Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

U.S. Calls On China To End Hacking; Start Cyberspace Dialogue

Soulskill posted about a year and a half ago | from the subtext:-or-else dept.

China 160

New submitter trickymyth writes "For the first time, the United States has mentioned the People's Republic of China in relation to cyber crime, officially acknowledging what has been long suspected by private security experts and the U.S. business community. The Obama Administration seeks to get the Chinese government to acknowledge the problem, to cease any state-sponsored hacker activity, and to start a dialogue on normative behavior on the internet. This announcement follows the recent 60-page report from the American cybersecurity firm Mandiant, who spent two years compiling evidence against the so-called 'Comment Crew.' They traced IP addresses, common behavior, and tools to track the group's activity, which led to a Shanghai neighborhood home to the People's Liberation Army (PLA's) Unit 61398. This tracking came at the behest of the Times, who has experienced some trouble with hacking in the past. The Chinese government rejected the report as 'unprofessional' and 'lacking technical evidence.' This announcement also comes amid a delicate leadership transition in China and numerous new reports on the vulnerability of U.S. business and government networks to attack."

cancel ×

160 comments

Sorry! There are no comments related to the filter you selected.

"Normative behavior" (0)

Anonymous Coward | about a year and a half ago | (#43151773)

"Seriously guys, stop hacking us! It makes us look bad when we can't do the same to you, because you happen to have a firewall around your entire country!"

Re:"Normative behavior" (4, Informative)

daremonai (859175) | about a year and a half ago | (#43152177)

Um, the "firewall" in China is mostly to keep Chinese from getting out, not others from getting in. I assure you, systems in China are hacked all the time. Mostly for things like botnet recruitment, of course.

Re:"Normative behavior" (0)

Anonymous Coward | about a year and a half ago | (#43152341)

Wait a second, it's the US hacking China? In a paranoia laden US administration, and with a preventive strike mad military, I'd expect the US to start collecting some evidence they actually performed research prior to building-up the rhetoric on why they should increase military spending, not that it will ever prove actual threats by China, before an eventual attack.

Re:"Normative behavior" (5, Funny)

Impy the Impiuos Imp (442658) | about a year and a half ago | (#43153073)

"We are not hacking. Now go away, or I shall taunt you a second time."

(Guard 2 whispers): "Are they leaving?"

"I told them we weren't hacking." (Both snicker.)

Crybabies (0)

Anonymous Coward | about a year and a half ago | (#43151787)

Only complain when you lose.

Re:Crybabies (2)

lesincompetent (2836253) | about a year and a half ago | (#43151853)

The whole foreign policy of the USA in a nutshell.

Re:Crybabies (0)

Anonymous Coward | about a year and a half ago | (#43152081)

Who's losing? The USA military isn't exactly an underdog in any scenario.

Re:Crybabies (0)

Anonymous Coward | about a year and a half ago | (#43152167)

Underdog is not the same as losing party in a conflict.

Re:Crybabies (1)

lesincompetent (2836253) | about a year and a half ago | (#43152183)

Besides any asimmetric warfare scenario it ever encountered.

Re:Crybabies (1)

lesincompetent (2836253) | about a year and a half ago | (#43152195)

asimmetric

*asymmetric*

Re:Crybabies (1)

v1 (525388) | about a year and a half ago | (#43152215)

Only complain when you lose.

So true. It'd be like if the US wanted to go into talks with China to agree to stop spying on each other. Really? That's just not going to go anywhere. These are just countries looking after their best interests abroad. Why should they stop? Give me one good reason. (morals don't count. morals never count on a national scale, only things that get results count where entire nations are concerned)

morals never count on a national scale (0)

Anonymous Coward | about a year and a half ago | (#43153653)

And that, in a nutshell, is why the US has lost the moral high ground and is no better than any other tyranical power that has ever existed.

Re:Crybabies (2)

gmuslera (3436) | about a year and a half ago | (#43152439)

Wrong analogy. This one is "you don't attack us, and we keep attacking you", or maybe "my data is only mine, and your data is ours". Or even maybe "you stop your attacks, and we jail our hackers" (and those "hackers" are the ones that hack against us, not for us, be pirates, people that fight for people rights, or whoever disclose government/corporations abuses)

Yeah they'll get right on that (2, Insightful)

Anonymous Coward | about a year and a half ago | (#43151821)

This is the same country they has a national firewall infrastructure to use against its own citzens. I'm sure their morals will guide them right when it comes to using hacking as a weapon of war.

