Despite Promises, China Still Targeting US Firms

itwbennett writes: Three weeks after the U.S. and China reached their first ever cybercrime and cyberespionage agreement, a new report from CrowdStrike details intrusions from hackers affiliated with the Chinese government, indicating they almost immediately broke their word. In a blog post, CrowdStrike's Dmitri Alperovich said the first observed intrusion was detected on September 26 – one day after President Obama hosted President Xi Jinping of China for a state visit.

Wobder how that reads in China?

Despite promises US still targeting Chinese firms.

Re:Wobder how that reads in China?

Everyone knows China is the go-to scapegoat for Infosec people. Crowdstrike, in particular, is a well known smoke seller.

It's too bad that the very same people that could be helping build a better society, are trying to get govt. money by war-mongering, spreading bullshit about other countries and hoping the local govts will pick the bait.

Re:Wobder how that reads in China?

[gweihir]

These people are collectively too stupid. Unfortunately, this stupidity will cost the common person a lot in the end.

Is there a list of IP ranges for this anywhere?

[damn_registrars]

While I don't view my personal website as being valuable to anyone, my server does get hit by a lot of script kiddie type attacks that are coming from Chinese IP addresses. It seems that these "hackers" (who always fail as the overwhelming majority of them do tens of thousands of attempts to ssh in as root) are just hitting my server by IP address without concern for its function (beyond running ssh [yeah, I know there are things I can do to prevent or slow down their attempts but I don't want to]). It would be interesting to know if maybe they're just honing their techniques by trying systems in my IP address range.

Re:Is there a list of IP ranges for this anywhere?

[gstoddart]

I think the more likely answer it pretty much anything facing the internet should probably expect to be under fairly constant attack, from lots of different sources, none of which knows what you are.

Years ago it was true that if you took a brand new Windows machine, put it on the internet, it would probably be hacked within 30 minutes. I very much doubt that has changed for the better.

I suspect a lot of this stuff is just purely automated at this point.

The internet isn't really a safe place. You should pretty much assume that someone on the internet is actively trying to hack into machines. In fact, you should probably assume a lot of someones are.

I suspect they don't know or care the function of your machine. It's just a blanket "attack everything and see what happens".

Re:Is there a list of IP ranges for this anywhere?

[damn_registrars]

I suspect they don't know or care the function of your machine. It's just a blanket "attack everything and see what happens".

I whole-heartedly agree - and apparently did not express that adequately. I don't expect that they give a shit what my server is doing, they just know that ssh is open so they try to get in. Frankly I think of the hackers as being like The Joker's line from The Dark Knight:

if they caught a car, they wouldn't know what to do with it!

So really what I'm wondering is, given a list of X different Chinese IP addresses that tried (and failed) to get in to my web server, can I tell if any of them are from the Chinese government? Obviously a WHOIS will give me some information, but these American firms seem to be reasonably confident which IPs from China are affiliated with these government-linked hacking groups even when the addresses themselves are not registered to the government.

Re:Is there a list of IP ranges for this anywhere?

[phantomfive]

Years ago it was true that if you took a brand new Windows machine, put it on the internet, it would probably be hacked within 30 minutes. I very much doubt that has changed for the better.

It's generally less than 10 minutes.

Re:Is there a list of IP ranges for this anywhere?

[khasim]

Quick advice: move the port to some random (RANDOM!!!) port above 1024.

It won't help your security but it will stop you log from filling up with notifications.

I see "attacks" from addresses in almost every nation. It isn't that I'm under constant attack. It isn't that I'm particularly valuable.

It's that it is easily scripted.

Re:Is there a list of IP ranges for this anywhere?

[waspleg]

I have a CentOS server that I use for nothing but sshd (on a non-standard port, not for security but because it's one that isn't filtered at work) and squid for unfiltered web browsing at work and I have multiple attacks every day, currently:

Oct 18 20:17:41 echo sshd[22226]: Bad protocol version identification '\026\003\001' from 74.82.47.3
Oct 19 03:12:05 echo sshd[23298]: Bad protocol version identification '\026\003\001' from 54.149.243.130
Oct 19 06:33:30 echo sshd[26619]: Bad protocol version identification '\026\003\001\001M\001' from 54.193.0.39
Oct 19 08:15:04 echo sshd[26885]: Bad protocol version identification '\026\003\001' from 50.207.8.100

Interestingly a lot of them are "research" IPs like umich and shadow server. I haven't seen much that is directly from China but I don't check often.

Re:Is there a list of IP ranges for this anywhere?

[dcollins117]

I suspect they don't know or care the function of your machine. It's just a blanket "attack everything and see what happens".

That's what it looks like in my logs, too. When I was running an open http port I would see not targeted attacks, but what looked like scripts looking for an insecure/misconfigured server.

I found it amusing that since switching to https with self-signed certificates, the number of attacks dropped to zero. Even hackers won't accept my certificate :/

Re:Is there a list of IP ranges for this anywhere?

[damn_registrars]

I don't believe my system to be valuable. I wholeheartedly agree that my system is being attacked just because some script kiddie is pointing his script at a large range of IP addresses, and mine happens to be in there.

FWIW, just this morning I was attacked by address 117.27.152.55 which belongs to the ISP "Chinanet" (according to WHOIS). According to wikipedia, Chinanet is state-owned, so if we were to get conspiracy-ish I could postulate that this could be government-connected and not just some random customer.

Re:Is there a list of IP ranges for this anywhere?

[thoromyr]

The short answer is no.

The longer answer is that an IP address alone tells you almost nothing. For example, any competent agent for the NSA is going to use a compromised system in the EU, Russia or China when attacking Chinese targets. Equally, any competent state-sponsored actor in China is going to use a compromised system in the EU, Russia or the US when attacking US targets.

And the remote IP is not necessarily even compromised. Maybe not so much for Chinese IP addresses, but what the bad guys like for the US IP address space are university virtual private networks. Get the password for an account at an EDU then (bounced through a compromised system) connect to that, *then* attack. Some of them will bounce through multiple EDU VPNs.

Another example is the javascript malware that you get to a browser via: injection from privileged position on the network (e.g., NSA), compromised server, advertising, or any other method. The javascript runs in the browser and does its thing. The user's system is effectively compromised and part of a botnet, but closing the brower "cleans" it. There's no requirement to have anything on the file system making antivirus as helpful as some hand sanitizer.

