Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Journalists' Yahoo E-Mail Accounts Compromised In China

timothy posted more than 4 years ago | from the perhaps-it-was-smersh dept.

Censorship 130

andy1307 writes "According to this article in the New York Times, 'In what appears to be a coordinated assault, the e-mail accounts of at least a dozen rights activists, academics and journalists who cover China have been compromised by unknown intruders. The infiltrations, which involved Yahoo e-mail accounts, appeared to be aimed at people who write about China and Taiwan, rendering their accounts inaccessible, according to those who were affected. In the case of this reporter, hackers altered e-mail settings so that all correspondence was surreptitiously forwarded to another e-mail address. ... The victims of the most recent intrusions included a law professor in the United States, an analyst who writes about China's security apparatus and several print journalists based in Beijing and Taipei, the capital of Taiwan."

cancel ×

130 comments

Sorry! There are no comments related to the filter you selected.

move along folks... (0)

Anonymous Coward | more than 4 years ago | (#31685792)

...nothing to see here.

Damn Chinese! (5, Funny)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#31685834)

Don't you know that you should do your wiretapping directly at the ISP level, like real Americans?

Re:Damn Chinese! (3, Insightful)

Marcika (1003625) | more than 4 years ago | (#31685944)

Don't you know that you should do your wiretapping directly at the ISP level, like real Americans?

I'm sure that they know and they do. But wiretapping at the ISP level doesn't help if their victims use HTTPS or SSL IMAP/POP like pretty much all Gmail (and Yahoo?) users do. Real Americans(TM) subpoena Google or Yahoo records directly over their convenient law-enforcement interfaces -- China can't do that...

Re:Damn Chinese! (4, Interesting)

KiloByte (825081) | more than 4 years ago | (#31686164)

https is very easy to MITM if you can inject bogus signed certificates. For that you need to control a CA. Like, for example, CNNIC whose root certificate is included in MSIE and Firefox.

Please to vote on the bug report [mozilla.org] to remove this security hole.

Re:Damn Chinese! (5, Insightful)

muckracer (1204794) | more than 4 years ago | (#31686528)

> https is very easy to MITM if you can inject bogus signed certificates.

agreed

> For that you need to control a CA.

agreed

> for example, CNNIC whose root certificate is included in MSIE and Firefox.

agreed

> Bug 542689 - Please remove CNNIC CA root certificate from NSS

agreed BUT: Why do you single out this particular CA when the valid issues you raised APPLY TO ALL OF THEM?!

Re:Damn Chinese! (2, Insightful)

TheLink (130905) | more than 4 years ago | (#31687084)

The real bug is Mozilla doesn't _help_ you realize and figure out that a cert has been changed for no good reason.

Yes the way to do it won't work 100% for the average person. But the average person will get pwned anyway.

So in this case, Mozilla should help the ones who care about security - warning people that the server cert has been changed rather early, or worse the CA has changed, or even worse the CA has changed AND the new CA is in a different country.

But no, the Mozilla developers still haven't lifted a finger to help. Not even after 5 years.

See this:
https://bugzilla.mozilla.org/show_bug.cgi?id=286107 [mozilla.org]

And comment #5 and rest of discussion.

Quote:
Ian Grigg 2005-03-15 12:14:26 PST

#4. I'd agree with that.

The critical change is when a new cert comes in signed by a *different* CA. In
the event that this is a bad situation, both CAs can disclaim by pointing the
finger at each other. The bad CA just shrugs and says "I followed my
established and audited procedures...." In practice, even a little finger
pointing will break any semblance of CAs backing up their words.

Re:Damn Chinese! (1)

Spazztastic (814296) | more than 4 years ago | (#31687614)

Is there an addon that warns of cert changes? I don't know how to program, but it seems that would be a really good addon to develop. I'd donate to it.

Re:Damn Chinese! (1)

muckracer (1204794) | more than 4 years ago | (#31687720)

Check out Perspectives: http://www.cs.cmu.edu/~perspectives/ [cmu.edu]

Of course, by removing all CA's, manually/permanently accepting the site's cert you'll also be warned if it changes (pretty much like SSH then).

Re:Damn Chinese! (1)

TheLink (130905) | more than 4 years ago | (#31687808)

There's "Certificate Patrol" for Mozilla Firefox.

But I'm not sure how trustworthy that is. You could look at the source code and the data (I'm not so sure how to check the initial database/config).

Re:Damn Chinese! (0)

Anonymous Coward | more than 4 years ago | (#31686736)

This this this.
It isn't easy for the non-techy types, but for those fairly in-the-know...
And trusting an encryption method that, SO FAR, hasn't been publicly cracked isn't the best way to go about things when it comes to security.
You should always mistrust a 3rd party. (sounds pretty depressing, eh?)
The internet is just a huge mess when it comes to security on-route. Hopefully that will be fixed soon.

