Comments on: Dey Wuz 0wn3d http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/ Tue, 16 Mar 2010 20:41:16 -0700 http://wordpress.org/?v=2.8.6 hourly 1 By: stageleft http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/comment-page-1/#comment-123087 stageleft Wed, 05 Sep 2007 02:11:33 +0000 http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/#comment-123087 Of course they said they knew who it was, I asked how they could know -- they also said that al Qaeda had significant ties to the Hussein regime, that Iraq had a nuclear program, that there were weapons of mass destruction, that the Iraqi war would be a short one (<i>"Five days or five weeks or five months, but it certainly isn't going to last any longer than that."</i> sound familiar?), and a host of other things - they should be believed now because..............?<div class="comment-remix-meta"><a href="#" class="replyto" onclick="replyto('123087','stageleft'); return false;">Reply</a> - <a href="#" class="quote" onclick="quote('123087','stageleft','Of course they said they knew who it was, I asked how they could know -- they also said that al Qaeda had significant ties to the Hussein regime, that Iraq had a nuclear program, that there were weapons of mass destruction, that the Iraqi war would be a short one (<i>\"Five days or five weeks or five months, but it certainly isn\'t going to last any longer than that.\"<\/i> sound familiar?), and a host of other things - they should be believed now because..............?'); return false;">Quote</a></div> Of course they said they knew who it was, I asked how they could know — they also said that al Qaeda had significant ties to the Hussein regime, that Iraq had a nuclear program, that there were weapons of mass destruction, that the Iraqi war would be a short one (“Five days or five weeks or five months, but it certainly isn’t going to last any longer than that.” sound familiar?), and a host of other things – they should be believed now because…………..?
ReplyQuote
]]> By: Debbie http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/comment-page-1/#comment-123083 Debbie Wed, 05 Sep 2007 00:52:52 +0000 http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/#comment-123083 You ask how we know that it was China. Well, the Pentagon said it was, I assume they have proof. (I always hate assuming, heh)<div class="comment-remix-meta"><a href="#" class="replyto" onclick="replyto('123083','Debbie'); return false;">Reply</a> - <a href="#" class="quote" onclick="quote('123083','Debbie','You ask how we know that it was China. Well, the Pentagon said it was, I assume they have proof. (I always hate assuming, heh)'); return false;">Quote</a></div> You ask how we know that it was China. Well, the Pentagon said it was, I assume they have proof. (I always hate assuming, heh)
ReplyQuote
]]> By: stageleft http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/comment-page-1/#comment-123072 stageleft Tue, 04 Sep 2007 22:22:20 +0000 http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/#comment-123072 You guys are no fun at all :-) The answer to question #1 is, no, we cannot believe them; and the answer to question #2 is that because of their answers we cannot trust them - and none of that is American bashing, it's simple networking. How do they know that it was the Chinese, and specifically the PLA? How can they? If you're a PLA hacker are you gonna launch your attack from a PLA barracks? If you're a Chinese super hacker spy, either living at home, or on assignment in south America are you gonna launch your attack from the spy office? The Chinese embassy? No, you're not, and most certainly not if you've got the smarts to actually have a realistic chance of getting anywhere close to something good. The first rule of hacking is <i>"thou shalt not hack from where you can get traced back to"</i> - and anyone smart enough to get into that sort of system knows that. If I was gonna attempt this, and let it be known right up front that I have enough smarts to know that I don't have anywhere near the smarts