Saturday, January 16, 2010

Google in China

The gmail hack on dissidents is a sideshow. So is the censorhsip row.

The major story is the Aurora hack. Using a hole in Internet explorer (and possibly a similar one in Adobe Reader), the hackers, almost certainly guns for hire (maybe volunteers, probably operating out of China via taiwanese servers, and perhaps but still unproven working for an agency not a million miles from government), got into
Symantec (online security)
Juniper (routers and hardware security)
Rackspace (cloud computing -- tho seems to have been only used as a staging post, perhaps)
Adobe (who blogged that they'd been raided, admitted comprommised files, but may possibly have been of concern as a vehicle for the attack rather than a victim)
Dow Chemical
Northrop Grumman

And up to a total of 34, most of whom are staying quiet, very probably because a lot of them are defense contractors and security specialists.

US appointed a new 'cyber czar' recently: no sign of action - but in the House, Rep C Smith (Rep) is trying to reinvigorate the Global Online Freedom Act - look out for a new definition of 'axis of evil', this time based on property rights to information -- there's going to be big fallout in governance, esp now ICANN is no longer a US agency - the hack also used a DNS exploit which is ICANN's domain. China has been pushing for an end to the Internet Governance Forum and a move back to the national representation offered by the ITU. Now the US may well add its voice - in an ironic alliance.

Meanwhile, Google, entirely vulnerable as a corporation heading into the cloud big time, has managed a) to get the great press about standing up to censorship and defending human rights b) made Microsoft carry the can for the Aurora hack just when they are about to launch a rival cloud Docs application and c) divert attention from the fact that they just got stiffed in the biggest industrial espionage exploit of recent times.

No comments: