Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Experts Closing In On Google Attack Coders

samzenpus posted more than 4 years ago | from the sniff-them-out dept.

Google 141

ancientribe writes "The targeted attacks out of China that hit Google, Adobe, and other US organizations are still ongoing and have affected many more companies than the original 20 to 30 reported. Security experts now say they are getting closer to identifying the author or authors of the malware used to breach Google and other organizations."

Sorry! There are no comments related to the filter you selected.

Propaganda (-1, Flamebait)

BhaKi (1316335) | more than 4 years ago | (#31095936)

Google is a propaganda partner of US. It has blocked users from Syria and Iran since 2008 - http://www.pbs.org/mediashift/2008/10/google-blocks-chrome-browser-use-in-syria-iran287.html [pbs.org]

The US media, however, is eager to twist the story. Why should I trust them to be any more honest in talking about China?

Re:Propaganda (4, Informative)

DeadboltX (751907) | more than 4 years ago | (#31095994)

Sounds to me like you're the propaganda machine here. There is nothing new or shocking about U.S. export laws preventing companies like google from offering certain types of services or software to certain countries.

Then explain my name, Hung Wang (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#31097132)

Stupid american lady!

Re:Propaganda (0, Troll)

ShieldW0lf (601553) | more than 4 years ago | (#31097188)

You guys are chasing a red herring. Everyone knows that google is a propaganda machine. It's the only thing they sell.

If I want to invent a cologne that smells like hippos and spend a bunch of money on a propaganda campaign to make you all think it will get you a promotion and a girlfriend who looks like a supermodel, the folks at google won't tell me that propaganda is evil and they don't do that sort of thing. They will refer me to the sales department.

Of course google are doing propaganda for the US government. Who else would the US government hire?

Re:Propaganda (1, Funny)

Anonymous Coward | more than 4 years ago | (#31097242)

f I want to invent a cologne that smells like hippos and spend a bunch of money on a propaganda campaign to make you all think it will get you a promotion and a girlfriend who looks like a supermodel, the folks at google won't tell me that propaganda is evil and they don't do that sort of thing. They will refer me to the sales department.

Quick - snailmail me some of that shit! You can't possibly have smoked it all.

You sir/madam/it, are the King/Queen/What-e-ver Of Arseclowns!

Re:Propaganda (1)

hey! (33014) | more than 4 years ago | (#31098202)

You can call anyone a "propaganda machine" if you get to define "propaganda" to suit your case.

Re:Propaganda (4, Informative)

ahabswhale (1189519) | more than 4 years ago | (#31095998)

Apparently you're too stupid to read the article YOU linked. They are not permitted to allow countries like Syria and Iran to download their apps to comply with US law. Given that they're a US based company, what the fuck do you expect them to do?

You need to work a lot harder than that to prove propaganda.

Re:Propaganda (1)

blackraven14250 (902843) | more than 4 years ago | (#31096020)

The thing is, you really don't. It'll be right around that obvious. He's just wrong, plain and simple.

Re:Propaganda (1, Interesting)

mysidia (191772) | more than 4 years ago | (#31096498)

So shouldn't they go get the Exemption [internetnews.com] Firefox got, or replace their crypto code with Firefox's code?

Or (since Chrome is Windows-only)... use the CSPs in Windows for crypto operations, instead of shipping crypto code with their browser..

Sorry, the US Law excuse doesn't really hold water here.

Re:Propaganda (4, Insightful)

ahabswhale (1189519) | more than 4 years ago | (#31096580)

Why should they bother with the hassle of getting an exemption? More importantly, how does the fact that they do not have an exemption make them part of some government propaganda machine?

Oh, and Chrome runs on Linux and OS-X. Not sure where you get the notion that it's Windows only.

The only thing that doesn't hold water here is your argument.

Re:Propaganda (0)

Anonymous Coward | more than 4 years ago | (#31097118)

*Chromium* runs on Linux. Chrome doesn't exist for Linux.

Re:Propaganda (5, Informative)

Metal_Militia (1201049) | more than 4 years ago | (#31097292)

*Chromium* runs on Linux. Chrome doesn't exist for Linux.

http://www.google.com/chrome?platform=linux [google.com] Seems official Chrome to me (at least is what the package says).

Re:Propaganda (0)

Anonymous Coward | more than 4 years ago | (#31098114)

Hm. That must be very new then.