to needed to even come close to accomplishing such a thing, I certainly wouldn't do it from my living room where my IP address could be traced directly back to my bank account. That would be dumber that that bag of hammers we used to hear about so much wouldn't it? Maybe I'd compromise a machine on some other network, some corporate wireless network with lax wireless security so that the point of attack wouldn't be from my living room. Maybe I'd go on vacation to some other country and compromise some unsuspecting network there so that the attack didn't come from my hotel room. Maybe I'd go to Bulgaria and tap into one of the endless lists of unsecured networks in Turkey. Is the theory behind this starting to become somewhat clearer? The Pentagon can tell the network where the attack came from, but it cannot tell who launched the attack, or from where. So while they may well have detected an attack launched from a Chinese network that does not mean that the hacker was either Chinese, or even sitting at a keyboard in China. The sort of news they're letting go sounds really good on the face of it all, especially if you connect American statements on the Chinese military buildup in light of the recent trouble with Chinese products entering the US, but if it's given any thought at all it starts to become suspect rather quickly.<div class="comment-remix-meta"><a href="#" class="replyto" onclick="replyto('123072','stageleft'); return false;">Reply</a> - <a href="#" class="quote" onclick="quote('123072','stageleft','You guys are no fun at all :-) \r\n\r\nThe answer to question #1 is, no, we cannot believe them; and the answer to question #2 is that because of their answers we cannot trust them - and none of that is American bashing, it\'s simple networking.\r\n\r\nHow do they know that it was the Chinese, and specifically the PLA? How can they?\r\n\r\nIf you\'re a PLA hacker are you gonna launch your attack from a PLA barracks?\r\n\r\nIf you\'re a Chinese super hacker spy, either living at home, or on assignment in south America are you gonna launch your attack from the spy office? The Chinese embassy?\r\n\r\nNo, you\'re not, and most certainly not if you\'ve got the smarts to actually have a realistic chance of getting anywhere close to something good. The first rule of hacking is <i>\"thou shalt not hack from where you can get traced back to\"<\/i> - and anyone smart enough to get into that sort of system knows that.\r\n\r\nIf I was gonna attempt this, and let it be known right up front that I have enough smarts to know that I don\'t have anywhere near the smarts to needed to even come close to accomplishing such a thing, I certainly wouldn\'t do it from my living room where my IP address could be traced directly back to my bank account.\r\n\r\nThat would be dumber that that bag of hammers we used to hear about so much wouldn\'t it?\r\n\r\nMaybe I\'d compromise a machine on some other network, some corporate wireless network with lax wireless security so that the point of attack wouldn\'t be from my living room.\r\n\r\nMaybe I\'d go on vacation to some other country and compromise some unsuspecting network there so that the attack didn\'t come from my hotel room. \r\n\r\nMaybe I\'d go to Bulgaria and tap into one of the endless lists of unsecured networks in Turkey.\r\n\r\nIs the theory behind this starting to become somewhat clearer? The Pentagon can tell the network where the attack came from, but it cannot tell who launched the attack, or from where.\r\n\r\nSo while they may well have detected an attack launched from a Chinese network that does not mean that the hacker was either Chinese, or even sitting at a keyboard in China.\r\n\r\nThe sort of news they\'re letting go sounds really good on the face of it all, especially if you connect American statements on the Chinese military buildup in light of the recent trouble with Chinese products entering the US, but if it\'s given any thought at all it starts to become suspect rather quickly.'); return false;">Quote</a></div> You guys are no fun at all :-)