If you have a remote IP address all that you can really say is that packets were routed to you with that as the identified source (in some attacks they don't even have to come from that IP address at all). Who was at the computer? Who was responsible for the packets? That takes a lot more than an IP address to determine.

Re:Is there a list of IP ranges for this anywhere?

[khasim]

Check you logs. Were you "attacked" by any IP's in the USofA? Or Europe?

Just because an "attack" is coming from an ISP owned by someone does not mean that that someone is connected to the attack.

Any minimally competent attacker would have bounced the attack through at least 2 other cracked systems outside of his/her home or government or whatever.

Or, to clarify that, a competent Chinese attacker would connect to a machine in France that would connect to a machine in California that would run the script that would attack your system. At a minimum.

This is because, unlike Hollywood movies, most attacks are scripted. There isn't a "hacker" sitting at a keyboard thinking about what to type in real time.

Re:Is there a list of IP ranges for this anywhere?

[Sir_Eptishous]

Years ago(10+) when I was running my site from home I would check the logs daily and see similar to what you describe.
Sure, there were loads of crap ssh attacks from all over the world, but the vast majority were from Chinese and Eastern European ip block ranges.

I blocked whole ranges of ip's(Chinese and Eastern European).

I think the moral of the story, which I can't believe still isn't the reality we live in, is that everything will have only whitelists.
However, have fun whitelisting Office 365

Re:Is there a list of IP ranges for this anywhere?

[damn_registrars]

You make a valid point with

If you have a remote IP address all that you can really say is that packets were routed to you with that as the identified source (in some attacks they don't even have to come from that IP address at all). Who was at the computer? Who was responsible for the packets? That takes a lot more than an IP address to determine.

As indeed the IP address that the attack is coming from could be in any of a variety of different states of use or misuse.

I will say though that much of the rest of what you said is assuming a certain degree of competence. I will argue that the behaviors I am seeing in my logs - thousands of failed ssh attempts as root in a 24 hour period from one address - negate any claims of competence. One would expect that "government" hackers would be more competent, but then again they have to learn somewhere, right?

Re:Is there a list of IP ranges for this anywhere?

[jriding]

When speaking of China why does everyone go down this rabbit hole? Does anyone remember the Great firewall of china? Do you really think they block blogs etc but let all potential hacking attempts right on through?

If they do let all attempts through then they are approving it. That would make it at least state acknowledged if not state sponsored.

Re:Is there a list of IP ranges for this anywhere?

[khasim]

Do you really think they block blogs etc but let all potential hacking attempts right on through?

Yes. Because to block everything else would be unmanageable.

Blocking certain sites is feasible AND won't ruin their attempts at international commerce.

Blocking ALL sites (except for approved sites) is feasible BUT it would ruin their attempts at international commerce. And require an army of sysadmins. And fail anyway.

If they do let all attempts through then they are approving it. That would make it at least state acknowledged if not state sponsored.

No. Because blocking "A" but not blocking "B" does not mean that you approve of "B".

That's one of the oldest fallacies in existence.

They can disapprove of "B" but still need "B" in order to achieve "C" (something they want). They just like "C" more than they hate "B". And they can hate "A" enough to block it.

Re:Is there a list of IP ranges for this anywhere?

[Coren22]

I have done a couple of traces on hacked systems, so I have some experience with this.

One system, they got in through a monitoring application that someone had installed with a default password, they then loaded up a copy of their intrusion software and used the company's high speed connection to search for other exploitable systems.

Another system I worked on, they exploited a FTP server, and started loading the server up with movies that I suppose they were sharing out. They overdid it and crashed the server, so were caught quite quickly, but that could have gone on for a while had they not made that mistake.

It all depends on the goals of the hackers, I imagine my first example is quite common, but the second is just as probable..

Re:Is there a list of IP ranges for this anywhere?

[KGIII]

Those appear to be probes, not entirely successful. While an interesting number and nice to have, I'm not sure how well it can be extrapolated to mean infection/invasion. Another surprise was how the Unix attacks looked very similar. I'm assuming they're counting Linux in with Unix. I'd have expected the probes to be even sooner than Windows because, honestly, Unix systems are where the good stuff usually is - considering their prevalence in data centers.

If I were evil and wanting to 'hack' a system then I'd sure as hell not waste my time desktops. That's not where the good stuff is. I'd want stuff in data centers and in business servers. Generally, *NIX is king there. Sure, there are plenty of Windows servers but I'd still go after *NIX because those are greater in number in the data centers and server rooms. I suppose I'd take advantage of an available Windows server but that's not where I'd concentrate my efforts or my education.

Then again, I try to not be a criminal so I may be thinking about it wrong. I don't know...

Anyhow, I hate to give Windows any credit but they're much harder to exploit - even unpatched and new installs online, without the user doing something stupid, than they used to be. I'd like to say that Windows users are dumber but, well, I've been hanging out on the AskUbuntu site lately and there are a number of silly users there. I do think that part of that is, however, due to an uptick in numbers as people explore Linux (specifically the more popular distros) because of Windows 10 being out. I guess I'm unsure of how well the numbers equate with effective attacks as those appear to be just probes - I could have read it wrong.

As an aside, having weathered this before, there doesn't actually seem to be an increase in numbers than I've seen in the past. A bunch of people seem to come try Linux every time Windows gets a new version. It's usually about six months before the signal to noise ratio goes down. This Windows roll-out is different than normal (and not so many PCs are being sold today) so I'm thinking it may mean that the noise ratio remains high for a while longer.

As an additional aside, when have I not, I also think that it is a bit sad. Most of those users don't stick around. I'm no zealot nor a Microsoft hater (as I think is relatively clear from my post history) but, frankly, the state of Linux today is that it just works. If you find a distro that doesn't work, try another one. Hell, they've got live USB disks, you don't even have to make a coaster, and you can check and see if everything works - generally. I have some *very* esoteric hardware that spans the ages and, really, with almost all of it - it just works. I don't even bother with proprietary video drivers, for example. (I do tend to go last gen with video as I'm not a gamer.)