Good Luck With That (5, Interesting)

Farmer Pete (1350093) | about a year and a half ago | (#43151845)

I hope this ends well, but I have a feeling that either nothing will come out of this, or the Chinese will ramp up efforts since they don't have to worry about hiding their efforts.

Re:Good Luck With That (4, Funny)

Synerg1y (2169962) | about a year and a half ago | (#43151925)

Cyber war = rise of the nerds?

Re:Good Luck With That (5, Funny)

K. S. Kyosuke (729550) | about a year and a half ago | (#43152011)

Cyber war = rise of the nerds?

In case of Chinese government-fed hackers, it's rice of the nerds.

Re:Good Luck With That (0)

Anonymous Coward | about a year and a half ago | (#43152061)

Classic.

Re:Good Luck With That (1)

Anonymous Coward | about a year and a half ago | (#43152223)

If that's the case were toast. They have more nerds, government support, training and no fear of legal consequences on their side. We have a bunch of lone wolf types with very little training, government condemnation, legal threats ever looming and no peer support. Point being there is very little in the way of approved security training / college level beyond the week long class type from SANS. We really don't have anything at the scale needed to compete at any level and that is why we are routinely owned. /rant off

Re:Good Luck With That (1)

richlv (778496) | about a year and a half ago | (#43153503)

If that's the case were toast.

if it's the same level of spelling in the code, "your toast" indeed :>

Re:Good Luck With That (1)

Anonymous Coward | about a year and a half ago | (#43151939)

Well, China did respond angrily when some US hacker resources were pointed at finding out where all the Chinese hacking was done from. That was a sort of subtle 'we know where you live' message to those actually doing the spying for China.
Depending on how the diplomats take the message, this declaration is either an admission of failure (not likely considerring the prior story), a meeting of equals, or a mild threat with the implication that US hackers could do a whole lot worse than just tracking the attacks.

Agreed (0)

Anonymous Coward | about a year and a half ago | (#43151963)

Next step is send in the drones and turn that cyber war into a real one. Hey China, if you aren't sanctioning it and aren't stopping it, the U.S. WILL go in and do what is in their best interest.

Re:Agreed (3, Insightful)

Anonymous Coward | about a year and a half ago | (#43152139)

yep, because there's no way sending a remote controlled robot after a team of hackers could go wrong.

Re:Agreed (0)

thomasw_lrd (1203850) | about a year and a half ago | (#43152549)

I for one welcome our new communist hacked drone overlords.

Re:Agreed (0)

Anonymous Coward | about a year and a half ago | (#43152921)

I for one welcome our Chinese made drone clones one month later on ebay.

Re:Agreed (4, Insightful)

c0lo (1497653) | about a year and a half ago | (#43152181)

the U.S. WILL go in and do what is in their best interest.

I don't know why I have a feeling that US'es best interest is to fix their security flaws. Otherwise... what, will you do the same when e.g. Belarus (as a country) or a group of Russian hackers (acting "in private name") decides they'd like to test US tubez?
Or is one of your kinky pleasures to pay taxes that will end into the bank accounts of the "defense industry"?

Re:Agreed (5, Funny)

lennier (44736) | about a year and a half ago | (#43152669)

I don't know why I have a feeling that US'es best interest is to fix their security flaws.

Fix... the flaws? But... that would be like... shipping products which were warranted to be of merchantable fitness! It would require mandatory code regression analysis and testing which might cost money and would certainly create jobs! You're asking the software industry to submit to invasive scrutiny from the same kind of Government jackboots that the food, banking and building industries now tremble under daily! And that's socialism.

The only thing that can stop a black hat with a rootkit is a white hat with a rootkit!
If you outlaw shoddy, worthless software containing a million zero-day exploits, only outlaws will be exploited!
You'll take my imperative thread-based unsafe self-modifying code from my cold dead FATAL EXCEPTION AT 00FE:4358 SYSTEM HALTED!

In conclusion, I support Mom, apple pie, and an American software developer's inalienable right to immediately patent and ship whatever string of line noise can be coerced to come out the other end of a rusty, sawn-off C++ compiler, and my esteemed opponent does not.

I know I can trust you all to vote with your hearts.

