Sign in to follow this  

Google: New Approach to China

Recommended Posts

WooW The Chinese government got caught with their pants down!


This is from official Google Blog



Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident--albeit a significant one--was something quite different.


First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.


Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.


Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.


We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations. People wanting to learn more about these kinds of attacks can read this U.S. government report (PDF), Nart Villeneuve's blog and this presentation on the GhostNet spying incident.


We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China's economic reform programs and its citizens' entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.


We launched in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that "we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China."


These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the web--have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down, and potentially our offices in China.


The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make the success it is today. We are committed to working responsibly to resolve the very difficult issues raised.


Posted by David Drummond, SVP, Corporate Development and Chief Legal Officer

Share this post

Link to post
Share on other sites

Indeed. There's no way China will allowed an uncensored search engine, so this is tantamount to Google shutting down


We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make the success it is today.

Props to Google for trying to distance their Chinese employees from their decision.

Share this post

Link to post
Share on other sites

well yeah they do try but same time, it could be because they didn't make any money at china where they only hold third of the search market. Not their usual domination of the world!

Share this post

Link to post
Share on other sites

and dont' forget facebook doesn't give a flying monkey about your privacy


google hack details from


Google Hackers Targeted Source Code of More Than 30 Companies


A hack attack that targeted Google in December also hit 33 other companies, including financial institutions and defense contractors, and was aimed at stealing source code from the companies, say security researchers at iDefense.


The hackers used a zero-day vulnerability in Adobe Reader to deliver malware to the companies and were in many cases successful at siphoning the source code they sought, according to a statement distributed Tuesday by iDefense, a division of VeriSign. The attack was similar to an attack that targeted other companies last July, the company said.


A spokeswoman for iDefense wouldn’t name any of the other companies that were targeted in the recent attack, except Adobe.


Adobe acknowledged on Tuesday in a blog post that it discovered Jan. 2 that it had been the target of a “sophisticated, coordinated attack against corporate network systems managed by Adobe and other companies.”


The company didn’t say whether it was a victim of the same attack that struck Google. But Adobe’s announcement came just minutes after Google revealed that it had been the victim of a “highly sophisticated” hack attack originating in China in December.


Neither Google nor Adobe provided details about how the hacks occurred. Google said only that the hackers were able to steal unspecified intellectual property from it and had focused their attack on obtaining access to the Gmail accounts of human rights activists who were involved in China rights issues.


But according to iDefense, whose customers include some of the 33 companies that were hacked, the attacks were well targeted and “unusually sophisticated” and aimed at grabbing source code from several hi-tech companies based in Silicon Valley as well as financial institutions and defense contractors.


The hackers gained access to the company networks by sending targeted e-mails to employees, which contained a malicious PDF attachment. The malicious code exploited a zero-day vulnerability in Adobe’s Reader application.


Zero day vulnerabilities are security flaws in software for which there is currently no patch. Adobe announced in mid-December that a new zero-day vulnerability in its Reader and Acrobat programs was being actively targeted by attackers. The company made the announcement after security researchers not affiliated with Adobe discovered attacks being conducted against the vulnerability. Adobe patched the critical vulnerability only on Tuesday this week.


In the case of the recent attack on Google and the other companies, once a recipient clicked on the malicious PDF attachment, a backdoor Trojan program called Trojan.Hydraq was installed on their machine in the form of a Windows DLL, according to iDefense.


IDefense says that when Google discovered the malware on its systems in December, it found that the code was communicating with a server set up to receive information stolen from the targeted companies.


“It was configured in such a way that it was able to receive a massive amount of data being exfiltrated to it,” says an iDefense spokeswoman who asked not to be named.


Google was able to determine, by examining the server, that the hackers had struck numerous other companies, she said. Google said in its Tuesday announcement that 20 other companies had been hacked. But iDefense found evidence that at least 33 were targeted.


The recent attacks bear a strong resemblance to another attack that occurred in July 2009, which targeted about 100 IT companies, iDefense says. In that earlier attack, the hackers also sent targeted e-mail to companies with a malicious PDF attachment, but it’s unclear how successful that attack was.


According to Ryan Olson, an analyst for iDefense, the attacks in July and December targeted different vulnerabilities. The one in July affected Adobe’s Reeader, Acrobat and Flash applications, which it patched Jul. 30. The vulnerability the hackers are believed to have used in December also affected Reader and Acrobat.


iDefense obtained samples of the malicious codes used in the July attack and the more recent one and found that although the malware was different in the two attacks, the programs both communicated with similar command-and-control servers. The servers each used the HomeLinux DynamicDNS to change their IP address, and both currently point to IP addresses belonging to a subset of addresses owned by Linode, a US-based company that offers Virtual Private Server hosting.


“The IP addresses in question are . . . six IP addresses apart from each other,” iDefense said in its statement. “Considering this proximity, it is possible that the two attacks are one and the same, and that the organizations targeted in the [recent] Silicon Valley attacks have been compromised since July.”


Olson told Threat Level that the attackers are “incredibly good” at finding new exploits and infecting the right people but that nothing he’d seen in the malware indicated they were above average in writing malicious code.


“The sophistication here is all about the fact they were able to target the right people using a previously unknown vulnerability,” he says.


The iDefense spokeswoman told Threat Level that her company waited a week to disclose details about the attack until after Google went public with the news that it had been hacked. She said it’s her understanding that Google’s source code was targeted in the hack attack.


Google did not immediately respond to a request for comment from Threat Level.


Adobe’s announcement didn’t discuss specifically whether hackers had stolen its source code but said that it had “no evidence to indicate that any sensitive information — including customer, financial, employee or any other sensitive data — has been compromised” in the attack.

Share this post

Link to post
Share on other sites

Give me a break, the US does the exact samething it accuses of others. You'd be naive to not believe they're not looking to see what you do Online. How the hell do you think they catch all these people that are looking child porn. It wouldn't even surprise me if they are watching us here on SoL.

Share this post

Link to post
Share on other sites

Google may not be letting China use the uncensored version, but there's always BING by microsoft that are more than willing, and somewhat able to do it. When asked, they let it be known that they werent even appologetic about it, saying that China represents its most important strategic search market. Guess when u have a monopoly on everything, you dont really have to worry about any backlashes.

Share this post

Link to post
Share on other sites

Google knew wat it was getting into when it opened it's offices there. For them to whine about censorship and gov't control now is just ****** and shows how retarded they are.

Share this post

Link to post
Share on other sites

Electronic domination era has begun.


You guys realize what happened with the twitter and facebook crab that was used to destabilize Iran.


A new tool of domination.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this