Re:Propaganda (1)

rtfa-troll (1340807) | more than 4 years ago | (#31096646)

Firefox exceptions apply because their (source) code is freely available for download (and so impossible to control). Google doesn't have this excuse especially for their services or even software which are generally used with an ongoing connection to their servers (where they can easily use geo-location to pick on particular Iranian IP addresses). The situation is not comparable.

The crypto code from FireFox would probably be sufficient to make google's software a controlled item if it was integrated to their proprietary software.

Re:Propaganda (2, Interesting)

rtfa-troll (1340807) | more than 4 years ago | (#31096694)

Just to be a little clearer about the grandparent's points about chrome. Google could probably get a similar exception for Chromium to the firefox one and still have to export control Chrome. The use of Windows crypto functions also won't help since software which uses crypt functions is just as much controlled as software which implements them.

Controls on use of crypt (as well as implementations) actually kind of make sense. a) it's very easy to mess up a use and use a secure crypto function insecurely b) the actual value of a crypto function is in your use of it. In terms of the crazy world of crypto embargos, a typical wish would be to allow the Iranians to do cryptographic signatures, but not to encrypt. However, it can be shown that any signature algorithm can be used to encrypt (well actually hash algorithm). This means that the only control that could possibly be effective is on delivery of software, not delivery of algorithms.

Of course none of the embargo stuff actually is very effective since there are plenty of people (e.g. China) who are more than happy to treat unilateral US embargoes as a business opportunity.

Re:Propaganda (1)

mysidia (191772) | more than 4 years ago | (#31096732)

Google is just as unable to control export as Firefox is.

IP-based "Geolocation" is completely ineffective. Anyone from a "banned" country can simply establish communications through a VPN service, proxy system, or onion router system such as TOR

And banned persons are impossible to detect without requiring every downloader somehow prove their identity, which is impossible without using strong encryption...

Re:Propaganda (1)

rtfa-troll (1340807) | more than 4 years ago | (#31097466)

Google is just as unable to control export as Firefox is.

almost.

And banned persons are impossible to detect without requiring every downloader somehow prove their identity, which is impossible without using strong encryption...

But in this case google has no reason to believe and no way to discover that they are dealing with a banned person so they are pretty much in the clear. You can get done for deliberately dealing with a banned person. You can get done for not taking care to avoid dealing with banned people. You can't get done for dealing with a banned person when you believed and had some reason to believe that you were not dealing with a banned person.

I'd even say that this example is almost reasonable. A private person in a banned country could still get to chromium. However a big international corporation would probably find these rules a complete pain since they would clash with all sorts of other internal security rules.

Re:Propaganda (4, Funny)

wealthychef (584778) | more than 4 years ago | (#31096032)

The US media, however, is eager to twist the story.

It would seem not, as you linked to PBS, a news outlet funded by the U.S. Government. LOL

Re:Propaganda (1, Insightful)

BhaKi (1316335) | more than 4 years ago | (#31096060)

Ah, I'm worng. Again.

Re:Propaganda (3, Funny)

Anonymous Coward | more than 4 years ago | (#31096670)

Ah, I'm worng. Again.

And again as well. ;P

Just ain't your day is it?

Re:Propaganda (-1, Redundant)

BhaKi (1316335) | more than 4 years ago | (#31096726)

No, that was an intentional symbolism.

Re:Propaganda (0)

jhoegl (638955) | more than 4 years ago | (#31096388)

Uh, PBS is a non-profit funded by people that watch it, not the government. It has no political ties nor does it use adverts to fund itself.

Re:Propaganda (3, Informative)

michaelmuffin (1149499) | more than 4 years ago | (#31096600)

pbs (and npr) is increasingly funded by corporate underwriting. i would certainly consider the pbs underwriting system to be paid advertising. in addition to corporate funding, pbs is brought to you in part by the corporation for public broadcasting [wikipedia.org] , which is indeed federally funded

Re:Propaganda (1)

interkin3tic (1469267) | more than 4 years ago | (#31096034)

Yes, not outright offering Syrians and Iranians their browser, while leaving plenty ways they can still get chrome, and citing sanctions against those countries as the reason is CLEARLY a "propaganda partnership." I mean google has so much to gain by playing along with this massive international conspiracy. So very much. After all, if a resident of Syria were able to use google chrome, the Combine would be unable to stop Gordon Freeman, which is also Google's sworn enemy.