Re:Good Luck With That (0)

Anonymous Coward | about a year and a half ago | (#43152271)

Hi Mr. Obama, this is PLA Unit 61398.
As long as we can get our monitoring equipment into CIA, NSA, and the Pentagon, just to be sure you Americans are not cheating, we are quite happy to make some accommodations.
BTW, that's quite the large mole on your ass, better have it look at by your doctor.

Mr President (1)

RS449 (2859563) | about a year and a half ago | (#43151849)

We can not allow a cyberspace gap!

Re:Mr President (1)

Farmer Pete (1350093) | about a year and a half ago | (#43152057)

I propose that we find 200,000 hackers and barricade them inside a giant command center. From there, they will fight our enemies! Of course, the command center would be stocked with a high female-to-male ratio....wait, who am I kidding. More like 199,900 men and 100 women.

Re:Mr President (3, Funny)

Looker_Device (2857489) | about a year and a half ago | (#43152207)

No women! They'll destroy the purity and essence of our natural fluids!

Re:Mr President (1)

Farmer Pete (1350093) | about a year and a half ago | (#43152431)

More like they'll find the hackers petabyte pr0n collection.

Re:Mr President (4, Informative)

X0563511 (793323) | about a year and a half ago | (#43152227)

You are not funny.

Re:Mr President (0)

Anonymous Coward | about a year and a half ago | (#43153309)

A Strangelove ref stays at 1, but "that isn't funny" is +5 Informative?!?!?!

I call for a Congressional investigation into astroturfing.

Not all good at home... (1)

Anonymous Coward | about a year and a half ago | (#43151861)

the desire to ship a product to maximize revenue rather than quality is the objective of many companies. The license agreements are better coded than most software.

shake on it? (0)

Anonymous Coward | about a year and a half ago | (#43151871)

USA: Syn(100) -------> China

Your move China.

What does China say about the U.S regarding hacks? (0)

Anonymous Coward | about a year and a half ago | (#43151885)

Surely the U.S is hacking back? My best memory of "China hacking" is Operation Aurora. I find it difficult to believe the U.S has been on the purely defensive side since then (if not before).

Re:What does China say about the U.S regarding hac (1)

lesincompetent (2836253) | about a year and a half ago | (#43151931)

Surely the U.S is hacking back?

Yeah sure! Now where did i put my netbus...

But Stuxnet was ok, eh? (4, Insightful)

A nonymous Coward (7548) | about a year and a half ago | (#43151911)

It's ok for the US but no one else?

Guess some left hand isn't talking to the right hand.

Re:But Stuxnet was ok, eh? (1)

0123456 (636235) | about a year and a half ago | (#43151957)

More like someone just realised that America is about 3,000,000% more vulnerable to such attacks than Iran or North Korea.

Re:But Stuxnet was ok, eh? (1)

Anonymous Coward | about a year and a half ago | (#43152129)

Let's see...
Hacking military installation to stop uranium enrichment beyond what is necessary for commercial power generation
vs
Hacking civilian companies to uncover the Chinese person/persons who leaked info on Wen Jiabao family's fortune in order to intimidate/punish them.

And in your mind these are equivalent?

Yes (1, Insightful)

schneidafunk (795759) | about a year and a half ago | (#43152171)

Call me hypocritical, but preventing Iran from having a nuclear bomb for the safety of the middle eastern region (and global security) is definitely worthwhile.

What is the purpose of China's hacks? Mostly economical, not exactly an apples to apples comparison here.

Re:Yes (2)

Mister Liberty (769145) | about a year and a half ago | (#43153007)

The Middle East itself disagrees with you.

Re:Yes (0)

Anonymous Coward | about a year and a half ago | (#43153137)

Call me hypocritical, but preventing Iran from having a nuclear bomb for the safety of the middle eastern region (and global security) is definitely worthwhile.

You really haven't learnt from 50 years+ of blowbacks from US government interference. The world didn't end when South Africa, India, Pakistian and Israel got the nuclear weapons and it won't end if Iran ever gets nuclear weapons.

Sure, Iran doesn't like the US government very much, but then they did get their democratically elected government overthrown and replaced with a US-backed dictator. And a war which saw US use Iraq as its proxy/puppet. Of course, that's in the past because the US government has apologised and made repatriations...actually wait, the US government never did that.

What does cause instablility is the US government playing world police and deliberately provoking countries into continued spending on its miltary-industrial complex rather than trying to solve its internal problems. Don't you think there's something seriously wrong with a country's priorities when a country with 5% of the world's population has about the same number of aircraft carriers as the rest of the world combined?

