Forgot your password?
typodupeerror
China Security The Internet United States

China Criticizes US For Making Weapon Plans Steal-able, Alleges Attacks From US 209

Posted by Soulskill
from the determining-intent dept.
Etherwalk writes "Huang Chengqing, China's top internet security official, alleged that cyberattacks on China from people in the U.S. are as serious as those from China on the U.S. 'We have mountains of data, if we wanted to accuse the U.S., but it's not helpful in solving the problem.' Huang, however, does not necessarily attribute them to the U.S. government just because they came from U.S. soil, and he thinks Washington should extend the same courtesy. 'They advocated cases that they never let us know about. Some cases can be addressed if they had talked to us, why not let us know? It is not a constructive train of thought to solve problems.' In response to the recent theft of U.S. military designs, he replied with an observation whose obviousness is worthy of Captain Hammer: 'Even following the general principle of secret-keeping, it should not have been linked to the Internet.'" A few experts think China's more cooperative attitude has come about precisely because the U.S. government has gone public with hacking allegations.
This discussion has been archived. No new comments can be posted.

China Criticizes US For Making Weapon Plans Steal-able, Alleges Attacks From US

Comments Filter:
  • Oh FFS (Score:4, Insightful)

    by Anonymous Coward on Wednesday June 05, 2013 @01:52PM (#43916363)
    "This is what I was wearing when China stole my weapons schematics. Tell me I asked for it."

    Fuck off with your victim blaming, China. Pricks.
    • by mjwalshe (1680392)
      obviously America was wearing a mini skirt and stripper heels and hanging out in sleazy bars obviously asking for it :-)
      • No she was in a drug induced coma bent over a park bench where prostitutes work with cum dripping out of her well used vagina. And some homeless guy walked by and just plugged her. Were not sure who that homeless guy was but he had a shirt with the Chinese flag on.

    • by DMJC (682799)
      Actually I'm paying you to build my weapons and defend me with them. I'm also paying you to keep those weapons locked up away from my enemies. When my enemies steal my weapons you get fired. That's the better analogy. Only we can't easily fire the government ven when they're being grossly incompetent which is what's happening. The government should be doing their job better.
  • um? (Score:2, Redundant)

    by etash (1907284)
    Why are such important files internet accessible ? I mean that's security 101 for top secret stuff
  • by Xest (935314) on Wednesday June 05, 2013 @02:01PM (#43916445)

    Whilst I'm not saying China doesn't do any state sponsored hacking I've pointed out before that China has the largest online population of any nation and has about 1/6th of the world's population. Statistically if you get non-state sponsored hackers in every nation it makes sense that you're going to see more from China than anywhere else.

    It's quite possible that it's nothing to do with the US "going public" and everything to do with the fact that a large number of hack attacks from China against the US is pretty much a statistical certainty regardless of state actors being behind it or not.

    I think all governments do state sponsored hacking, I certainly think China does, to what extent is unclear but I do think at least the claims against China are probably overhyped.

    Which may not inherently be a bad thing anyway though I guess if it gets Western firms to take security a bit more seriously so maybe there's a silver lining regardless.

    • by c (8461) <beauregardcp@gmail.com> on Wednesday June 05, 2013 @02:09PM (#43916497)

      Statistically if you get non-state sponsored hackers in every nation it makes sense that you're going to see more from China than anywhere else.

      Yeah, but China has a firewall. Surely you're not suggesting that non-state sponsored Chinese hackers have figured out how to get around the national firewall?

      Heh... actually, that wouldn't be a bad official response. Puts the Chinese in the position of either accepting responsibility for hacking, or admitting that their state firewall is actually pretty porous.

      • by ranton (36917) on Wednesday June 05, 2013 @02:13PM (#43916521)

        Heh... actually, that wouldn't be a bad official response. Puts the Chinese in the position of either accepting responsibility for hacking, or admitting that their state firewall is actually pretty porous.

        I doubt they care very much that there firewall can be compromised by people skilled enough to hack into government and corporate computers. The main point of the firewall is to assert control over the general population.

