US Inadvertently Enabled Chinese Google Hackers 103
Phrogman writes "In this CNN article by Bruce Schneier, he states that the US Government inadvertently enabled Chinese hackers access to Google's Gmail. The article states 'Google made headlines when it went public with the fact that Chinese hackers had penetrated some of its services, such as Gmail, in a politically motivated attempt at intelligence gathering. The news here isn't that Chinese hackers engage in these activities or that their attempts are technically sophisticated — we knew that already — it's that the US government inadvertently aided the hackers.'"
Update: 02/22 20:26 GMT by S : As readers have noted, Schneier said not long after he wrote this article that he no longer thinks this is what happened.
Open letter to Chinese computer professionals: (Score:1, Troll)
We were made aware of your recent exploits concerning Google and a number of other Western corporations. We know that you have the facility to go after bigger and better targets, so why not go after the U.S. government itself? Instead of hacking Gmail to read average citizens' e-mail, you could go after congress and deliver to us their damming communiques. We want to know all about their marital affairs, business dealings, money streams, and even their bowel movements. We
Re:Open letter to Chinese computer professionals: (Score:4, Insightful)
Nice sentiment, but Capitalism isn't the problem. Crony Capitalism is the problem. The wealthy gamble with the people's money. If they win, they keep all the profits. If they lose, politicians make sure the taxpayer bails them out. This needs to stop.
Re: (Score:1)
Re: (Score:2)
But, we're not looking for an earthquake.
Re: (Score:2)
If one really wants to change the way things are done, try bringing down the cable TV system(s). There would a freaking armed revolt.
Re:Open letter to Chinese computer professionals: (Score:5, Interesting)
Nice sentiment, but Capitalism isn't the problem. Crony Capitalism is the problem. The wealthy gamble with the people's money. If they win, they keep all the profits. If they lose, politicians make sure the taxpayer bails them out. This needs to stop.
That's not "Crony Capitalism", that's just Capitalism. Capitalism done poorly, but still, plain old vanilla Capitalism.
Crony Capitalism is when you get the contract because of who you know (which is still plain old vanilla Capitalism, actually, just done poorly in a different way).
The problem isn't with Capitalism per se, the problem is with worshipping Capitalism as the highest ideal form of economic system. It's not. It's really good, but to blindly follow a rule of "Capitalism or bust" is doomed to failure.
The banking system fiasco is a perfect example of pure Capitalism at work. The banks got your money voluntarily. They then "invested" it voluntarily. They then lost it, all completely voluntarily. Although it should have happened much sooner, *that's* when the government finally stepped in to halt this perfectly valid form of Capitalism. Had they not stepped in, we would very likely be in a depression right now, instead of being in an actual state of economic improvement.
They should have stepped in sooner, and disallowed the high-risk gambling of something so precious as the savings and checking accounts of the American people. But the ruling party at the time has the motto of "Capitalism or Bust". The problem is they actually got both.
Now, the standard Capitalist response would be that, sure, *some* banks will gamble, and they will fail, but the smart banks will not and they will outcompete their competition and rise to the top, making the market even *better* than before.
The problem with that is that in some configurations, that doesn't really work. If it takes a long time for failure to occur. This is what happened with the banks, where it took about a decade for the house of cards to collapse. In the mean time, all the smart banks (of any significant size) *had* to follow suit with the risky practice for two reasons:
1. They *were* being outcompeted by their competitors. Those that took the risks were seeing the higher rewards immediately. Those that were playing it smart were not, and their boards and shareholders where at their throats if they didn't also see similar earnings.
2. The cancer of these bad investments where making their way all throughout the system. It's difficult to invest in anything without having it be involved, in some way, with this house of cards illusion.
Sure, there were a few small institutions that weren't a part of this scheme, but they were hardly capable of taking over the financial burdens of the US.
And once everything fell apart, *HUGE* amounts of American capital instantly disappeared. This left a huge vacuum, and as the *rest* of the economy began to collapse, the government, and specifically, the Federal Reserve, did the only thing it could to prevent full catastrophic failure. They filled in some of those gaps with printed money. This slowed the collapse and is in fact reversing it as we speak. But at a cost, a huge cost. The cost is inflation. With more dollars in existence, each dollar is worth less.