Ah well, I've digressed enough for one post.

Re:Is there a list of IP ranges for this anywhere?

[phantomfive]

Anyhow, I hate to give Windows any credit but they're much harder to exploit - even unpatched and new installs online, without the user doing something stupid, than they used to be.

Yes. Remember the days of Nimda and Code Red? Windows was an open door, inviting the world to enter.
Now if you want that kind of welcome mat, you need to look at the IoT.

Re:Is there a list of IP ranges for this anywhere?

The javascript runs in the browser and does its thing. The user's system is effectively compromised and part of a botnet

Yet another thing that makes me wonder: "Who the hell thought javascript was a good idea?". Automatically executing any code you download from the internet should have set great big alarm bells ringing in the skulls of anyone even remotely competent.

Re:Is there a list of IP ranges for this anywhere?

[fustakrakich]

I'd want stuff in data centers and in business servers.

Sometimes the best way in to a server is by hijacking one of the desktop clients that are probably left turned on all night.

Re:Is there a list of IP ranges for this anywhere?

[fustakrakich]

Whitelisting... It's the reason I still use Hotmail. Nobody else offers it. And Office 2007 still works, even in Win10, no connection needed at all.

Ahh baby,

[burtosis]

That's just what we call pillow talk.

When you tell people what they want to hear...

It frees you to do what you really want to.

"Lying" is a western construct. In China, subterfuge is a mark of cleverness.

Re:When you tell people what they want to hear...

We completely surpassed their 8000 years of "cleverness" in 300, so I think we should stick with our Western constructs.

Oh, and if you try to adopt their behavior while living among us we'll teach you a lesson.

Re:When you tell people what they want to hear...

Sure you will cowboy...

Re:When you tell people what they want to hear...

[thoromyr]

You should read Machiavelli. Definitely western.

Yes, he is criticized, but it started because he was describing the *real* politic and exposing the (then current) dirty laundry. Why did he do it? Because he was under house arrest following a change in government and wanted to be active again. He was trying to demonstrate that he had political savvy. It wasn't a book for general consumption (no such thing existed at the time anyway), but written for the guy in charge.

Even the best known quotation is done misleadingly. "The ends justify the means" is how it is quoted, but that isn't what he said. Closer (from memory) is, "In any endeavor the end must be considered." Which should be common sense.

Thank you, Captain Obvious

[Jawnn]

Is anyone surprised by this? Even a little bit? I don't know what it is about the Chinese, but they seem to think that if one repeats one's denials enough, the plainly observable truth will just go away. How else would you explain their straight-faced, utterly disingenuous denials?

Re:Thank you, Captain Obvious

[imgod2u]

If you've ever read Mao's Little Red Book, that's one of the key devices used in it. The thing basically repeats the same philosophy over and over. It's funny because when you read the sentiments on page 1, it sounds fairly ridiculous. By the time you reach page 30, however, it starts to sound more plausible.

Human psychology is interesting that way.

Re:Thank you, Captain Obvious

[ShanghaiBill]

How else would you explain their straight-faced, utterly disingenuous denials?

The same way you explain the straight-faced denials by America, until the Snowden leaks exposed them as utterly disingenuous.

Re:Thank you, Captain Obvious

[Mr+D+from+63]

Is anyone surprised by this? Even a little bit? I don't know what it is about the Chinese, but they seem to think that if one repeats one's denials enough, the plainly observable truth will just go away. How else would you explain their straight-faced, utterly disingenuous denials?

Based on comments by a few in the original discussion of this topic, the answer seems to be...yes.

http://news.slashdot.org/story...

Re:Thank you, Captain Obvious

It's called propaganda. Shout something loud enough and long enough, and people will believe in it.

Re:Thank you, Captain Obvious

Just like capitalism has become a "normal" thing: repeat once and once again that greed is "human nature" and totally justified, but cooperation isn't.

Re:Thank you, Captain Obvious

[dfn5]

I don't know what it is about the Chinese, but they seem to think that if one repeats one's denials enough...

Yes, because the US government clearly does not do this.

Re:Thank you, Captain Obvious

[0123456]

Troll rating: 1/10.

Re:Thank you, Captain Obvious

[AmiMoJo]

Do you really think that the US ever stopped either? Of course not, spying went on interrupted from both sides.

Re:Thank you, Captain Obvious

[harvey+the+nerd]

Mainland China takes obnoxious, cheating and invasive nonsense to a whole new level, whatever the sins of the US. Just like the island building in the So China sea, grabbing coastal waters from nations a 1000 miles away.

Re:Thank you, Captain Obvious

Great point! I'm glad that you, along with the other bulk of posters brought this unique point out of the darkness and into the light

Re:Thank you, Captain Obvious

[thoromyr]

too bad I've already posted or I'd've modded you up

Re:Thank you, Captain Obvious

[mark-t]

Just because something is "natural" doesn't necessarily mean it should be acceptable. That's the fundamental difference between a species and civilization.

Re:Thank you, Captain Obvious

[tnk1]

Fair enough, but I don't think the piece was written to inform about the balance or blame of the hacking. Instead, it was to inform the unaware that the agreement wasn't worth the paper it was written on.

An actual Chinese crackdown on hackers (which they could easily do) would have a real effect. So people will want to know if China was serious for reasons other than just trying to prove that they are nefarious or better/worse than the US.

Re:Thank you, Captain Obvious

How else would you explain their straight-faced, utterly disingenuous denials?

The same way you explain the straight-faced denials by America, until the Snowden leaks exposed them as utterly disingenuous.

So if the Chinese are going to do it what's wrong with us doing it back? The Snowden apologists never seem to be able to come up with an explanation for this fact.

Re:Thank you, Captain Obvious

[ShanghaiBill]

So if the Chinese are going to do it what's wrong with us doing it back?

We are not "doing it back". China is. We started it.

But I don't think it is "wrong". Political espionage and corporate espionage are done by all sides, and in general help to make things more transparent. They are Good Things. What is wrong is the hypocrisy of pretending to be outraged about China, while we do the same thing. Instead of making a big fuss, we should be securing our servers.

Re:Thank you, Captain Obvious

[Frobnicator]

Fair enough, but I don't think the piece was written to inform about the balance or blame of the hacking. Instead, it was to inform the unaware that the agreement wasn't worth the paper it was written on.

