Bonum Certa Men Certa
If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Recent Techrights' Posts

What Puts the Brakes on GNU/Linux Adoption on Laptops and Desktops is Monopoly Control (or Monoculture) Over the Distros
Distros that adopt systemd are controlled by IBM and GAFAM
Layoffs in Twitter, Facebook, and Microsoft's LinkedIn
There are silent layoffs at Microsoft this month
We Don't Depend on Google and Don't Care for Google
We have our own site search and we don't depend on Google to bring visits/visitors to us
Facebook Layoffs Due to Enormous Debt, Nothing to Do With "Hey Hi" Slop
The lies about "hey hi" in relation to layoffs will only contribute to further public resentment towards: 1) the media and 2) all the slop.
 
GNU/Linux Distro Builders Barely Paid Enough to Pay Basic Bills, Chief of "Linux" Foundation (Not Even Using Linux!) Increases His Own Salary by Over 50% in 5 Years
Salaries or compensation correlate with the ability to exploit people, not to create things
The "Zero-Sum" Fallacy
Fallacies like "zero-sum" - especially in the context of foreign affairs including war - are utterly ruinous
A Happy Birthday to Richard Stallman
Richard Stallman will turn 73
Jürgen Habermas is Dead, But the Politicised, Inherently Corrupt, Corporatised Court for Patents That He Inspired Is Not
In the news throughout the weekend
Mountains of Abuses of Process by Brett Wilson LLP on Behalf of Americans and Sometimes at the Expense of British Taxpayers
a virtual "limited liability"
linuxteck.com FUD by LLM Slop, ubuntupit.com Passes the Slop Baton
Unless they get back to doing long-form authentic articles, as opposed to slop, no good will come out of it
Links 15/03/2026: New Shortages, Lynx Populations Depletion
Links for the day
Sruthi Chandran & Debian Diversity, Favoritism, Hidden Conflicts of Interest
Reprinted with permission from Daniel Pocock
software in the public domain
Reprinted with permission from Alex Oliva
Links 15/03/2026: Slop "Bubble Driving Interest in Chip Alternatives" and Wildlife Erosion Reported
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 14, 2026
IRC logs for Saturday, March 14, 2026
Change of Address at the Hired Guns, Address Removed
Companies tend to alter their 'shell structure' in anticipation of major action
The Good IBM Managers Have Flown Away, All That's Left is the Book-Cooking Loyalists
IBM is just cheating the SEC and shareholders. This seems to be the only thing IBM's management is nowadays good at.
Microsofters' SLAPP Censorship - Part 12 Out of 200: Months Ahead of Serial Strangler From Microsoft Who Helped Double the Lawsuits (Funded by Third Parties) as 'Revenge' for Exposing Crimes
In 2024 I sat down and wrote about what had been done to me and to my wife
Crime Comes in Many Forms
apparently the SRA is OK with stranglers of women in America bullying the media in the UK
commandlinux.com, linuxteck.com, linuxiac.com, and linuxsecurity.com are Slopfarms With "Linux" in Their Domain Name
once readers realise they read slop they immediately lose interest
Links 14/03/2026: Adoption of Slop Has Killed BuzzFeed, Russia Sees "Economic Gain From Iran War"
Links for the day
Patriotism is Conditional, If It's Unconditional, Then It's Like a Cult
My love for Software Freedom is only as strong as my love for Freedom of the Press
Links 14/03/2026: Mass Layoffs at Facebook ('Meta') and Sweeping Layoffs at Twitter (xAI), Social Control Media and Slop Are Only Debt
Links for the day
Wrong Time, Wrong Place (Digg)
Kevin Rose and Alexis Ohanian can relaunch Digg.com, but we doubt it'll work "this time for real!"
Universities Became Bad Places for Work
What happened to academia?
Reporting New and Suppressed Information is What Journalism is All About
In the domain of Free software, there are very few sites out there that offer exclusive coverage on community affairs and there are many gagging/censorship attempts
The Limits of Speech and the Rationale of Limitations
it seems to be part of an international trend
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 13, 2026
IRC logs for Friday, March 13, 2026
Gemini Links 14/03/2026: Goodness, AD534 Multiplier Module, and Extroverts Online
Links for the day
Atlassian Corp: We're Doing Layoffs Because of "Hey Hi"; Wall Street: Atlassian Corp is Just a Failing Business
Don't ask "the media"
Microsofters' SLAPP Censorship - Part 11 Out of 200: Cannot Censor His Spouse, Accusations Are Repeated Today
He already has a history of threatening to sue gay people in America; he cannot take criticism too well
Price of Storage, Price of Energy... What Next?
EPO workers are going on strike because their salaries don't keep up with price increases and tech companies without connections in "the channel" face long delays, low availability, and high prices (no "bulk" purchases), which further solidifies monopolies.
Don't Forget Red Hat's RTO (Return-to-office) Layoffs
How many people still remember that Red Hat did the same thing?
Reminder: Microsoft silent Layoffs by RTO (Commute Time and Lack of Comfort/Work Satisfaction) Already in Effect This Year
It's difficult to measure how many employees have already "left on their own" due to the RTO policy
Founder of IBM Ventures Has Just Quit IBM
Some people leave IBM and many people 'leave' IBM
Signs of Impeding Mass Layoffs - Not Just Quiet Layoffs - at Microsoft
Beneath the surface there are waves of layoffs and even entire teams are let go
Career Science and Academia as Corporate Propaganda 'on Tap'
article about surveillance
Veteran GNU/Linux Journalist Jack Wallen Tries Geminispace and Likes It
It'll turn 7 some time soon
Scheduled Maintenance Tonight
There will be similar work early next week
"Alternative to Microsoft Office" Must Use Free/Open Standards/Formats for Real Sovereignty
It would make sense for the EU to invest in its own workers and its own software projects, more so now that there are hostile countries both to the east and to the west
IBM Has No Clue How to Integrate Companies Like Red Hat
IBM is failing to respect this company's culture
Fake Articles From Sites With "Linux" in Their Name/Domain Name
we can at least hope that linuxteck.com made a decision to quit slop
Links 13/03/2026: New US Weapons for Taiwan, Pakistan Air Strikes Hit Kabul
Links for the day
Gemini Links 13/03/2026: Exhaustion and Smartphone Addiction
Links for the day
Friday the 13th & Debian Developers afraid to nominate in DPL elections
Reprinted with permission from Daniel Pocock
Links 13/03/2026: Chatbot "Pentagon Contract" (Bailout) and Secret Service Ditches Slop Pusher
Links for the day
When Everybody Has a Right/Access to An Attorney/Lawyer (But Some Get Funding From Malicious American Corporations to Spend a Million Dollars on Many Lawyers and Several Barristers)
And send about 75 KG of legal papers to the residence of the "opponent"
European Qualifying Examination (EQE) Being Reduced to Pieces of Papers One Can Buy, Patent System Rapidly Losing Its Legitimacy
Welcome to the "new Europe"
Priorities in 2026
2026 is an interesting year
Willis Towers Watson (WTW) Producing More Propaganda for EPO "Cocaine Communication Managers"
The Local Staff Committee The Hague (LSCTH) has this new paper about Willis Towers Watson (WTW) and its annual EPO-sponsored propaganda, pretending all is well when things are clearly dire
Head of Microsoft Office and Microsoft 360 is Leaving Microsoft Amid Problems and Mass Layoffs
Microsoft is like a "legacy" company
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 12, 2026
IRC logs for Thursday, March 12, 2026
Gemini Links 13/03/2026: "Someone to Take Over Antenna" and Random Seed/RNG
Links for the day