Google Hacker is 30-year-old Security Consultant

[JMcEntegart]

The net is closing on China's Google Hacker.

Google Hacker is 30-year-old Security Consultant : Read more

 

[ncr7002]

so?

 

[mdu net]

ok the vulnerability is in IE .... don't Google use Chrome?

 

[buckinbottoms]

its fixed now, so whats the point? Maybe its a challenge for security officials to find the hackers?

 

[curnel_D]

Eh. Jane, you're usually a ton better about this too. If the guy only wrote part of the code, and someone else took advantage or had 'special access' to that code, he's quite obviously NOT the 'google hacker'.

 

[curnel_D]

[citation][nom]buckinbottoms[/nom]its fixed now, so whats the point? Maybe its a challenge for security officials to find the hackers?[/citation]
It comes down to the fact that if the 'People's Republic' is the attacker, it was a major breach in national security, orchestrated by another world super-power. If the Chinese Gov is responsible, they need to be held accountable. And since their entire economy is based on exporting all their crap to the US, we have quite a bit of power to do so.

 

[noodlegts]

What I don't understand is that given the cost that all of these companies incur trying to fight hacking.. can't they just PAY hackers to not hack?

How do hackers make money? WHy do they hack? Just to be dicks? I'm sure if Mircosoft said "from now on any vulnerabilities you find are worth $10,000" it would go a long way in curbing down hacking/malware etc. Would probably boost their sales too.

 

[joebob2000]

[citation][nom]Curnel_D[/nom]It comes down to the fact that if the 'People's Republic' is the attacker, it was a major breach in national security, orchestrated by another world super-power. If the Chinese Gov is responsible, they need to be held accountable. And since their entire economy is based on exporting all their crap to the US, we have quite a bit of power to do so.[/citation]

"Death spiral: A tragedy in two parts"

China sells goods to the US. China then uses economic power to buy treasury bonds (maintaining the value of the dollar).

The US is addicted to Chinese goods. It's economy simply would not work if it didn't have access to cheap tools, from laptops to networking devices to construction equipment. Not to mention the entertainment industry's reliance on cheap production/distribution equipment.

Go after China full force and drag both countries down? Ignore it for diplomacy's sake? Prosecute it via civil means as an empty show of distaste? Decisions... Decisions...

 

[JMcEntegart]

[citation][nom]Curnel_D[/nom]Eh. Jane, you're usually a ton better about this too. If the guy only wrote part of the code, and someone else took advantage or had 'special access' to that code, he's quite obviously NOT the 'google hacker'.[/citation]

Wasn't intentional. Just trying to find an appropriate title that's within our very tight character restriction for headlines. "Author of code for Google China Hack" won't fit but I'll see what I can figure out.

 

[JMcEntegart]

[citation][nom]Curnel_D[/nom]Eh. Jane, you're usually a ton better about this too. If the guy only wrote part of the code, and someone else took advantage or had 'special access' to that code, he's quite obviously NOT the 'google hacker'.[/citation]

Have rejigged things. It's not exactly a well written headline but hopefully you'll find it's a little more accurate.

 

[curnel_D]

[citation][nom]JMcEntegart[/nom]Wasn't intentional. Just trying to find an appropriate title that's within our very tight character restriction for headlines. "Author of code for Google China Hack" won't fit but I'll see what I can figure out.[/citation]
That's why you're the only one who holds credibility around here. Thanks.

 

[noodlegts]

You could always make it interesting by saying:

Guess who wrote the Google hack code?

Then we'd all click on it and you'd get better viewership numbers

 

[buckinbottoms]

[citation][nom]Curnel_D[/nom]It comes down to the fact that if the 'People's Republic' is the attacker, it was a major breach in national security, orchestrated by another world super-power. If the Chinese Gov is responsible, they need to be held accountable. And since their entire economy is based on exporting all their crap to the US, we have quite a bit of power to do so.[/citation]
lol, so its a national security issue to hack IE6? don't make me laugh buddy cause in that case we've had a few thousand "national security issues" since IE6 was released.

 

[curnel_D]

[citation][nom]JMcEntegart[/nom]Have rejigged things. It's not exactly a well written headline but hopefully you'll find it's a little more accurate.[/citation]
Nah, it's fine. We'd much rather it be accurate over slick and flashy.

 

[curnel_D]

[citation][nom]buckinbottoms[/nom]lol, so its a national security issue to hack IE6? don't make me laugh buddy cause in that case we've had a few thousand "national security issues" since IE6 was released.[/citation]
No matter what browser/os/punchcard they use to hack, if a world super power is hacking on US soil, it is a "national security issue". National security isn't just about warheads and airplanes. Economy is aurguably a more imporant factor

 

[annymmo]

FT reports that this consultant (believed to be in his 30's) posted pieces of the program to a hacking forum, describing it as something he was "working on" and that Chinese officials had special access to the work.