What is the purpose of China's hacks? Mostly economical, not exactly an apples to apples comparison here.

Thank God it's only economical. So it's not all that different from US spying on European companies with its Echelon network. Would you really rather the China government went around bringing down your electricity networks or destroyed industrial equipment?

Re:But Stuxnet was ok, eh? (0)

Anonymous Coward | about a year and a half ago | (#43152257)

its ok in that its a retaliation against a nation that is already violating the geneva convention.

Re:But Stuxnet was ok, eh? (0)

Anonymous Coward | about a year and a half ago | (#43152461)

That would be America then yes?

Re:But Stuxnet was ok, eh? (0)

Anonymous Coward | about a year and a half ago | (#43152539)

U.S. is also actively violating the Geneva Convention, so it is free game too.

google "us violating the Geneva Convention"...

baltimorechronicle.com/geneva_feb02.shtml
>On January 11, 2002, the United States announced that it was refusing to abide
by the 1949 Geneva Convention on the treatment of prisoners of war.

Imagine it's 2003 (0)

Anonymous Coward | about a year and a half ago | (#43152259)

Imagine it's 2003, and Slashdot has an article about the widely criticized Iraqi invasion. An American makes a post just like yours:

"But invading Kuwait was ok, huh?"

Would you have embraced that sentiment? Would the moderators have modded it up?
I imagine that poster would be flooded with indignant replies containing variations of "two wrongs don't make a right"

Re:Imagine it's 2003 (3, Insightful)

NoKaOi (1415755) | about a year and a half ago | (#43152553)

Imagine it's 2003, and Slashdot has an article about the widely criticized Iraqi invasion. An American makes a post just like yours:

"But invading Kuwait was ok, huh?"

Would you have embraced that sentiment? Would the moderators have modded it up?
I imagine that poster would be flooded with indignant replies containing variations of "two wrongs don't make a right"

Now imagine again that it's 2003. We know that North Korea is close to getting nukes, and their leader is literally insane. Far away, we have a bit of unreliable intelligence from some dude that was tortured and told us Saddam had WMDs, that we know is unreliable (because the guys that tortured him and told us about it also told us that it was unreliable). We also know that even if these WMDs do exist, they are not nukes. Also, unlike North Korea, Saddam was a major asshole but was not actually literally insane (at least not more than any other asshole politician). We know that if we take Saddam's regime out, we'll have to be there for a very, very long time to prevent an even bigger asshole from taking over. Meanwhile, our friends in South Korea would be happy to take over North Korea if we took out Kim Jong-Il's regime, and unite North and South Korea, significantly helping the entire population of North Korea.

10 Years prior, your daddy (president at that time) and your current VP (Secretary of Defense at that time) had both said invading Iraq to go after Saddam would have been obviously stupid. Your current VP even explained why it would be utterly stupid in an interview with C-SPAN in 1994.

Which country do you invade?

Re:Imagine it's 2003 (0)

Anonymous Coward | about a year and a half ago | (#43152695)

Probably post something like "So what, how is this different from the Soviets invading Afghanistan?"
Do you even know how to play the "deflect-to-another-country" game?

Which country to you invade? (0)

Anonymous Coward | about a year and a half ago | (#43153555)

None, because invasion violates national sovereignty and it inevitably results in people, innocent and otherwise, being killed or injured without the benefit of due process or equal protection of the laws and is, generally, neither democratic, just nor peaceful. Surely the most powerful nation in the history of the human species can do a little better than indiscriminanatly blowing up property and killing people whenever they don't get what they want for themselves. Do you know the history of US attrocities in Korea and Iraq? Do you really want more of that?

Re:But Stuxnet was ok, eh? (1)

gmuslera (3436) | about a year and a half ago | (#43152485)

Is nice to throw the first stone and then complain if someone else want to play that game too.

Re:But Stuxnet was ok, eh? (0)

Anonymous Coward | about a year and a half ago | (#43152917)

Its okay to be disproportionate in foreign affairs. Its called winning. Its not hypocritical, its what you are supposed to do.

I have a cheap solution (5, Funny)

Anonymous Coward | about a year and a half ago | (#43151955)

Silly Times, if you are scared of the Chinese hackers, you can just insert this code at the top of your site:

< h1 > tiananmen square < /h1 >

Let's get realistic here (-1, Offtopic)

MikeRT (947531) | about a year and a half ago | (#43151995)

News flash to Obama: if you want them to take you seriously act on your 2008 platform. That would be getting federal spending back down below Bush levels and bringing our military back home. A $1.1T deficit and overextended military make us a laughable threat to China. They are merely showing you pity by deigning to talk to you.

