Bonum Certa Men Certa
If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Chinese Google 'Attack' Involves Microsoft Windows Flaws

China satellite image



Summary: It is not Google's fault but Microsoft's fault that China managed to compromise accounts not just of Google but of over 20 other companies, by Microsoft's own admission

YESTERDAY we mentioned Google's reaction to attacks from China, which are now confirmed to be targeting different companies. It was not something against Google as Google is one among several victims and some people doubt there will be an exit from the largest Internet market.



How would leaving the Chinese market actually prevent Chinese crackers from connecting to Google servers? It would not.

Hacking Risks Persist Even If Companies Withdraw From China



Google and other enterprises still face a bleak computer security landscape that makes their companies vulnerable to hackers, whether they do business in China or not, analysts say.


Perhaps the most interesting revelation, which was found buried deep inside reports, is the role of Windows in these attacks on Google. Check this one out for example: (the emphasis in red is ours)

More sources are now claiming the Chinese government is behind the recent cyberattacks against Google and 33 other Silicon Valley companies, reports security firm Verisign iDefense. The attacks, revealed yesterday via a posting on Google's official blog, were hacking attempts on the technology infrastructure of Google and other major corporations in sectors that included finance, technology, media and chemical, said Dave Girouard, president of Google Enterprise.

[...]

While July's attacks were detected early and were largely uneventful, December's attacks did find some success. In addition, these same sources claim that the files in both cases share similar characteristics. For example, both attacks used a backdoor Trojan in the form of a Windows DLL, and both share two similar hosts for the command-and-control (C&C) communication. In layman's terms, if the cyberattack was a ground assault during a war, the C&C would be the general barking out the orders. Also in both incidents, the IP addresses used for C&C are in the same subnet and only six addresses apart from each other. That means both attacks are likely to have been instigated by the same entity and may imply that the recent victims' technology infrastructure has been compromised since July.


When one in two Windows PCs is said to be a zombie PC, the above should not be surprising. This was a targeted attack which must have relied on China activists' use of Microsoft Windows.

As the name suggests, the carefully crafted assaults differ from the net-cast-wide malware most often seen. A targeted attack specifically selects its victim and generally sends an e-mail using that person's name and perhaps business title. The body of the message might reference an attached list of business contacts, or describe it as an invoice, or use any other hook that would allay suspicion and convince the victim to double-click the attachment.


Real activists do not use Windows and should use GNU/Linux. A few moments ago, our reader Jose added information that confirms the above. It's an AP article titled "Microsoft's browser flaw exposed Google to hackers" and it says (in the opening): "Microsoft says a security flaw in its Internet Explorer browser played a role in the recent computer attacks against Google and at least 20 other companies."

In other news, a bank server has just been compromised and Baidu got hit by the same group that exploited Windows botnets to take down Twitter [1, 2, 3, 4, 5, 6]. We mentioned this story here and there's more from The Register:

The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.

Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.


Baidu -- unlike Google -- was not a victim of customers who use Windows. Google should tell customers that it's not Google that's vulnerable; it's Windows. Customers should therefore rethink their platform preferences. The same already goes for banks, for similar reasons.

Comments

If Microsoft Loves Miguel and Novell, Then They Must be Good for GNU/Linux, Right? | IRC: #boycottnovell @ FreeNode: January 14th, 2010

Recent Techrights' Posts

Wikipedia - Funded by Slop-pushing Companies and 'Broligarchs' - Gave Benefit of the Doubt to Slop, Then Regretted It
Wikipedia sucks. Without slop it'll suck a little less.
Passage of Wealth Upwards, Blaming the Victims
Tim Sweeney's net worth is 5.1 billion USD according to Forbes
EPO Strike Begins Today and It's the Longest One Yet (Can Last a Year)
Where's the media?
 
