Evidence Weakens That China Did the Recent Cyberattacks

click2005 notes an article in The Register calling into question the one piece of hard evidence that has been put forward to pin the Google cyberattacks on China. It was claimed that a CRC algorithm found in the Aurora attack code was particular to Chinese-language developers. Now evidence emerges that this algorithm has been widely known for years and used in English-language books and websites. Wired has a post introducing the Pentagon's recently initiated effort to identify the "digital DNA" of hackers and/or their tools; this program is part of a wide-ranging effort by the US government to find useful means of deterring cyberattacks. This latter NY Times article notes that Google may have found the best deterrence so far — the threat to withdraw its services from the Chinese market.

Xenogooglia Run Amok

[eldavojohn]

This CRC-16 implementation seems to be virtually unknown outside of China, as shown by a Google search for one of the key variables, "crc_ta[16]". At the time of this writing, almost every page with meaningful content concerning the algorithm is Chinese:

Oh. My. God. I just reran the search [google.com] and it's changed. The top results are in English! It's the British that are attacking Google! Wait, one of the links is to a Blogspot site. Sweet Jesus, the attacks are coming from inside Google's own employee base! But wait, if you click crc_ta[16] [slashdot.org] enough times then Slashdot will show up in the list. Meaning Slashdot is the attacker on Google!

Oh Great Britain, Slashdot and even Google themselves, why have you forsaken us?

Google's pageranking engine returns a good enough set of available crawable webpages. It does not indicate guilt or scan all of human knowledge. Using it as any sort of evidence in a huge international scandal is less than prudent.

Re:Don't Be Foolish

[DeltaQH]

Someone trying to say that someone is trying to discredit China?

Re:Don't Be Foolish

[Anonymous Coward]

Right, of course. I was framed! Poor Chinese, all they want to do is run people over with tanks and everyone has to keep bothering them.

Re:Don't Be Foolish

[sakdoctor]

You just can't see past the end of your nose, to the possibility that it was someone trying to discredit someone who tried to say that someone is trying to discredit China.

Stop messing with my brains.

[140Mandak262Jamuna]

Please stop finding and posting evidence contrary to my preconceived notions! Enough already. As it is I am trying to contain my cognitive dissonance and I can do without all these pesky counter evidence, thank you. Next you will ask me to believe that Microsoft is not 100% evil and Apple is not 100% cool and Google is not 100% non-Evil (tm).

Re:Don't Be Foolish

[pushing-robot]

Truly, you have a dizzying intellect.

Re:Don't Be Foolish

[lewp]

Politics does have a tendency to produce gang-bangs.

Go to school for Computer Science, they said... Get a good job, they said...

Re:Don't Be Foolish

[QuantumRiff]

The hackers weren't the most intelligent. If they would have properly encrypted their code (hell, even a ROT-13), then these groups trying to decipher their algorithms would be breaking the DCMA.

Re:F-China

[newcastlejon]

How do you say "Propaganda" in Chinese?

Quietly.

Re:F-China

[Sir_Lewk]

Beware, the chinese astroturfers also have modpoints.

Re:Don't Be Foolish

[jank1887]

Wait til I get going! Now, where was I?

Re:Xenogooglia Run Amok

[mcgrew]

Meaning Slashdot is the attacker on Google!

We slashdotted China? Wow, I'm impressed!

Re:Don't Be Foolish

[LifesABeach]

"...accessing the Gmail accounts of Chinese human rights activists..."

To my knowledge, there are only two groups of people that follow Chinese human rights activists; The Chinese,(for tank tread inspections), and the Activist's Moms. I didn't know that Mom's had such a in depth awareness of Cyber Attacking. Go figure.