It will fade away (5, Interesting)

Spy Handler (822350) | about a year and a half ago | (#43152005)

China is about to have an epic crash when their real estate bubble bursts:

60 minutes on China Real Estate Bubble [cbsnews.com]

When that happens, their economy will tank... similar to what happened in U.S. in 2008. And that will bring out people demonstrating in the streets. The Chinese security apparatus will have its hands full trying to stifle online dissent and stop people from plotting against the government. Cyber attacks on external targets will fade.

Re:It will fade away (1)

Anonymous Coward | about a year and a half ago | (#43152405)

That logic assumes the Chinese government won't blame "foreign interference" for each and every possible thing that goes wrong, and attempt to fool the population into thinking it's "them, not us" that is the problem. This is one of the favorite excuses of an authoritarian government when things go wrong.

Re:It will fade away (0)

Anonymous Coward | about a year and a half ago | (#43152701)

similar to what happened in U.S. in 2008. And that will bring out people demonstrating in the streets.

The only people I remember demonstrating at that time was The Tea Party. I really doubt the same thing will happen in China. People there are unlikely to demand the government do nothing about a fiscal crisis.

Re:It will fade away (4, Interesting)

ljw1004 (764174) | about a year and a half ago | (#43152871)

China is about to have an epic crash when their real estate bubble bursts

A different view, published a week after your CBSNews report:
http://www.forbes.com/sites/kenrapoza/2013/03/11/chinas-non-bubble-housing-bubble/ [forbes.com]

"By comparison, China’s housing bubble is a non-bubble... There’s also nothing close to a mortgage backed securities bubble and no sub-prime lending...'You don’t see the same amount of bank stress that you see in the U.S. because the debt levels are significantly lower, both for the builders and for the buyers'."

Re:It will fade away (3, Insightful)

Spy Handler (822350) | about a year and a half ago | (#43153301)

that's true, China doesn't have the mortgage-backed securities and subprime lending we saw in the U.S.

But while those things certainly help fan a bubble, you can still have a bubble without them. There was no subprime lending or Tulip-backed securities, yet the Tulip bubble still took place.

Re:It will fade away (1)

Mister Liberty (769145) | about a year and a half ago | (#43153077)

You're whistling in the dark.

I for one hate to see Americans including the US Govt being so
dumbassed obviously anal towards the Chinese.
They, Americans, used to be smart, across the board.

Better shape up. China will bury you. Do you even know how many
there are to 1 US [delusioned, fatigued -- like you] citizen?

Re:It will fade away (1)

Anonymous Coward | about a year and a half ago | (#43153473)

You're whistling in the dark.

I for one hate to see Americans including the US Govt being so
dumbassed obviously anal towards the Chinese.
They, Americans, used to be smart, across the board.

Better shape up. China will bury you. Do you even know how many
there are to 1 US [delusioned, fatigued -- like you] citizen?

As an American, I wanted to respond, but ran out of breath typing this...

Re:It will fade away (0)

Anonymous Coward | about a year and a half ago | (#43153261)

OR, orrrr, they could be about to do something really insane: open their borders to anybody and have insanely cheap housing.

It'd likely not work very well since, you know, international moves are expensive as hell, on top of even cheap or free housing.
So there goes my crazy idea.

The only place it would really attract anyone from is nearby, but even then, good luck with that.

Dear China, please stop hacking. (1)

Doug Otto (2821601) | about a year and a half ago | (#43152033)

China: You go now!

Don't be fooled, military complex wants more (0)

Anonymous Coward | about a year and a half ago | (#43152055)

The military complex wants there to be more hacking, not less, so that they can justify grabbing more tax dollars for national "protection".

So-called cyberwarefare is a dream come true. Producing defense hardware costs the defense contractors a fair bit of money as a per-unit cost, whereas cyber "armaments" cost nothing to replicate yet they'll still charge the government on a per-unit basis. All that lovely tax moola, yummy.

LOL (0)

Anonymous Coward | about a year and a half ago | (#43152063)

These Americans...

Re:LOL (1)

Doug Otto (2821601) | about a year and a half ago | (#43152151)

Walk into a bar...