        • China has implemented the Great Firewall of China, both to monitor and control their citizens, as well as to limit the ingress points into China (three major ones if my memory is right) so they can more easily monitor and cut the lines if attacked. Compare that to the United States which has so many major lines running into/out of the country that it would be nearly impossible to block an attack from outside (not that inside versus outside is truly a big difference). Since these attacks are coming from be
        • by steelfood (895457)

          Not to mention that "their" firewall is actually a set of regional firewalls with differing rules. And even the firewall with the strictest rules leak like a sieve.

          The purpose of the firewall (and associated software) is twofold: 1) to prevent casual encounters with subversive information and 2) to provide sufficient evidence on persons of interest for a conviction.

          The second purpose is actually largely the same as the monitoring situation in the U.S. The government isn't out to get you specifically, but if

      • Heh... actually, that wouldn't be a bad official response. Puts the Chinese in the position of either accepting responsibility for hacking, or admitting that their state firewall is actually pretty porous.

        Not really. They can do any of the following, including perhaps more than one of these.
        1) The Beavis and Butthead defense - "Those were some other kids, sir" meaning non-Chinese people leaving a trail pointing back to China to deflect blame to there.
        2) The Bart Simpson defense (denial) - "I didn't do it. Nobody saw me do it. You can't prove anything."
        3) "Evil Chinese hackers did do it and yes, they got around our precious firewall. But we won't admit it to our own citizens. That's for external

      • by AmiMoJo (196126) *

        It's not that kind of firewall. It isn't design to keep stuff out or in, only to block people inside China from accessing certain foreign sites. There isn't one big server handling it all, they just require ISPs and search engines to implement the blocks for them.

      • Surely you're not suggesting that non-state sponsored Chinese hackers have figured out how to get around the national firewall?

        Getting around the GFW is a national pastime.

        So, yes.

        • by c (8461)

          Ah, yeah, that was sarcasm. Everyone knows the GFW is crap in practice. But that fact that the government persists in using it implies that they might be a bit sensitive about being mocked by foreign governments about it...

  • I don't get this. (Score:4, Interesting)

    by wcrowe (94389) on Wednesday June 05, 2013 @02:15PM (#43916547)

    I always thought it was a rule from Espionage 101 that you don't let the other side know when your side has been compromised. You use it as an opportunity to start sending out false information, and to learn their tactics and precisely who is involved. I don't understand why we are telling everyone in the world that the Chinese have stolen our information. It just makes us look inept in all sorts of ways.

    • by SuricouRaven (1897204) on Wednesday June 05, 2013 @02:32PM (#43916687)

      To harm China diplomatically and economically. If they get a reputation for underhanded spy games then businesses will be more reluctant to do business there for fear of having their designs shamelessly copied and research stolen, and nations will be less willing to allow free trade if it is known that China seeks to favor domestic industry by impeding the operations of overseas competition.

      • by Maxo-Texas (864189) on Wednesday June 05, 2013 @03:06PM (#43916979)

        The problem with this position is that they have HAD a bad reputation for stealing IP for over 20 years now. And it hasn't changed anything.

        People still do business with them. People still ship designs and formulas to them to produce.

        What will reduce IP Theft is higher chinese labor costs which make local manufacturing a better solution than offshoring. And we've probably got another 8 years before chinese wages + fuel transportation costs == local labor costs.

        • by rahvin112 (446269)

          The problem with this position is that they have HAD a bad reputation for stealing IP for over 20 years now. And it hasn't changed anything.

          Hasn't changed anything? Are you insane. One small example is Russia won't sell the Chinese ANY advanced weapons. After the Chinese copied some older model Soviet weapons the Russians refused to sell them ANY advanced weapon systems. This little detail has crippled Chinese weapon advancement for more than a decade, and only recently after realizing they can't create the

          • by dj245 (732906)

            The problem with this position is that they have HAD a bad reputation for stealing IP for over 20 years now. And it hasn't changed anything.

            Hasn't changed anything? Are you insane. One small example is Russia won't sell the Chinese ANY advanced weapons. After the Chinese copied some older model Soviet weapons the Russians refused to sell them ANY advanced weapon systems. This little detail has crippled Chinese weapon advancement for more than a decade, and only recently after realizing they can't create the same 50 years of Russian innovation on their own they are only now at the point of a new arms deal with the Russians with guarantees that the designs will not be copied. Even with firm contractual guarantees the Russians are still not sure they want to execute the contract because they don't trust them. I'd wager the contract is about 50/50 that it will ever happen.

