=============================================
===============================================================
Have you ever wondered how it would be if your email suddenly came to life? You are about to find out.
====================================================
https://www.youtube.com/watch?v=HTgYHHKs0Zw
China Is Said to Use Powerful New Weapon to Censor
Internet
By NICOLE PERLROTH APRIL 10, 2015 Credit Reuters
A tool researchers call the Great
Cannon is said to have redirected traffic intended for the Chinese search
engine Baidu.
SAN FRANCISCO —
Late last month, China began flooding American
websites with a barrage of Internet traffic in an apparent effort to
take out services that allow China’s Internet users to view websites otherwise
blocked in the country.
Initial
security reports suggested that China had crippled the services by exploiting
its own Internet filter — known as the Great Firewall — to redirect
overwhelming amounts of traffic to its targets. Now, researchers at the
University of California, Berkeley and the University of Toronto say China did
not use the Great Firewall after all, but rather a powerful new weapon that they
are calling the Great Cannon.
The Great
Cannon, the researchers said in a report published on Friday, allows China to
intercept foreign web traffic as it flows to Chinese websites, inject malicious
code and repurpose the traffic as Beijing sees fit.
The system was
used, they said, to intercept web and advertising traffic intended for Baidu
— China’s biggest search engine company — and fire it at GitHub, a popular site
for programmers, and GreatFire.org, a nonprofit that runs mirror images of
sites that are blocked inside China. The attacks against the services continued
on Thursday, the researchers said, even though both sites appeared to be
operating normally.
Bill Marczak, right, a co-author of the
report on a powerful new Chinese cyberweapon, with Morgan Marquis-Boire, a
fellow Citizen Lab researcher. Credit Thor Swift for The New York Times
But the
researchers suggested that the system could have more powerful capabilities.
With a few tweaks, the Great Cannon could be used to spy on anyone who happens
to fetch content hosted on a Chinese computer, even by visiting a non-Chinese
website that contains Chinese advertising content.
“The
operational deployment of the Great Cannon represents a significant escalation
in state-level information control,” the researchers said in their report. It
is, they said, “the normalization of widespread and public use of an attack
tool to enforce censorship.”
The researchers,
who have previously done extensive research into government surveillance tools,
found that while the infrastructure and code for the attacks bear similarities
to the Great Firewall, the attacks came from a separate device. The device has
the ability not only to snoop on Internet traffic but also to alter the traffic
and direct it — on a giant scale — to any website, in what is called a “man in
the middle attack.”
China’s new Internet weapon, the report says, is
similar to one developed and used by the National Security Agency and its
British counterpart, GCHQ, a system outlined in classified documents leaked by Edward J.
Snowden, the former United States intelligence contractor. The American
system, according to the documents, which were published by The Intercept, can
deploy a system of programs that can intercept web traffic on a mass scale and
redirect it to a site of their choosing. The N.S.A. and its partners appear to
use the programs for targeted surveillance, whereas China appears to use the
Great Cannon for an aggressive form of censorship.
The
similarities of the programs may put American officials on awkward footing, the
researchers argue in their report. “This precedent will make it difficult for
Western governments to credibly complain about others utilizing similar
techniques,” they write.
Still, the
Chinese program illustrates how far officials in Beijing are willing to go to
censor Internet content they deem hostile. “This is just one part of President
Xi Jinping’s push to gain tighter control over the Internet and remove any
challenges to the party,” said James A. Lewis, a security expert at the Center
for Strategic Studies in Washington.
Beijing
continues to increase its censorship efforts under its State Internet
Information Office, an office created under Mr. Xi to gain tighter control over
the Internet within the country and to clamp down on online activism. In a
series of recent statements, Lu Wei, China’s Internet czar, has called on the
international community to respect China’s Internet policies.
Sarah McKune, a
senior legal adviser at the Citizen Lab at the Munk School of Global Affairs at
the University of Toronto and a co-author of the report, said, “The position of
the Chinese government is that efforts to serve what it views as hostile
content inside China’s borders is a hostile and provocative act that is a
threat to its regime stability and ultimately its national security.”
The attacks
also show the extent to which Beijing is willing to sacrifice other national
goals, even economic ones, in the name of censorship. Baidu is China’s most
visited site, receiving an estimated 5.2 million unique visitors from the
United States in the last 30 days, according to Alexa, a web ranking service.
Kaiser Kuo, a
Baidu spokesman, said that Baidu was not complicit in the attacks and that its
own networks had not been breached. But by sweeping up Baidu’s would-be
visitors in its attacks, researchers and foreign policy experts say, Beijing
could harm the company’s reputation and market share overseas.
Beijing has
recently said that it plans to help Chinese Internet companies extend their
influence and customer base abroad. At a meeting of the National People’s
Congress in China last month, Premier Li Keqiang announced a new “Internet
Plus” action plan to “encourage the healthy development of e-commerce,
industrial networks and Internet banking and to guide Internet-based companies
to increase their presence in the international market.”
Yet the latest
censorship offensive could become a major problem for Chinese companies looking
to expand overseas. “They know one of their biggest obstacles is the perception
that they are tools of the Chinese government,” Mr. Lewis said. “This is going
to hurt Baidu’s chances of becoming a global competitor.”
Researchers say
they were able to trace the Great Cannon to the same physical Internet link as
China’s Great Firewall and found similarities in the source code of the two
initiatives, suggesting that the same authority that operates the Great
Firewall is also behind the new weapon.
“Because both
the Great Cannon and Great Firewall are operating on the same physical link, we
believe they are both being run under the same authority,” said Bill Marczak, a
co-author of the report who is a computer science graduate student at the
University of California, Berkeley and a research fellow at Citizen Lab.
Mr. Marczak
said researchers’ fear is that the state could use its new weapon to attack
Internet users, particularly dissidents, without their knowledge. If they make
a single request to a server inside China or even visit a non-Chinese website
that contains an ad from a Chinese server, the Great Cannon could infect their
web communications and those of everyone they communicate with and spy on them.
Ultimately,
researchers say, the only way for Internet users and companies to protect
themselves will be to encrypt their Internet traffic so that it cannot be
intercepted and diverted as it travels to its intended target.
“Put bluntly,”
the researchers said, “unprotected traffic is not just an opportunity for
espionage but a potential attack vector.”
Paul Mozur
contributed reporting from Hong Kong.
A version of
this article appears in print on April 11, 2015, on page B1 of the New York
edition with the headline: Chinese Tool Is Suspected in Web Attack.
===============================================================
Have you ever wondered how it would be if your email suddenly came to life? You are about to find out.
====================================================
===========================================================
www.tabularosa.net
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
No comments:
Post a Comment