Many international agreements are that way, as are many high-profile acts of congress in the US.

This particular one was a "Joint Statement" that they intend to be nicer in the future. These are usually called resolutions, much like your resolution to lose ten or twenty pounds that you make every year at your new year's party. Politicians resolve that the nations will place nice together but there are no specifics and they have no consequences if the resolutions are broken. The politicians create and sign these in very public settings with lots of cameras and smiling faces.

The feel-good fluff news stories are popular with the masses and the media.

Re:Thank you, Captain Obvious

[Jawnn]

I don't know what it is about the Chinese, but they seem to think that if one repeats one's denials enough...

Yes, because the US government clearly does not do this.

No, not like that. Even when presented with clear, incontrovertible evidence, the Chinese will still insist that water is not wet. That's the part I don't get; how they expect anyone to take them the least bit seriously.

Re:Thank you, Captain Obvious

[KGIII]

When was capitalism not the norm for humanity - since the advent of evolution to homo-sapien? I'm no expert or anything but I suspect we've engaged in trade and tried to acquire wealth since the dawn of our species. Hell, there are lying, thieving, pebble-collecting penguins who trade and acquire in an attempt to mate. Even some primates engage in some forms of trade. One might even suggest that certain plants trade by giving away their produce in order to spread their seeds.

I'm really only questioning why one would think this has suddenly become normal when, I'm pretty sure, it has been normal all along. From seashells to coins... We've been capitalists for a very long time, it's hardly 'become' normal. It's always been normal (I'm sure there are a few exceptions).

Note: I think greed is a bad thing and I agree that cooperation is a good thing. My only contention is that you think that it has become normal and not been normal all along. What little I know of anthropology seems to indicate this is true - or so likely to be believed to be true that it's not even a subject of debate. As I recall, there's also significant archaeological evidence supporting this.

Re:Thank you, Captain Obvious

"If you've ever read Mao's Little Red Book, that's one of the key devices used in it."

I think you've missed the point. Yes, he uses that a lot, but no you can't assume that he uses it because it works. What kept Mao in charge was a combination of improving quality of life for part of the population, and brutal oppression and culling of the rest of it rather than any successful and effective propaganda.

Time and time again we see this device used by dictators, but there seems to be very little evidence it actually works. No amount of Assad repeating through strong control of media in his country that those rising up were terrorists could change the fact that the majority of people in his country were willing to stand up and fight him.

I've seen the argument that this sort of propaganda isn't directed at us, in the West, it's directed at the people in the country of the leader in question, but I think that's both naive and insulting to those people, and the Arab spring uprisings seemed to show that such propaganda is ineffective - it doesn't matter how many times it's repeated, most people just don't buy it if there's evidence to the contrary. It doesn't matter how many times Kim Jong Un tells his people they live in the greatest country on earth, many thousands of North Koreans are still willing to risk their lives to escape every year.

The only people this propaganda works on are people who are already convinced by the cause in question. Rather than winning people over, it merely reaffirms to the already converted that they're right and becomes self-justification for carrying on doing what they're doing. The fact is that when people are being horrible, they can't accept that they're being horrible - this is why dictatorships hold elections, why North Korea is called the People's Democratic Republic of Korea - there's nothing democratic about it, but the leaders wish away the sense that they're horrible people, hated by their populace by pretending they're elected - the population doesn't buy it, because they know they didn't vote and they know the elections are rigged, but the leaders tell themselves "Yay, I was elected again, I have legitimacy!".

So repeating propaganda isn't a way to win other people over, psychology really isn't that funny that way. Few people buy it, and on the contrary many become more militant against such propaganda if they know it to be wrong the more it's repeated to them because it makes them angry. What's funny about human psychology is that we can't accept when we're being horrible, that we invent all sorts of ways to convince ourselves we're not even when we are. Again, that's why old Kim has elections when he's a dictator, and why Putin likes to claim he's crusading against the far right whilst passing far right anti-homosexuality rules, hosting 100,000+ people far right rallies every year, funding and hosting group conferences for Europe's far right political parties, and hangs around with a far right motorcycle club.

The only people being convinced by such blatantly false propaganda are the ones disseminating it.

Re:Thank you, Captain Obvious

[thegarbz]

As opposed to building infrastructure and making deals with other countries to intercept internet traffic?

China may be stealing land from it's neighbours, the USA on the other hand is stealing the privacy of people and via treaties the laws that protect people all over the world. Team America the world police are every bit the authority-overreaching bullies that their local department equivalents are.

Fuck China, AND Fuck the USA.

Re:Thank you, Captain Obvious

... capitalism has become a "normal" thing

Capitalism is a combination of exchanging goods and the scarcity of those goods, including labour. In order to get capitalism we need to co-operate on one thing: The law, at least we should be co-operating on it. But we all know those with power and the most capital design the law to protect themselves first. Capitalism still needs laws which define ownership and exclusivity. As a secondary need, the law defines a unit of exchange and the institutions to protect it.

Co-operation is merely trust that we will all get a 'fair' share of the rewards, mostly because we can't achieve such rewards as individuals. Given the scarcity of goods, the times when co-operation is the best strategy, are rare. This is why communism failed: Except for the ruling elite, everyone had to share all the time. Communism was also plagued by the problem that production was a co-operative strategy while consumption, by necessity, was a competitive strategy, just like capitalism. (If I buy a potato, you cannot buy the same potato.)

Socialism is a philosophy that can be added to both economic models: "From according to his ability, to according to his needs." Done right, it can limit the power of the wealthy and limit the suffering of the poor. But the USA likes glorifying unlimited wealth while scorning poverty. Despite the need for a society to co-operate on child-rearing and the law, Americans see most forms of social justice as theft to benefit lazy people, instead of the cost of a stable society. This is further evidenced by Americans following the myth of small government: To them, government is just another form of theft, instead of the price of a stable economy and legal system. (Well, you should be getting that from your government.) Yet, when American taxes are used to pay subsidies and hand-outs to corporations, such welfare is admired.

Re:Thank you, Captain Obvious

[loonycyborg]

There's no way Chinese government could control all script kiddies on their territory and make them stop. I don't see any lie on part of Chinese here, US just made a really dumb and nonsensical request to them and they agreed because it's dangerous to argue with a madman.

