Interesting People mailing list archives
more on Chinese hackers
From: David Farber <dave () farber net>
Date: Sat, 26 Nov 2005 18:47:58 -0500
-------- Original Message -------- Subject: RE: [IP] Chinese hackers Date: Sat, 26 Nov 2005 17:00:00 -0500 From: Marc <marcaniballi () hotmail com> To: dave () farber net CC: 'Robert J. Wilson' <wilsonrj () cogeco ca> Hi Bob; Without dusting off my old guides and manuals, I would like to address your query; First; I wouldn't be too quick to assume that these "thefts" were of anything important OR secret: Important sounding (to laymen) and obscure maybe - But nothing, I suspect, that will cause a shift in the balance of power. But it sure makes you want to vote for tougher security measures, doesn't it? Second; There is no such thing as a fully secure AND useful computer system - you can have one or the other, not both. Security experts/consultants get hired to help clients determine where to put the slider on that scale - closer to secure or useful? As everyone knows, there is no lock made that cannot be picked. If man made it, man can hack it. So whether these folks put their systems on the Internet (with good security and DMZ etc) or on a private leased line network (hugely expensive) they are in effect JUST AS VULNERABLE. A motivated attacker will find a way in, sooner or later. With enough research and effort, they may even know exactly where to go and what to look for. This little "Chinese" episode smacks of republican mindf*** media (IMHO). The way the report reads, these kids found a hole, and (having already tried to hack many US sites) went a tried the hack on all the sitesthey knew.
I think a better question might be; "If this is actually in the media - what AREN'T we hearing about?" Or; "Who's REALLY the bad boy on the block; some ugly totalitarian police state regime, or some country outside of America?" (TIC) Marc -----Original Message-----From: Dave Farber [mailto:dave () farber net] Sent: Friday, November 25, 2005 9:25 AM
To: ip () v2 listbox com Subject: [IP] Chinese hackers -------- Original Message -------- Subject: RE: [IP] Chinese hackers Date: Fri, 25 Nov 2005 09:21:45 -0500 From: Robert J. Wilson <wilsonrj () cogeco ca> To: dave () farber net Can someone explain to me why the people in charge of such important secrets allow them to be accessed from the Internet in the first place? One would have thought that if these things were so important that the last thing that would be allowed would be a physical connection to a computer accessible from the Internet. Bob Wilson -----Original Message----- From: Dave Farber [mailto:dave () farber net] Sent: Friday, 2005-November-25 08:56 To: ip () v2 listbox com Subject: [IP] Chinese hackers -------- Original Message -------- Subject: Chinese hackers Date: Fri, 25 Nov 2005 04:40:36 -0500 (EST) From: Lynn <lynn () ecgincc com> To: dave () farber net http://software.silicon.com/security/0,39024655,39154524,00.htm Chinese hackers breach US military defences Uncle Sam hacks back in counter attack... By Tom Espiner Published: Thursday 24 November 2005 Security experts have revealed tantalising details about a group of Chinese hackers who are suspected of launching intelligence gathering attacks against the US government. The hackers, who are believed to be based in the Chinese province of Guangdong, are thought to have stolen US military secrets, including aviation specifications and flight-planning software. The US government has coined the term 'Titan Rain' to describe the hackers. Alan Paller, director of the SANS Institute, said: "From the Redstone Arsenal, home to the Army Aviation and Missile Command, the attackers grabbed specs for the aviation mission-planning system for Army helicopters, as well as Falconview 3.2, the flight-planning software used by the Army and Air Force." The team is thought to consist of 20 hackers. Paller claimed the Chinese government was the most likely recipient of the information they intercepted. He told an event at the Department of Trade and Industry on Tuesday: "Of course it's the government. Governments will pay anything for control of other governments' computers. All governments will pay anything. It's so much better than tapping a phone." Titan Rain first came to public attention this summer, when the Washington Post reported that websites in China were being used to target computer networks in the Defense Department and other US agencies. Time later reported that Titan Rain had been counter-hacked by a US security expert called Shawn Carpenter. The attacks, which are ongoing, were particularly effective on the night of 1 November, 2004, said Paller, who outlined how the hackers first scanned then broke into US government computers. At 22:23(PST) the Titan Rain hackers exploited vulnerabilities at the US Army Information Systems Engineering Command at Fort Huachuca, Arizona. A few hours later, at 01:19(PST), they exploited the same hole in computers at the Defense Information Systems Agency in Arlington, Virginia. By 03:25(PST) they had hit the Naval Ocean Systems Center, a Defense Department installation in San Diego, California. Then at 04:46(PST) they struck again - this time at the United States Army Space and Strategic Defense installation in Huntsville, Alabama. The UK is also under intelligence-gathering cyber attack from the far east, according to the National Infrastructure Security Co-ordination Centre (NISCC). The government body cannot name the countries concerned as this may "ruin diplomatic efforts to halt the attacks", NISCC director Roger Cummings said on Tuesday. Tom Espiner writes for ZDNet UK ------------------------------------- You are subscribed as wilsonrj () cogeco ca To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ------------------------------------- You are subscribed as marcaniballi () hotmail com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Chinese hackers David Farber (Nov 26)