What did Google's attackers do?
Can anybody with some "insider knowledge", heh heh, post about this? All Google said was that they were "sophisticated" attacks coming from China, I, generally speaking, love to know how hackers minds from all over the world work, so - does anybody know?
|
A reminder to anyone wishing to discuss this issue: Sharing insider knowledge of this nature could have extremely serious legal implications, so I must ask that you refrain from doing that. Please keep things limited to what you know from widely-available sources.
|
Quote:
|
It's all related to bills browser AFAIK.
Read this for some more http://tech.slashdot.org/story/10/01...gle-Now-Public Quote:
|
Okay, so what happened after client-side arbitrary code execution abilities were gained?
|
they executed an attack.
|
Quote:
|
Or you could have looked it up yourself ?
Should I be posting intimate details of a hack on a public forum anyway ? There are enough script kiddies out there without giving them detailed instructions here. I gave some starting references for more information. Surely only newbies want the answer on a plate. |
Quote:
Quote:
Quote:
Quote:
|
|
Quote:
Quote:
|
I suspect the closest we'll come to understanding what happened might be this official statement.
It's starting to sound to me like it was indeed Google employees within the corporate network who inadvertently launched the exploit code. Does it sound that way to you guys? |
As far as I know (which is usually not enough...and in any case needs a legal disclaimer that I only know what others have been saying) one of the somewhat confusing things about this case is there seem to have been two disconnected things, and there has been some assumption of a clear and obvious connection of some sort between them.
There was a hack attempt, which as far as anyone in the outside world knows, seems to have been from miscreants who may or may not have been in Chinese Universities. The only thing that has been revealed that connects these to the Chinese Government seems to have been that there seems to have been an attempt to target dissidents, and an attempt to target dissidents seems to be something that might have a value to the Chinese Government, although other interpretations, like straightforward blackmail, are possible. Google's response, apart from the very immediate 'plug the hole' reaction, seems to involve going back on the hugely controversial deal that they had struck with the Chinese Government to, errr, 'protect' the Chinese people from information that the Government though might be harmful, although the Government has not been all that explicit about whether they thought that the harm in question would occur to the Chinese people or the Chinese government. The lack of connection between these things seems, at first, confusing. 'Chinese hackers' try to do things which could compromise dissidents, Google responds with an action inimical to the Government. It seems that the background to this is that Google's market penetration in China hasn't been to Google's normally elevated standards, and, presumably, to their business plan. In particular, this seems to have made it easier for Google to say to themselves that they are not that bothered about the Chinese market, big in total though it may be, and that it certainly it isn't worth compromising to attain, if reputational damage in the rest of the world where Google does do well is the consequence of the terms that they are forced to comply with, in order to be in the market. |
Why is everyone suddenly giving legal disclaimers? As long as you have dynamic IPs, it'd be kind of hard to trace you ANYWAY, y'know.
So... the attack was a stupid Exploit Bug in Adobe Reader hack, nothing mind bendingly original. And here I was thinking rootkits and whatnot. What I find most worrying was that this attack happening to *Google* gets this much publicity. Surely attacks like this happen everyday, all over the world, to all sorts of companies....? Did Google actually put word about this out themselves? Folks know it's Google, so the security on the server-side'll be *bloody* good, so they're not worried about losing accounts, it's just a way to get the company's name in the papers....? Or am I being too skeptical? :) |
Quote:
|
All times are GMT -5. The time now is 01:08 PM. |