Slashdot Mirror
China's 'Great Cannon' -- a Cyber-weapon to Accompany the Great Firewall
An anonymous reader writes: A new report from The Citizen Lab identifies a distinct new technology entity sitting next to the Great Firewall of China. Dubbed the 'Great Cannon', the multi-process cluster revealed itself quite openly in the recent attacks on Greatfire.org and its two Github pages. The DDoS attack was so sustained that CL was able to study the new technology in depth, determining architectural similarities and unearthing many strong indications that it is a product of the Chinese authorities.
the slashdot effect.
We've seen attack upon attack on various countries by the government of China. These attacks are way beyond simple con jobs for access to government servers or trade secrets.
Why the hell do they have MFN status again?
How about blocking http traffic to China and 301 redirecting any connections to the https address. If the endpoint doesn't support https, tough.
Because, pardon the pun, they're too big to nail.
Who put this thing together? Me, that's who.
Okay, I suppose you don't mind we also stop pretending the Five Eyes (especially the USA) and Israel at not in a low level war with any other country? Right?
Why would the Chinese government have them attacking their enemies in such an obvious and easily attributable way?
Are they just at the point where they now think they're so big and strong, that they can just steamroll anybody in the world IRL and online without long-term consequences?
It could just be Third World 'peasant mentality'. Or are people, who are ostensibly rational enough to take control of a nation of 1+ billion people, really this stupid?
Other than you saw some other moron on the Internet say 'China Did It' ... can you provide some actual proof to back up your claims.
It is simply stunningly illogical for China to behave this way against such petty targets. It makes absolutely NO sense for them to flaunt their ability and willingness to do so as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business, your 'war' would be over before anyone really cared.
And ... a DDoS does pretty much nothing to gain you access to government servers or trade secrets.
WTF is it with you nut jobs who seem to think the entire world is out to get you regardless of cost to themselves?
Slashdot is pretty much the only place on the planet that thinks this is an actual attack by the Chinese, perhaps you should ask yourself why? And no, before you get the idea, its not because slashdot is so smart and so far ahead of the general public, that ended 10 years ago.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
And admit that the Chinese will not even slow down until it's clear that the developed countries will be retaliate in kind. The feds need to take the kid gloves off and let American businesses do unto the Chinese as the Chinese do to them. Chinese DDoS? Let GitHub retaliate against Chinese assets involved. Chinese firms hacking and stealing assets? Authorize industrial espionage by American businesses against Chinese interests. Chinese intelligence actively attacking American business? Give the NSA a free hand to retaliate and screw with the Chinese government. They try to break into our classified networks? Set up an entire NSA team to infiltrate the Chinese military establishment and depants their national security secrets on a Wikileaks-By-Uncle-Sam level.
Anyone who runs a server on the Internet only needs to look at their firewall log to see break-in attempts coming from China, 24 hours a day every day. It's blatantly obvious that Someone in China did something. Still that's not conclusive proof that governments are involved.
It is simply stunningly illogical for China to behave this way against such petty targets. It makes absolutely NO sense for them to flaunt their ability and willingness to do so...
Did you miss the part where China builds artificial islands wayyyy past the 200-mile line to do an end run around it?
Il n'y a pas de Planet B.
And ... a DDoS does pretty much nothing to gain you access to government servers or trade secrets.
China has built their entire infrastructure around denying access to information they don't want their people to see. This gives them a way to fire back at the outside sources that help people work around those blocks. If you want to cry about proof, then by all means, RTFA.
While the attack, is progressing, with all the spoofing going on, why is everyone saying its China? With all the communications chips coming out of China, could it be misidentification? And reading your attack? Since you are trying to penetrate their defenses? Meaning its your spiders reporting back, making requests for service?
We've seen attack upon attack on various countries by the government of China. These attacks are way beyond simple con jobs for access to government servers or trade secrets. Why the hell do they have MFN status again?
Probably for the same reason the US does.
If you're calling this an act of war, then what the hell was stuxnet? A DOS attack more than pales in comparison to the destruction of Iranian nuclear enrichment equipment.. let's not get too hypocritical here
Glorious exposition, comrade!
It is simply stunningly illogical for China to behave this way against such petty targets. It makes absolutely NO sense for them to flaunt their ability and willingness to do so...
Just like it makes no sense for Americans to bomb the Bikini Atoll, or run new ships on trips around the world. The goal isn't to destroy a Pacific paradise or to wear out the engines, but rather to announce to the political world that we have a new capability, and we're ready to use it as we see fit.