Matter of fact, -I- haven't offered Syrians OR Iranians anything free lately. I guess I'm part of the propaganda machine...

Re:Propaganda (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31096052)

You are correct.

The recent surge of Toyota's bad publicity is also a FUD campaign to discourage Americans from buying one of the most popular and reliable brands and instead buy GM's pieces of shit.

The recent pop-culture emphasis of babies and breeding (Brangelina, Octomom, and Jon and Kate) is to encourage copycats to breed a new generation of proletariat consumers and disposable warriors to prop up the corporations and the government's imperialist forays.

The recent scaremongering with respect to germs like H1N1, SARS, and other more mundane disease is again to scare people into propping up Big Pharma and serving as unwitting test subjects for hitherto-unknown live clinical trials.

And now, the corporations and governments won't even need to fool you - they're one and the same in America, the Fifth Reich.

Re:Propaganda (0)

BhaKi (1316335) | more than 4 years ago | (#31096172)

Dude, I posted a flamebait based on a half-baked article because of my prejudice against media. It doesn't matter if I was correct. I'd advise you to do enough research and collect enough evidence.

Apology (3, Funny)

BhaKi (1316335) | more than 4 years ago | (#31096078)

I failed to do enough research. Is there a way I can delete the parent post?

Re:Apology (2, Funny)

NeutronCowboy (896098) | more than 4 years ago | (#31096152)

Take your incorrect post like a man. Accept you made a mistake, acknowledge it, and move on. And make sure your research is sound before posting again.

Re:Apology (3, Funny)

ae1294 (1547521) | more than 4 years ago | (#31096308)

You really must be new here.

Re:Apology (1)

TubeSteak (669689) | more than 4 years ago | (#31096178)

I failed to do enough research. Is there a way I can delete the parent post?

slashcode has a secret delete function that lets you hide your shame.
You have to reply to your post you want to delete with:
Dear aunt, let's set so double the killer delete select all.

Re:Apology (1)

mysidia (191772) | more than 4 years ago | (#31096550)

Dear aunt, let's set so double the killer delete select all.

Windows Vista voice recognition issues?

You must mean: reply at top level with subject "first post" body "pls kill first post", to try and get the editors'/moderators' attention. You may need to send e-mail to persuade. I hear some people like viagra, send editors some links to some web sites, and they'll probably be happy to delete.

J/K. (Slashdot posts are more or less set in stone, unless you can get the RIAA et al., Google, or perhaps the government of Syria to send /. a takedown notice for the post)

Re:Apology (1)

Ethanol-fueled (1125189) | more than 4 years ago | (#31096608)

Dear aunt, let's set so double the killer delete select all.

I thought it was some obfuscated SQL injection.

Re:Apology (0)

Anonymous Coward | more than 4 years ago | (#31096188)

You have to e-mail malda@slashdot.org with the post number in the subject line and ask him to delete it. He dosen't know much English and he tends to have a bad attitude, so you have to be persistent. It should take no more than 5 requests before he removes the post.

Re:Apology (1)

cyberzephyr (705742) | more than 4 years ago | (#31096512)

There is only one Cdr Taco. If your'e lucky, you will hear from him.

Re:Apology (1)

interkin3tic (1469267) | more than 4 years ago | (#31096252)

I failed to do enough research. Is there a way I can delete the parent post?

Perhaps you should have done some more research on that second subject before you posted it as a question. If we answer now, you'll never learn.

Re:Apology (1)

nedlohs (1335013) | more than 4 years ago | (#31096408)

Where "enough research" would be just skimming through the article you decided to use as evidence for your ridiculous assertion?

That's a mighty low bar you've set there.

Re:Apology (3, Interesting)

AliasMarlowe (1042386) | more than 4 years ago | (#31096606)

I failed to do enough research. Is there a way I can delete the parent post?

Join the Scientologists. Claim your post is part of their dogma. Threaten legal action.
http://slashdot.org/yro/01/03/16/1256226.shtml [slashdot.org]

That Depends (1, Funny)

Anonymous Coward | more than 4 years ago | (#31096636)

Is there a way (to) delete (a Slashdot) post?

That depends. Is your name Xenu?

Re:Apology (1)

RMH101 (636144) | more than 4 years ago | (#31097904)

that's what the goatse posts are: it's a secret undo function. post a link to goatse.cz without posting anonymously and it deletes your last post.