Slightly off-topic, but related to Slashdot in general. (especially this comment)
Slashdot needs a "Popular Comments" section where a post can go greater than 5 to bump it to the top.
This is one of those "Most Informative" comments that everyone needs to see.
It could be attained by say, another 5-10 pluses? That should probably prevent the section being clogged up.
If a post that got bumped up wasn't the parent, all the comments in the flow of the discussion from parent to current could be bumped up. (with link to the full discussion in the main comment flow)

I know it doesn't matter so much on this one, but when you get in to the >500 comment articles, a lot of good, useful comments can be missed or ignored.
Probably won't happen anyway. I'll send in the suggestions though. It would really help with those people who are on a tight schedule.

Re:Damn Chinese! (1)

ObsessiveMathsFreak (773371) | more than 4 years ago | (#31687866)

https is very easy to MITM if you can inject bogus signed certificates.

Ah yes. The Myth in the Middle. That great urban legend of cryptography.

Out of curiosity, could someone actually provide a concrete example of a MITM attack ever being successfully carried out? Bonus points for anyone who can further provide reasons for why this means Firefox no longer likes self signed certs.

Re:Damn Chinese! (2, Informative)

tlhIngan (30335) | more than 4 years ago | (#31688286)

Out of curiosity, could someone actually provide a concrete example of a MITM attack ever being successfully carried out? Bonus points for anyone who can further provide reasons for why this means Firefox no longer likes self signed certs.

Well, there's SSLSniff [thoughtcrime.org] that was used to demonstrate faking Paypal certificates (via NULL attacks in browsers). There's also the neat SSLStrip [thoughtcrime.org] that transforms a HTTPS transaction down to an HTTP one.

They work by ARP spoofing right now, and if you combine with the IE WPAD (web proxy auto-discovery) mechanism, you could put together a pretty nice MITM attack unit.

And wasn't there reports of a box sold to governments that was designed to do this MITM stuff? Like this appliance [wired.com] ? This one's better than SSLSniff as it uses subverted CAs.

More info - http://arstechnica.com/security/news/2010/03/govts-certificate-authorities-conspire-to-spy-on-ssl-users.ars [arstechnica.com]

Re:Damn Chinese! (1)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#31688534)

They aren't generally considered "attacks"; because they are conducted by the owners of the hardware and the connection; but a nontrivial percentage of the sorts of proxy servers commonly sitting between a corporate/institutional LAN and the hostile wide world of the internet are at least capable of such, if not configured for it. Since the corporation owns the computers, pushing their internal CA as trusted into client browsers is a trivial matter, which allows their web proxy to preserve the client machine's ability to use SSLed web services(banking websites and the like), without compromising the proxy's ability to cache, filter, and whatever else it was put there to do.

Again; because this is all going on within an institutional setting, no expectation of privacy on company boxes, etc, etc. it isn't really an "attack"; but it is by far the most obvious real-world example of the technique being used.

Because attacks where you don't get to push your certs to the clients with group policies would require compromising a trusted CA, that would more fall into the realm of spook stuff; but would be technologically equivalent.

Just spread "china is for dictators" all over. (1)

h00manist (800926) | more than 4 years ago | (#31686674)

If everyone spreads messages protesting china all over the net, it will be hard for them to hide. Google should spread the message right on their homepage. They can do it now.

Re:Protest the Chinese! (1)

h00manist (800926) | more than 4 years ago | (#31686764)

It's a great moment to protest against government espionage. Everyone in the west will agree on protesting chinese espionage, but it will indirectly call attention to western government practices too. Implementing protests in Chinese text does pose some interesting technical and language problems....

Re:Damn Chinese! (0)

Anonymous Coward | more than 4 years ago | (#31687302)

But wiretapping at the ISP level doesn't help if their victims use HTTPS or SSL IMAP/POP like pretty much all Gmail (and Yahoo?)

Nope. Yahoo and hotmail don't have the option to use ssl AT ALL.

Sniffing yahoo & hotmail credentials is trivial.

Google mail at least offers ssl as an option, and ssl was made the default recently.

Re:Damn Chinese! (1, Informative)

TheLink (130905) | more than 4 years ago | (#31687372)

> But wiretapping at the ISP level doesn't help if their victims use HTTPS or SSL IMAP/POP like pretty much all Gmail (and Yahoo?) users do.

1) Yahoo mail is not encrypted. Only the login is. So it is possible to sniff the session credentials (cookies etc) and do stuff like change the passwords.

And it's not just Yahoo. None of them (Yahoo, Hotmail, Google) allowed you to use https for the entire email session, including Gmail, until the recent Google hack incident.

The banks I use don't even allow you to access their main pages via https. Which does make it hard to get a known trusted login page to log in to the bank.

Yes their login forms submit stuff via https, but how does that help if you've already got a tampered login form?

2) The browser makers put in lots of CA certs but do nothing to help you realize that the server's cert has changed[1], or the server's CA has changed, or the server CA country has changed...

As a result doing stuff securely is hard - the service providers and browser makers aren't helping.

[1] See the discussion here: https://bugzilla.mozilla.org/show_bug.cgi?id=286107 [mozilla.org]

Re:Damn Chinese! (2, Informative)

EXrider (756168) | more than 4 years ago | (#31688418)

And it's not just Yahoo. None of them (Yahoo, Hotmail, Google) allowed you to use https for the entire email session, including Gmail, until the recent Google hack incident.