The "petty targets" may be convenient places to point this "Great Cannon"... They provide a noticeable target, and apparently can be analyzed enough to provide some basic details to the rest of the world. Assuming China is behind the attack, we now know that China can run at least this level of attack, and there's no reason to expect that in a full-scale conflict, it wouldn't be turned against more serious targets. We don't know whether the attack can be made even bigger, or if it has different operational modes, or even how quickly such an operation can scale... and that's enough uncertainty to make it a deterrent weapon. It's all political posturing, and from outward appearances, it seems China is showing itself to be fairly powerful, but not yet openly aggressive.
Contrast that with North Korea, which has persistently demonstrated impotent aggression, and our main concern is that they might actually develop a real offensive capability that affects us.
...as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business...
...except that a significant part of their daily business has now been null-routed. It's going to be hard to keep that great American economy moving when manufacturers can't contact their contracted suppliers. Without that continuous economic movement, we're facing yet another financial crash, which the United States government probably doesn't want to have happen just yet.
your 'war' would be over before anyone really cared.
On the contrary, an openly-hostile and traceable act (like cleanly disconnecting a major nation) would be the first strike in a bigger escalating conflict, as each side accuses the other of being the guy who really started the fight. Throw in a few false-flag operations and stage a few "exposed" false-flag operations, and it's not a very big leap to having a real war with real weapons and real death.
Frankly, I'd rather just have the political games.
You do not have a moral or legal right to do absolutely anything you want.
I was going to post exactly this ...
China does bully and take advantage of petty targets and nations that have no way to defend themselves, and the best example of this is their attitude in the china sea, they are building ilsands to expand their borders, and all of the nations around cant do anything about it... they are first class bullies... I fail to see how their "cyber-attitude" could be any different.
I will just say this: The above post is a lie. I can name plenty of examples to show China's aggression.
If people remember a few years back, US solar companies getting breached, or breach attempts in large numbers, all from China. Six months later, China started shipping panels that mysteriously had the same IP as the US PV makers... but for costs well under what even the rare earths went for. This destroyed the US PV industry, and it nearly destroyed Europe's until they enacted a tariff to level the playing field (China will give you deep discounts on rare earths... provided their companies do the manufacturing... companies that you have to give all trade secrets to.)
So, China isn't an angel in any sense of the word. They have been having a lot of border skirmishes with neighbors. They only have MFN because most US companies can't see past next quarter's earnings.
A DDoS makes sense. Same way someone getting their face decorated with a black eye the first time they hit the prison yard... it sends a message.
Who do you think it is then, smart guy? If you have a less paranoid alternative (dont say Illuminati, please), I would love to hear it.
> It makes absolutely NO sense for them to flaunt their ability and willingness to do so as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business
It amazes me how many Slashdot posts theorize about what *would* happen, under conditions that *already* have been going on for years. If you said that in 1990, it would be a reasonable prediction, an intelligent guess. After 20 years of attacks, very few networks have blocked China completely. We know what *would* happen, because it's *been* happening for many years.
PLA Unit 61398 hacked a few low level sites, the US and Europe did nothing. They hacked some smaller companies. The US and Europe did nothing. They started blasting US and European banks and other key targets with constant attacks. A few web sites started blocking Chinese traffic locally. The US and Europe did nothing. The hacked solar companies and started shipping panels baed on technology recently developed in the US. A couple of government bureaucrats grumbled. They hacked some shell companies nominally involved in solar, but primarily engaged in federal grants and political donations. The US government indicted their officers, a purely ceremonial exercise - we're not actually going to go get those officers and put them in jail.
That's what actually HAS happened. Your theory about how the US WOULD respond might have been a reasonable guess in 1990, but it's rather outdated now. Like the arguments about what the results would be from banning guns - the UK DID ban handguns, violent crime did double. it already happened. Pretty silly to make guesses about what you think might happen.
Making sure to check the box for "AC"
I have all of china shut off.
None of my customers that matter, have noticed, nor would they likely give a shit if they knew.
The presence of china on the internet brings NOTHING to the table I want.
Someone should get a sub crew or two to drag through all of china's under sea connections and call it a day. Let em do whatever they want on their own network. We'll send non tainted chicken to them to eat in trade for plastic crap and cheap electronics via boat.
Did you read the article? Its actually the Great Wall of China acting as a C&C for 98% of users outside china who access Baudi.. I am guessing here but I would suspect that 2% of visitors are distributed across the globe somewhat.
While China still tops the list on my firewalls, Russia has been rapidly raising up over the past few years.
