Cyberattack lifted Google password system code, says report When alleged Chinese hackers infiltrated Google's internal systems in December, they lifted source code for a password system that controls access to almost all of the company's web services, according to a report citing a person with direct knowledge of Google's investigation into the matter. The New York Times reports that …
If the employees not only don't use Google Talk, but also don't use any of the open source "universal" clients (pidgin, etc), and go with MS Messenger... wow. Or was this person trying to maintain an sideband communication channel? Of course, this is assuming that MS Messenger isn't used in China as a matter of course; more money to the Chinese gov to allow passage across the Great Firewall and all that...
However, this does show that while Google employees may be provided a Linux desktop, this one was running Windows - MS does not provide a MS Messenger client for Linux.
Violation of corporate policy? In China? Naw....
The fault isn't that they were running MSN (or any other messenger system), it was that the user clicked on the link they received and were C&Ced by the website it directed them to. In the original press release, the exploit vector was IE6, so one would assume they clicked a link from MSN Messenger on their Win(XP?) box and their IE6 popped up and faithfully bent over and took a malicious datastream up the <insert nether-region here>.
Either way, fail on Google for not enforcing Linux+Chrome on their users. Fail to the firewall jocks that allowed the malicious site through. Fail to software vendors for not supporting IE7+ (or even better FF/Chrome/etc). And, of course, fail to MS for allowing a C&C bot to install/hide on a WinPC by simply viewing a website in what should have been a next-to-not privileged app.
This will always be a fun story for the shear amount of fail.
One other side note: If [the hackers] stole the Gaia code, and Google figured it out (presumably from the source repo logs), why not just pilfer a checked-out version instead (which wouldn't have an audit trail)? Or does the source repo not actually check-out code to a workstation, but is web-based and allows for remote editing of a virtual "checked-out" copy?
The fact that the "hack" surely began when the aforementioned employee clicked on one of those oh-so-common links that botnets send, like "WATCH MY NUDE PICS!" or "TSUNAMI HITS! WATCH VIDEO!".
That is one of the reasons my missus doesn't have an Admin account on my home PC ... her defunct laptop used to get hit by those links. Mind you, I blame those annoying "Tap to Click" trackpads, too easy to click when you don't want to click.
If you were 'King' you'd be the first put to the guillotine.
"If a man should happen to reach perfection in this world, he would have to die immediately to enjoy himself."
Have fun exorcising all them '100% untrustworthy' parts from your computer. After you retrieve your head from the basket that is.Obviously.
You would think a company of this size would have a default stance of blocking IM at the corporate firewall. I guess maybe the employee was working via a home adsl or something??
Time to connect up the mighty google fibre to its own employees houses and direct all traffic through its hub!
first off. I question how strong a "corporate firewall" google has. They aren't a normal corp, they have mass r&d and collect the types of ppl who would want a full internet connection at their desks. They have a standard linux desktop but last i heard let minions run what they'd like.
as for this code theft, it shouldn't be a problem -- unless they find flaws, the code surely doesn't rely on obscurity to operate, it should operate on sound and well known cryptographic principles where knowing the code gains nothing. See ssh and openssl.
If I were a goddess, and someone named something after me, I would either be pleased or displeased. If I were displeased, I would smite them.
If, not being displeased with the recognition, someone UN-named a thing after me, I'd be SURE to smite them.
I think what we have here is proof positive of the power of the Earth Goddess.
Is this anything like lifting the source code for an encryption algorithm? Doesn't mean you can crack it, does it?
Still, why didn't it take Trojans upon Trojans to get to things that should be locked up and not connected to this Internet thing we keep hearing about? At least, it shouldn't be accessible in one piece without bits missing.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
