Entries Tagged "China"

Page 16 of 17

Privacy International's 2007 Report

The 2007 International Privacy Ranking.

Canada comes in first.

Individual privacy is best protected in Canada but under threat in the United States and the European Union as governments introduce sweeping surveillance and information-gathering measures in the name of security and border control, an international rights group said in a report released Saturday.

Canada, Greece and Romania had the best privacy records of 47 countries surveyed by London-based watchdog Privacy International. Malaysia, Russia and China were ranked worst.

Both Britain and the United States fell into the lowest-performing group of “endemic surveillance societies.”

EDITED TO ADD (1/10): Actually, Canada comes in second.

Posted on January 10, 2008 at 6:01 AMView Comments

Chinese Hackers

Time Magazine article on Chinese hackers:

But reports in Chinese newspapers suggest that the establishment of a cybermilitia is well under way. In recent years, for example, the military has engaged in nationwide recruiting campaigns to try to discover the nation’s most talented hackers. The campaigns are conducted through competitions that feature large cash prizes, with the PLA advertising the challenges in local newspapers.

Tan is a successful graduate of this system. He earned $4,000 in prize money from hacker competitions, enough to make him worthy of a glowing profile in Sichuan University’s campus newspaper. Tan told the paper that he was at his happiest “when he succeeds in gaining control of a server” and described a highly organized selection and training process that aspiring cybermilitiamen (no cyberwomen, apparently) undertake. The story details the links between the hackers and the military. “On July 25, 2005,” it said, “Sichuan Military Command Communication Department located [Tan] through personal information published online and instructed him to participate in the network attack/defense training organized by the provincial military command, in preparation for the coming Chengdu Military Command Network Attack/Defense Competition in September.” (The State Council Information Office didn’t respond to questions about Tan, and China’s Foreign Ministry denies knowing about him.)

With the help of experts from Sichuan University, the story continued, Tan’s team won the competition and then had a month of intense training organized by the provincial military command, simulating attacks, designing hacking tools and drafting network-infiltration strategies. Tan was then chosen to represent the Sichuan Military Command in competition with other provinces. His team won again, after which, the iDefense reports say, he founded the NCPH and acquired an unidentified benefactor (“most likely the PLA”) to subsidize the group’s activities to the tune of $271 a month.

Posted on December 14, 2007 at 11:08 AMView Comments

MI5 Sounds Alarm on Internet Spying from China

Someone in MI5 is pissed off at China:

In an unprecedented alert, the Director-General of MI5 sent a confidential letter to 300 chief executives and security chiefs at banks, accountants and legal firms this week warning them that they were under attack from “Chinese state organisations.”

[…]

Firms known to have been compromised recently by Chinese attacks are one of Europe’s largest engineering companies and a large oil company, The Times has learnt. Another source familiar with the MI5 warning said, however, that known attacks had not been limited to large firms based in the City of London. Law firms and other businesses in the regions that deal even with only small parts of Chinese-linked deals are being probed as potential weak spots, he said.

A security expert who has also seen the letter said that among the techniques used by Chinese groups were “custom Trojans”, software designed to hack into the network of a particular firm and feed back confidential data. The MI5 letter includes a list of known “signatures” that can be used to identify Chinese Trojans and a list of internet addresses known to have been used to launch attacks.

A big study gave warning this week that Government and military computer systems in Britain are coming under sustained attack from China and other countries. It followed a report presented to the US Congress last month describing Chinese espionage in the US as so extensive that it represented “the single greatest risk to the security of American technologies.”

EDITED TO ADD (12/13): The Onion comments.

EDITED TO ADD (12/14): At first, I thought that someone in MI5 was pissed off at China. But now I think that someone in MI5 was pissed that he wasn’t getting any budget.

Posted on December 4, 2007 at 12:34 PMView Comments

Hard Drives Sold with Pre-Installed Trojans

I don’t know if this story is true:

Portable hard discs sold locally and produced by US disk-drive manufacturer Seagate Technology have been found to carry Trojan horse viruses that automatically upload to Beijing Web sites anything the computer user saves on the hard disc, the Investigation Bureau said.

Around 1,800 of the portable Maxtor hard discs, produced in Thailand, carried two Trojan horse viruses: autorun.inf and ghost.pif, the bureau under the Ministry of Justice said.