Re:Propaganda (0)

Anonymous Coward | more than 4 years ago | (#31096084)

> Google is a propaganda partner of US.
First, get out of that sh...hole, then get some education, then we'll talk propaganda.

I understand false beliefs - we all have a few, but lack of basic logic in people's thinking in this day and age is just astonishing.

Re:Propaganda (0, Redundant)

BhaKi (1316335) | more than 4 years ago | (#31096192)

Hey, I'm prejudiced against media and I made a mistake. Let's leave it at that.

Re:Propaganda (1)

wellingj (1030460) | more than 4 years ago | (#31096572)

On the other hand you just made one of the best -1 flamebait threads for all time. If I had mod points I would have read all this and modded it +1 funny.

Re:Propaganda (1)

nedlohs (1335013) | more than 4 years ago | (#31096396)

Yes, obeying US export restrictions is propaganda.

They should just ignore them and go to prison so you feel better in your paranoid world.

Re:Propaganda (1)

cyberzephyr (705742) | more than 4 years ago | (#31096472)

Syria is not being looked at on this forum. Google is doing some funky stuff that even makes me feel wierd.

We look at different things.

Re:Propaganda (1)

228e2 (934443) | more than 4 years ago | (#31096988)

Best. First Post. Ever.

Would you run unknown code? (3, Interesting)

fluffy99 (870997) | more than 4 years ago | (#31095964)

Why on earth would I download and run the "inoculation" removal software from some unknown company? It might actually be installing more crap! Why not just give us a shell script if it's just wmi calls?

Re:Would you run unknown code? (0)

Anonymous Coward | more than 4 years ago | (#31096548)

Not to mention it's in a password protected zip file to prevent scanners from looking at the binary. There is a perfectly good explanation for that, but it doesn't change the facts: Uknknown company tries to make you run unknown, unscanned binary.

Re:Would you run unknown code? (1, Informative)

Anonymous Coward | more than 4 years ago | (#31096576)

Not that unknown. If I remember correctly, they present at BlackHat every year and have published several books.

Re:Would you run unknown code? (1)

Culture20 (968837) | more than 4 years ago | (#31098594)

Not that unknown. If I remember correctly, they present at BlackHat every year and have published several books.

BlackHat you say? If they presented at WhiteHat I'd be more trusting.

Re:Would you run unknown code? (0)

Anonymous Coward | more than 4 years ago | (#31097402)

Well, it's true that his wikipedia entry isn't a gem, but, it dates to 2007, you're free to read it:

http://en.wikipedia.org/wiki/Greg_Hoglund [wikipedia.org]

Extra! Extra! Read all about it! (-1)

Anonymous Coward | more than 4 years ago | (#31095972)

Possible links to Australia porn retaliation!

Mysterious "Anonymous group" still unavailable for comment.

Re:Extra! Extra! Read all about it! (1, Funny)

Anonymous Coward | more than 4 years ago | (#31096064)

On behalf of myself, I can say that this is retaliation.

Just google them (1)

filesiteguy (695431) | more than 4 years ago | (#31095974)

Results 1 to 10 of 5,000,000,000 for "google wannabe hackers".

1. Some Script Kiddie

2. Wannabe h4xx0r ...

Re:Just google them (0)

Anonymous Coward | more than 4 years ago | (#31096018)

Results 1 to 10 of 5,000,000,000 for "google wannabe hackers".

1. Some Script Kiddie

2. Wannabe h4xx0r ...

exaggerate much?

http://img8.yfrog.com/i/captureln.png/

Just "wannabe hackers" only gives 350,000.

5 billion is a big number, there is only like 50 billion webpages total.

Extra! Extra! Read all about it! (0)

y4ku (1681156) | more than 4 years ago | (#31095984)

Links to attack on Australian porn censorship! Mysterious group know as "Anonymous" still unavailable for comment!

Boy I can't wait! (5, Insightful)

Weaselmancer (533834) | more than 4 years ago | (#31095996)

As soon as the United States identifies the culprits in China...wow are they in trouble.

Re:Boy I can't wait! (1)

TubeSteak (669689) | more than 4 years ago | (#31096166)

China has a tendancy to execute criminals who cause international incidents.
/That's in addition to the numerous other reasons they normally execute people for.