SUEPO Central Made a Strike (or Striking) Success
Europe has more than enough qualified patent officials
IBM Layoffs and Their Expected Scope in April 2026
Such layoffs impact not only IBM "proper"
SLAPP Censorship - Part 28 Out of 200: Facing Consequences for Impersonation and Worse
It's not "funny". It is moreover libellous.
Links 30/03/2026: South Korea Next to Curb Social Control Media Addiction and Manipulation, Notorious Patents in the US Challenged
Links for the day
Gemini Links 30/03/2026: Going Back to Wrist Watches and Why LLMs in Programming Suck
Links for the day
Did IBM Pay thestreet.com for Puff Pieces? (Like It Did With Forbes)
If so, there is no disclosure
Payoffs of Lifelong Commitments
"The Lifelong Activist"
Links 30/03/2026: "We Can’t Income-Tax Ultra-Elites"; "The Pirate Bay’s Oldest Torrent Turned 22"
Links for the day
Today, Europe's Second-Largest Institution (EPO) Goes on Strike That Can Last Until 2027. Nobody in the Media Covers This!
"We stand with the protesters"
When the Cost (or Time) of Maintenance Exceeds the Value
In recent years it seems like more people learn to remove things from their lives, not add more things
More Media Needs to Tell the Public Slop is a Giant Bubble, It Should Stop Taking "Sponsorship" Money to Inflate This Bubble
If enough of (what's left of) the media changes its tune and quits being a parrot of GAFAM, then we can debate slop like grown-ups
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 29, 2026
IRC logs for Sunday, March 29, 2026
Trying to Hide One's Abuses by Imposing Silence on Critics ("My Profile Was Private")
With enough daylight, sooner or later everyone knows you are a vampire
Fedora Badges System Shows the Demise of Fedora Under IBM
IBM isn't good at keeping what it buys
IBM is Sunsetting Red Hat, It Only Uses the Brand and the Shell
IBM buys or spins off companies as containers for "toxic assets" and debt
Cisco Systems is a Still Weak Spot With Bug Doors
nothing to offer except storytelling
Gemini Links 30/03/2026: Approaching April and Arvelie Calendar
Links for the day
No Daylight Saved
Is there still any practical reason for this ritual?
Microsoft Azure Does Not Have "Hiring Freezes", It Has Had Mass Layoffs Every Year Since 2020
Things are always a lot worse than Microsoft formally or publicly acknowledges
SLAPP Censorship - Part 27 Out of 200: Using the Tor Network to Hide From Consequences
Only 1-2 weeks after the countersuit the Canadian attempted to deplatform several Web sites
The Limits of Inclusion
Inclusion with caution isn't "opinionated"; it's a defence mechanism, sometimes a survival instinct
Almost 20 Years After Microsoft/Novell
The mission has not changed, but the priorities evolve all the time
People Discuss Rumours of Mass Layoffs at IBM Becoming Public in 1-2 Weeks
IBM is killing its brand or its "goodwill"
LLM Slop Kills Sites, as Sites That Adopt Slop Are Doomed
People won't subscribe to such sites and visit them if they recognise it's just slop
Links 29/03/2026: Indonesia Cracks Down on Social Control Media Addiction, China Becomes World’s Scientific Superpower
Links for the day
Fedora at the Mercy of Microsoft Because of Back-Doored Kick-Switch Boot
We'll soon revisit the defamation attacks on Torvalds
Links 29/03/2026: Water Shortages and No Kings Rallies
Links for the day
The Old Days
In the early days of this site (2006) it was mostly just a couple of people, plus comments
Gemini Links 29/03/2026: Return to Gopherspace, "Zen of Marking Playing Cards"
Links for the day
The Real XBox is Dead, So Microsoft is Calling Everything "XBox" Now
It even wanted to run a campaign to convince everybody that XBox is not actually a console
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 28, 2026
IRC logs for Saturday, March 28, 2026
Open Web Destroyed by Centibillionaires, Says Anil Dash of Blogging Fame
Blogging was going through its 'prime years' about 20 years ago
"Linux" Slop Going Away, Microsoft et al Pay 'Linux' Foundation to Promote Slop
It's a timely reminder that the Linux Foundation exists to promote whoever pays the Linux Foundation, even pedophiles and companies that attack the GPL
Links 28/03/2026: Microsoft's LinkedIn a National Security Risk, Microsoft's Slop "Ambitions Face Investor Scrutiny Amid Soaring Costs"
Links for the day
Gemini Links 28/03/2026: "Finding My Base Tone", "Astrobotany", and BugoutBack/OFFLFIRSOCH
Links for the day
Links 28/03/2026: More Worldwide Bans on Social Control Media (Harms to Adolescents), Protests in US Against Dictatorship
Links for the day
SLAPP Censorship - Part 26 Out of 200: Asking for Documents and Information You Already Have, Even Letters and E-mails That You Yourself Sent!
barristers are expensive
Gemini Links 28/03/2026: Echo Delay and 0x0.st
Links for the day
Rumours of More IBM Mass Layoffs at Beginning of April
IBM is not doing well
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 27, 2026
IRC logs for Friday, March 27, 2026