Take a look at the stories about China in the South China sea. China is blatantly hostile, this is just another of the many hostilities. Also, it appears that they pay people to AC astroturf on /. This is the only explanation I can come up with for the ACs claiming that we don't know it was China when TFA is quite clear on the research that was done to determine how the attack occurred.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Because Bill Clinton thought they should. Congress tried to repeal it in 2005, but the bill failed.
Seems to me like it's time to look at that again.
Stuxnet was an act of mercy for the rest of the world. Iran with a nuke is a scary thing. Look at North Korea if you want to see where it goes. Fortunately NK can't build a nuke small enough or a missile powerful enough to hit the US, but they could hit South Korea or Japan, and they have shown a willingness to attack both.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
What may be petty to you may not be petty to China government.
That could also be about a billion unpatched versions of Zombie XP running DOSS attacks as part of a huge Botnet and the only reason it originates from China is the fact that everyone uses pirated unpatched versions of OS there. Just speculating, but that would make sense. Not saying that is isn't a Chinese directed botnet, but it may not be the national government.
That all these "Chinese Cyber Attacks" are in actuality more due to the fact that most of the versions of Windows in China are pirated and unpatched. This would make them the biggest target for the creation of zombie botnets which can be controlled by anyone really for whatever nefarious purposes, such as DOSS attacks on whoever. The Russians seem to have the most of those types of individuals out there, so it is more likely individual or groups or Russian hackers, owning Chinese botnets and using them to try and extort money, or for just lulz.
Why would China not respond to that? Firstly because it is beneath them. Secondly, that would be admitting to the US that they are probably in major breach of trade violations regarding IP, Copyright, etc... more so than already. That they would at least have to try and look at doing something about it, which would be crippling and such a large amount of money that I hesitate to even take a stab at how much that might be, and the affect that would have on the Chinese economy and technological innovation. Think about how many copies of Windows might be running in China, that are pirated, and if all of them had to pay, even the discounted foreign rate MS might charge.
It's hard to say with NK. They don't have the military capacity to take on the world, and they know it - but they do need an effective deterrant, and you can only have an effective deterrant if the world believes you are crazy enough to use it.
Worked real well for Cuba...
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
This is the only explanation I can come up with for the ACs claiming that we don't know it was China when TFA is quite clear on the research that was done to determine how the attack occurred.
Occam's Razor. Probably they just didn't RTFA.
Any sufficiently simple magic can be passed off as mere advanced technology.
Other than you saw some other moron on the Internet say 'China Did It' ... can you provide some actual proof to back up your claims.
50 cent army on the prowl!
It is simply stunningly illogical for China to behave this way against such petty targets. It makes absolutely NO sense for them to flaunt their ability and willingness to do so as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business, your 'war' would be over before anyone really cared.
Its not like this fits with the MO of China, right?
Its not like they negotiated with Microsoft, Yahoo, and Google to expose dissidents on those blogging platforms a decade ago.
Not like they coordinated with Skype to capture phone conversations via their well-documented TOM platform.
Not like they used state-sponsored hackers to infiltrate Google, like they commonly attempt to do corporate espionage.
Not like they engaged in a well-documented and highly-visible war with Google when Google retaliated by ending their cooperation.
Not like they cooperated with the recent hacks on Sony (where do you think North Korea gets its internet uplink from?)
Not like the recent github attacks were traced back to Baidu, a search engine with ties to the CPC
You'd have to have your head in the sand not to see this as an extension of their "control all speech" policy, and either be ignorant or a member of the wng píng yuán to defend them.
It did. They haven't been invaded. Even if they don't have their own nukes, they have allies who do - which is enough.
China has MFN status because they have lots of money to loan Western countries. We don't want to annoy them to the point that they adversely effect the Western economy in unpredictable ways. They are the world's best liars when it comes to denying their actions. If a Chinese official was video recorded throwing a rock that broke a window, the PRC would claim that he never did that. Along with modern capitalist methods, that's another thing that the Nixon administration likely taught them. Always deny the dirty truth with great sincerity.
http://www.slideshare.net/Shakacon/netizen-death-star-l0rd-v covers an anonymous researchers review of this capability over a year ago.
It makes absolutely NO sense for them to flaunt their ability and willingness to do so as the simple course of action the entire reset of the world would take is a simple matter of NULL routing China and going on about their daily business
unless of course you are a proxy server trying to aid Chinese ppl trying the evade the great firewall of China. Think of this as a new option to make evading their firewall much more expensive.