Re:Boy I can't wait! (1)

Sheen (1180801) | more than 4 years ago | (#31096248)

Like they are gonna execute someone with that amount of hacking skill, yeah right. or execute, being hired by the executive branch!?

Re:Boy I can't wait! (1)

interkin3tic (1469267) | more than 4 years ago | (#31096272)

China has a tendancy to execute criminals who cause international incidents.

You mean the Chinese government kills the people it gets to do it's dirty work? Man, communism really IS inefficient!

Re:Boy I can't wait! (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31098420)

All intelligence agencies do that.

If you don't know who is going to be the fall guy, it's going to be you.

Re:Boy I can't wait! (1)

mysidia (191772) | more than 4 years ago | (#31096566)

Will they still do that even now? Or rather send them to be "re-educated" ?

Re:Boy I can't wait! (1, Funny)

Anonymous Coward | more than 4 years ago | (#31096254)

Old news. They've already identified the culprit. And released a description

He has dark hair and is of Asian appearance

Shouldn't be long before they catch him...

Re:Boy I can't wait! (1)

someone1234 (830754) | more than 4 years ago | (#31096894)

And they found all this out by analyzing the firewall logs!

Re:Boy I can't wait! (1)

gaelfx (1111115) | more than 4 years ago | (#31097246)

Are you referring to the US, to China or to both? Or the infamous third man that nobody sees until the last reel?

Not Surprising (3, Insightful)

LuNa7ic (991615) | more than 4 years ago | (#31096040)

Do you really expect that they would say anything else? "Sorry guys, this one has us stumped, we've no idea who did it." There are 15 paragraphs in TFA, and they've used them to not say a damned thing. Why did they even put this press release out?

Re:Not Surprising (1)

wellingj (1030460) | more than 4 years ago | (#31096590)

I don't think Google has enough clout to do this, but what could theoretically be done is send out the press release, then watch and see which of the 50 suspects starts to make some moves.

Don't you watch movies?

Re:Not Surprising (1)

willyg (159173) | more than 4 years ago | (#31097806)

"Why did they even put this press release out?"

I thought the reason to put it out was obvious. I know, who on Slashdot would RTFA, but I thought it was obvious from the money shot at the end of the article:

"Companies are waking up to the fact that they've under-invested in the area of security around surveillance and monitoring and forensics to get to the bottom of what happened."

* Buy our Services! Buy Now! Help us spread FUD so your associates buy our services!!! *

Or maybe I'm just being cynical...

Re:Not Surprising (1)

machine321 (458769) | more than 4 years ago | (#31098586)

"Getting closer to identifying the authors" means "we have no fucking clue where to start looking". If they were really closing in, the last thing they'd want is a press release.

Re:Not Surprising (1)

Threni (635302) | more than 4 years ago | (#31098618)

It means they now know which internet cafe, with no security cameras, was used to access TOR to release their code...

After Tracing the Chinese Noodles... (0)

Bob_Who (926234) | more than 4 years ago | (#31096050)

...One finds them self hungry again in an hour.

it's all me (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31096090)

But I'm an anon coward, muhahaha. Trace that!

Gotta be a Chinese military virus. (3, Funny)

Dahamma (304068) | more than 4 years ago | (#31096106)

Probably a Kuang Grade Mark Eleven. Big mother.

Re:Gotta be a Chinese military virus. (0)

Anonymous Coward | more than 4 years ago | (#31096426)

Probably a Kuang Grade Mark Eleven. Big mother.

I think that reference went right over their heads. Neuromancer anyone?

Re:Gotta be a Chinese military virus. (4, Interesting)

MichaelSmith (789609) | more than 4 years ago | (#31096680)

For a long time it looked like William Gibson had the wrong view of the future with the Sprawl series. But now we have duelling Russian botnets which fight for exploited systems and AI captcha crackers. Major corporations base their income on the reduction and on-sale of found information. Infrastructure is increasingly dependent on information technology, and likely to be connected to the Internet.

Science fiction writers tend to over estimate short term progress and under estimate long term progress. I think Neuromancer is coming back.

The charge? Conspiracy to augment an artificial intelligence..

wtf title? (1)

mogness (1697042) | more than 4 years ago | (#31096138)

From TFA:

Hoglund says HBGary was able to identify "markers" specific to the way the Aurora developer wrote the malware. But he says his firm did not include this in its new report. "This is not in the report because we don't want him to know what we know about his coding," he says. "[It] is algorithmic in nature."