Re:Thank you, Captain Obvious

Hey Wolfgang, nice attempt at denying 6 million Jews died in the Holocaust.
Heil Hitler.

Re:Thank you, Captain Obvious

[vandamme]

Did he develop it independently from Islam?

Re: Thank you, Captain Obvious

I highly, highly doubt the corporate espionage is 50:50. Maybe political/military, but not corporate. They've been stealing north American trade secrets for decades and greatly prospering from them.

It's all about Face

[WillAffleckUW]

The only way they will stop is if you publicly humiliate them inside China or at a major event.

Everything else won't work.

Re:It's all about Face

The Chinese should beware. The Internet has a penchant for saying "Challenge accepted." And then following through on it.

of course they haven't... but have we?

It's no surprise at all that China hasn't stopped.

But have WE stopped? Is the NSA still infiltrating the entire internet?

Because if we haven't stopped, I don't think we can very much complain that China hasn't either.

Re:of course they haven't... but have we?

[HiThere]

While true, there's a lot more to it than that. Just because a treaty is signed the laws aren't automatically changed, neither is the behavior of bureaucrats.

And the preceding paragraph assumed that the attacks were coming from Chinese government agents. This has hardly been proven.

Only at this point do we come to the question of "Has the US stopped attacking China?". *PERHAPS* the government has. It's opaque enough so all I can say is "I don't believe it has.". But it's quite clear that no real action has been taken to control either commercial interests or individuals.

Did anyone really expect anything different? This treaty looked like a piece of PR work from the beginning.

Re:of course they haven't... but have we?

[Aighearach]

There wasn't a treaty. It was just a joint statement. Reportedly, the US was starting to threaten the public discussion of sanctions, and China hastily came up with the idea of voluntarily agreeing to terms regarding what is and isn't legal espionage.

China would be making announcements if they had intelligence regarding US attacks. It would benefit them very much to have something solid, a named event, in the discussion. The reality is though that the US methods are very different. The US government doesn't employ teams of script kiddies to do that work, they employ a ginormous signals intelligence infrastructure that is undetectable when data is not leaked.

If the Chinese didn't take action after this to smack some people down, I'd expect the backroom diplomatic discussions to heat up a notch. The details of that aren't likely to become public until a future stage of the process.

If the news cycle has these stories next year during the Presidential Debates, then anti-China sentiment could really gain traction. I don't think the Chinese want this fight. I think they execute the two or three most decadent of their script kiddies, stop attacking US corporations (temporarily), and focus on non-US installations of international corporations with headquarters outside the US. At least until after the election. And on a continuing basis if there is anti-China sentiment in the US.

Re:of course they haven't... but have we?

[HiThere]

You are, of course, correct about it not being a treaty. In fact I suspect that it was entirely a PR move, and no change in action is contemplated by either side. This is the more likely as there's no accurate way of telling where a cyberattack is coming from.

Yeah, right

Probably some US analyst piggybacking on China networks in another attempt to spread propaganda and lies.
The moment Snowden and others exposed wrongdoing and criminals within US government, we see rise of vicious acts like they feel end is coming.

Vote TRUMP

He'll stack these goddamned slopes seven high and use them as sandbags.

Ooooh ... promises ...

[gstoddart]

Well, if they promised, then it should have stopped by now, right?

I mean, after all, they promised, and everybody knows that's binding.

Or, alternatively, the shit nations tell one another is pretty much meaningless lip service, and China doesn't give a crap what anybody else things.

Re:Ooooh ... promises ...

You just know the Bush Crime Family that they work for won't let them stop. Won't let them stop.

Re: Ooooh ... promises ...

They want us to die. The Chinese are just pawns in the Repu Lucan game.

Ok everyone: What do politicians do?

See subject: Break promises & LIE - George Washington never told a lie, eh? 1st politician in history to do so imo!

* :)

I saw someone on this page say "Have WE stopped?" (ala the NSA etc. - et al) - & somehow? I doubt it...

Come RIGHT DOWN TO IT? We're no better... I truly HATE to say that too!

However: We were accusing Huawei of rigging their routers w/ backdoors, & yet OUR PEOPLE WERE CAUGHT DOING IT TO CISCO ROUTERS TOO!

APK

P.S.=> It's all fucked in a world without honor (yes, that's what this indicates, despite my years of feeling overall that the Chinese ARE fairly honorable? They're not showing me that - especially after all the decades of this 'hacking/cracking' on THEIR end) - now, I'm FAR from "the most honorable guy" out there (who is?), especially IF/WHEN my hand gets forced to play "dirty pool" by others doing it 1st but, when I say I will cut it out? I do...

Sure, "the powers that be" will say "They're doing it so we are forced to also" - yes I understand that ALL IT TAKES is 1 rotten apple to rot the entire barrel, forcing others to do the same but... somewhere, it HAS to stop - who's going to be the "bigger man" & stop is the question??? Who can AFFORD to???? apk

Re:Ok everyone: What do politicians do?

HOSTS, BITCH!!!

Re:Ok everyone: What do politicians do?

Bitch all about hosts you want but you haven't proved apk wrong on them yet to date.

Re:Ok everyone: What do politicians do?

[HiThere]

While true, that ignores the fact that "On the internet, nobody knows you're a dog." You can't tell *where* the attacks you notice are coming from, unless they are so incompetent that you can presume they didn't forge headers, use indirection, etc.

Re:Ok everyone: What do politicians do?

Except for all of those other times that people have.

Re:Ok everyone: What do politicians do?