            Wholesale theft of IP has harmed China in almost as many ways as it has helped them and they have started to realize the damage they've done.

            And yet companies keep coming back. Even Toshiba is giving IP to China for their latest design nuclear reactor. Toshiba, a company which obtained much of their steam turbine knowledge from licensing deals from GE in the 1970's and has come to have near-domination of new large steam turbines in the US. Toshiba took GE's steam turbine knowledge and used their weak currency to move in on the market. GE was seriously weakened in the steam turbine market from the IP deals, and has nearly given up trying to s

            • I see plenty of specs which specifically require that NO parts come from China.

              Specs for what kind of stuff? I'm curious.

        • by steelfood (895457)

          In 8 years, China will be shipping their designs out to Africa.

          Not that it matters. China will always have a ton more people than the U.S. They will always have a collective competitive advantage, if only because of economies of scale.

    • by erice (13380)

      I always thought it was a rule from Espionage 101 that you don't let the other side know when your side has been compromised. You use it as an opportunity to start sending out false information, and to learn their tactics and precisely who is involved.>/p>

      I think this has already happened. They traced the attacks to a specific building in Shanghai operated by the Chinese military [nytimes.com] and learned a great deal about the operations taking place there.

      I don't understand why we are telling everyone in the world that the Chinese have stolen our information. It just makes us look inept in all sorts of ways.

      Probably because all the useful counter-espionage plays have been done. Now the biggest payoff is from using the information for political leverage.

    • Re: (Score:2, Interesting)

      by AmiMoJo (196126) *

      It's to gain political currency. Make China out to be the bad guy, try to rally international sympathy for the US. Part of an ongoing narrative.

      The US loves bad guys. They justify spending and fear. The USSR fell apart, Iraq has been dealt with, Bin Laden is dead and his organization seems to be ineffectual these days. China is the new bad.

    • They already got the plans for the F-35. That's a terrible plane that it a horrifically expensive money sink and under performs on almost every aspect.If we give them the F-22 plans too we can watch their pilots die from hypoxia!
  • by MotoRyan (2942701)
    Also, how do we know that the IP address from the US is not just a VPN endpoint?
  • Any nation-state that does no espionage is irresponsible. They all do it. It's a game, and someone on the US side made a poor move.

  • These machines shouldn't have been connected to the internet... They also shouldn't have been running OSX or Windows. From there, freaking use LUKS to prevent physical threat and otherwise don't allow Chinese nationals to come into rooms with sensitive data.

    I wish my country would come up with a decent security policy...of course, this could've all been a trick, and they could have potentially placed these in a convenient location with compromised plans designed to just cost money and explode...but I don
  • Holy crap! Even more reason to ensure my car doors are locked, lest it end up in China.
    [ and a car analogy to boot :-) ]

  • Outsourced R&D (Score:5, Insightful)

    by Scot Seese (137975) on Wednesday June 05, 2013 @03:04PM (#43916957)

    WalMart has outsourced the production of plastic flower pots and patio furniture to China for decades - the Chinese are simply reversing the process! By letting U.S. taxpayers fund the billions of dollars per year we pour into military R&D, they save massive amounts of money and man hours, and are guaranteed the best designs that 17 year old Chinese Red-Bull & Cheetos-fuelled hax0rs can steal.

    Take a copy-catted F22 Raptor, paint a Chinese air force insignia on it, and * VOILA! * Fifth generation air superiority fighter MINUS the 20 years of research and testing.
    What you say? Their copy is only 85% as good as ours because they made shortcuts in the radar, or avionics, or missile systems? That's OK, our congress will keep paring down the final platform order until our air force ends up only getting 200 F22s, while the Chinese will manufacture 1,150 of theirs.

    The current US military philosophy is starting to look more and more like WW2 era Germany, with absolute faith placed in a relatively small number of extremely expensive, extremely high quality weapons systems, which ultimately were smothered and overrun by a developing nation (the U.S.) with phenomenal industrial capacity capable of running M4 tanks, jeeps, B17 bombers, and numerous other things off assembly lines faster than the Germans could destroy them.