Hah riiiight. So just give out hints in the press release? More like, "we don't want to share this information cause it's profitable."

Re:wtf title? (0)

Anonymous Coward | more than 4 years ago | (#31096324)

More like, "we don't want to share this information cause it's profitable."

I call typo.

You obviously meant

More like, "we don't want to share this information cause it's bullshit

Next week they'll announce they have found a (patented) way of decoding the hidden Alkida signals broadcast on Arabic television....

Catch the Wave! (-1, Troll)

Korbeau (913903) | more than 4 years ago | (#31096284)

Your love is fading ...
I just made a giant masterpiece printed all over the greatest world newspaper nerds!

My brother is wearing the other one ...

Such a bitch. Everyone knows the other Google is dirty.

The interesting bits... (3, Insightful)

chill (34294) | more than 4 years ago | (#31096442)

About 80 percent of APT attacks use custom malware, Mandia says. "We recently took over 1,800 programs we've collected since 2008 that are all part of APT ... and ran it through AV, and only 24 percent of the malware triggered antivirus," he says. "Over a year ago, none of it was triggering AV."

Signature-based anti-virus scanning isn't going to help. That model is broken and only useful for the "AOL mindset" of the general public. That is, the people who go "ohhhh, SHINY. [click]" and get infected by year-old malware.

Serious pressure on software vendors to make sure their app doesn't need admin rights to run on a Windows box would be a nice step.

I tried securing my Win2k Program Files folder (1, Interesting)

MichaelCrawford (610140) | more than 4 years ago | (#31096612)

I set it all so it was Read-Only to regular users, then removed my own Administrator privileges. When I logged in as "Mike", I was just a regular user, and had to log in explicitly as Administrator to do anything administrative.

Well that didn't last long. Nothing worked anymore.

To get my box back, I had to both make my Program Files folder writable, and I had to give my "Mike" account administrative priveliges.

That's just plain wrong.

Re:I tried securing my Win2k Program Files folder (0)

Anonymous Coward | more than 4 years ago | (#31096874)

So you set everything to 'Read' and expected everything to work as before. Have you heard about 'Read&Execute' for example? It's your fault you were using crappy software or didn't know how to identify and set needed permissions. Have you heard about "Run As" in Win2K?

Sorry I really did mean Read and Execute (2, Informative)

MichaelCrawford (610140) | more than 4 years ago | (#31097586)

What I meant was that I didn't permit regular users to write into Program Files. My problem was that quite a few of the applications I had installed expected to be able to write into their own installation folders. Even Microsoft is an offender - one has to be an Administrator to run the Visual Studio debugger. I don't see why that should be necessary, unless one is debugging a Service. If one is debugging a non-Administrative executable, Administrative priveliges shouldn't be necessary at all.

Re:I tried securing my Win2k Program Files folder (1)

jargon82 (996613) | more than 4 years ago | (#31097962)

http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/193721.aspx [msdn.com] I've used this for years. It launches a command prompt (after requesting passwords) that is still you, but with admin privs. Makes all the stuff that doesn't work under runas work just fine.

Re:The interesting bits... (1)

cerberusss (660701) | more than 4 years ago | (#31097800)

Serious pressure on software vendors to make sure their app doesn't need admin rights to run on a Windows box would be a nice step.

Serious pressure is not going to cut it. We need real, authentic pressure on top executives of software companies. That means looking up their names and addresses, and finding out if they have a pet or not. A poodle or some such. Then a team of open-source ninja's should capture the poodle of the executive and put a video on 4chan, clearly stating what we want from them. "No admin rights or the poodle gets it".

Re:The interesting bits... (1)

maxume (22995) | more than 4 years ago | (#31098258)

Shouldn't the open-source ninjas be demanding an open-source version rather than better Windows support?

Re:The interesting bits... (1)

jimicus (737525) | more than 4 years ago | (#31098178)

Serious pressure on software vendors to make sure their app doesn't need admin rights to run on a Windows box would be a nice step.

Normal users can't install a service but they can set up an application to run on a scheduled basis. They can also have some tasks run when they log in.

Normal users can see data. Sometimes it's confidential data.

Normal users can usually somehow connect to the outside world - even if it's only by email.

So I don't see how this would really solve anything in the long term.