Gmail has offered the option to use HTTPS for your entire session for several years now, I remember discovering it back in '05 while perusing the preferences. It just wasn't the default.

Re:Damn Chinese! (1)

TheLink (130905) | more than 4 years ago | (#31688860)

Hmm, ok I guess my memory was bad then.

I thought I recalled it redirecting me from https to http when I tried it a while back.

Re:Damn Chinese! (1)

Asic Eng (193332) | more than 4 years ago | (#31686826)

Wiretapping at the ISP level isn't so convenient when the ISP is outside your jurisdiction. Some of the people attacked were based in Taiwan and the US. Also journalists often move around, so you might have to attack many ISPs in order to gain access. In this case it just makes more sense for the Chinese to attack webmail accounts.

Re:Damn Chinese! (2, Insightful)

TubeSteak (669689) | more than 4 years ago | (#31687690)

Don't you know that you should do your wiretapping directly at the ISP level, like real Americans?

Why would you need to when the e-mail hosts have so thoughtfully buried an auto-forwarding function on a settings page that no one ever checks?

"Free" e-mail has generally only improved in quality over the last decade, but that one move was incredibly boneheaded.
Every time I log in, the first thing I should see is "Your E-Mail Is Forwarded To: [No Where/Address]".
Anything else is just pure gold for malicious actors.

Is anyone surprised? (5, Insightful)

Anonymous Coward | more than 4 years ago | (#31685856)

China is a totalitarian state. Has been since 1949. What free trade has done is to make it a rich totalitarian state instead of a poor one. I never understood the argument that capitalism would lead to anything like democracy. Democracy [usually] leads to at least some level of capitalist/free-enterprise economy, but not the other way around.

Re:Is anyone surprised? (4, Insightful)

dkleinsc (563838) | more than 4 years ago | (#31686084)

I never understood the argument that capitalism would lead to anything like democracy.

The reason you can't understand that argument is that it's complete BS. It was created to try to convince Americans that the reason our government is making it extremely easy to trade with China is to spread democracy, not increase corporate profits at the expense of American workers' careers.

And historically at least, the system of government best suited to corporate profits is not democracy, but fascist-leaning dictatorships. That's true whether we're talking about Mussolini, Hitler, Franco, Pinochet, or Batista.

Re:Is anyone surprised? (1)

h00manist (800926) | more than 4 years ago | (#31686542)

I never understood the argument that capitalism would lead to anything like democracy.

The reason you can't understand that argument is that it's complete BS.

Indeed. Democracy is a form of voting, representation, social organization of people, citizens, governments. Capitalism, as well as socialism, are mostly organizing methods for distributing money, finances, and perhaps labor and goods. No actual relation to government organization. Of course money and politics are related, but I think they are still separate segments and entities. Government and finance are inter-related to health care, education, media, technology and a bunch of things too, but not inseparably. Then again, every powerful entity tries to confuse things to its benefit. Every war is for freedom, peace, happiness, prosperity, etc, on the "us" side, and the opposite, plus some evil, on the "them" side. Then everyone can kill each other with a clean conscience, rationalizing it with 'Killing them now is clearly the right thing to do'. "US good, THEM bad!". Great political message, gets lots of votes and followers, from people with violence in them, which is most people.

Re:Is anyone surprised? (2, Funny)

h00manist (800926) | more than 4 years ago | (#31686588)

"Socialism GOOD, capitalism BAD! Kill THEM for FREEDOM!". Umm oh wait, sorry that was on the other side, whatever, just invert it.

Re:Is anyone surprised? (1)

Midnight Thunder (17205) | more than 4 years ago | (#31686656)

"Socialism GOOD, capitalism BAD! Kill THEM for FREEDOM!". Umm oh wait, sorry that was on the other side, whatever, just invert it.

Then again, neither is necessarily bad or good. It all depends on how it is run. For me the only good spot is somewhere in the middle, accepting social needs and human motivation.

Re:Is anyone surprised? (1, Troll)

ccarson (562931) | more than 4 years ago | (#31687820)

For me the only good spot is somewhere in the middle, accepting social needs and human motivation.

Let's take the U.S.'s newly socialized health care system for example: What it basically says is, "Dear Doctors, despite your dedication and persistence to the craft of medicine, you will not be allowed to practice the way you see fit. Your decade of training, continued education and superior skill set obtained will not be rewarded based on what the market will bear. In fact, you will be told how to do your job. We will regulate your salary because your time isn't yours, it's ours. Your time isn't your, it's ours. Let me repeat this so we're very clear -- your time isn't yours, we own you. Don't you dare call this slavery because it is not. Your time is ours. You will do what we say and you will be paid what we suggest. That agreement you had with John Doe to replace his organ? He may have agreed to your price but we don't. You will replace that person's organ at a price we set. Your time is NOT yours anymore. Good day to you Sir. We appreciate your service even if you think you know medicine better then us."

We live in a state that rewards bad behavior and punishes success. This is how empires fall.