This is all thanks to Capitalism. Not Crony Capitalism, not Any-Other-Qualifier Capitalism. Just plain old Capitalism. Some things should not be allowed to happen. *Not* because government knows better than you or I, but because some things are traps. Traps where a profit seeking Capitalism, done completely correctly, has no choice but to fall into. Some traps may be acceptable, if they get us to a better state of affairs, and maybe it means horse and buggy dealers have to lose out to the automobile industry, or electric cars replace gasoline cars, or the Internet topples the current music industry configuration.
But some traps are far too devastation to be allowed to be sprung. And *any* trap which will inevitably lead to the decimation of our banking system one such trap. For the government to put into place restrictions protecting such a thing is *NOT* Communism. It's the government protecting the very fundamental building blocks of Capitalism.
Re: (Score:2)
Near as I can tell, Capitalism should involve capital. Perhaps that's just me being silly. What the banks did had nothing to do with capitalism. They had NO capital. That was exactly the problem -- they made stuff up and then spent money on it.
Re: (Score:2)
That wasn't the problem: the problem is fiat currency to begin with. Banks create money via the fractional-reserve banking system [wikipedia.org]. This can work okay (the fact that the US dollar is actually debt, not wealth put aside for sake of argument) if you have good risks. The problem is with Fannie Mae and Freddie Mac guaranteed riskier loans, some banks were required to lend to people who had no means to pay it back, and others jumped on the bandwagon as it was a good way to make a quick buck; show some strong "gai
Re: (Score:2)
Near as I can tell, Capitalism should involve capital. Perhaps that's just me being silly. What the banks did had nothing to do with capitalism. They had NO capital. That was exactly the problem -- they made stuff up and then spent money on it.
To claim that banks have no capital is to say down is up.
tired, failed argument (Score:4, Insightful)
the banking system bubbled and bursted a number of times in the 1800s-1920s, because it wasn't regulated. so the government came in and regulated it. it bubbled and bursted again in 2007 because the government was hard at work REMOVING regulations for a decade before that
and then idiots like you come along and go "look, the government is involved, so its all their fault"
the only thing at fault in the government is idiots in the government who think the solution is less government
you WANT heavy government regulation for a healthy functional economy. simple solid fact
Re: (Score:3, Insightful)
I find it strange that the business community claims that capitalism thrives in a society with a strong rule of law. Except when those laws apply to themselves, of course.
And I find the claim that the sorts of crimes that business tend to commit are somehow 'less serious' than those of common criminals. "I don't worry about someone approaching me in a dark alley selling unregistered securities", the saying goes. The problem is that, in the long run, its this sort of crime that does the most damage to socie
exactly (Score:2)
the retarded libertarian mantra is the market polices itself
bullshit
the truth is that some assholes notice natural imperfections in the market, and exploit them
furthermore, smaller players are not on the same footing as larger players. the free market fundamentalist delusion is that without government, everyone will coexist in equality. when the simple truth is, smaller fry are abused by larger fry UNLESS a strong regulatory policing governmental force keeps thing equal
but no, all these ayn rand naive philo
Re: (Score:2)
At the basis of Capitalism is a Free Market. There are at least two conditions that must be present for a Free Market to meet its definition:
* barriers to entry must be close to zero (exactly zero is impossible)
* perfect information about all products/services in the market is available to all customers
Unfortunately, no markets truly satisfy this condition. Instead, what we have are markets that fall in a spectrum: some have low barriers to entry and information is broadly available (carpentry), others have
Re: (Score:1)
A. everyone knows everything about the state of the market,
B. there are no barriers to entry or exit, and
C. everyone has equal access to the means of production.
as a result of this,
D. No one person has the power to set or fix prices
because anyone can notice a disproportionate margin (A), and start their own company overnight to take advantage of it (B and C). All of this is of course, impossible.
In a free market,
Re: (Score:2)
You're correct on one sense - a perfect market is a free market, but a free market doesn't necessarily have to be a perfect market. However, what you're missing is that the rationale behind people supporting a free market is that it is supposed to operate like a perfect market - hence all this talk about "the free market will fix any problem on its own."
To take your example, a free market would work if people would have the means to find out about the mercury dumping. If people don't have access to that inf
Re: (Score:2)
Re: (Score:2)
None of that is capitalism, it is all cronyism.
The problem is not your economic system, it is your political system, which allows itself to be corrupted by the wealthy.
Wealthy should try and corrupt the political system because it is a cheap way to get free money. It is the attribute of a failed political system that allows a process, where the wealthy are successful at this.
