Bonum Certa Men Certa
If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Recent Techrights' Posts

Links 28/03/2026: Microsoft's LinkedIn a National Security Risk, Microsoft's Slop "Ambitions Face Investor Scrutiny Amid Soaring Costs"
Links for the day
SLAPP Censorship - Part 26 Out of 200: Asking for Documents and Information You Already Have, Even Letters and E-mails That You Yourself Sent!
barristers are expensive
 
Open Web Destroyed by Centibillionaires, Says Anil Dash of Blogging Fame
Blogging was going through its 'prime years' about 20 years ago
"Linux" Slop Going Away, Microsoft et al Pay 'Linux' Foundation to Promote Slop
It's a timely reminder that the Linux Foundation exists to promote whoever pays the Linux Foundation, even pedophiles and companies that attack the GPL
Gemini Links 28/03/2026: "Finding My Base Tone", "Astrobotany", and BugoutBack/OFFLFIRSOCH
Links for the day
Links 28/03/2026: More Worldwide Bans on Social Control Media (Harms to Adolescents), Protests in US Against Dictatorship
Links for the day
Gemini Links 28/03/2026: Echo Delay and 0x0.st
Links for the day
Rumours of More IBM Mass Layoffs at Beginning of April
IBM is not doing well
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 27, 2026
IRC logs for Friday, March 27, 2026
"Headcount" as Distraction From Mass Layoffs and Salary Reductions
Things aren't looking well when one considers revenue is acquired, not earned
"Linux" Slop Turning Rarer, New York Times Nowadays Contaminated With LLM Slop
Another day has passed without much slop about "linux"
Links 27/03/2026: Studying Whale Births, Apple is Cancelling Products, Cambodia Arrests Journalists Over Photographs
Links for the day
Gemini Links 27/03/2026: GTD, Gopher Catchup, Gemini Crawlers, and "Slop Everywhere"
Links for the day
Mozilla Was Ruined Like Sirius Open Source Was Ruined - From the Top Down
Mozilla will never return to its Free software roots
Nokia Could Never Recover From Microsoft
It's very important to remember what really happened
Why Techrights and Many Other Sites Stopped Doing April Fools’ Day Articles
Well before slop (made by LLMs) it was "bad optics" to have satire or humour in a site, irrespective of the day of the year
President Not-Cocaine Campinos Notified of Historic EPO Strikes (Thousands of Workers Not Coming Back to the Office)
Please do pay attention to how the media treats these strikes in Europe's second-largest institution
Slides From the Presentation Discussing EPO Strikes Until End of June or Until End of 2026 (Maybe Next Year Too)
More to come soon (later today)
IBM Cuts Are Everywhere (Global), the Aim is to Lower the Pay
Because the revenues keep falling (IBM buys other companies' revenues using borrowed money)
Perpetual Strikes to Begin at European Patent Office (EPO), Large Majority Votes for Strikes Any Day of the Week
Approved industrial actions [...] Notice how none of the media or even so-called 'IP' blogs write about it
Mozilla is Not a Privacy Company, Mozilla is Run by GAFAM Executives and Managers Who Came From American Surveillance Companies
Would you trust a VPN they claim to be "free"?
SLAPP Censorship - Part 25 Out of 200: That Time Matthew J. Garrett Got Temporarily Banned/Suspended From Twitter
That he gets banned from large social control media platform is hardly surprising given his combative communications
Ubuntu Started as Free With ShipIt, Now It Becomes Payware That Exploits Debian Volunteers (Slaves)
"Ubuntu" the distro now replaces the GNU components inherited from Debian with a bunch of Microsoft GitHub (proprietary) things that reject reciprocal licences
Last Night The Register MS Published a Fake Article. It Mentioned "AI" 27 Times.