Re:Is anyone surprised? (1)

dkleinsc (563838) | more than 4 years ago | (#31687250)

In other words:

Basil Exposition: Austin, the Cold War is over!
Austin Powers: Finally those capitalist pigs will pay for their crimes, eh? Eh comrades? Eh?
Basil Exposition: Austin... we won.
Austin Powers: Oh, smashing, groovy, yay capitalism!

funny jokes are reality jokes that are not funny (2, Insightful)

h00manist (800926) | more than 4 years ago | (#31687902)

False flag operations [wikipedia.org] "False flag operations are covert operations which are designed to deceive the public in such a way that the operations appear as though they are being carried out by other entities. The name is derived from the military concept of flying false colors; that is, flying the flag of a country other than one's own. False flag operations are not limited to war and counter-insurgency operations, and have been used in peace-time; for example during Italy's strategy of tension." ...

Re:Is anyone surprised? (1)

Skillet5151 (972916) | more than 4 years ago | (#31687000)

And historically at least, the system of government best suited to corporate profits is not democracy, but fascist-leaning dictatorships. That's true whether we're talking about Mussolini, Hitler, Franco, Pinochet, or Batista.

Uh, what? If you mean that having a rather militarist government is good if you're a corporation in the arms industry, then yes. But why the hell would an arbitrary corporation prefer having the laws change at the pleasure of a demagogue who may or may not like them instead of having an easily "lobbied"/bribed legislature?

Re:Is anyone surprised? (2, Insightful)

dkleinsc (563838) | more than 4 years ago | (#31687108)

But why the hell would an arbitrary corporation prefer having the laws change at the pleasure of a demagogue who may or may not like them instead of having an easily "lobbied"/bribed legislature?

Because bribing 1 despot is cheaper and easier than bribing the 300 or so congresscritters/MPs needed to get a majority. Plus you do so much work to buy off particular politicians, and then the pesky public votes for someone else and you need to start over again.

Re:Is anyone surprised? (2, Insightful)

Skillet5151 (972916) | more than 4 years ago | (#31687194)

It seems unlikely that the man who dominates the entire country and can take what he likes from its tax revenues is going to do whatever you ask for a check.

Re:Is anyone surprised? (1)

blackraven14250 (902843) | more than 4 years ago | (#31687722)

He will, however, do whatever you ask if you're increasing the size of his country's treasury....

Re:Is anyone surprised? (2, Insightful)

Software Geek (1097883) | more than 4 years ago | (#31687058)

Perhaps you need a history course. Historically, Mussolini, Hitler, and Franco drew their countries into ruinous wars, which are very hard on corporate profits. Batista so weakened his government that it was taken over by communists who nationalized everything. Corporations hate that.

Saying that the system of government best suited to corporate profits is a fascist-leaning dictatorship is like saying Bernie Madoff will get you the best return on your investment. It is sometimes true in the short term, but in the long term it is very, very false.

Re:Is anyone surprised? (2, Insightful)

Spitfirem1 (1124377) | more than 4 years ago | (#31687362)

Saying that the system of government best suited to corporate profits is a fascist-leaning dictatorship is like saying Bernie Madoff will get you the best return on your investment. It is sometimes true in the short term, but in the long term it is very, very false.

That would be relevant, if only people and corporations had the foresight to pay attention to anything more than the Next Big Thing. The lack of any sort of a long view and the attitude that what is best for right now is always the right choice are both almost ubiquitous in our culture and are detrimental to society in many cases.

Re:Is anyone surprised? (1)

Asic Eng (193332) | more than 4 years ago | (#31688046)

Well the claim that Mussolini, Hitler etc were economically successful was of course put out by the propaganda of these dictatorships. However after the war Germany certainly did very well as a democracy with a market economy, going from an utterly destroyed country to being the world's biggest exporter (see Wirtschaftwunder [wikipedia.org] ).

Re:Is anyone surprised? (1)

u38cg (607297) | more than 4 years ago | (#31686102)

China is a totalitarian state. Has been since 949.

FTFY. To an order of magnitude, anyways.

Re:Is anyone surprised? (1)

Gothmolly (148874) | more than 4 years ago | (#31686162)

+1 Insightful to you.

Re:Is anyone surprised? (4, Insightful)

Hijacked Public (999535) | more than 4 years ago | (#31686684)

I don't understand it either, mainly because I think the climate in China is closer to free market capitalism than the climate in the US. In relative terms China is a capitalist utopia, particularly from a producer's perspective.

Re:Is anyone surprised? (1)

TubeSteak (669689) | more than 4 years ago | (#31687416)

China has endless standards and regulations.
They're just generally not aimed at improving health and safety.
IIRC, a recent Time Magazine article said China releases more rule/regulation changes every year than the rest of the world combined.

Re:Is anyone surprised? (1)

corbettw (214229) | more than 4 years ago | (#31686756)

The argument is that capitalism would increase the general wealth of the nation. As wealth increased, living standards would increase. As living standards increased, a middle class would form. And that it would be that middle class that would lead the push for democracy and freedom.

Of course, this ignores the fact that stable democracies have, historically, been formed by pushes from an aristocratic regime focused on ensuring property rights and liberty for as many people as possible. Athens, Rome, Iceland, the UK, the US. All had this trait in common, at least in the beginning.