[AHuxley]

Get away from any open networks, air gap within a site, encrypt to a better standard than whats floating around as a default.. hire people who understand networks at the site level, who can design/work well with advanced encryption.
Its going back to the walk in vault of past decades :) Just with super computers on site.
Why is all the secure information been open networked in the USA?
The best designers enjoy life in some culturally enriched leafy suburbs and cities. The production lines are in other states thanks to some political jobs deals, huge energy needs decades ago. So the complex mil/gov only networked data has to be sent over vast distances via front companies, networks, telcos, foreign brands. They all get a look or can split the networks.
Better crypto cant secure the huge open facing networks that link the university and company mil/gov networks to the many distant suppliers and production line sites.
The US traded the comfort of its best designers and private sector needs for security per project site. Every winning state gets a bit of the huge federal contract and can hide the really skilled workers per state, city.
Networks solve the distance issue and allow the very best to work all over the US and add their ideas quickly.
The problem is the networks are not well understood, open to the world or just set to US junk standards by default.
Other advanced nations just split the network and get vast amounts of free data and can ip/date the blame on other nations.
Security audits long after the event then find simple traces leading back to the expected list of nations :)
All the political leaders did was ensure their state got good paying mil/gov jobs. Nobody told them to factor in the tame networks, complex security needed to work in other states and send sensitive design data every year over decades.

Just who is "China"?

[Tony+Isaac]

It's not hard to imagine that there are disagreements and rogue elements within China, even within China's government. There certainly are contradicting practices and policies within the United States! Out of one side of our mouth, we say "torture is horrible and should be banned," while out of the other, we refuse to agree to the Geneva conventions on torture. Why wouldn't we expect China to have similar in-fighting and disagreements? To what extent is this hacking endorsed by their government?

Next up

[tomhath]

Obama is negotiating with North Korea. Any guesses on how that will work out?

Re:Next up

Exactly as well as all of his other worthless negotiations and red lines. It's easy to negotiate with someone with no backbone. Feel like ignoring everything Obama says? Agree to everything for the great press (for both sides), then just ignore it and deal with a day's worth of bad press.

If Obama does not go down as one of the worst presidents in US history with one of the most blatantly childish foreign policies (if we're really nice, then will be too!), then something is seriously wrong.

XP et al

[ruir]

One of the reasons of some may attacks "from China" is that they have of the largest network of "pirate", not maintained, old XPs...the rest is just political talk. Look, a flying commie that eats baby just went by!

WTF did you expect?

America won't even promise their "allies" not to spy on them, so obviously they're not going to honor an agreement not to spy on China, and China knows that it's all just for show. Who could be surprised if they acted accordingly. And I'm not saying they did. This would not be the first false flag operation executed by the USA.

In other news ...

[Alain+Williams]

Water is wet.

Really?

[sycodon]

Did anyone really believe that any agreement was worth a pound of noodles?

Re:Really?

[LifesABeach]

And the Chinese said American Males have really big penises also. Apologies to South Park.

Re:Really?

[frovingslosh]

Next thing you know the media will try to convince is that Iran is cheating on the Nuclear deal.

Re:Really?

[ITRambo]

Wikipedia says so also. So, yeah!

Re:Really?

Though this would make them better than republicans who have said they won't honour the deal even before the deal is worked out!

Re:Really?

[frovingslosh]

Yea, those Republicans were just awful in pointing out that America's first Muslim President was making a bad deal with a country that couldn't be trusted and who's "religious" leaders were even saying that they would not honor the deal they were making. How dare they stand in the way of Obama destroying this country?

And before you say it, I know that he claims to not be Muslim any more, even though he certainly was in the past. After all, he even belonged to that Christian church in Chicago. The one where the pastor preached hatred towards whites, and more recently has come out calling for Muslim ideals in this country.

Re:Really?

Yea, those Republicans were just awful in pointing out that America's first Muslim President was making a bad deal with a country that couldn't be trusted and who's "religious" leaders were even saying that they would not honor the deal they were making. How dare they stand in the way of Obama destroying this country?

And before you say it, I know that he claims to not be Muslim any more, even though he certainly was in the past. After all, he even belonged to that Christian church in Chicago. The one where the pastor preached hatred towards whites, and more recently has come out calling for Muslim ideals in this country.

This tripe gets trotted out after 8 years, and there is still no proof. Even if he is of the Muslim faith, let's look at some facts. This "muslim" sought to get our soldiers out of harm's way. The previous President and Vice President told an outright lie to start a war which maimed and killed many thousands of people. What faith were they? So by the numbers, this "muslim" President was a lot friendlier to the U.S. Military than the last one. Honestly, I would rather have an Atheist President, because they cannot hide behind their "faith" as justification for their actions.

Re: Really?

Can we get some SJWs to scream Misogyny about this?

That makes everything a little better!

Re: Really?

I thought you were being sarcastic by saying the opposite of true things, but it sounds like you really are that dumb.

By saying it was a bad deal, was admitting they don't have a fucking clue how to govern as they cannot properly evaluate the pros and cons of the deal to clearly see the pros crush the cons.

China? Are that you sure?

Quick show of hands. How may people are using a VPN from a different country so they can access Netflix over seas? Uh huh.

If Netflix can't determine the country of origin of a bunch of brainless media consumers, why is everyone so ready to believe that professional hackers can't hide their point of origin an pin it on China? Seams like that would be a no brainer for anyone wanting to cover their tracks.

Or maybe it's just a bunch of Chinese script kiddies having fun with no government involvement at all. Hell, I bet the American script kiddies are having just as much fun re-routing their attack traffic through China to make it look like state sponsored cyber shenanigans.

Hello NSA

[pigsycyberbully]

I wouldn't worry about China, too much they are not directly tapping the undersea cables and they are not hacking into Deutsche Telekom and they are not stealing information from satellites and attacking nuclear power stations with Trojans and spyware. What you have just written as just been saved by GCHQ and the NSA. If you put all of the hacking "criminals" on the Internet together they will not have committed half of the state-sponsored crimes of GCHQ or the NSA. If another country anywhere in the world would have committed half of the crimes that the NSA and GCHQ have committed they would have been totally ostracised by all other nations. There is no point in pointing the finger at others we all know who the criminals are. We just cannot do anything about them it seems.

Re:Hello NSA

I think the point is that most people would prefer to not live under Chinese hegemony. If our own side is doing the same thing, who cares? Say what you will about the NSA and GCHQ being up in everyone's business, I have yet to meet anyone who has actually been negatively impacted by it.

On the other hand, China is dropping its firewalls around the country and trying to expand their crappy authoritarian government. If our governments tried to do that, then we'd have something to talk about.

I don't care about fairness. I want China to be stopped and for us to win. If that means doing the same things to them that they do to us? Works for me.

