Bonum Certa Men Certa
If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Recent Techrights' Posts

Silent Layoffs at Microsoft in 2026
Time will tell is there are investigative journalists out there who will quit parroting Microsoft (e.g. false layoff figures) and relying on LLMs controlled by Microsoft to spew out false "facts" for them
SLAPP Censorship - Part 91 Out of 200: Legal Aid in Support of Freedom of the Press and British Women (Attacked by Americans)
bolstered by prominent counsels
Codecs and Software Patents - Part XII - GNU's Web Site Will Soon Have Many Recent Talks by Chief GNUisance Richard Stallman (RMS)
GNU videos being transcoded or converted into AV1
The Fall of Slop (Even Microsoft Admits There's a Problem)
If Microsoft admits that slop is too expensive and is for "entertainment purposes" because it cannot be relied upon, why would anyone other than the pushers and profiteers still insist that slop bears potential?
 
Censorship of Information Unflattering to IBM (or GAFAM)
Years ago we gave a platform to a censored Microsoft whistleblower
[Video] Richard Stallman's Rapperswil (Switzerland) Talk Online
accessible without proprietary software
Trusting Trust is an Old Issue, Predating Rust and LLM Slop by Over Half a Century
Microsoft Lunduke wants to make a case against Rust and slop (LLMs), but the issues he addresses aren't exactly new or unique
California Should Have Abandoned So-called 'Age‑Verification Laws', Not Make Exemptions (for Now)
This has nothing to do with 1) children 2) safety 3) safety of children
Links 29/05/2026: Cory Doctorow on Why the Internet Feels So Broken, American Pope on Defederation
Links for the day
Techrights Does Not Censor Information About IBM, It Platforms and Retains Suppressed Voices From Inside IBM
They don't like it when people criticise the management [...] panic attacks mentioned
Bob (Robert) Cringely Devoted Three Years of His Life Trying to Profit From LLM Slop and Now He Sounds Off, It's Just Not Working and It Can Crash the Economy Soon
"The labs raising money at valuations with too many zeros are happy"
Techrights After About 60,000 Articles in 20 Years
Sites fail if they don't offer anything new or if they wrongly believe that adopting slop to parrot other sites will give them exposure
Organised Plunder or Robbery: GAFAM and Hardware Companies Rely on Media Bribery to Perpetuate False Narratives and to "Drive Sales" (and Drive Prices Upwards)
The price-fixing seems plausible and, if so, we need to demand action
Linux Foundation Destroys the Identity and History of Linux
Groklaw's PJ was thorn on the side of LF sponsors
The Problem of Microsoft Crimes
Opposing crime isn't "hatred"
Red Hat Will Die Inside a Dying IBM
IBM isn't where Red Hat came to thrive but where it came to die
Very Large Strike at the European Patent Office Today, "Production" Sank a Huge Deal
At this pace, we might be looking at tens of thousands fewer European Patents being granted this year
Gemini Links 29/05/2026: Leadership and Religion, the Board Game (Second Edition)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, May 28, 2026
IRC logs for Thursday, May 28, 2026
Links 28/05/2026: Pakistan and Afghanistan Are Still Fighting, Iranians Back Online
Links for the day
"LLMs Are Not Much More Than Plagiarism Engines"
the impact of LLMs on communities and software projects
Is Slop Profitable Yet? No.
Everything is a giant minus
Bob (Robert) Cringely Has Just Explained That After 3 Years of Hard Work It Became Apparent LLM Slop is Unfit for Purpose in Courts
Added moments ago to Daily Links
Links 28/05/2026: LibreSSL 4.3.2, "Jeff Bezos Is Afraid Of What Comes Next", Measles Making a Comeback
Links for the day
PCs That Are Made to 'Expire' and 'Secure' Boot Contributing to Planned Obsolescence
People who are responsible for this ought to be held accountable
Evil, Faceless Corporation: Google Steals Money From You If You Don't Purchase an Android Device for MFA
At this point, under the guise of "hey hi" (slop) Google is firing tens of thousands of workers
People Go Back to Basics, Abandon Microsoft's GitHub to Avoid Slop
The media didn't pay any attention to GitHub's de facto chief quitting Microsoft only a few months ago
SLAPP Censorship - Part 90 Out of 200: When Efforts to Silence His Spouse and Also the Wife of a Blogger in Another Continent Only Give More Exposure to Embarrassing Information
The Garrett trial ended in October 2025
IBM - Much Like the European Patent Office (EPO) - Gives the President (Head of Board and CEO) All the Money While Staff Drowns in High Inflation Rates
They're discussing the same sort of thing we often see mentioned in the EPO
"THE REGISTER EXPLAINER" as "Paid-for SPAM" at The Register MS With "AI" 40 Times in the Short Page
What will be left of The Register MS in a few years?
2025: EPO President Campinos Breaks the Cookie Jar, Steals Another Million Euros While His "Brother-in-Law" Does Cocaine at the Office and Staff Prepares Rolling, Indefinite Strikes
any additional month of Campinos in charge of the EPO is a liability not just to the EPO but the EU as well
Gemini Links 28/05/2026: Dumping Microsoft GitHub, Gopher Rabbit Hole
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 27, 2026
IRC logs for Wednesday, May 27, 2026
Links 27/05/2026: TSMC Workers Next to Consider Strikes, Ceasefire Cracking
Links for the day
SLAPP Censorship - Part 89 Out of 200: SRA Admits Malfunction, That's Why Transparency is Paramount
There have been more efforts than we can to count or can enumerate (probably over 100 such efforts) to gag us and to prevent us writing about what has happened
Our Free Software Activist in Connecticut (USA)
We'll soon revisit the latest round of legislation on "age" (surveillance, ID)
Links 27/05/2026: Living Without 'Smartphoones' and "Russia’s Biggest Attack on Ukraine in 18 Months"
Links for the day
Gemini Links 27/05/2026: The USA as an "Experiment" and Some Ubuntu Manuals
Links for the day
[Video] Full Video of Richard Stallman's Talk in Rome
It seems inevitable that the official GNU site will have it
Slop is a Passing Fad, It's About Faking Productivity (Plagiarism, Misinformation, and False Positives)
Slop is a bubble. Some people accept it later than others.
Anderon - Like Kyndryl - Could be Far Deeper in Debt Than Its Alleged Worth (Vapourware)
Time will tell, but it seems like a Federal-enabled (by the Federal Government) accounting scam, nothing more, nothing less
The Media That Keeps Covering "AI" Because the Pushers of It Pay for Spam
23 times in the page they mention "AI"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 26, 2026
IRC logs for Tuesday, May 26, 2026
Codecs and Software Patents - Part XI - The Stance of RMS (Dr. Stallman) Reassured GNU Regarding AV1
cautioned against software patents since the early 90s if not earlier