Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warfare
Summary: One of the latest batch of leaked US embassy cables suggest that China is abusing its access to Microsoft source code by using the information to carry out cyber warfare.
One of the latest batch of leaked US embassy cables suggest that China is abusing its access to Microsoft source code by using the information to carry out cyber warfare.
The latest cable released by Wikileaks, and uncovered by The Guardian, suggests that the Chinese government is using licensed access to Microsoft source code in both a defensive and offensive manner.
56. (S//NF) CTAD comment: Additionally, CNITSEC enterprises has recruited Chinese hackers in support of nationally-funded "network attack scientific research projects." From June 2002 to March 2003, TOPSEC employed a known Chinese hacker, Lin Yong (a.k.a. Lion and owner of the Honker Union of China), as senior security service engineer to manage security service and training. Venus Tech, another CNITSEC enterprise privy to the GSP, is also known to affiliate with XFocus, one of the few Chinese hacker groups known to develop exploits to new vulnerabilities in a short period of time, as evidenced in the 2003 release of Blaster Worm (See CTAD Daily Read File (DRF) April 4, 2008). 57. (S//NF) CTAD comment: While links between top Chinese companies and the PRC are not uncommon, it illustrates the PRC's use of its "private sector" in support of governmental information warfare objectives, especially in its ability to gather, process, and exploit information. As evidenced with TOPSEC, there is a strong possibility the PRC is harvesting the talents of its private sector in order to bolster offensive and defensive computer network operations capabilities. (Appendix sources 51-52)
TOPSEC is China's biggest network security company and is one of the companies authorized by the Chinese government to have access to Windows source code for evaluation. CNITSEC is the organization responsible for China's IT security program.
This revelation follows on from an earlier cable where US diplomats claim that the order to carry out the attack on Google last year came from the head of China's propaganda and censorship chief.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
This one confuses the Hell out of me.
Great decision there, Microsoft.
Re: This one confuses the Hell out of me.
So, how about open source sharing their source code with China and Russia for that matter?
Your double standards are showing...
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
Shhh, don't tell him that
Too much isolation in the snow.
lol... :D
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
MS is closed to its users apparently everyone else has access.
Correction
What's next? Redmond supplying the code to Iran and North Korea?
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
and @rtk - to your comments below <br>
1. us govt having source is not the same thing as open source, is it? how does that help the average joe? <br>
2. having the source makes it much easier to find vulnerabilities than just trial and error, wouldn't you think? <br>
RE: So, how about open source sharing their source code with China and Russ
You forget one very important thing.
A government with some really bright and innovative individuals in leadership roles can take that open source code and harden it for internal use. What changes they make to the source code for their INTERNAL use does not have to be handed back yo the "community" if that code is used strictly for governmental purposes.
What I can not, and do not understand is why the US Government, and many local governments continue to use Microsoft products when it is common knowledge that both China and Russia have access to Microsoft source code. Does the attacks in the recent past (on Google and others) not get anyone's attention.
RE: Leaked US embassy cables:
If you think the US gov doesn't have access to the source code, but China does, you're deluding yourself (most likely on purpose).
More importantly, since when has source code been required for evil doers to find vulnerabilities?
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
@rtk, that has nothing to do with your earlier dumb statement up above concerning "double standards" and open source.
Que your NonZealot mouth, for once...
RE: Leaked US embassy cables:
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
Because..
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
US permit umm under some delusion as to who the US answers to? The US answers to cash and lots of it it is all about the money is there anyone who doubts this?.
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
This one confuses the Hell out of me
It shouldn't. The Chinese government made access to the source code a requirement of doing business in their country.
A billion potential customers and the fastest growing economy on the planet?
Microsoft just couldn't see past the $$$ here.
You do understand...
That MS really had no choice? Part of the requirement for doing business in China was access to the source code. JUST LIKE IN EVERY OTHER COUNTRY.
Besides, aren't you a fan of open source? :)
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
Yes I am an open-source fan, however 'open-sourcing' something as inherently insecure as MsWindows isn't a great idea.
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft sour
Your post is based on assumptions without fact.
RE: Leaked US embassy cables: Diplomats fear that China used Microsoft source code for cyber warefare
Cold war is over who would want the damn things now?