a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by kleinbl00
kleinbl00  ·  2500 days ago  ·  link  ·    ·  parent  ·  post: Did China Hack The CIA In Massive Intelligence Breach From 2010 To 2012?

Warning: garbage formatting and article thoroughly devoid of content. It's a bad summary of this article with the canard of "what if they did this through hacking?" with no evidence to support it.

Chinese intelligence operations are based much more on crowdsourcing than penetration. Because of the coercive nature of modern Chinese society, many immigrants are, at some point, pressured for information ("what questions did they ask you at INS") or support in low-level intelligence-gathering operations ("take pictures on this pier"). The leverage used is generally good/bad treatment of one's relatives or friends; the hierarchy of the Communist Party is such that social cachet and permissiveness can be used to carrot/stick behavior throughout all but the highest echelons of Chinese society, especially as the requests and requirements of the coercers aren't particularly onerous.

The org chart of the Chinese intelligence apparatus is also a sprawling, interlinked thing. I have it somewhere but it appears to not be interested in leaving the library at the moment. Chinese culture is much more three-sided than two-sided Western civilization. While we have legal and illegal aspects of culture, China has legal, illegal and quasi-legal. Triads and Tongs and Yakuza are often compared to the Mafia but they could just as easily be compared to the Knights Templar or the Freemasons. It's a structure that provides a lot more fluidity in important matters where people or projects of influence are at play.

So while it's possible that China "hacked" the CIA in order to enable the purge of CIA assets in 2010, it's far more likely that someone slipped up, got ratted on, and traded up the chain. Technological breakthroughs in espionage are a keenly American thing. Every other major player on the world stage accomplishes their intelligence through open-sourcing and HUMINT; while Russia has a respectable electronic/imaging intelligence gathering apparatus, their true coups have been flips like Aldritch Ames and Robert Hansen (both men who sought out the KGB because they wanted money). Meanwhile, Ken Alibek was the third defector we had out of Biopreparat and because we couldn't take a picture of it with a KH-11, it wasn't until the dude built some anthrax refiners at Batelle that we were willing to believe the size of the Soviet bioweapons program.





user-inactivated  ·  2500 days ago  ·  link  ·  

To be honest, I posted this just to watch you go off on it. Nice take down.

kleinbl00  ·  2500 days ago  ·  link  ·  

To be honest, I presumed as much, and performed accordingly. I wouldn't do it if I didn't enjoy it.

user-inactivated  ·  2500 days ago  ·  link  ·  

    While we have legal and illegal aspects of culture, China has legal, illegal and quasi-legal.

I mean, you can pentest the President and write about it for Gizmodo because the FBI isn't going to bust you for harmless shenanigans when they have enough problems recruiting security people without antagonizing the community they're trying to recruit from.

kleinbl00  ·  2500 days ago  ·  link  ·  

This is far more your wheelhouse than mine, but is this not a stupendously dumb article?

- what did they do besides wardrive Mar-el-lago?

- what crime would they be guilty of if they got onto a secure hotel network? Which they didn't?

- doesn't an undisclosed cc/ssn leak point more to Verifone than it does whatever user-facing Ruckus/Unifi mesh a hotel has deployed?

I mean, I get it. If Trump (or anyone around Trump) puts his phone on a compromised network, there's a very real possibility his/their phone could be compromised. But Gizmodo getting on a boat and going "yeppers, his hotel has Wifi" neither illuminates nor ameliorates this problem. One would assume that any confidential equipment/network/IT present at Mar-el-lago would be substantially more robust than "ATTFreeWifi." I'm hardly a 1337 hax0r but I know how to set up an AES-encrypted private, invisible network on my fuckin' $130 Netgear and I assume the Secret Service/NSA/CIA/DIA/ABC/123 know some tricks I don't?

user-inactivated  ·  2500 days ago  ·  link  ·  

It's a stupendously dumb article, which is why I didn't post it when it was making the rounds. It was just the most recent example that came to mind.