Re:Is anyone surprised? (2, Insightful)

MightyMartian (840721) | more than 4 years ago | (#31687780)

To some degree I agree with you. I have more knowledge of Industrial England than of Rome (though there was a pretty major civil war between the Plebs and the Proles that lead to an expansion of the aristocracy there). In England, at least, the people had the good fortune of a number of historical trends lining up at the same time; labor shortages at the tail end of the Middle Ages (after the Black Death) which saw a sharp increase in demand for workers, the beginnings of a free market economy being established even before the Industrial Revolution, a stable and effective government with clear lines of authority thanks to the Glorious Revolution, and, by the 18th century a rapidly expanding population, a major overseas empire that basically kickstarted the consumer revolution (this is when China as manufacturer of cheap goods to the West really begins, thanks in large part to European, and in particular to Dutch and English merchants), and, of course, the ultimate development of a middle class in particular during the Victorian Era. I agree the aristocracy in large part was responsible for the major reform bills, but I'd say that once some of the reforms had begun, it was a snowball. The more political power the ordinary people got, the more they wanted, and the more the political class could benefit from giving it to them. That's the real story, that the landed gentry in England, already weakened by the end of any remnants of feudalism, were ultimately supplanted by the political class. That latter fact precedes the Industrial Revolution, and was born out of all things the struggles between Parliament and the Stuarts over who had the right to run the country.

Re:Is anyone surprised? (3, Insightful)

jav1231 (539129) | more than 4 years ago | (#31687246)

We should have shit-canned our trade with China when Tienanmen Square happened. Period. Everything after was hypocrisy.

Re:Is anyone surprised? (1)

crunzh (1082841) | more than 4 years ago | (#31687528)

China has ALLWAYS been a totalitarian state, the communist takeover in '49 was just a new regime in a long line of totalitarian regimes.

Re:Is anyone surprised? (1)

labotux (1755436) | more than 4 years ago | (#31687726)

The fact China is a dictatorship (one party only) doesn't mean it is a totalitarian state such as Causescu's Romania or North Korea. Chine was indeed totalitarian during cultural revolution but not anymore. Thus, the people of China, even subjected to censorship and 'official propaganda' have an opinion and can express it. There are several examples where the internet crowd probably changed some rulings. Otherwise, if i hacked your email from France, what would you say about France ? Such article and the repetition of such articles have one purpose : demonize China.

Re:Is anyone surprised? (1)

guanxi (216397) | more than 4 years ago | (#31687738)

I never understood the argument that capitalism would lead to anything like democracy. Democracy [usually] leads to at least some level of capitalist/free-enterprise economy, but not the other way around.

There's some evidence for it: Chile, South Korea, and Taiwan are examples of countries that went from right-wing, capitalist dictatorships to democracies. The idea is that capitalism allows individuals to build wealth and make large investments (e.g., factories). Then, they have something to lose in the political process.

They don't want the government to appropriate their hard-earned assets. For example, who will invest millions of dollars and years of their life building a factory, if the government can take it away on a whim? Thus they want property rights, limited government, and influence over policy. They also want a stable, effective government, and the track record of democracy (all the most prosperous countries in the world) is very attractive.

It doesn't always work out, but having a middle class helps, also because they have time, skills, and money to spend on politics.

Re:Is anyone surprised? (3, Interesting)

MightyMartian (840721) | more than 4 years ago | (#31688738)

It doesn't always work out, but having a middle class helps, also because they have time, skills, and money to spend on politics.

China is the great experiment. It's been a given since the the English Civil War that a middle and mercantile classes will demand, and will ultimately take a greater share of the political system. I posit that the Chinese leadership is hoping to accomplish the creation of a thriving middle class without any great increase in political liberties. Will the experiment work? Hard to say. Damned scary if it does, that's for sure.

Hmm yeah (2, Interesting)

Dunbal (464142) | more than 4 years ago | (#31685874)

Reminds me of all those emails I get from the head of the International Bank of Nigeria who somehow has to use hotmail/gmail/yahoo mail. Or how the "British National Lottery" also can't afford it's own mail server.

Seriously, "journalists" can't use anything but yahoo? Or even if they were limited to yahoo - they can't encrypt their email?

I suspect these "journalists" are just some "random group of people" and that the story is just more hype.

Hacks yes... was Re:Hmm yeah (1)

mjwalshe (1680392) | more than 4 years ago | (#31686132)

well Journalists arn't normaly that techie (even 99% of the technology ones) and for and for on the move journalist a webmail system does have a lot of advantages. And an ISP in china would probaly allow the security services to access their data where an external system like yahoo might require at least some form of due process.

You do wonder if who ever is doing thease sorts of hacks has thier own agenda certaily it would make sense for the PRC's security people to pull their horns in at the moment.

Re:Hacks yes... was Re:Hmm yeah (1)

tokul (682258) | more than 4 years ago | (#31686244)

well Journalists arn't normaly that techie (even 99% of the technology ones) and for and for on the move journalist a webmail system does have a lot of advantages.

And their journals are so poor that they can't have own webmail setup. "journalist like webmail" is not excuse for using third party email servers.

