Monday, April 14, 2008

What Aren't They Saying?

Have a look at this very interesting response, from the less than universally popular Government of the People's Republic of China, to this Businessweek article:

After saying that, I should say that the Chinese government has on various occasions expounded its position on this global issue of cyber intrusion or hacking. The Chinese Government always opposes and forbids any cyber crimes including "hacking" that undermine the security of computer networks. Chinese laws and regulations are explicit in this regard.

As it is, China's cyber space and internet systems are frequently intruded and attacked by hackers from certain countries. As a victim of hacking attacks, China attaches great importance to cracking down on various cyber crimes including hacking activities.

China follows a path of peaceful development, and unswervingly adopts a national defense policy which is defensive in nature. China would never do anything to harm sovereignty or security of other countries. In conformity with such national policies, the Chinese government has never employed, nor will it employ so-called civilian hackers in collecting information or intelligence of other countries. Allegations against China in this respect are totally unwarranted, which only reflect the dark mentality of certain people who always regard China as a threat. Of course, there are some other people who are misled into believing that China is engaged in hacking activities, which is more than wrong.

(My italics.)

Now, I have worked in the past with the good people at CN-CERT/CC, the official computer incident co-ordinating centre for the PRC and they are keen and helpful when you are trying to knock out fraudulent web-sites and I am sure they are just as helpful in other similar circumstances.  But ...

Although it is not unknown for Intelligence Agencies to outsource the gathering of sensitive information to 'so-called civilian hackers', it is much more common for them to employ the appropriate resource directly - either via the military or as government employees.  Which may be, as well as having some of their billion-plus population being up to no good entirely on their own cognisance, how some of all these APNIC IP addresses are appearing in people's security logs.

Or, there are another couple of alternatives.  The "Press Counselor & Spokesperson Of the Chinese Embassy to the United States" may not have a complete picture of his government's intelligence activities or, and I know this may come as a complete shock, may be knowingly telling a slight fib.


Brennig said...

An interesting article. Moreso given that Firefox tells me when I visit this blog "Dephormation has found a link to a Phorm/Webwise/OIX site".

Surreptitious Evil said...


As far as commercial rather than state mendacious charlatans are concerned, this article 'Did you have Phorm?' has clicky links to both and - I generally try to provide as much reference material as possible - although I do grimace most times I use Wikipedia. Your browser will stop complaining when that article bumps off of the front page - I can't see (given their ownership) being OIX customers and this blog is hosted completely there using their 'custom domain' function.

Having checked with "View Source", I can only find the one deliberate (and hardly, from their point of view, welcome advertising) reference to each (not that this would actually demonstrate that a Layer 7 device you are behind but I am not displaying Phorm / OIX ads to you but not to me.)

There are also a couple of relevant comments, one from Phorm Comms (whichever) and one from me, but they are link-free.

You'll note that the end of the article does recommend the dephormation plug-in.

HTTP Error 403: You are not authorised to access the file "\real_name_and_address.html" on this server.

(c) 'Surreptitious Evil' 2006 - 2017.