Security experts dissect Google China attack
The hacking attacks against Google that prompted the search engine giant to consider pulling out of the country are far more frequent than is commonly thought. Security experts are surprised at Google's response, rather than the attacks themselves, which analysts reckon relied on exploit-ridden PDF attachments in emails. These …
And Google is not, is that there is only one entity on the planet that would target Chinese human rights activists - namely, the Chinese Government.
Were the "Security experts" were overlooking the targets of the attacks. I didnt get that from this article.
They still default Adobe Acrobat & Acrobat Reader to enable javascripts to run. There is no excuse for this. (Edit/Preferences/JavaScript and then uncheck the "Enable Adobe JavaScript" box.)
Why would Google quit China?
It's not the country that is to blame but hackers from all over the world.
Most likely the good old US of A itself.
Plus why would the NSA want this feed terminated?
It' would mean less control for them!
What are the advantages of quitting China, censorship on the part of whom?
ADarkGerm
Google is reportedly not doing very well against the local Chinese search engine Baidu - I don't know why but it appears it has more users than Google. The result of this is much less profit than Google wants, and there are two solutions to that:
1 - get rid of censorship, it's costly and a moving target, and the reputation of being uncensored would drive more traffic to Google and make it appear to the great unwashed the hero. Profit!
2 - pull out entirely, but in that case Google needs a reason so it doesn't look like it lost in that market. Not "profit" but "less losses" and out before it damages their golden boy reputation.
Both solutions are greatly helped by having arguments with the Chinese government. Even the egos at Google realise they can't win that one, so this is their way of blaming others for not conquering the market.
In short, it's kicking a fuss in the hope everyone will buy the "do no evil" story once more and it can make some more profit on the back of it. No surprises there, but we need an Evil Google icon now as there will be more to come.
At first I figured that the cost of dealing with the malware problem was just surpassing the amount of profit they made in the country, but Google must be smart enough to know that whether it was actually China's government or the "feces youth", that neither will stop their behavior simply because google left the country.
If Google is upset then they should not just retreat, but retaliate. They are in a unique position to create a set of moving proxy/vpn servers to allow those inside the firewall access to free(er) information. They could use sites like youtube (that will now have to be accessed through a proxy) to distribute the next ip address hop by inserting them in media that their advertising engine decides are interesting to those in mainland china.
This wouldn't just be out of goodwill or in retaliation, it would allow them to still get their advertising to china's growing market without having to put up with the rules of that market.
AC wrote: "there is only one entity on the planet that would target Chinese human rights activists"
I can think of a few others, entities that want it to appear like it was the Chinese government behind it, but for that matter if the government owns blocks of IPs used by a library or other community 'site, what better place for a hacker to remain anonymous?
It really is a joke that even now it seems politicians aren't willing to come out and roast China over this.
Where does china come into it? The attack's came from servers based in the US, no? Ok, folks that could be considered an enemy of the peoples republic of China where targeted but that doesn't mean China is behind them. Whats the clue, the PDF's where badly translated?
Could just have easily been from, to pick a name out of the hat, the US. They have been baking up plenty of FUD over China, even spent shitloads on a study of where all the networked badness was coming from to prove commies and ex commies where craping on our systems. Shame the results showed the vast majority of net nasties came from the US.
As a person who once wrote a program to spoof email addresses, and also time (hehe, I can go back in time now :D), for fun and to learn socket programming, I was always wondering, why do we use such a retarded protocol as SMTP for sending emails? Or, better put, why do companies trust the email headers?
It has so many obvious flaws, and is extremely insecure and vulnerable to faking. You can type whatever you want in the from: field (and all the others!), yet so many companies and individuals (I'm speaking from my own experience) blindly trust whatever their highly secure Outlook (or another) client displays.
Another point, don't people remember? .doc, .xls, and the like have been proven insecure many, many, many times. Especially macros. I really don't get why people come back whining if they get "hacked" after they use such formats.
This just uses human stupidity, as do most of today's attacks; therefore, it does not fall into the category of sophisticated attacks. Certainly, it is centered on only one company/individual, so it is harder to detected, but the principle stays the same. Saying that this is sophisticated is pretty much the same as saying that you are a more sophisticated pickpocket if you steal only one person's wallet since there is less chance you'll get detected (ok, stupid analogy, but I couldn't think of anything else right now).
>> As a person who once wrote a program to spoof email addresses, and also time (hehe, I can go back in time now :D), for fun and to learn socket programming, I was always wondering, why do we use such a retarded protocol as SMTP for sending emails? Or, better put, why do companies trust the email headers?
Because it's what we've got, and unless everyone agrees to change then it isn't going to go away. There have been proposals before (look up IM2000) that would deal with most of the problems inherent in SMTP - but of course unless all the big players agree to support it then it isn't ever going to take off.
Given that many large outfits still haven't figured out that SPF breaks as much as it fixes, nothing is going to change any time soon.
Has Google spooked the spooks?
No Google, no sales to the West is a pretty important factor from China's perspective.
Should all that resource be pulled - well China will be skint.
Also, relocating that business with 1-in-8 USA citizens on the bread line might be an attractive, alternative now that finance speculators have more-or-less bankrupted the West.
Could be a big showdown?
All because a spook thought he.she was too good?
Reading around this subject it looks like the attack vector was embedded in emails from the organisation in the Chinese Government that instructs Google what to sensor. So bod from Google gets email he is legally obliged to open and in so doing opens Pandora's box. Presumably Google have already gone down the path of asking for a notification mechanism which does not open them to the possibility of the attack and their request has been rejected.
Should have used Chrome instead I guess.
As M$ say, eat your own dog food.
Something that was brought up in the GFC, Chinese investment is whats maintaining the USA in the affluence they believe to be one of their inalienable rights.
USA is in economic decline, and some people do recognise that.
Google, the "don't be evil" liars, conspire with the Chinese gubmint to censor the Internet. China does what it does, and Google yells "shock, horror", picks up their football and goes home, expecting the world to say "oh - aren't they good - they're standing up to the Eebil Chinese."
Ptui. I spit.
If China abuses its InterNet privileges traffic throttling and IP blocking should be employed for all traffic from China until they learn to behave.
Sign up, sign up for The Register's weekly IT security newsletter - click here