Now if China was ever serious about stopping hacking, then an equitable hacking agreement might make some sense. They weren't, so there you go.

Re:Hello NSA

I think the point is that most people would prefer to not live under Chinese hegemony

Too bad the United States is perennially ranked as the greatest threat to world peace via international opinions.

Gallup poll

Shame them

[ThatsNotPudding]

Daily State Department press briefings with verifiable evidence of the actions, with the same basic script every time: "Given that our Chinese friends have pledged not be engaging in nor benefitting from such actions, one can only conclude they have lost control of their internal domestic networks."

The Chinese government would hate nothing more than being publicly accused of not having iron control, to the point of possibly even shutting the hacking down for real.

Re:Shame them

Daily State Department press briefings with verifiable evidence of the actions, with the same basic script every time: "Given that our Chinese friends have pledged not be engaging in nor benefitting from such actions, one can only conclude they have lost control of their internal domestic networks."

The Chinese government would hate nothing more than being publicly accused of not having iron control, to the point of possibly even shutting the hacking down for real.

Shame them?!!?

Just like #BringBackOurGirls and #UnitedForUkraine shamed Boko Haram and Vladimir Putin.

DUDE, WHAT FUCKING PLANET DO YOU LIVE ON?!?!?

Cuz your sky ain't blue.

Re:Shame them

Really calm down... take a deep breath... and realize shaming is a stupid but real concept no matter who it is applied to.

Capital letters and profanity tend to weaken your argument.

Please Ignore This Post

fe69 84ff 800e d0c7
e636 eaa4 0e4b ae5f
189c 7018 0cfa a5dd
1116 9d61 17f5 eb6b
dcc4 53d7 88e3 dee7
9441 bf9c facd ef3a
955b 6ca8 1473 0fa8
4e92 ad78 78b2 b2d7

Re:Please Ignore This Post

This post shouldn't be ignored just because it's different.

The Deal.

For everything I read, the deal was to avoid hacking foreign companies *for the purpose of* enriching domestic companies.

It said nothing about hacking companies for national security or economic espionage reasons.

The language of the agreement was very specific, presumably because the USA also hacks companies for the latter two reasons.

B

Broke their word? Hardly

they just took you at yours and paid lip service to the idea.

Wasn't a solution identified in the past?

Oops?

Hey, Iran promised too!

Iran also promised - not to work on their nuclear weapons.

Aaaaand once they got the sanctions lifted they immediately fired off a nuclear-capable ballistic missile and began working openly with the Russians on supporting their Shi'ite allies - the Assad regime in Syria.

What a co-inky-dink.

Does anyone think the proposed TPP will be followed any better?

Re:Hey, Iran promised too!

[harvey+the+nerd]

A big part of the problem is this BO administration. Worse that Jimmy Carter, this one is frankly, in-your-face anti-American, trying to trash the country.

truth

[ole_timer]

there are only two kinds of organizations in the world: those that know they've been hacked, and those that don't know it yet.

Perfect crime

Is there any real evidence suggesting that this is some kind of coordinated cyber-crime/espionage activity and not just normal (per capita) script kiddies or infected machines? Remember there are over 1.3 BILLION people in China. Also remember the old adage, "the perfect crime isn't getting away without being caught, its making everyone think someone else committed the crime".

subject

I went to a public sector cyber security conference over the summer and an FBI agent running one of the talks kept emphasizing the fact that, while America does spy on China, it does not spy on Chinese companies nor does it steal intellectual property related to business. However, isn't most business in China state owned? So, if you are spying on the state, you are spying on industry.

subterfuge

isn't it entirely possible that some OTHER country is doing these break-ins, and just making it LOOK like its coming from China?

Re:subterfuge

[pr0fessor]

Do you mean like a Nigerian Prince that needs your help and your bank account information?

Two Words

FUCK CHINA!

When Obama Talks...

http://media.cagle.com/144/201...

Your asking stupid to protect stupid

The government can't protect us or itself from security threats from China by agreement. Only a bunch of incompetent 'security experts' would even suggest it. These people are playing games trying to be important when they know little to nothing about real security. The only way we can even begin to secure out systems is by reducing the bloat to something manageable for which we can actually audit (and I don't mean the type of audit that was done on Truecrypt- but a real audit) and designing better KISS hardware.

1. We need the sources for every piece of hardware to be publicly available.
2. We need every critical application design to be reviewed by security focused groups and every line of code that goes into production to be reviewed by multiple competent parties.
3. We need the designs to made publicly available for every component.
4. Resist implementing overly complex code.
5. Stick to well understood security conscious languages.
6. Sane default settings for a given use case- if your going to depend on code which is not used by significant number of parties then it needs to be severely contained and executed in a manor that is well designed to cope with it. ie we don't need images with scripting capabilities, if we really need macros in word documents then the macros need to be properly contained by well implemented code.
7. Design hardware to have a long shelf life so that we can thoroughly understand the designs and review the code.
8. We need to stop playing games. Pretending like secure boot is security- or anti-virus software is security. These are little more than gimmicks. It's not making us any safer. Its not being implemented properly by *any one* and even if it were it's increasing risk by increasing bloat and it's not even auditable because we don't have the code to do it.

More code equal more bugs. More complex code equals more bugs. We need to resist implementing overly complex code.

Re:Your asking stupid to protect stupid

*you're

Where? Show us!

See subject: Well? I'll rip ANYONE IN 1/2 on that - I always do & nobody ever gets the best of my list of points on hosts doing more for less vs. browser addons & DNS (as well as fixing their many shortcomings in abilities + security) for more added speed, security, reliability, & even anonymity online from 1 SINGLE FILE you already have natively vs. STUPIDLY "Bolting on 'MoAr'" that does less (or weighs a LOT more with far more moving parts & complexity + room for breakdown or exploit) with data that's 10x as hard to manage as hosts EASILY UNDERSTOOD entries.

APK

P.S.=> Go on, show me where you've done that & I'll shred every so-called bullshit 'point' easily... apk

Re:Where? Show us!

He can't. It's never happened.