Paid-for nonsense! [...] What's left of once-respectable news sites actively harms society
Links 27/03/2026: Google Executive (GAFAM, US, Surveillance) "Named the New BBC Head", Prominent Climate Scientist Resigns From NASA
Links for the day
Gemini Links 27/03/2026: "Being Busy" and "Posting Again"
Links for the day
GNOME Has No "Real" Executive Director, Only an IBM (Perma)'Interim' One With No Openings in Sight
GNOME is having financial problems
Microsoft Experiencing "Leadership Exodus"
Microsoft's current position is no better than Meta's (Facebook)
GNU/Linux Distros Should Reject "Age Verification" and Uphold Software Freedom for Users
It's not about protecting children
Slop Plunge
we can already "smell the blood" of the so-called 'AI industry'
IBM Media Puff Pieces While Layoffs Go On and On
Has the PR industry absorbed the press?
Media Says Microsoft Hiring Freezes, But There Are Already Microsoft Layoffs
They want the public to talk about Microsoft as if it's just not hiring when it is actually firing
Richard Stallman lynchings: Sruthi Chandran splitting Debian
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 26, 2026
IRC logs for Thursday, March 26, 2026
Links 26/03/2026: Tor Relay at National Taiwan Normal University, Copyright Hammers Fall
Links for the day
Gemini Links 26/03/2026: "The War of the Worlds" and "sometimes science is just the dumbest thing"
Links for the day
The World Wide Bots
The shape of the Web is so bad that bots exceed humans in some places
Links 26/03/2026: Solicitors Regulation Authority (SRA) Closes 101 Law Firms in 2 Years, "Please Compensate the Work You Appreciate"
Links for the day
Regaining Software Freedom Means Regaining Control Over Programs That Run on Our Devices
Richard Stallman will speak in Italy
Microsoft Secure Boot Removes Users' Choice
Has Greenland banned Microsoft and 'secure' boot yet?
IBM Pushes Workers Out, It Does Not Count Them as "Layoffs"
The number of IBM layoffs can be as large as tens of thousands per year
Hard to Find a Job After Working for Microsoft (Back Doors Giant, Bribery Hub)
It generally looks like people who chose to serve Microsoft's agenda don't end up too well
Microsoft Lost 31% Of Its Alleged "Value" in Five Months, Then It Got Downgraded
In 2026 Microsoft focuses on keeping the layoffs silent
Altering Perceived Reality to Make It Seem Like Microsoft is Thriving, Not Failing
pretend XBox did not die
SLAPP Censorship - Part 24 Out of 200: The Failed Effort by Brett Wilson LLP to Strike Out My Lawsuit and My Wife's Lawsuit Against Garrett (the Master Allowed Our Lawsuits to Proceed)
This is lawfare
Official New Figures Show That Solicitors Regulation Authority (SRA) Sees Rise in Dishonesty Among Law Firms Forcibly Shut Down ('Euthanised' Due to Misconduct)
It's rather if in our little country as many as 16 law firms were found to be so dishonest that they needed to be shut down
Back to Normalcy
In our datacentre at least
IBM is "Increasing Its Temporary and Part-time Headcount" While Net Headcount Falls (Despite Buying Many Companies and Their Workforce)
Headcount is a rather superficial yardstick.
Confluent Insiders: IBM Laid Off Over 800 at Confluent, Not Just 800
For the record, the layoffs at Confluent won't be over. After the bluewashing there will be "IBM RAs" impacting Confluent folks, aside from PIPs
EPO Union Decides to Continue Industrial Actions, Next Strike in Four Days
The latest strike had the highest participation rate
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 25, 2026
IRC logs for Wednesday, March 25, 2026
Microsoft's "Silent Layoffs" in Slop Clothing
"AI-powered transformation" is just a euphemism for mass layoffs
Where and How to Spot LLM Slop
Many people correctly perceive LLMs as a site's downfall, a step towards the abyss
Public Talk by Richard Stallman in Half a Day "at the Engineering and Architecture Campus of Cesena of the University of Bologna"
He'll probably attract a fairly large crowd
Gemini Links 26/03/2026: Buying a House, Stargazing, OFFLFIRSOCH 2026
Links for the day