Chinese hackers: No site is safe

Source: CNN.com

11:35 a.m. EST, Fri March 7, 2008

ZHOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.

"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.

"Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world.


Read more: http://www.cnn.com/2008/TECH/03/07/china.hackers/?iref=mpstoryview

our technical knowledge.

out of work in the USA.

If they'd tried to kill this country, they couldn't have done a better job than they have through all the unintended consequences of their idiotic dogma.

...none of the companies were actually doing very good QA and security work.

In general the shift away from "deliver a rock solid product" to "get something
that looks like it works enough to fool paying customers into becoming our unwitting
Beta testers" started decades and decades ago with the death of the mainframe.

While volunteer and community-financed Open Source folks do a better job than the
Corporate sector these days, they are still hand to mouth and mostly lacking in
serious QA and regression testing. And very disorganized, 50 projects for every
possible utility, most only halfway functional (some say that's good for variety
and competition's sake -- yes but not to that extent.)

I'm still waiting for the first cell phone virus that can exploit an insecure
power management DSP and explode a poorly engineered battery. Thousands of
pants pockets catching on fire on the same day. I hope it never happens but
the lawsuits from that might at least get the PDA producers to do QA.

All those cell phone clods going up in smoke at the same time. Be still, my pounding heart!

If anyone ever does that, let's hope the whole thing relies on the volume of the cell phone clod yelling into that thing in any and all situations.

A lot of us do. Thanks.

Bake

and requested hackers trigger the battery meltdown to the loudness of the user.

I learned to hate cell phones when I was a night nurse and visitors would be wandering up and down the halls at all hours, YELLING on the damned things.

We got to the point we just made up a bogus line about how cell phones interfered with a lot of the monitoring equipment.

If hackers are watching and modifying their progs according to my suggestions and you are not a clod who yells on the thing in inappropriate places, you have nothing to worry about.

http://money.cnn.com/magazines/fortune/fortune_archive/2007/07/23/100134488/

Last paragraph down; he tolerates the piracy.

:shrug:

when they went cheap labor Our national security wasn't in their minds

won`t work for the government so the second tier group gets hired..another war we will lose

...I know I am, on a daily basis actually.

and every significant tool that runs the internet. We own it, we tap it, we shape it to our benefit. There is NO PACKET that can not be intercepted, decrypted, and archived on the internet.

It is our space. We are truly dutch masters of the medium.

so if you know the basics you have a chance. Varied and unique countermeasures are an improvement, but not every business or government agency allows creative cyber-security.

Its not very hard to secure computer systems against most intrusions. Most of it is known good pracices. The problem is that many IT depts don't have the manpower to keep up with it.

The basics:
* Patch your system
* Rotate passwords every 90 Days
* Use Strong Passwords
* Close unused accounts
* Use open source software in preference to closes source.
* Have a properly configured router.

This will provide protection against most unsophisticated attacks. The biggest failure point tends to be users getting exploited by a social attack.

Its not very hard, its just time consuming.

Put em to good use

Now that's the kind of thinking we need!

...is grossly overstated. I feel my own computer is quite secuXXXXXXXXXXXXXNI HAO. THE MYSTERIOUS AND UNFATHOMABLE CHINA POWER CONTROLS YR CREDIT CARDS, LINUX RULEZ. ROBB IS A DINGING BAT. EOM