Re:LOL (1)

invid (163714) | about a year and a half ago | (#43152585)

And the bartender says...

JFK (2)

nikros (1037028) | about a year and a half ago | (#43152163)

I believe we possess all the resources and talents necessary. But the facts of the matter are that we have never made the national decisions or marshaled the national resources required for such leadership. We have never specified long-range goals on an urgent time schedule, or managed our resources and our time so as to insure their fulfillment. JFK 1961 ppl who who don't know history are doomed to repeat it

this just in from iran (0)

Anonymous Coward | about a year and a half ago | (#43152205)

stuxnet what?

pot meet kettle....

Alternative solutions (1)

GrBear (63712) | about a year and a half ago | (#43152277)

You know, the US could just turn off their overseas Internet connectivity and isolate itself. Or you know, be part of the international community and accept they are no more special than any other netizen with attempted hacks on their IP addresses.

Re:Alternative solutions (1)

sjames (1099) | about a year and a half ago | (#43152415)

Or just cut links to China and keep talking to the rest of the world.

Re:Alternative solutions (1)

RabidReindeer (2625839) | about a year and a half ago | (#43152601)

Or just cut links to China and keep talking to the rest of the world.

But then how would Wal-mart get their orders filled?

Re:Alternative solutions (1)

sjames (1099) | about a year and a half ago | (#43152691)

Build a factory in some other 3rd world hellhole and exploit those people for a while, of course.

Re:Alternative solutions (1)

gtall (79522) | about a year and a half ago | (#43153019)

Wow, you really don't get the internet, do you?

Re:Alternative solutions (1)

sjames (1099) | about a year and a half ago | (#43153289)

Sure I do. I'm not the one who thinks it runs on spooky action at a distance. Block the routes to China at the routers and as far as the U.S. internet is concerned, there is no China.

That still leaves the possibility of hacking themselves a proxy in some other country, but it greatly increases the chances that a U.S. inquiry would get it shut down.

Re:Alternative solutions (2)

invid (163714) | about a year and a half ago | (#43152567)

The internet, just by being the internet, is far more damaging to China than Chinese hackers are to the Unites States.

Won't work (2)

dutchwhizzman (817898) | about a year and a half ago | (#43153599)

Blocking overseas network traffic will just mean that the hackers will start using US based places to start hacking from. Just blocking China won't work since the hackers almost exclusively use intermediate (hacked) computers that are not in China to do their stuff from. The fact that China isn't really hiding their economic hacking doesn't mean that other countries aren't doing just that as well. Don't forget that commerce and government are more or less the same in "communist" China. This is nothing but industrial espionage, which takes place everywhere, not just in China-USA. The real difference is that in this case the owners of the industry aren't people claiming to be private citizens in a claimed democracy. You're basically fighting a very powerful economy that happens to be a lot more efficient at their corruption than the the US economy is, with the exception of the arms industry.

Cyber Space War slashdot, c'mon (0)

Anonymous Coward | about a year and a half ago | (#43152283)

C'mon @soulskill, you had the opportunity to legitimately put the phrase "Spacewar" in your headline and you didn't. I don't think you can correct headlines, but it may be worth it.

Corrollory to Betteridge's Law (5, Funny)

rhysweatherley (193588) | about a year and a half ago | (#43152291)

Any headline where the US is demanding that some other country stop doing something can be simply answered with "You First Sparky!".

Stop using religion as your government (0)

Anonymous Coward | about a year and a half ago | (#43152581)

How about stop censoring your political opposition?

Re:Stop using religion as your government (0)

Anonymous Coward | about a year and a half ago | (#43153739)

You First Sparky!

Or don't you trust in God?

How would this be possible? (1)

TheSkepticalOptimist (898384) | about a year and a half ago | (#43152321)

How could any government control the actions of 1 billion people....oh wait a minute.

Translation: (0)

Anonymous Coward | about a year and a half ago | (#43152359)

We're going to keep doing that shit to you, but please stop doing it to us, because you know, we're the United States and you're not allowed to do to us what we do to you.

"How about we call it a draw?" (3, Insightful)

jfengel (409917) | about a year and a half ago | (#43152383)

Seems to me that this is like asking for a truce when we're losing. They've got no reason to say yes.