You are mixing quite a few things in your lengthy post, most importantly this: free money provided by the fed allowed the banks to ga
Re: (Score:2)
None of that is capitalism, it is all cronyism.
No, it's most definitely Capitalism.
Cronyism plays a role, to be sure, but the underlying substrate is Capitalism. Specifically, those with the money doing what they want with it, regardless of the effects on others.
Cronyism is just the players. Are they giving each other deals based on friendships and connections? Or are they engaging in deals based purely on objective financial decisions.
Cronyism is a problem, but it's an inextricable part of Capitalism. So long as you have capital, and you have the right
Re: (Score:2)
Nope. Capitalism is not about playing with other people's money. It is about investing money that you save and using it to create more wealth, it is not about taking free money given to you by the government and then gambling with it because you have no repercussions - the government will step in and save you and you ensure this by being in very close and good relationship with it.
There is no capitalism when your friend - the fed steps in and saves you over and over. There is no capitalism when your frie
Re: (Score:2)
What we need is expedited recovery from a bank blunder.
Put the federal reserve back in its place and let the banks get desperate enough to borrow from the fed. That's what they are there for, lender of last resort.
Bailouts are a load of bullshit. Here's why:
If a bank is in trouble due to a liquidity problem, they should go to the fed and take out a loan to cover their tills until the depositors calm down. If the crisis really is temporary, carrying a few points of interest on a fed loan for a month shoul
Re: (Score:2)
Bailouts are a load of bullshit. Here's why:
The bailouts aren't for what you think they are for. They aren't to keep the banks afloat. They are to keep the economy from collapsing into a depression.
It sucks that the bankers are making so much as a side-effect of this, but it's better than the alternative.
But this will all fail again if we don't reign in the banks themselves with laws like Glass-Stegall. If we don't, they'll just do the same thing because *someone* will pull the same old shit again, and then everyone else will eventually have to follo
Re: (Score:2)
"The banking system fiasco is a perfect example of pure Capitalism at work."
It most certainly was not. In a system that even remotely resembles capitalism, businesses that make bad investments lose money and ultimately end up in bankruptcy. Furthermore, the whole Federal Reserve system, where we have a central bank that ARBITRARILY sets interest rates and expands the money supply on a whim is the absolute antithesis of capitalism and the free market.
"Had [the government] not stepped in, we would very like
Re: (Score:2)
"The banking system fiasco is a perfect example of pure Capitalism at work."
It most certainly was not. In a system that even remotely resembles capitalism, businesses that make bad investments lose money and ultimately end up in bankruptcy.
Did you even read my post? I pointed out that this is the standard Capitalist response. Let the fail and the market with right itself. Unfortunately, as I pointed out in my post that you clearly didn't read, letting the banks fail would have sent the economy into a depression.
Which brings us to the ugly truth of Capitalism. Unregulated Capitalism always leads to depressions. The Capitalist will say this is good, because it purges the economy of the failed businesses and allows the truly successful models to
Re: (Score:2)
hey idiot...... its not capitalism that is flawed, but the people.
Hey idiot, you can't have Capitalism without people.
The problem isn't the people, it's what they are allowed to do. If the people at the banks weren't allowed to risk their depositors' money they way they did, this current financial situation would be *very* different.
The same with the housing collapse. Just a bit of regulation on both sides and there wouldn't have been any collapse at all.
But instead, in the name of Capitalism and the so-called Free Market, we removed those safeguards, and surprise surpris
Re: (Score:2)
Why was the solution a bailout? It seems to me we got into this mess because large numbers of people don't understand the concept of mortgages, especially principal and interest. Why wasn't the solution more math education?
Every student should have to answer this question to graduate:
"A teacher makes $40,000 per year. Her house costs $500,000. What interest rate can the teacher afford for her house?"
Answer: Nothing. The teacher can never afford a $500,000 house.
If capitalism was really working then the gove
Re: (Score:2)
They're "reversing" the collapse? It's more like they're digging themselves into a deeper grave even as we speak. The double-dip recession and pending Depression are still to come...
Re: (Score:2)
Well written, but I think not the root of the problem.
One of the ideas behind capitalism is that if you have money, that investing it gives you a reward, but also a risk that you loose your money. Usually the reward is proportional to the risk.
What is wrong with the current banking system, is that the bankers and traders got huge rewards while the risks where not theirs but homeowners/pensioners/shareholders.