3 things on that note... apk

1 - Spammers can spawn up to 255 domains/subdomains from places like GoDaddy - THIS SHOULD BE STOPPED, @ least making it CHEAP AS THE DO (big prices would kill their incentives & keep smallfry players out of that game) since it allows them to do ephemeral domains/subdomains they keep alive for a day or less, & then do spam via new ones they create right afterwards (forever keeping the "cat & mouse" game going + making it less effective for those chasing them down to even bother blocking those ephemeral domains/subdomains)

Seriously on #1 - who the HELL needs that many domains/subdomains? You may be able to tell me a valid reason, but I don't see it... not offhand.

&

2.) HOSTING ANYWHERE - this is a big problem. You CAN appear to be "anyone from anywhere" since hosting providers like GoDaddy OR KNOWN REALLY "DIRTY ONES" (overseas mostly, domestic ones are out there too though) too. They all don't give a flying "F" who you are or where you're from - they only want the money (they ought to be held responsible for what goes on ON THEIR NETWORKS, that'd cut a LOT of this crap right the "F" off)

+

3. International Cooperation - THIS WOULD GO A LONG WAYS TO "ID'ING" WHO IS DOING WHAT!

---

* Thing is, I don't think the "powers that be" (nation states behind bs attacks & espionage) WANT to let that really go on... it'd stop their "systems" IF another nation could send in their techs into THE OTHER NATIONS' NETWORK to take a REAL look around (more importantly, in time to stop THEM or possible others trying to make them "look bad" from wiping their tracks completely so "plausible deniability" is possible for them...).

APK

P.S.=> I've been involved on the forensics end both locally (by machine/server & routers/gateways) + on larger networks during my career, & in the USA, where a court order can get you REALLY FAR inside this country on that note (right into the networks, hosting providers, & machines they use) IT'S NOT SO BAD & YOU CAN MAKE HEADWAY SOLVING WHO DID WHAT & WHERE FROM... yes, even 'compounding it' doing the things you noted, if you can get to the logs on the servers involved, & the data is STILL there? You can ID folks by MAC Address + IP address when dealing w/ their ISP/BSP.

Not so easy when it's say, Communist Russia/USSR/Soviet (whatever) or China, & largely imo, for the last thing I stated above in my p.s. ... apk

Re:3 things on that note... apk

[HiThere]

MACs can also be changed, though admittedly it's uncommon.

When they start shutting down botnets quickly, then I'll believe that there are reasonably accurate ways to trace an attack.

Insert free advert for CrowdStrike Falcon

[nickweller]

Insert free advert for CrowdStrike Falcon

How is this CrowdStrike Falcon immune from hack attacks?

Why aren't these 'Chinese' hackers bouncing their attacks of servers in another country?

This 'Chinese' hacker bogeyman is becoming tedious.

Most people here don't get their tech info from watching CSI: Cyber.

Re:Levels

Yet invading sovereign nations on the basis of a grainy picture of weapons is on a lower level of badness?

I wonder if US is targeting Chinese firms?

[k6mfw]

Perhaps all countries do this like they do with spies. As written in Mad Magazine decades ago, "When we want to know more about another countries activities, we employ intelligence agents. When another country does the same to us, we accuse them of using spies."

Did you expect anything different?

[TaleSpinner]

Obama is a hopeless wimp and a god-awful "negotiator," and we've no more reason to suppose China will live up to bargains with him than Russia or Iran will. They are laughing their asses off at this putz. Spare us the bewildered tone of surprise, this is exactly what we all wanted when we elected this idiot.

Re:Did you expect anything different?

Obama is a hopeless wimp ...

So tell me, what should Obama do to Russia and China for their deceitful behaviour? Then he can use the same punishment against nuclear-armed North Korea for their cyber-attack a few months ago.

... a god-awful "negotiator,"

I think Obama realized parroting the same ideology, driven by the same pity story cum empire-building rhetoric against Cuba, Iran and illegal immigrants was wasting the resources he had, which were limited by congress and his "lame duck" presidency. He was the first president to stop blaming the other side for the failure of a fascist foreign policy. He also saw the need for government to take responsibility of a universal service, health-care, but was limited by the "small government" ideologues. I think he should have continued that by reforming another universal service, education and assume he didn't understand the need to standardize the system.

... laughing their asses off at this putz.

I certainly am: Because he ignored Bolivian diplomatic privilege and caused the invasion of a small jet, then later preached to Russia about the importance of obeying the 'rule of law'. Obama is an accomplished hypocrite which many people may find more odious than some made-in-China promise that can't be enforced.

... we elected this idiot.

There's the crux of your vitriolic vent: You didn't elect any Chinese politicians, like the ones who made the promise to not cyber-attack the USA.

china run by jews obama jew -

The 'religion' bs is jew meme distraction. Virtually every president has been a racial ashkenazi jew. Obama's 'white' mother is not a real white, she was 'white' skin ashkenazi jew race. see government page also china. There are no 'countries' all are run by the jew tribe. There are Millions in the tribe.
See all pages at top -
http://web.archive.org/web/20100825152627/http://jewishfaces.com/banking.html

Jews are a race .- thezog.info
holo fraud - https://archive.org/details/TheLeuchterReport
http://jewishcrimenetworkdid911.blogspot.com - that too.

holodomorinfo.com - see pages don't waste time on videos, sites even 'jew truther' sites run by them so you sit 'reading' or 'follow'.

Know who is behind the schemes. copy links, give to others.

Look out!

[argStyopa]

I'm sure our president will take prompt, strong, effective action based on his long string of foreign-policy successes.

Re:hidden posts

- top of thread, even when you slide bar over and reads '0 hidden' posts, they are still hidden, also click show all comments button - convenient that certain posts are hidden unless you do both.

Re:

the religion psy ops bs is irrelevant. racial ashkenazi jews did 911, not muslims. Obama is a racial jew. -china run by jews- post above. show all comments button.

Yes, it takes time... apk

Fastflux botnets make it harder as they move them around to diff. hosting providers using the same host-domain name.

* Astounds me it goes on actually!

(Yes, some routers/firewall combos can, & so can some NICS even, on MAC addy switches...)

APK

P.S.=> However, when I see the money they make (millions a week), it makes me think I'm in the WRONG game, ala -> http://start64.com/index.php?o... but... then again, I know I'm doing the REALLY right thing by myself AND for others also so I kill those types of thoughts instantly... apk