dear Hackers: Thank You!

the 'Cyber war' your Political critters are allways claiming the Chinese are waging

Re:Dear Hackers: Thank You!

[mehemiah]

are you aware of the Corn lobby keeping Pepsi buying high fructose corn syrup because they keep the tax on cain sugar high? We could be drinking Pepsi throwback with out the high price and low supply if it weren't for them. Its not the corporations you see that have all the power. Who needs conservative or liberal bias when we have lobbyists like these controlling our trade policy and how easy it is for me to eat healthier junkfood (I can't believe just wrote that un-ironically) or a healthier hamburger. I think they feed cows corn because it makes them fatter but its still not good for them. also, the informant is a funny movie but also raises awareness of this issue, I heard the book Corn Economy is too science light but that was my professor's opinion

Re:Dear Hackers: Thank You!

[P-niiice]

"I disagree with your characterization that corporations or people with money have that power."
If you lack the ability to extract the core argument from an obvious exaggeration, you might want to sit this discussion out. You are perfectly happy with government reducing your freedoms in a real and draconian way So "righties" are for gay marriage now?

Re:Dear Hackers: Thank You!

[P-niiice]

The actions of congressional Republicans have given Democrats plenty to focus on.

The problem for Republicans is trying to distract their voters from those same actions.

Re:Dear Hackers: Thank You!

[Arcana+Fu]

As a general rule, citizen control of their government works less as the size of government gets bigger. Our federal government is so big and bloated at this point, a change in elected officials makes little difference in the unelected bureaucrats who regulate much of our daily lives.

Furthermore, as those on the left have pushed our country into more of a democracy (and less of a republic), we suffer more and more from a tyranny of the majority. Even those on the left should be able to see the problems with democracy when looking at California's current inability to raise taxes.

Your point is well taken, and a good one, but in my daily life, its government, not corporations that are exerting control. My health insurance costs went way up this year thinks to a law I (and the majority of Americans) was against imposed on me. With the law in full swing, I can be ultimately incarcerated for failure to pay the new inflated health insurance costs. If I don't want to pay the inflated costs of the new Iphone 4, will Apple come to my house armed?

You claim government control of my life isn't important because I can easily change government. I disagree, but how exactly do corporations/rich people control my life where I can't easily change?

Re:Dear Hackers: Thank You!

[Arcana+Fu]

Perhaps it is you that should sit the argument out, or at least have your sarcasm meter re-calibrated. My argument is that corporations, nor people with money have the ability to meaningfully control my life at all.

Those on the right are fine with gays doing whatever they want. We're against changing the definition of a word to fit a group of people's notion. Gays can get together, form whatever kind of partnership, with whatever kind of lawful agreement they want, and call it whatever they want.

Re:Dear Hackers: Thank You!

[Arcana+Fu]

I don't like the corn lobby exerting 'keeping' Pepsi buying corn syrup, but I don't have to drink Pepsi (and don't). I have no fundamental right to Pepsi. If you like Pepsi throwback, buy it instead. I never noticed it being any more expensive. Your point illustrates perfectly that you have options in the private sector. If Pepsi was a government entity, high fructose corn syrup would be the only option.

Re:Dear Hackers: Thank You!

So, if you stop buying Pepsi, there would be no way for them to pollute your water supply?

Re:Dear Hackers: Thank You!

[Arcana+Fu]

What stops the government from doing this (see: Paducah Gaseous Diffusion Plant)? At least when a private company causes harm to others, they can face lawsuits. Good luck suing the government.

Re:Dear Hackers: Thank You!

Those on the right are fine with gays doing whatever they want.

Where is this magical Right you speak of? It sure as hell isn't in the good 'ol USA.

More information

Is there any more information on this other than WSJ claiming an attack happened?

Security?