The problem is that if a banker/trader takes a big risk and it pays off, he gets a big bonus, if he
Re: (Score:1)
"1. They *were* being outcompeted by their competitors. Those that took the risks were seeing the higher rewards immediately. Those that were playing it smart were not, and their boards and shareholders where at their throats if they didn't also see similar earnings."
There's the crux of it right there - the Get Rich Quick mentality. This is the real cancer; slow and steady increases in wealth should be the norm, but investors have come to expect to be enriched overnight.
Unfortunately the overall effect of
Well said sir (Score:2)
Unfortunately, too many people see this as a reason to prevent the wealthy from "gambling" (ie: investing). It's not the gambling/investing that is the problem.
Example: If General Motors can not pay it's bills, then it should file bankruptcy just like any other company in the world. The unions are the reason it got bailed out and they are the pinnacle of cronyism.
Re: (Score:1)
what absolutely necessary regulations do you speak of? More often than not they are the root of problems biting in the ass with their unintended consequences.
Go to youtube and watch some Peter Schiff clips who is quite famous for predicting the collapse with details how it will happen back in 2005-2006 or even earlier (and being laughed at, literally) - he runs for senate in CT now. He asks people:
- how many of you have bank accounts? ok, pretty much everyone... so, how many of you looked up into the bank's
Ahem. (Score:5, Insightful)
http://livingwithanerd.com/wp-content/uploads/2010/02/TerroristsHateFreedom.gif [livingwithanerd.com]
That is all.
Re: (Score:1, Interesting)
Booga booga (Score:2)
I don't see how doing what is required to not be put in prison, is "inadvertently aiding" anything.
I want my ad impressions back :P
Re: (Score:3, Insightful)
I don't see how doing what is required to not be put in prison, is "inadvertently aiding" anything.
You're an idiot if you can't understand how government backdoors into our (tele)communication infrastructure is at least as bad as backdoors resulting from coding mistakes.
Hint: Both can be exploited by bad actors, but the government backdoors can also be exploited by anyone authorized to access the system.
Re: (Score:2)
Nothing you say refutes my statement that everyone doing business in those countries are required by law to have such backdoors.
Nothing I said implies good or bad either, only current legal state.
Re: (Score:1)
Nothing you say refutes my statement that everyone doing business in those countries are required by law to have such backdoors.
Lol, that's because you didn't make that statement until just now.
Maybe it was in your head all along, but it certainly isn't what your fingers posted.
Re: (Score:1)
Nothing you say refutes my statement that everyone doing business in those countries are required by law to have such backdoors.
Lol, that's because you didn't make that statement until just now.
Riiiight... Because I clearly meant all those OTHER ways one ends up in prison without breaking any laws
*rolls eyes* the trolls sure are out in force today
Re: (Score:2)
See, you did it again. What's in your head is NOT what you write.
You wrote about "inadvertently aiding" as if following laws can't have unexpected results.
Re: (Score:2)
"...all those OTHER ways one ends up in prison without breaking any laws"
Well, we are talking about China here, aren't we ;-)
Re: (Score:2)
Please point out the piece of legislation that requires all email service providers to guarantee backdoor access to the US government. Otherwise please stop spreading FUD.
Re: (Score:2)
I am running a mail server at home and I do not provide backdoor access to any US government agencies. I have not been "put in prison" for this yet.
There is definitely a separation between providing 'personal' email, and being a full blown telecommunications carrier.
I'm not exactly sure -where- that line is, but it's way above a personal email server.
I suppose one might argue Google isn't a telecommunications carrier for email services...
Please point out the piece of legislation that requires all email service providers to guarantee backdoor access to the US government. Otherwise please stop spreading FUD.
Can't show anything that requires ALL email providers to do any such thing.
However the law covering the likes of Google is the 1994 Communications Assistance for Law Enforcement Act
It applies not just to the 'old style
Re: (Score:2)
Re: (Score:2)
Let's see, there is a fairly successful robotics manufacturer that makes robots for plastic injection molding. A Chinese company decided they needed a few hundred of these robots, so they ordered 2 of them. From there they reverse engineered the robots and made the hundred they needed out of those two robots.
Omitting names for obvious reasons.
Anecdote is an anecdote, not an isolated case.
Olllddd (Score:5, Informative)
Re: (Score:1)
Link? I was surprised to see this show up on Slashdot so long after the fact, but I don't see any retraction on Schneier's blog.
Re:Olllddd (Score:5, Informative)
Okay [schneier.com].