Fortunately, this isn't a battle we have to lose. Yeah, I think we have to admit that every grandma-box running Windows 98 is going to be a spam-spewing zombie for the foreseeable future, but the corporations that make the juiciest targets should also be capable of at least some self-defense. If thy IP block offends thee, cut it off. Social engineering is always going to trump user education, but we can at least make it an arms race.

At least it's not nukes, which are harder to walk away from. That means we also don't have Mutually Assured Destruction. They're going to do it even if they sign a treaty saying that they won't, so we're going to have to hunker down and deal. Asking them to call it a draw isn't going to get us anywhere.

Re:"How about we call it a draw?" (2)

lennier (44736) | about a year and a half ago | (#43153131)

but the corporations that make the juiciest targets should also be capable of at least some self-defense.

You might think that, but apparently no. For example, here's this January 2013 report from the Defense Science Board [osd.mil] , which I'm surprised hasn't made it to Slashdot yet. It's very sad and sobering reading.

After several months of researching best practices of cyber metrics in commercial, academia and government spaces, the Task Force determined that no metrics are currently available to directly determine or predict the cyber security or resilience of a given system. .... Even knowing if a system is compromised is very difficult. ...
In the process of conducting this study, it became apparent that the full spectrum cyber threat represented by a Tier V-VI capability is of such magnitude and sophistication that it could not be defended against. ...
Organizations in the Department today, however, do not generally share details about cyber attacks that have compromised their systems. Instead, system compromises are often classified, keeping people in the dark who must be aware so they can anticipate similar attacks. Consequently, DoD organizations are trying to field defenses based only on partial knowledge of what kind of vulnerabilities are being exploited. ...
For more than 15 years, the Department has invested significant resources (people and funding) in an effort to prevent, detect and respond to a full range of cyber threats. ... Strong authentication based on the Common Access Card (CAC) and Public Key Infrastructure (PKI) capabilities and other Defense in Depth mechanisms added to the overall “assurance” of the networks. Then, based on a significant infection of the Unclassified but Sensitive Internet Protocol (IP) Router Network (NIPRNet) and the Secret Internet Protocol Router Network (SIPRNet) in 2008, deployment of additional technologies, e.g., Host Based Security System (HBSS) and other hardening and situational awareness tools were accelerated.

While well-intentioned and strongly supported, these and subsequent initiatives have not had the desired impact on the overall IA posture of the Department. Defensive measures implemented at the boundaries between the NIPRNet and the Internet proved to be only marginally effective in blocking successful intrusions or reducing the overall attack surface of DoD networks and systems. Mobile platforms (smart phones, tablets, etc.) exacerbate this already challenging problem. Red teams, conducting operations during military exercises or at the request of Military Department and Agency officials, continue to have a nearly perfect success rate breaking into the systems.

Within classified networks, once thought to be safe for military command and control traffic, our adversary has successfully penetrated vulnerabilities created by poor user practices and a lack of discipline at all levels of the command structure. Operation BUCKSHOT YANKEE was clearly a wake-up call, suggesting that every system relied on for the conduct of war fighting operations is at risk of exploitation by an increasingly sophisticated adversary; an adversary ready and able to exploit any technical or human weakness to achieve their objectives.

Emphasis mine, but this is scary stuff. Even the classified US military IP networks have lousy security and have been infected by viruses.

I've never seen this announced before, but it's basically game over for network defense. The DoD can't keep their boxes patched. That's why they're talking about offensive cyber and nuclear first strike.

Cyberspace Dialog? (0)

Anonymous Coward | about a year and a half ago | (#43152411)

U.S. to China:

a/s/l ?

Wanna cyber?

Getting tired of terrorist? (1)

rmdashrf (1338183) | about a year and a half ago | (#43152473)

Looks like governments start noticing that 'the terrorists' are no longer an effective bogeyman and need to conjure up a new one.

Re:Getting tired of terrorist? (1)

detritus. (46421) | about a year and a half ago | (#43153217)

The Patriot Act targets hackers just as much as it does terrorists.

3 Strikes (1)

Zamphatta (1760346) | about a year and a half ago | (#43152545)

All the US needs to do, is sit back and wait for these Chinese hackers to download too much copyrighted material. Just wait, it'll happen soon enough. Then their ISP will cut down China's bandwidth to like, really really slow. They won't be able to really get any hacking done then.

China Responds (1)

CanHasDIY (1672858) | about a year and a half ago | (#43152595)

"You first, fuckers!"

I think we can all see where this is headed...

Wouldn't you prefer a nice game of chess?