[expo53d]

IHMO, any government/sensitive systems should be completely isolated from the internet. It surprises me that much of the US infrastructure is connected to the internet. Why does the US CoC need internet controlled thermostats? That just opens up vulnerabilities. On another note, why was the thermostat communicating with China? If these attacks were as professional as claimed and went undetected for a year, then you would suspect the "professional" hackers would use a proxy or some sort of onion routing. And the printer printing Chinese characters? Why would a hacker do that? And couldn't any "hacker" (not necessarily Chinese) have the printer print Chinese characters? The US will get its systems secured sooner to later, but if they don't secure it now by their will, they will be *forced* to secure it later.

Re:Security?

[tverbeek]

Other than the fact that they own assorted members of Congress, the US Chamber of Commerce is not part of the US government, any more than the USA Network or the US Tennis Association is.

Re:Security?

They where professionally hacked by 12 year olds who find that kind of stuff funny.

Re:Security?

Better yet, at least restrict your printers to internal IP addresses. Too many HP JetDirect cards don't really have much in the way of security. So do it on your layer 3 switches, etc. And they use common ports so you can block them at your firewall, assuming you HAVE a firewall.

Online home thermostat like have little security /

[Joe_Dragon]

Online home thermostat like have little security any ways or some one just left it on the default password. Hell maybe even they have a open wifi with no password or have it on WEP that is very easy to hack.

Did I miss something?

[g0bshiTe]

Simply because the IP traces back to China is not necessarily a "Chinese sanctioned" hack. It could very well be a Chinese server has been compromised from somewhere else in the world.

Should the Chinese government be looking to hack for secrets, I doubt they would choose the Chamber of Commerce for their target, much less leave the tracks leading right back home to them.

FUD is FUD.

Chamber of Commerce Smear Campaign King and Irony

[FriendlyLurker]

The US Chamber of Commerce is a lobbying organization -- it's not like they have Industrial Super Secrets. Besides, a high proportion of their clients are Chinese anyway and presumably have pretty good access to the organization already.

True, The Chamber Of commerce also hacks anyone who criticizes their illegal and immoral behaviour. HBGary Federal payback perhaps?

More importantly...

[idbeholda]

Does anyone actually care?

Honey- they're in- everybody's eggs!

[drainbramage]

Pretty sure that was what General Curtis Goatheart told his wife when he determined their eggs were really an alien attack.
But that is beside the point.
What are the chances that all of those made in China net enabled thermostats have a default password and a default 'phone home' to a Chinese address?
Sure a default non routable address would be appropriate but that too is another issue for several manufacturers.

what do "they" want?

If you believe that it's the chinese state doing this, and for the sake of argument I'm going to assume that's the case, it's not that hard to see what they might gain: influence. The chamber of commerce is one of the top lobbying groups, and is an ideal target for inside information on how to carrot/stick our elected representatives. To say nothing of, for example, blackmailing them with a recording of a conversation they had where they agreed to support a chamber initiative in return for a political contribution.

I don't shed any tears over bad things happening to the CoC, but I'm not going to let schadenfreude blind me to how dangerous this is.

The local chambers

The local chambers are non-profit entities whose purpose is promoting local businesses.

The US Chamber of Commerce is not this type of organization, nor is it affiliated with them in any way, but it has been intentionally named to mislead you into thinking it is.

Re:The local chambers

[Red+Flayer]

The local chambers are non-profit entities whose purpose is promoting local businesses.

That's one purpose, and it depends on how you define "promote". They also have other purposes, such as local-level lobbying to influence zoning boards, municipal regulations, etc.

Where I grew up, they were also active in promoting unregulated capitalism (they called it free-market, though it isn't in the economic sense of the term free-market) in the schools. It's "funny" that they (local Chambers) sponsored programming in the high schools to educate students about political topics that the state-level Chamber was pushing for. My recollection of those assemblies, in-class speakers, etc was that they were unabashedly pushing the Chamber's viewpoint... though it's only in hindsight that I became aware of what they were doing.

Re:The local chambers

[DavidTC]

The local Chambers also have a political agenda that isn't always perfect.