It's so the Chinese Government, mark my words!
(Hopefully this won't start World War 3)

 

[jfd10]

[citation][nom]Curnel_D[/nom]Nah, it's fine. We'd much rather it be accurate over slick and flashy.[/citation]
seriously, this comment needs to be +20!!!!!

 

[buckinbottoms]

[citation][nom]Curnel_D[/nom]No matter what browser/os/punchcard they use to hack, if a world super power is hacking on US soil, it is a "national security issue". National security isn't just about warheads and airplanes. Economy is aurguably a more imporant factor[/citation]
Blah blah blah, stuff has been hacked since computers were invented. Where it comes from is irrelevant, not to mention slightly retarded. China hacking a country it has a massive amount of money tied up in... Thats a lot like shooting yourself in the foot isn't it?

Fix the vulnerability, restore from backups, and move on. If it were ever a true National Attack you block the host country IP range on your core routers and its over and done with. If you are so worried about China, then become a hacker yourself and do something about it.

In the end, every attack leads to better software. This vulnerability has been fixed. Coders learn, the software gets better, and hackers have to work that much harder to get in. The system is always correcting itself. The attacks teach us more about our own vulnerabilities than they have done harm.

 

[curnel_D]

[citation][nom]buckinbottoms[/nom]Blah blah blah, stuff has been hacked since computers were invented. Where it comes from is irrelevant, not to mention slightly retarded. China hacking a country it has a massive amount of money tied up in... Thats a lot like shooting yourself in the foot isn't it?Fix the vulnerability, restore from backups, and move on. If it were ever a true National Attack you block the host country IP range on your core routers and its over and done with. If you are so worried about China, then become a hacker yourself and do something about it.In the end, every attack leads to better software. This vulnerability has been fixed. Coders learn, the software gets better, and hackers have to work that much harder to get in. The system is always correcting itself. The attacks teach us more about our own vulnerabilities than they have done harm.[/citation]
You're looking at it from a purely technical perspective. And if that was the only perspective, I'd agree with you 100%. But it's not. And that's the primary reason our gov has been involved with this investigation. If it was as simple as you say, they wouldn't be wasting their time.

 

[buckinbottoms]

[citation][nom]Curnel_D[/nom]And that's the primary reason our gov has been involved with this investigation. [/citation]
They did? I thought they just asked China to investigate and China through a pie back at Hillary's face!

Build a better program, learn from your mistakes, and this isn't a problem no matter where it comes from.

 

[curnel_D]

[citation][nom]buckinbottoms[/nom]They did? I thought they just asked China to investigate and China through a pie back at Hillary's face!Build a better program, learn from your mistakes, and this isn't a problem no matter where it comes from.[/citation]
http://www.allheadlinenews.com/articles/7017511426?Congress%20to%20Investigate%20Google%20Charges%20Of%20Chinese%20Internet%20Spying
Hillary, Obama, and the US Congress.

 

[buckinbottoms]

[citation][nom]Curnel_D[/nom]http://www.allheadlinenews.com/art [...] t%20SpyingHillary, Obama, and the US Congress.[/citation]
Not sure what you pointed out here other than an article about upcoming congressional hearings dated back in January. Its the end of February and every event in the article has take place, and zero surprise to me, nothing has been done.

Its political man, its just blustering by individual congressmen to earn some points for the next election.

 

[curnel_D]

Ahh, here's the link I was looking for.
http://www.washingtonpost.com/wp-dyn/content/article/2010/02/03/AR2010020304057.html
Google teaming up with NSA to investigate this attack and protect against future attacks.

 

[ossie]

[citation][nom]Curnel_D[/nom]It comes down to the fact that if the 'People's Republic' is the attacker, it was a major breach in national security, orchestrated by another world super-power. If the Chinese Gov is responsible, they need to be held accountable. And since their entire economy is based on exporting all their crap to the US, we have quite a bit of power to do so.[/citation]
And the whole police states of america economy is based on cheap products, and slave labor force from china, without even paying for all of it. The greenback would be in big doodoo if the chinese would dump it, and all the bond stashes they're staying on.
Since the corporate world, and the psa government are so in love with micro$uxx' exploder, it was just a ticking bomb, waiting to explode. Hopefully they learned their lesson...
The clowns at the WH wouldn't dare to offend the chinese government, all they can do, is a bragging show for the average stupid american... still believing to be a superpower.

 

[curnel_D]

[citation][nom]buckinbottoms[/nom]And next month some autistic kid from Great Brittain will do the same. It doesn't matter where it comes from, ultimately its upon us in the US to do a better job of securing our software. You can't stop them from hacking, you can control your own products however![/citation]
You can't make software infallibly secure. It's impossible. By your same methodology, you could blame a bank being robbed cause they leave the doors unlocked, or a woman having been violated, because she wasn't wearing a burka. People have to live their lives, conduct business, improve. If software companies spent all their time trying to keep their software 100% secure, there would be zero innovation. The only way to combat this is to make sure there are serious consequences to illegal hacking. The face value tells us we need better security, but common sense and wisdom tells us that we have to take a middle ground to move forward.