The answer to question #1 is, no, we cannot believe them; and the answer to question #2 is that because of their answers we cannot trust them – and none of that is American bashing, it’s simple networking.

How do they know that it was the Chinese, and specifically the PLA? How can they?

If you’re a PLA hacker are you gonna launch your attack from a PLA barracks?

If you’re a Chinese super hacker spy, either living at home, or on assignment in south America are you gonna launch your attack from the spy office? The Chinese embassy?

No, you’re not, and most certainly not if you’ve got the smarts to actually have a realistic chance of getting anywhere close to something good. The first rule of hacking is “thou shalt not hack from where you can get traced back to” – and anyone smart enough to get into that sort of system knows that.

If I was gonna attempt this, and let it be known right up front that I have enough smarts to know that I don’t have anywhere near the smarts to needed to even come close to accomplishing such a thing, I certainly wouldn’t do it from my living room where my IP address could be traced directly back to my bank account.

That would be dumber that that bag of hammers we used to hear about so much wouldn’t it?

Maybe I’d compromise a machine on some other network, some corporate wireless network with lax wireless security so that the point of attack wouldn’t be from my living room.

Maybe I’d go on vacation to some other country and compromise some unsuspecting network there so that the attack didn’t come from my hotel room.

Maybe I’d go to Bulgaria and tap into one of the endless lists of unsecured networks in Turkey.

Is the theory behind this starting to become somewhat clearer? The Pentagon can tell the network where the attack came from, but it cannot tell who launched the attack, or from where.

So while they may well have detected an attack launched from a Chinese network that does not mean that the hacker was either Chinese, or even sitting at a keyboard in China.

The sort of news they’re letting go sounds really good on the face of it all, especially if you connect American statements on the Chinese military buildup in light of the recent trouble with Chinese products entering the US, but if it’s given any thought at all it starts to become suspect rather quickly.

ReplyQuote
]]> By: balbulican http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/comment-page-1/#comment-123068 balbulican Tue, 04 Sep 2007 21:23:05 +0000 http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/#comment-123068 OR put the really good stuff in a folder called "What We Sent To Karl Rove". Who'd bother looking?<div class="comment-remix-meta"><a href="#" class="replyto" onclick="replyto('123068','balbulican'); return false;">Reply</a> - <a href="#" class="quote" onclick="quote('123068','balbulican','OR put the really good stuff in a folder called \"What We Sent To Karl Rove\". Who\'d bother looking?'); return false;">Quote</a></div> OR put the really good stuff in a folder called “What We Sent To Karl Rove”. Who’d bother looking?
ReplyQuote
]]> By: Throbbin http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/comment-page-1/#comment-123066 Throbbin Tue, 04 Sep 2007 20:56:40 +0000 http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/#comment-123066 Maybe it's already been done, but if I were working at the Pentagon (or any other countries National Defense Agency), I would expect this kind of thing, and get a little tricky. If I thought my network would be hacked, I would devise a virus and store it in a file on my server entitled "Super-Extra-Mega-Top-Secret". What foreign power would not try to access that file? A good way to teach someone a lesson.<div class="comment-remix-meta"><a href="#" class="replyto" onclick="replyto('123066','Throbbin'); return false;">Reply</a> - <a href="#" class="quote" onclick="quote('123066','Throbbin','Maybe it\'s already been done, but if I were working at the Pentagon (or any other countries National Defense Agency), I would expect this kind of thing, and get a little tricky.\r\n\r\nIf I thought my network would be hacked, I would devise a virus and store it in a file on my server entitled \"Super-Extra-Mega-Top-Secret\". What foreign power would not try to access that file? A good way to teach someone a lesson.'); return false;">Quote</a></div> Maybe it’s already been done, but if I were working at the Pentagon (or any other countries National Defense Agency), I would expect this kind of thing, and get a little tricky.

If I thought my network would be hacked, I would devise a virus and store it in a file on my server entitled “Super-Extra-Mega-Top-Secret”. What foreign power would not try to access that file? A good way to teach someone a lesson.

ReplyQuote
]]> By: balbulican http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/comment-page-1/#comment-123063 balbulican Tue, 04 Sep 2007 20:04:43 +0000 http://www.stageleft.info/2007/09/04/dey-wuz-0wn3d/#comment-123063 “1] Can we believe them? This is a Pentagon that has lied in the past, who is to say they are not doing it now?”

They may be. But I’m not sure why anyone would doubt that the Chinese are trying to hack the Pentagon. Spies spy. That’s what they do.

Do you doubt that the Pentagon is hacking the Chinese, AND the Israelis, and the Russians, and us? And vice versa? Would any of that surprise any of us?

“[2] Given recent the American intelligence community track record on “certainties” can we trust the accuracy of these anonymous statements?”

See (1).

“[3] If someone did get in do ya suppose they got anything useful?”

Not being very knowledgeable about the world of intelligence gathering, who knows? I’m inclined to think the US is probably better at this sort of thing than the Chinese, but who can say?

ReplyQuote
]]>