But local Chambers of Commerce don't run around bribing politicians and working together to make sure that it's perfectly acceptable to send millions of jobs overseas and that they're allowed to sell whatever shitty lead-painted stuff China produces and that no regulation of any sort should exist, ever.

Business in local Chambers of Commerce can't run around trying to set Federal or even State regulation of stuff, or screw around with any tax rates(Except sales, and they will argue against that.), so almost all the Chamber's effort gets directed at 'Bringing in more business for local businesses', which generally everyone likes. More business means more jobs and more money in the local economy.

Re:Chamber of Commerce Smear Campaign King and Iro

[jythie]

Yeah, but it is only 'hacking' when there is no profit involved... so what they did is considered 'ok'.

There's a CoC in every town around here....

[dfenstrate]

Where did you grow up, such that you're utterly unaware of local Chambers of Commerce that are clearly non-governmental?

Seriously, they're in every town around here, and they're always running some booth at a fair or some charity event.

It's been well known to me, for years, that the local chamber of commerce is comprised of local business owners. I'm honestly not sure how anyone could be confused about the non-governmental status of any level of CoC.

Re:There's a CoC in every town around here....

[bill_mcgonigle]

It's been well known to me, for years, that the local chamber of commerce is comprised of local business owners. I'm honestly not sure how anyone could be confused about the non-governmental status of any level of CoC.

Right - I think the more insidious aspect of the name "US Chamber of Commerce" is that it implies for many a parent organization to the local chambers of commerce.

Which isn't true - they're a nasty lobbying organization that happened to pick a name that borders on fraudulent misappropriation of mark. The local chambers have had to pend the past 5 years or so telling their communities, "no, that's not us."

Re:There's a CoC in every town around here....

[DavidTC]

The problem is, there's no 'mark' per se. Chambers of Commerce are not any sort of collective. They're just completely-seperate NPOs started by local business owners. In fact, nothing stops people from starting a competing one to existing CoCs. (Although they're kind of pointless if many businesses do not join.)

There are a few national networks that let CoCs stay in touch (In addition to the direct connections they usually develop to nearby ones.), and the 'US Chamber of Commerce' does indeed operate as one of those, and a lot of the local Chambers have joined it. Although a lot left after the revelation it was engaged in lobbying and taking money from China at the same time.

In fact, signing up with the US Chamber of Commerce is actually against a lot of rule of the local Chambers, and people need to point that. Most local Chambers are charitable non-profits, and hence cannot legally support candidates in election, which the USCoC does. Even if they are not 401(c)(3)s and hence could support candidates, a lot of them are explicitly supposed to be non-partisan, which the USCoC is not.

So if you are part of a business that is a member of a local CoC, and they are a member of the USCoC check their bylaws and point this out to them. And point out to other members that they are supporting a organization explicitly designed to elect Republicans. (Yes, merely being a member, for free, is 'supporting' them, as the USCoC is running around claiming your business supports them.)

There's not really anything anyone can do about the name, though. 'Chamber of Commerce' is not any sort of mark, it's a general term for 'organization of companies'.

Well

Actually;

They target the U.S. Chamber because a lot of the people in said chamber also work for the Government at Very high levels; in addtion to this if you can comprimise the low security network they use at the Chamber you may get access to the high security networks they use everywhere else; chances are they have the same passwords.

The politbeuareau is known to break into things when they want somthing, and they do it at arms length; also the 300 million unpatched windows boxes make it quite easy to say "No it wasent me, it was the one armed man over in russia"; they've done this to Canada and Britan already.

Why isn't there any technical information?

[code_08]

Why isn't there any technical details about how this hack happened? For something that happened almost 2 years ago it seems there's surprisingly little information on what actually happened. It seems this article is more concerned with blaming China for attacking America than it is giving details on what actually happened.

Re:Why isn't there any technical information?

[swalve]

They haven't patched the thermostats yet.

Anyone know anything about launch codes

reriously, Does anyone know anything about launch codes?