    The comparative ironies to today's military situation are incredible.

    • Re:Outsourced R&D (Score:5, Interesting)

      by rahvin112 (446269) on Wednesday June 05, 2013 @03:41PM (#43917283)

      Arm chair generals. Although the information they stole is valuable they haven't stolen information that's going to have them building Raptors. China has been trying to copy SU-27 jets for about a decade now, they can't get the engines built right and are at the point of having to go back to a Russia that vowed never to sell to them again to beg them for rights to purchase more advanced systems.

      Even though they have working Russian built engines to compare against they weren't able to duplicate the engines. Any Engineer can tell you why, even with detailed schematics, if you don't understand the design you don't know where the critical sections of the design are or what processes to use during assembly that prevent catastrophic failure later. Most of these highly advanced weapon systems have decades of incremental experience built into the design. Even small differences in manufacturing can render parts unusable and it's experience that teaches you that, not schematics and working samples. Though the design information and working samples accelerate learning they don't do away with it.

  • Israel has been caught, many times, stealing and spying. Yet, I have never seen a US President complain about this. Why?

    The next enemy for America is China. Right now the US is in cold war with them. But it's going to get hot soon. Much of what is happening in the Middle East is about controlling the oil and thus, China.

    The next battlespace will be Africa.

    America is sleep walking, as usual, into a war with China.

  • by endus (698588) on Wednesday June 05, 2013 @03:45PM (#43917313)

    'Even following the general principle of secret-keeping, it should not have been linked to the Internet.'"

    You think so??? Really? This is a novel concept to our American Information Security Industry, please, tell us more! Surely you don't mean that power plants and water treatment facilities and power grids and other sensitive facilities should not be linked to the internet...HOW THE FUCK ARE THE OPERATORS GOING TO GET TO FACEBOOK IF WE DISCONNECT THEM!?!?!?!?

  • Listen. I am an American citizen and I do not want our secret whatever weapons plans stolen by ANYONE. We paid good tax money for those space lasers and trained velociraptor dragoons. I'd like to think we could actually go to war without all our wonderful toys being obsolete.

    So why is the US government putting our top secret hush hush designs ON THE F"ING INTERNET LIKE DRUNKEN COEDS POSTING THEIR BOOBS ON FACEBOOK!

    From here on out... lets just make a rule. If you're just straight up illiterate of computer s

    • by thoth (7907)

      So why is the US government putting our top secret hush hush designs ON THE F"ING INTERNET

      The U.S. Government? Every incident I've read of has been some kind of intrusion at a defense contractor. Meaning, corporate America is dropping the ball on security. But that's because corporations are all about profits and security is just an expense...

      Anyway, has there been any published info about an intrusion at an actual U.S. Government facility, not a private company? Honestly, I haven't seen any press about that, maybe I missed it.

      • Actually, I've seen quite a few leaks from the Department of energy... just nuclear bomb plans. Nothing to worry about folks. Move alone.

        • by thoth (7907)

          Sorry, but leaks and hacks aren't the same thing.
          If by leaks you mean some employee took info out, well that's espionage and unfortunately not 100% preventable without mind reading.

          • I get you, its okay if the government leaks horribly but if a private corp drops the ball its a sign of their inherent evil.

            Gotcha.

            Sorry if that's rude but I have a low tolerance for double standards.

            How about this, sport... How about neither leaks or is hacked or otherwise reveals state secrets? Does that work for you?

            The level of incompetence we've seen from multiple parties within our society as regards computer security has been pathetic. Something needs to be done about it.

            Here is my fix: Have the gove

  • Pretty much. (Score:2, Insightful)

    by John Pfeiffer (454131)

    My father does a good job of capturing the sheer absurdity, I think.

    Me: So, apparently China says that not only are we just as guilty of attacking them, but it's our own damn fault they were able to get at the data.
    Him: Let me get this straight, China's response to our accusations of cyber-espionage is basically "I know I am, but what are you?" ... I need a moment.

  • China: "It's your fault, you wore a red dress!"

    USA: "Oo... You big bad boy... I love your money!"

    These two need couple's counseling.

Make sure your code does nothing gracefully.

Working...