> Failing that, there must surely be hundreds of chinese-american techies in those companies who can be leaned on for whatever reason to provide info.
Probably there was no need to go that route, depending on what the attackers were after. Most of these corporations do a lot of personnel screening and could be monitoring all user activities, making it harder to use insider spies (though not totally impossible). Why the use of APT is hard to stop (at least for now) it's because this approach involves use of a lot of resources by the attacker, and given the stealthy nature of these attacks usually they are discovered too late when the damage is already done, also known conventional security measures might not able to help, and usually with APT there are other attack vectors that might not be known at the time of discovering the breach. > Great narrative this, what with words/phrases like "hacking" and "dissidents" and "IE flaw". Fails to pass basic logic tests though. These are "normal" words used daily in Computer security, nothing new. They could sound strange alright, just like "Syntax", "gold code", "API", etc.. Could be alien, to some one who does not write code. But I too agree that there could be more to this than what we are being fed on by the media. We can only wait and see what happens. Smartmoney.com, continually gives updated news releases on the situation: <http://www.smartmoney.com/news/on/?story=ON-20100114-000701&print=1> http://www.smartmoney.com/news/on/?story=ON-20100114-000701&print=1 Regards; Thomas. _____ From: Paul Bagyenda [mailto:[email protected]] Sent: 18 January 2010 18:51 To: Linux Users Group Uganda Subject: Re: [LUG] OT- Google and China I'm sorry but this whole story seems a little doubtful to me. Why, if you are Chinese Intelligence, use such blunt-instrument methods to obtain IP from american companies? Why not develop a Kim Philby (yes, Google is your friend) for the purpose? Failing that, there must surely be hundreds of chinese-american techies in those companies who can be leaned on for whatever reason to provide info. Great narrative this, what with words/phrases like "hacking" and "dissidents" and "IE flaw". Fails to pass basic logic tests though. P. On Jan 15, 2010, at 14:17, Thomas Bbosa , CISSP wrote: The Advanced persistent threats (APT) technology said to have been used by these guys in the attack has been a real worry among security practioners. Because this simply means that the attacker has muscle!! There has been talk that the bad guys invest a lot in this technology that mostly involves stealthy tactics with zero day attacks. Again holes in IE continue to worry many. But the real question though is, can Google afford to loose the China? Regards; Thomas. Thomas Bbosa , CISSP BitWork Technologies (U) Ltd Plot 135, UMA show Grounds -Lugogo P.O.BOX 851, Kampala, Uganda Tel: +256-414-579099 Mob: +256-782480878 Fax: +256-414-289218 Website: <http://www.bitworktech.com/> http://www.bitworktech.com _____ From: Daniel Bwente [mailto:[email protected]] Sent: 15 January 2010 12:25 To: Linux Users Group Uganda Subject: Re: [LUG] OT- Google and China Insight on the attack Vectors used to hit Google and others, http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-o thers/ Operation "Aurora" I am sure you are wondering about the name "Aurora." Based on our analysis, "Aurora" was part of the filepath on the attacker's machine that was included in two of the malware binaries that we have confirmed are associated with the attack. Cheers On Thu, Jan 14, 2010 at 2:25 PM, Niles Collins <[email protected]> wrote: As much as the US needs China for that credit line, China needs the US because we buy all their products. If the US stopped buying Chinese made products and China called in the debt owed by the US I think that China would blink first. This might turn into the beginning of that struggle. _______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. --------------------------------------- -- Dan +256-071-2-552035 "You won't have eyes tonight. You won't have ears or a tongue. you will wander the underworld blind, deaf and dumb and all the dead will know; This is Hector: the fool who thought he killed Achilles." _______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
_______________________________________________ LUG mailing list [email protected] http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