Re:Anyone know anything about launch codes

[P-niiice]

if you get a blue screen dude you should duck and cover

Trademark protection?

Maybe we should protect our trademarks. "US" and "Federal" for starters. Fedex is OK if they make the word all one color, Federal Express is not.

There is plenty of precedent for this. AFAIK, the seals and military medals are protected. Nobody is allowed to give out "authentic medal of honor replicas". That one might be a criminal act actually...

Laughable

[koan]

""It's nearly impossible to keep people out. The best thing you can do is have something that tells you when they get in,""

It's easy to keep them out take it off the Internet, seriously when they are hacking your thermostat from China how much more encouragement do you need?
It's pretty clear they don't have much in the way of telling them when someone gets in either since they (who ever hacked them) were there for over a year.

All these hack jobs in the news are beginning to seem like a steady stream of pro "closed Internet" propaganda.

Thinking too small

[overshoot]

Yeah but grabbing and leaking a few documents detailing bribery & coercion of politicians would have been nice.

Not nearly as nice as getting a handle on the politicians would be, eh?

Piffle

[koan]

All these hack jobs in the news lately seem like "closed Internet" propaganda to me.

Re:Piffle

[koan]

Sorry for the double up, something screwy on my end led me to believe my previous post did not take, perhaps it's time I check my own thermostat..

Paranoia

[lightknight]

The printer thing sounds like a standard malfunctioning printer driver -> any decent IT person has run into this problem before. Printer spits out pages and pages of gibberish, and it's a sign that the printer driver needs to be reconfigured. Probably trying to print using a PostScript driver instead of a PCL driver, or something to that effect.

And this is from 2010. Slow news day? Or someone desperately trying to play up the "h@x0r$" card, to drum up a little money for a solution in need of a problem?

Lastly, McAfee has gone downhill from their glory days as an anti-virus provider. That was a long time ago, mind you. They've reached the point where they'd claim they'd discovered foreign government intrusions on a coffee cup. I'm not saying that their advice is untrustworthy; I'm just saying that I haven't heard anyone in IT mention, let alone recommend, one of their products in nearly a decade. I think the only reason I know they still exist is their persistence in trying to bundle their anti-viral products with Adobe Acrobat.

On a side-note, one of the major reasons (but not the only one) for servers getting cracked back in the day, was the warez crowd. Servers sat on fat pipes, with a huge amount of disk space. People would scan entire ip ranges for an unsecured server. You would crack a server (often times, not even that, as a fair number of them didn't even use passwords), upload a bunch of files, then announce the site to everyone on a board somewhere. This was before the advent of cable modems / ADSL / FIOS / etc. Now almost everyone has a fast connection, hideous amounts of disk space, and bit torrent which spreads information faster than the older method.

How do I know? I left a home computer, with an (IIS) FTP server on it and no password, for the purposes of some web work I was doing at the time, on an apparently internet-accessible link, and several days later my hard drive had a bunch of 0-day warez on it. *shrugs*

They already influence the chamber

[bussdriver]

Not officially, but China already has its hands in the chamber; this use of this is a nice backdoor to get into well connected powerful people in the USA. It would be a wise move for China but other parties bouncing off a computer in China could be doing it as well; same motivation either way.

You know, the CIA has been doing plenty of operations for the benefit of US corporations for over a generation now. (you look it up, it happened and likely still happens. Wikileaks only covered the state dept messing around with others; just imagine what the CIA leak would have looked like given what is known about their past!)

Good Hackers?

[Anachragnome]

Good Hackers?

Considering that the USCOC is a Conservative/Republican cesspool of manipulation, I sincerely hope that the hackers are simply stockpiling information to use AGAINST these asshats.

I eagerly await the Wikileaks release of information gleaned from these "investigations", but I would accept a more public, strategic release of information that torpedoes any chances of Conservatives/Republicans gaining further benefit from the USCOC.

Re:Chamber of Commerce Smear Campaign King and Iro

[operagost]

That's OK... billionaire hedge fund manager and currency collapser George Soros funded Occupy Wall Street via the Tides Foundation. Slashdot-- you're all suckers.

