Tags: security

caonima, censorship

china gets ballsy

For those of you who haven't heard already, computers in China launched a large-scale attack on Google, Adobe, and a number of other large web companies last month. Google has reason to believe that this attack was orchestrated by the Chinese government and not a private group of hackers. The target was apparently the Gmail accounts of human rights activists in China, only two of which were compromised. In response, Google senior vice president David Drummond announced in a post to the company's official blog that Google is going to lift the censorship filters at Google.cn (imposed as a concession to the Chinese government when Google.cn began in 2005), and is threatening to cease its operations in China entirely. Not just google.cn, mind, but also YouTube, Blogger, Gmail, Picasa, all the others. Word on the street says the attacks were launched from Google.cn itself in an attempt to gain access to source code for the rest of their network, and Google is cutting off its China operations to protect its intellectual property. Which is not as crazy as it might sound; the extent of China's cyberespionage program elsewhere is already an open secret.

This, as I see it, could mean one of two things.

1) The PRC believes Chinese human rights activists are planning something absolutely huge in China, and the Chinese government is desperate enough to expose a significant proportion of its cyberespionage resources in an absolutely unsubtle attack on the world's biggest, best-defended web company in order to stop it.
2) The PRC is acting like a superpower. Repercussions? Fuck your repercussions. We're the Middle Kingdom, damn it. Whatcha gonna do, rest of the world? Huh? Huh? Whatcha gonna do? Give us your best shot.

Neither of these bodes well for anyone except the Machiavellian overlords at the CCP.

A plethora of perspectives:
caonima, censorship

hurr, "youth escort"

A couple days ago, the People's Republic of China took their Internet censorship regime to the next logical step: the Green Dam Youth Escort program (绿坝·花季护航)! What is Green Dam Youth Escort? Well, it's a cute, fluffy (look at the bunny rabbits!), mandatory software package that will inspect all data coming to your computer at the socket layer and protect you from viewing subversive political materials pornography. Essentially, it will legally require every computer in China, whether imported from abroad or domestically produced, to be a telescreen. Your children can browse the Internet safely now that Big Brother is watching them.

This is not a hypothetical threat. It has already happened, as of July 1.

Of course, only manufacturers are legally bound to include the software in new machines. Users are free to uninstall it, if they wish. But, of course, what good law-abiding, CCP-obeying citizen would bother? Surely, if you have nothing to hide, there is nothing to be afraid of.

Fortunately, since Green Dam Youth Escort is CCP-commissioned software of the same caliber as the Golden Shield firewall, there are catastrophic security holes. Not just catastrophic to the proper functioning of the program, but...goodness, imagine being able to take down any legally purchased machine in China with a buffer overrun. Also, early reports say it only works on Windows machines, and it totally ignores Firefox.

Naturally, the Chinese-speaking Internet has responded to this new policy the only way they know how: with moe.

(More pictures of Dam-tan here.)

Internet culture? I think I love you.

(edit) Looks like ACWeb.cn, a Chinese clone of Nico Nico Douga, has gotten in on the action:

airport security sucks

"The Things He Carried": Renowned security expert Bruce Schneier, of whom I've been a fan since I took that computer security course at Oberlin, set up an experiment in which he and journalist Jeffrey Goldberg at The Atlantic tested Department of Homeland Security screening procedures at various airports across America.

The DHS failed. Miserably. And Goldberg's writeup, though incisive, surreal, and delightfully Palahniukesque, is genuinely alarming:

And because I have a fair amount of experience reporting on terrorists, and because terrorist groups produce large quantities of branded knickknacks, I've amassed an inspiring collection of al-Qaeda T-shirts, Islamic Jihad flags, Hezbollah videotapes, and inflatable Yasir Arafat dolls (really). All these things I've carried with me through airports across the country. I've also carried, at various times: pocketknives, matches from hotels in Beirut and Peshawar, dust masks, lengths of rope, cigarette lighters, nail clippers, eight-ounce tubes of toothpaste (in my front pocket), bottles of Fiji Water (which is foreign), and, of course, box cutters. I was selected for secondary screening four times--out of dozens of passages through security checkpoints--during this extended experiment. At one screening, I was relieved of a pair of nail clippers; during another, a can of shaving cream.
  • Current Music
    (Counter-Strike voice) - TERRORISTS WIN
  • Tags

taking hearts by storm

Looks like evil Russian mafia spammaster Leo Kuvayev has rolled out his latest incarnation of the infamous Storm super-worm a little early. Recently, Valentine-themed emails with cute titles like "Sent with Love" have been slipping past the OCCS spam filter. They generally contain a link to a webpage with a big pink heart, and a clicky thing to download. l33t anti-h4x0r analysis reveals that the program you get from the site is a new version of Storm that disables various anti-virus products you may have installed, and sets up your computer as a web host from which it can propagate itself. If you view the source for the page, you'll notice that the download link is cleverly encoded as a set of JavaScript escape characters, with a few fake links to throw off naive spam filters.

Protect your computer! Do not follow suspicious links from suspicious emails. Especially if you have an email account on OCCS.

More information can be found here: http://threatfire.blogspot.com/2008/01/storms-premature-invitation.html
More detailed information here: http://asert.arbornetworks.com/2008/01/storm-loves-you-new-campaign-valentines-day-theme/
Gallery of previous incarnations: http://spamtrackers.eu/wiki/index.php?title=Storm

Storm controls over one million machines. Will it control yours?