Re: (Score:1)
Wow. Slashdot is ridiculous. They re-run a month old story instead of running the actual story, which was a retraction.
Re: (Score:2)
Well, on the good side at least someone was able to post the the URL for the retraction. Obviously it isn't perfect (since it was rather far down from the summary) but at least it is there.
Re:Olllddd (Score:4, Informative)
Exactly. See: http://www.schneier.com/blog/archives/2010/02/more_details_on.html [schneier.com]
Seriously slashdot, you're not even trying. Although, I have to say it was somewhat irresponsible of Schneier, who in general I have enormous respect for, to write an essay predicated on an unconfirmed rumor.
Re: (Score:2)
This is why I read the comments first, and then the articles. Thanks Slashdot, for coming through when I needed you. ;)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
It would have been even better had he not used a rumor as the basic for accusations in the first place and waiting until the facts are in. But he's got an agenda to push, and like all pundits he's only important so long as he's got something worth publishing - the more controversial and likely to get eyeballs on the publisher the better. Facts are secondary to this the reality that agendas must be served.
Re: (Score:2)
This is a month old, and Schneier has since backed off this assertion.
Kind of reminds me of a certain interview in which Dvorak reveals that he would whip the mac users into a froth but leave himself an out, then a month later he'd have another column in which he'd take back the statement and claim that he never really meant it, and predicted the way things actually turned out all along, and he kept getting published because it meant many eyeballs.
Re: (Score:2, Insightful)
Backed off? Looks more like he retconned it.
In his original CNN article he stated it as hard fact, omitting any mention of rumour or speculation.
In his revisited article it is suddenly an unconfirmed rumour that he used as a newshook.
If he actually had backed off and said something along the lines of "I thought this, I was wrong" he would have lost a lot less respect in my eyes.
I think Bruce has taken this back... (Score:5, Informative)
The original essay, linked to in TFP, is dated January 23rd; the update I quote from is from February 8th.
Not only that, but even more relevant... (Score:4, Insightful)
...is the fact that 30-some other companies -- companies without any such lawful surveillance facilities -- were also compromised as part of this Chinese operation, and all accounts indicate it was via 0-day vulnerabilities in IE and JavaScript-enabled PDF documents, not via any mechanism to enable surveillance intercepts.
This was Schneier using the incident as a platform to grind a political axe (probably based on a bogus tip), from which he wisely backed off.
Our "Cybersecurity Czar"'s first recommendation.. (Score:2, Troll)
..should be: "Repeal CALEA."
The rule is.... (Score:2)
To PROTECT it,
Don't COLLECT it.
Re: (Score:2)
Well if your job is to protect Data, then, it must be valuable so it should be collected then.
Probably social engineering (Score:3, Funny)
The chinese probably called up Googles secretary, and talked her into giving them their password (ChuckNorris).
Re: (Score:1)
you said ChuckNolis?
It's the other way around ;)
OH HERRO PREASE!
How About Some Content? (Score:1)
In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.
Put on your tinfoil hats people!
Not only is Google working WITH the government, they're doing a sloppy job of it!
Re: (Score:1)
Not only is Google working WITH the government, they're doing a sloppy job of it!
Cause, effect?
Classic kind of propaganda (Score:1)
which you wouldn't realize because (Score:1)
look at the summary (Score:1)
Opinion Section (Score:3, Insightful)
Every article I have read that explains who committed the hacking, how, and why has been an opinion piece, and ends with "the opinions expressed in this commentary are solely those of X". I have no problem with this per se, but we should all take it with a grain of salt; Slashdot should preface it's headline with "Theory:" or "Opinion:".
I prefer my news to be my news, and my conspiracy theories to be my entertainment.
Empty summary (Score:2)
Repeat Story (Score:1)
http://tech.slashdot.org/story/10/01/24/1518213/Surveillance-Backdoor-Enabled-Chinese-Gmail-Attack [slashdot.org]
Re: (Score:1)
Re: (Score:1)
IE6... sooooo sad (Score:1)
WTF! Still using it? Google employees or anyone else? You deserve it!
Inadvertently? (Score:2)
Yeah, right....
Seriously, and we treat them like allies? (Score:2)
I'm sorry but Communism is IMHO a scourge and a threat and always will be!
Anybody remember "Die Yankee dog, running dogs of imperialism!", I do.
The irony... (Score:1)
oh snap! I enabled muggers! (Score:1)
guess this means I enable muggers by walking down the street with a cell phone and mp3 player.