Re:Chamber of Commerce Smear Campaign King and Iro

When liberals do it, it's financial terrorism. When conservatives do it, it's capital gains. Just sayin'.

Isn't it ironic (not the song, this time)

[sgt_doom]

Since it was, and still continues to be, the US Chamber of Commerce, together with McKinsey and the Peterson Institute, which fraudulently claims that for every one American job offshored, two jobs magically appear to take their place (by that criminal logic, America should have recorded at the very least 37 million new jobs created over the past 10 years, instead of that many lost to offshoring and offshore job creation by American-based multinationals and corporations); evidently similar to those Keebler Cookie magical elves, huh????

So I'm all for the Chinese, who are major beneficiaries of all those jobs, and all that technology, which has been offshored to them, to continue on hacking the USCoC, McKinsey, and by all means Rockefeller stooge, Peter G. Peterson's Peterson Institute!

In fact.....

[sgt_doom]

....I would declare the Chinese to be American heroes, should they wish to blow up the US Chamber of Commerce. Also, any and all Fox, CNN and NPR stations.

Re:In fact.....

[ldephil]

NPR? Why? As a non-American, it seems like NPR is somewhat akin to the BBC, despite the lack of significant financial support from the state. Given that it is propped up by funding drives, and seems to attract criticism from both sides of the US political spectrum, it seems to be doing a good job of justifying its existence and avoiding partisanship. Like the BBC, it seems NPR is also being cowed by those who are too easily offended.

Not just that

[roguegramma]

It is more like blaming the houseowner for putting handles on the doors, since these faciliate entry.

Not a big deal

[WindBourne]

The US Chamber is the one that pushed tax cuts for outsourcing as well as allowing illegals to be here. Even now, it is the Chamber that pushes its members to buy 49% or less of a factory (i.e. no control) of a Chinese owned factory and then move as many operations to China.

The chamber being cracked by China , is a lot like breaking into your own home.

Re:Not a big deal

[jafac]

The sordid history of the seditious acts of the US Chamber of Commerce date well back to the Nixon Administration's appointment of former chair Lewis Powell to the Supreme Court. He wrote a now-infamous memo, (at the time, secret) to other business leaders, in reaction to Ralph Nader's efforts with Consumers Union, about the horrible threat posed to the American Way of Life, by a politically empowered Middle Class. In this memo, he outlined a strategy, including de-funding the political opposition (basically, anything left of Nixon).

Part of the strategy was to move manufacturing overseas, on a large scale, to limit the incomes of middle-america, so that they could no longer donate money to politicians who opposed the policies friendly to big-business.

This has obviously been tremendously successful.

Note that Karl Rove, Richard Cheney, and Donald Rumsfeld, were all members (not senior members, but associates) of the Nixon Administration.

Re:Not a big deal

[WindBourne]

good points. Hence the reason why I am working on something in denver. Do you still have my email? If so, can you flip me one. I will show you.

A not so big deal?

[Shienarier]

Is this a big deal since people think that the US Chamber of Commerce is a government agency?

Re:A not so big deal?

[anonymov]

No, it's just posted for the humor of "A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China, they say, and, in March, a printer used by Chamber executives spontaneously started printing pages with Chinese characters.'" According the article, the group "gained access to everything stored on its systems" and may have "had access to the network for more than a year before the breach was uncovered."

Gaining access to everything stored on the thermostat and wasting paper and ink for a year is serious business.

Who the fuck cares?

Really - The Chamber of Commerce. Who the fuck cares? Why do they even give a shit? The Chinese already got TOP SECRET NUCLEAR ARMS SECRETS from Lawrence Livermore way back when Clinton was getting his dick sucked. So why would anyone give a rat fuck that the Chamber got hacked. For that matter why in the hell do I have to create a password for my email when any fucking hacker or government agency can see my emails anyway. WTF is this world coming to. The Chamber of Commerce???