This is the worst security idea ever!! (0)

Anonymous Coward | about a year and a half ago | (#43152707)

I for one would rather see the security ignorant persons setting up government and infrastructure IT systems here in the USA constantly checked from the outside and exposed in small chunks than any "secure because we say so" due to unenforceable policies.
Security would never improve, rather it would get very much worse if there wasn't the constant threat posed by hackers. They are doing us all a favor. If and when a real organized and unified hackers attack, hopefully the larger security doors and windows will already have been closed.

Security is NOT a goal, it's a process. Constant hacking is arguably the most important part of that process as it's a reminder of the constant diligence needed to keep systems locked down.

I would think a large 0-day stockpile combined with a couple year moratorium on foreign hacking would be the most effective strategy for wreaking instant remote havoc if that's the goal. Attacks by a million cuts results in very thick armor over time. Maybe China want's our infrastructure to be better and this is their most effective way to make this happen.

I would rather see each government or infrastructure system put in place require the security persons private signature - where they are publicly shamed if and when the signature is collected by hackers and exposed. Hackers could turn in these signatures for anonymous large rewards. Successful 0-Day exploiats could be turned in for even greater rewards as that could be added to our own 0-Day stockpile.

I'm much more worried at the moment about low-level back doors in equipment coming out of China. There's lots of room for un-fixable mischief to be had with ICs with the right microcode, and it's already been proven that they have the technology and know-how to do this.

Pleasant dreams!

Welcome to the party, pal. (2)

lexsird (1208192) | about a year and a half ago | (#43152975)

China has been hacking US gamers for years. I get notifications from Guild Wars 2 that someone in China tried to access my account, please change my password. Welcome to the world wide web, Mr President and Congress, we need smarter policies, not more neolithic special interests pandering bullshit. Set up a firewall that you can monitor the hits on it, you will find that China is a beehive of hacker activity.

We do have people highly qualified and capable of not only securing our country's systems, but being our scalpel as well. Let's not panic for fuck's sake.

Shushu! (1)

l0ungeb0y (442022) | about a year and a half ago | (#43153153)

That's what the US State Dept is crying over in Beijing right now.

Poor timing (1)

Dishwasha (125561) | about a year and a half ago | (#43153189)

The Obama administration really needs to learn some tact. Did they really need to launch this initiative RIGHT now? Could it not have waited 6 months since it has taken them 2+ years so far to gather the evidence? The Chinese government has always used the "it wasn't me" and "As I told you, it would be absolutely, totally, and in all other ways inconceivable" arguments. All this will do is raise their hackles while we deal with a true international crisis that we need and have finally started getting China's help on, a.k.a. illegal North Korea nuclear capabilities.

At least with the hacking problems, that is something we can work on internally to resolve through better security measures. NK going nuclear, that is nothing we can fix by ourselves without severe global consequences.

Or what... (2)

detritus. (46421) | about a year and a half ago | (#43153237)

Issue sanctions? Stop it, it hurts to laugh.

This is our way of saying were stuck. (0)

Anonymous Coward | about a year and a half ago | (#43153519)

Anytime the US says they want someone else to change their policy, to stop doing something or to talk about a problem usually means they are beating us at something. We do whatever we please and strut around like pretentious dicks but as soon as someone does it better and we cant beat them they we try to act diplomatic or simply go and run to mommy to say someone isnt playing fair.

The whole cyber thing is the next boogeyman anyway. The US always has to conjure up some scheme to direct attention to and "declare war on" to justify blowing trillions of dollars and not actually trying to improve the country. The whole terrorist thing is getting old and no one cares anymore. So now its all about cyber war

How truth is made (1)

mars-nl (2777323) | about a year and a half ago | (#43153561)

1. Some company gets hacked
2. Some security company (Mandiant) investigates and makes a non-peer-reviewed report (PDF) with very thin evidence that jumps to conclusions [mandiant.com]
3. Sensational press repeats claims from report without investigating
4. Government uses "evidence" of what now seems a big problem and a certain source to start a war
5. Profit...

I'd like some smart Slashdot reader to read the report and tell us what you think. It contains a lot of random facts and then draws some very unscientific conclusions. I think it was written starting with the conclusions, then finding facts to "support" it.

Translation (1)

EmagGeek (574360) | about a year and a half ago | (#43153717)

China owns the US
China owns networks in the US
China has complete visibility of everything that happens in the US

We surrender. Please don't hurt us.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>