Re:Hacks yes... was Re:Hmm yeah (1)

umghhh (965931) | more than 4 years ago | (#31688998)

well one may wonder about security services involvement - see here [economist.com]

Re:Hmm yeah (2, Insightful)

Bearhouse (1034238) | more than 4 years ago | (#31686458)

A lot of freelance journalists use google and yahoo, as do many people who have professional mail accounts, but prefer to conduct private and/or personal business using a 'free' provider. Do you really want a confidential source in China to risk sending info to *@nytimes.etc?

Re:Hmm yeah (1)

crunzh (1082841) | more than 4 years ago | (#31687556)

Well, I actually think security a yahoo/google and so on is better than at most small ISP's the would otherwise host their emails.

Re:Hmm yeah (1)

umghhh (965931) | more than 4 years ago | (#31688984)

Well it is not only content of mails that went to wrong people but contact names [economist.com] too - so Chinese governement has surely hands in it.

It Must Be.... (-1, Offtopic)

N8F8 (4562) | more than 4 years ago | (#31685876)

The evil US government at work, again!

This is why you don't do business with China (5, Interesting)

smooth wombat (796938) | more than 4 years ago | (#31685880)

People roll their eyes when I tell them I don't buy products made in China. I refuse to support a government with such an abusive human rights record.

It's tough at times finding a product not made in China, but I use the free market to make my point.

Some people talk the talk when it comes to making a statement. Very few actually walk the walk.

Re:This is why you don't do business with China (0)

Anonymous Coward | more than 4 years ago | (#31685902)

You deserve applause.

Everytime we buy Chinese stuff, we're supporting communism.

Re:This is why you don't do business with China (1, Interesting)

Noam.of.Doom (934040) | more than 4 years ago | (#31685978)

Everytime we buy Chinese stuff, we're supporting communism.

And don't forget that it makes baby Jesus cry.

Re:This is why you don't do business with China (1)

muckracer (1204794) | more than 4 years ago | (#31686558)

> > Everytime we buy Chinese stuff, we're supporting communism.

> And don't forget that it makes baby Jesus cry.

Please provide adequate proof for your claim. Cell phone video on Youtube will suffice. :-P

Re:This is why you don't do business with China (1)

shentino (1139071) | more than 4 years ago | (#31688456)

Crying Baby Jesus *

* MADE IN CHINA

Re:This is why you don't do business with China (1)

Rusty KB (1778458) | more than 4 years ago | (#31685996)

No, you're not... China != Communism, or communism even.

Re:This is why you don't do business with China (0)

Anonymous Coward | more than 4 years ago | (#31687546)

China is a communist state. Do you really think they won't use the money to fund the party?

Re:This is why you don't do business with China (1)

Island Admin (1562905) | more than 4 years ago | (#31686524)

Its more than just supporting communism. With the amount of production being sent to China, it is eroding the economies of the western world, putting our own people out of work .... and making us adherent to what ever the Chinese government demands.

Another reason... (0)

Anonymous Coward | more than 4 years ago | (#31685938)

Stern Hu [wikipedia.org] .

Re:This is why you don't do business with China (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31685966)

I bet my future wife and unborn daughter that the computer you posted from is made in china.

Re:This is why you don't do business with China (3, Funny)

Anonymous Coward | more than 4 years ago | (#31686054)

I carved it myself, out of a solid lump of silicon.

Re:This is why you don't do business with China (1)

LordAzuzu (1701760) | more than 4 years ago | (#31685998)

I dont believe that the hardware you are writing from is not made in China.
They have the greatest power of all: economic power.
What if, some day, China stops exporting goods? The whole economy would hang, while China will still be self sufficient. Yes, they too would be hit stopping the economy cycle, but being foreseen I'm quite sure they could handle it much better than any other country.

Re:This is why you don't do business with China (3, Insightful)

east coast (590680) | more than 4 years ago | (#31686060)

This is all the more reason to actively avoid their product; so that we can make it profitable for other countries to take up the production of items that only seem to sell at the lowest price point possible. It may cost us a little today but in the long run we won't be so attached to one provider that we have to put up with their abusive nature if we need to "cut the cord."

Re:This is why you don't do business with China (1)

c-reus (852386) | more than 4 years ago | (#31686158)

Can you name any affordable personal computing devices that do not have any Chinese-manufactured parts in them?

Re:This is why you don't do business with China (1)

darku (1518879) | more than 4 years ago | (#31686042)

I would refuse to buy products that use patented stuff if I were you. Then all of your furniture would be made out of wood by gypsies on the side of the road, right?

Re:This is why you don't do business with China (1)

Jaysyn (203771) | more than 4 years ago | (#31686062)

May I ask what brand of computer you are using that has no components made in China?

Re:This is why you don't do business with China (2, Insightful)

cdrudge (68377) | more than 4 years ago | (#31686212)

May I ask what brand of [just about anything] you are using that has no components made in China?

Fixed.

Re:This is why you don't do business with China (1)

e2d2 (115622) | more than 4 years ago | (#31686806)

It's a Hemptronics 3000 with a bubbler CPU. I like how the glass turns colors over time.