They would already have him (1)

Opportunist (166417) | more than 4 years ago | (#31096616)

But these damn Chinese names all sound the same to a westener's ear.

Ya know that old joke, how do you choose the name for your Chinese child? Drop a silver spoon on a piece of Jade and the sound created is the name.

Re:They would already have him (0)

Anonymous Coward | more than 4 years ago | (#31097226)

No, you take handful of rice, drop it on the floor and the Chinese characters appearing are the name of your kid!

min0s 4, Troll) (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31096770)

Comment header (0)

Anonymous Coward | more than 4 years ago | (#31096920)

I'm guessing the "hacker" responsible listed their name in the comment header. /*
        * goofle -- program exploits vulnerabilities @ google.
        *
        * Author: Johnson "the tiger" Zhang
        *
        * Purpose: Repress dissidents and hack pron site passwords.
        *
        * Usage: goofle --help
        *
*/

#include ...

Yeah I know comments don't make it through compilation.

source code (0)

Anonymous Coward | more than 4 years ago | (#31097594)

system("wget http://www.google.com/search?q=google");

not sure its a good idea to say this (3, Interesting)

Anonymous Coward | more than 4 years ago | (#31097052)

In retaliation to the investigations and accusations, BAE Uk got a massive attack wave this weekend, much larger than anything Google saw. All the attacks came from proxys, but deeper probes showed all the traffic was from china.

BAE had all their systems crippled and apprently had shut the whole network down(we are talking about thousand upon thousands of machines), reset all passwords and wipe a lot of boxes. You wont hear this in the news though. It would be seriously bad for business if the US and Uk governments got wind of it.

China* wont go down without a fight.

*whoever is organising it.

In China... (1)

gaelfx (1111115) | more than 4 years ago | (#31097236)

... everyone knows who did it. It was the CaoNiMa, or the grass-mud horses as you may know them. I really hate those mother f@#$%&s.

Simple, really (1)

bytesex (112972) | more than 4 years ago | (#31097512)

I can only imagine two outcomes to this: the perpetrators are found, and are found to be _not_ (in the pockets of) the Chinese government, and they are found precisely because of this: I mean, we're talking about *Google*, the *US* and *China* man ! To hell with ordinary malware creators and spamhouses that no law enforcement ever seems to be able to nail, this is important !

Or, they are (suspected to be) still of the Chinese government, in which case it likely dead-end somewhere.

Both outcomes would make me kind of cynical, but that's just me.

Chinese "Echelon" (3, Informative)

Max_W (812974) | more than 4 years ago | (#31097592)

Some states do use secret "Echelon" system to break into private and other states' communication systems. Yes, supposedly and by a self-proclamation these are the "good guys".

Is it a feasible international framework that if one feels himself to be a "good guy" he can eavesdrop on electronic systems? But if he looks like a bad guy, speaks in some exotic ethnic language, then it is a condemnable behavior.

But to Chinese and other Asian people we look like strange exotic humans. There is even a word for European-like people in Asia - "long-noses". And when one lives there it feels exactly this: being a "long nose" among normal people.

So they know that good guys eavesdrop on them with an "Echelon" and keep silence philosophically, but when they try to get some info via eavesdropping a commercial company "Google", it causes a global panic. Or do I get it wrongly?

Maybe it makes sense to lead by an example?

Translation: (1)

Hurricane78 (562437) | more than 4 years ago | (#31097876)

Security experts now say they are getting closer to identifying the author or authors of the malware

Translated: They now have narrowed the list down to a hand full of people, and will soon decide who will be the best scapegoat. ;)

Re:Translation: (1)

hey! (33014) | more than 4 years ago | (#31098340)

This kind of reminds me of stories of 1960s sub warfare between the US and the Soviets. US subs would trail the soviets using only passive sonar to tell when rudder was applied or engine or trim adjusted. Soon each watch's OOD would feel like he could read the mind of his counterpart on the Soviet boat, whether he was going to turn left or right, or pull a "crazy Ivan", a dangerous figure eight maneuver designed to flush out enemy subs. All this was done blind, and US subs were almost totally silent.

So I'm picturing these security researchers huddled over a monitor plotting the hacker's nefarious activities. One turns to the other and says, "Bet you a bottle of Chivas he pulls a Wang-dang-doodle."

authors (1, Interesting)

Anonymous Coward | more than 4 years ago | (#31098422)

forget the authors, who paid them?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?