The tainted portable hard disc uploads any information saved on the computer automatically and without the owner’s knowledge to www.nice8.org and www.we168.org, the bureau said.

Certainly possible.

EDITED TO ADD (12/14): A first-hand account.

Posted on November 20, 2007 at 12:52 PMView Comments

Chinese National Firewall Isn't All that Effective

Interesting research:

The study, carried out by graduate student Earl Barr and colleagues in the computer science department of UC Davis and the University of New Mexico, exploited the workings of the Chinese firewall to investigate its effectiveness.

Unlike many other nations Chinese authorities do not simply block webpages that discuss banned subjects such as the Tiananmen Square massacre.

Instead the technology deployed by the Chinese government scans data flowing across its section of the net for banned words or web addresses.

When the filtering system spots a banned term it sends instructions to the source server and destination PC to stop the flow of data.

Mr Barr and colleagues manipulated this to see how far inside China’s net, messages containing banned terms could reach before the shut down instructions were sent.

The team used words taken from the Chinese version of Wikipedia to load the data streams then despatched into China’s network. If a data stream was stopped a technique known as “latent semantic analysis” was used to find related words to see if they too were blocked.

The researchers found that the blocking did not happen at the edge of China’s network but often was done when the packets of loaded data had penetrated deep inside.

Blocked were terms related to the Falun Gong movement, Tiananmen Square protest groups, Nazi Germany and democracy.

On about 28% of the paths into China’s net tested by the researchers, blocking failed altogether suggesting that web users would browse unencumbered at least some of the time.

Filtering and blocking was “particularly erratic” when lots of China’s web users were online, said the researchers.

Another article.

Posted on September 14, 2007 at 7:52 AMView Comments

Pentagon Hacked by Chinese Military

The story seems to have started yesterday in the Financial Times, and is now spreading.

Not enough details to know what’s really going on, though. From the FT:

The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American officials.

The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.

Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.

One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence…trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.

EDITED TO ADD (9/13): Another good commentary.

Posted on September 4, 2007 at 10:44 AMView Comments

Ignoring the "Great Firewall of China"

Richard Clayton is presenting a paper (blog post here) that discusses how to defeat China’s national firewall:

…the keyword detection is not actually being done in large routers on the borders of the Chinese networks, but in nearby subsidiary machines. When these machines detect the keyword, they do not actually prevent the packet containing the keyword from passing through the main router (this would be horribly complicated to achieve and still allow the router to run at the necessary speed). Instead, these subsiduary machines generate a series of TCP reset packets, which are sent to each end of the connection. When the resets arrive, the end-points assume they are genuine requests from the other end to close the connection—and obey. Hence the censorship occurs.

However, because the original packets are passed through the firewall unscathed, if both of the endpoints were to completely ignore the firewall’s reset packets, then the connection will proceed unhindered! We’ve done some real experiments on this—and it works just fine!! Think of it as the Harry Potter approach to the Great Firewall—just shut your eyes and walk onto Platform 9¾.

Ignoring resets is trivial to achieve by applying simple firewall rules… and has no significant effect on ordinary working. If you want to be a little more clever you can examine the hop count (TTL) in the reset packets and determine whether the values are consistent with them arriving from the far end, or if the value indicates they have come from the intervening censorship device. We would argue that there is much to commend examining TTL values when considering defences against denial-of-service attacks using reset packets. Having operating system vendors provide this new functionality as standard would also be of practical use because Chinese citizens would not need to run special firewall-busting code (which the authorities might attempt to outlaw) but just off-the-shelf software (which they would necessarily tolerate).

Posted on June 27, 2006 at 1:13 PMView Comments

Counterfeiting an Entire Company

We’ve talked about counterfeit money, counterfeit concert tickets, counterfeit police credentials, and counterfeit police departments. Here’s a story about a counterfeit company:

Evidence seized in raids on 18 factories and warehouses in China and Taiwan over the past year showed that the counterfeiters had set up what amounted to a parallel NEC brand with links to a network of more than 50 electronics factories in China, Hong Kong and Taiwan.

In the name of NEC, the pirates copied NEC products, and went as far as developing their own range of consumer electronic products – everything from home entertainment centers to MP3 players. They also coordinated manufacturing and distribution, collecting all the proceeds.

Posted on May 1, 2006 at 8:02 AMView Comments

1 14 15 16 17

Sidebar photo of Bruce Schneier by Joe MacInnis.