Re: E-Mail Leak Has Google Threatening to Leave China

[Paul Ferguson <fergdawgster () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Jan 12, 2010 at 9:09 PM, rick wesson
<rick () support-intelligence com> wrote:

> I'm hearing that its like 30 companies involved. What I'm wondering is
> how they attributed it to the Chinese. With so many compromised systems
> in china isn't that the perfect joe-job?
>
> If I was Chinese and working to penetrate a bunch of us companies why
> would i do the deed from my own countries network. Rarely does a cyber
> criminal use networks within their own country to control asses, why do
> the Chinese?
>
> If I was from another nation I would look at the Chinese systems as a
> easy proxy, and throw off my trail by attempted crompromise of "freedom
> fighter" accounts. One thing I have learned is that attribution is very
> hard to do.

Hi Rick,

Those are great points -- but of course there are a lot of details missing
right now.

Having said that, I know some really bright security folks at Google, so I
have to initially believe they have good reason to suspect in-country
perpetrators.

But then again, we all know that things are not always as they appear. :-)

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFLTVaeq1pz9mNUZTMRAlNzAJ9SbYpGTvSPoTZgGDTMzxNoDvYcIwCfaL61
n7yA9r/xyIBMeJrEM/N1Gdo=
=mtVY
-----END PGP SIGNATURE-----




-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.