Re:This is why you don't do business with China (2, Insightful)

dr-alves (1612081) | more than 4 years ago | (#31686126)

Very true.

People seem to think of China as this troublesome country that does whatever it wants and that nothing can be done about it. This is simply not true.

China is actually more dependent on US and EU than the other way around. They devote most resources to the production of products that need to be mandatorily exported as the the chinese masses cannot afford them.

Corporations and states seem to ignore the blatant anti-freemarket and anti-freedom-speech-policies because of the el-dorado of the 2 bilion people market. WAKE UP. Chinese policy will never allow for free market, and will always be biased towards chinese products.

To add insult to injury, in EU, chinese imports SIMPLY PAY NO TAXES, sinking the local producers in the process.

So what can be done? Well western states can stop acting like slaves to their chinese overlords.

Re:This is why you don't do business with China (2, Informative)

Ash Vince (602485) | more than 4 years ago | (#31687868)

To add insult to injury, in EU, chinese imports SIMPLY PAY NO TAXES, sinking the local producers in the process.

What utter rubbish. Here is the site on the eu website that will allow you to calculate the duty:

http://ec.europa.eu/taxation_customs/dds/cgi-bin/tarchap?Lang=EN [europa.eu]

It takes a while to figure out how it works, but I just searched for a DVD Recorder (TARIC CODE = 8521900090) and the import duty was 13.9%. Here is the result for non-magnetic tape video recording apparatus:

http://ec.europa.eu/taxation_customs/dds/cgi-bin/tarduty?Taric=8521900090&SimDate=20100331&Action=1&ProdLine=80&Country=CN/0720&Type=0&Action=1&YesNo=1&Indent=-1&Flag=1&Test=tarduty&Periodic=0&Download=0&Lang=EN&Description=yes [europa.eu]

I am sure there is the odd product that is not covered by duty, but you seem to think everything imported to the EU from China pays no duty, that is plainly not true.

Re:This is why you don't do business with China (4, Insightful)

u38cg (607297) | more than 4 years ago | (#31686152)

The quickest way to sort out the human rights situation in China is to create a population with enough of a stake in society for it to be worth standing up and be counted. Free speech means very little when you're on the breadline. Even if your boycott had any meaningful effect, it would just make government repression easier, not harder - and China is quite easily big enough to run a closed economy if it wanted to.

Re:This is why you don't do business with China (0)

Anonymous Coward | more than 4 years ago | (#31688558)

China may be large, but they are very limited when it comes to natural resources. They would have a tough time running a completely closed economy.

Re:This is why you don't do business with China (0)

DoofusOfDeath (636671) | more than 4 years ago | (#31686170)

People roll their eyes when I tell them I don't buy products made in China. I refuse to support a government with such an abusive human rights record.

Oh jeeze, are you going on about this again?

Re:This is why you don't do business with China (1)

Cro Magnon (467622) | more than 4 years ago | (#31686478)

Some people talk the talk when it comes to making a statement. Very few actually walk the walk.

Unfortunately, my shoes are also made in China.

Re:This is why you don't do business with China (1)

Jaysyn (203771) | more than 4 years ago | (#31687172)

From the extensive 5 minutes of research I just performed it appears that the only mass market brand of shoe that is actually made in the USA are from New Balance & Wolverine.

You can however order shoes & boots from any of the fine American companies on this page if you don't mind something a little less mass market.

http://www.usstuff.com/shoes.htm [usstuff.com]

Re:This is why you don't do business with China (1)

Jaysyn (203771) | more than 4 years ago | (#31687210)

Ok, that page hasn't been updated in a while & some of the links are dead. Oops.

Re:This is why you don't do business with China (1)

elrous0 (869638) | more than 4 years ago | (#31687558)

Unfortunately, decades of corporate dominance in the western world have made an embargo of China pretty much impossible. Any country that tried this would face economic collapse (even the whole EU united probably couldn't pull it off). Very little in the way of manufactured goods is still made or exporting outside of Asia (mostly China). Boycotting them would mean having to recreate from scratch the entire manufacturing base of your country and having to completely redefine modern retail (no more Walmarts or malls), and that would take decades of economic suffering and scarcity to accomplish (though the end goal might well be worthwhile). No democratic society is going to put up with that kind of hardship for that long just to flip China off.

Re:This is why you don't do business with China (1)

camg188 (932324) | more than 4 years ago | (#31687932)

It's tough at times finding a product not made in China

Indeed, but "Made in China" often actually means "Assembled in China". Our global economy often makes your decision difficult.
For example, according to this article, What the iPod tells us about Britain's economic future [telegraph.co.uk] , out of the $190 captured value for every iPod (made in China) sold in the US, China actually only earns $4. The rest of the captured value goes to countries where the retailer, product developer and high value component manufacturers are located, primarily the US and Japan.

Just helping the people (1)

irn (1773184) | more than 4 years ago | (#31685896)

This was obviously just another step [slashdot.org] in ridding the China-ternet of porn.

And again. (0)

Anonymous Coward | more than 4 years ago | (#31685906)

Given Yahoo's previous history of cooperating with China, I doubt they are going to react as Google did. Unfortunatly. No, they'll just issue some statement about having improved their security and try to pretend this never happened.

