Chinese cracking of Google the fault of US wiretap facilitation laws

[Rococo Modem Basilisk]

I'm not quite sure what the goal would be here, of course. They are accessing google's internal data store -- which includes both its database of webpage caches, its database of usenet caches, and all of the data kept internally by google-run apps (gmail, wave, docs, probably gtalk, etc.). That's a fuckton of data, which is presumably why google works mostly with statistical abstractions to begin with (for instance, google desktop almost definitely doesn't upload your full cached videos to google, despite doing the searches on the cloud). Either they are looking for very specific information, or their goal isn't looking for information at all (my guess).

[Bebek Sincap Ratatosk]

I'm not quite sure what the goal would be here, of course. They are accessing google's internal data store -- which includes both its database of webpage caches, its database of usenet caches, and all of the data kept internally by google-run apps (gmail, wave, docs, probably gtalk, etc.). That's a fuckton of data, which is presumably why google works mostly with statistical abstractions to begin with (for instance, google desktop almost definitely doesn't upload your full cached videos to google, despite doing the searches on the cloud). Either they are looking for very specific information, or their goal isn't looking for information at all (my guess).

Don't forget that there were 20 companies targeted (the evidence is pretty strong that this was specifically directed)... and those 20 companies have INTERNAL corporate networks that have all sorts of goodies not directly related to Usenet or GMail userdata. Goodies like source code, financials,  corporate secrets, maybe internal engineering discussion about known or newly identified vulnerabilities in their software, etc.

I think this is a case of espionage... the question is was it the Chinese government or hackers that have compromised the Chinese governments computer resources?

[Rococo Modem Basilisk]

In either case, it seems like the best defense might actually be disinfo. Feed them believable nonsense, and see who starts spouting it.

[Bebek Sincap Ratatosk]

In either case, it seems like the best defense might actually be disinfo. Feed them believable nonsense, and see who starts spouting it.

Yeah, that's one of the valuable uses for Honey Pots. Unfortunately, there's been a move in corporate America to get away from Honey Pots because they "encourage" hacking (DUMB DUMB DUMB NO NO NO!!!!!!!). However, in this case, disinfo wasn't an option since these spags were all over the place before they were noticed. Further they were using pivot attacks from vulnerable workstations, so unless you feed all your employees disinfo, they're gonna see the real data.