A shame, as even the might of Google is as nothing compared to the Chinese government.

Are you sure it wasn't the Mossad? (1)

Noam.of.Doom (934040) | more than 4 years ago | (#31685942)

And I bet they would've gotten away with it, if it wasn't for those meddling journalists.

Yahoo (0)

Anonymous Coward | more than 4 years ago | (#31685974)

Well, I'm sorry, but if you use a Yahoo, Gmail, Hotmail och any kind of crappy webmail throwaway account for anything serious, you had it coming.

Re:Yahoo (2, Insightful)

TheCowSaysMooNotBoo (997535) | more than 4 years ago | (#31686302)

Yeah, real journalists use their ISP's webmail (*cough*), their own servers (which can be confiscated) or their friends (also confiscateable). Then you have the possibility of offshore email accounts on an american friend's server (which will get blocked). At least when using webmail, the others have to either break in the servers (like they did in TFA) or subpoena them (which I don't see the Chinese govt. do tbh).

Is Yahoo going to follow Google? (1)

Arancaytar (966377) | more than 4 years ago | (#31685990)

Time for all foreign internet companies to boycott the Chinese network, in my view. If they want to wall themselves off and not play nice, let them see where it gets their economy.

Re:Three Strikes (0)

Anonymous Coward | more than 4 years ago | (#31686654)

China has had their three, cut the fiber cables at the international territorial limit. Make them connect with 300 baud modems over dodgy dialup connections through North Korea.

So let's get this straight: (1, Insightful)

muckracer (1204794) | more than 4 years ago | (#31686034)

- for 20 years now malware targets mostly DOS/Windows, yet these guys still use exactly that
- the main vector of malware coming in is via e-mail attachments, yet these guys keep clicking on them
- signed e-mails and attachments would make reception thereof fairly safe, yet these guys have no idea about it
- nevermind encryption, cause why would these guys be responsible towards their sources
- etc.pp.

So I'd say....TOLD YOU SO....but then these guys probably would feign complete ignorance and amazement over the fact, that especially the totalitarian governments of the world don't exactly work with white gloves on and...GASP...don't give a shit about your self-aggrandized ego of 'a journalist' and the hallowed freedom of press!

Re:So let's get this straight: (1)

muckracer (1204794) | more than 4 years ago | (#31686610)

Coming to think of it...does anybody have additional information on how the Tibetan's now deal with things in the aftermath of Ghostnet? WOuld love to know if they wised up/got support to use e-mail authentication/encryption and generally beefed up security....

Re:So let's get this straight: (3, Insightful)

Asic Eng (193332) | more than 4 years ago | (#31688410)

for 20 years now malware targets mostly DOS/Windows, yet these guys still use exactly that

Like everyone else on the planet. Not that it matters whether you access webmail via Linux or via Windows.

the main vector of malware coming in is via e-mail attachments, yet these guys keep clicking on them

Webmail cracked - that's almost certainly not clicking-on-attachments territory, more likely poor password choice. Access to company servers from the inside (employees collaborating with the attackers) is another possible path of attack.

signed e-mails and attachments would make reception thereof fairly safe, yet these guys have no idea about it

Works only on a node-to-node basis. If their contact doesn't have the tools, then they can't use it. Same applies to encryption obviously. Is PGP freely available in China? How long till the government detects that you are using PGP and takes you in for questioning solely based on that fact?

but then these guys probably would feign complete ignorance and amazement over the fact, that especially the totalitarian governments of the world don't exactly work with white gloves

If the Chinese government attacks western computer systems, that's news. It might require a political response, that should be in the public discussion. Regardless, it's certainly worth reporting.

...don't give a shit about your self-aggrandized ego of 'a journalist' and the hallowed freedom of press

Freedom of the press is vital for my freedom and for yours. I think your disdain is completely inappropriate here.

the only way to avoid the truth now.... (0)

Anonymous Coward | more than 4 years ago | (#31686036)

is to pretend that you already have it. tell 'em robbie?

Yahoo, MS is poison (3, Informative)

AHuxley (892839) | more than 4 years ago | (#31686192)

With reports like "Yahoo 'helped jail China writer'" in 2005 ... would most people with any public or private interest in China stay with Yahoo's products in any form after its "complicity" over the past years?
http://news.bbc.co.uk/2/hi/4221538.stm [bbc.co.uk]

At least this will never happen with Hotmail (1)

Rogerborg (306625) | more than 4 years ago | (#31686364)

I mean, they won't have to hack the accounts - MS will just meekly hand over the keys to "comply with local laws."

They use webmail for confidential data? (2)

guanxi (216397) | more than 4 years ago | (#31687814)

I think I probably wrote the same thing when news of the GMail hacking allegations came out: Who is dumb enough to use a public webmail service for confidential email? Don't they have access to any good advice? Training? Or just think it through a little -- does Yahoo Mail seem like a secure place to store sensitive data?

Its a setup (1)

Zecheus (1072058) | more than 4 years ago | (#31688116)

Remember your lessons from spy school: it would be the pro-reform activists who would break into pro-reform data in order to implicate anti-reform entities.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>