China’s Cyber War on the Protesters

By -


As Benjamin Bissell noted a few days ago, Hong Kong protestors have developed some interesting ways of trying to avoid Chinese repression, including the use of an app, FireChat, that allows them to communicate without using the internet at all.  But, as you might expect, China was not likely to stand idly by.  Consider this report from The Diplomat, outlining some of China’s efforts to counteract the protestor’s activities.  They have, on the whole been incredibly sophisticated.

  • They include a quite complex new piece of malware, dubbed Xsser, that infects both Android and Apple iOS systems — such cross-platform code is very rare and much harder to write.
  • It also involves only the third known Man-in-the-Middle attack originating in China — this one against Yahoo.
  • And, of course, we’ve seen traditional internet censorship increase, now blocking search terms such as “Occupy Central” and “Hong Kong students”

Perhaps most disturbing of all, it may not be the case that FireChat is as secure and sophisticated as it seems.  As one security researcher in the hacker space Breizh-Entropy put it:

[I]n the current state FireChat suffer from several flows that makes it unsuitable for an event like “Umbrella Revolution”. First the application is closed source and its internal mechanism are pretty difficult to understand at first. It is hard to fully comprehend wether [sic] a message goes public or stay locally. The lack of information regarding this matter makes it irresponsable [sic] to ask users to fill in their real name before using the application.

During the study, we stressed that not only every message sent are broadcasted locally (both Bluetooth and Wifi) regardless of the room, but we also show how easy it was to intercept and send information from/to FireChat users. Given the political context of the Umbrella Revolution, I would advise people to stop using Firechat or at least try to avoid leaking any information that could link to their real identity.

Another of my security colleagues reminded me that a supposedly useful  communications app from the Arab Spring also had a significant security hole.  Which raises an interesting question — are the security gaps accidental, or are they, perhaps, purposeful and part of an effort to seduce protestors to use seemingly useful, but insecure communications?

In cyber conflict, it seems like we are always “in a maze of twisty passages, all alike.”

Source http://www.lawfareblog.com/2014/10/chinas-cyber-war-on-the-protesters/

Comments

Post a Comment

Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

By Explorer -
Image
Massive public protests taking place in Hong Kong over the past week are aimed at a new extradition law, known as the Fugitive Offenders Ordinance , that would see accused criminals extradited to mainland China to face prosecution. Hongkongers feel the law could be used to legalise the kidnapping of people who express views, and act in ways, that are not popular with the Chinese government . The same law could also be used to extradite tourists and visitors to China who are arrested on suspicion of having committed these crimes. Protesters want the bill scrapped. For now, debate of the legislation has been postponed . Organisers say one million people turned out for the protests, while police estimate the number was around 240,000. Either way, it was a significant number of Hong Kong’s 7.5 million population. Commentators on Twitter remarked on how well organised the protesters were. So, how did they do it? Protesters across the world are using n
Read more

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive

By Explorer -
 According to a video of interrogation of "Hamas terrorists" released by Israel Security Agency Shin Bet, accessed exclusively by News18, "The Shifa hospital has been made with many considerations as Hamas knew that medical places won’t be attacked by the enemy. Equipment, explosives and other material has been kept there." Hamas is using hospitals in Gaza as covers and have turned them into ammunition depots, according to a video of interrogation of “Hamas terrorists" released by  Israel Security Agency  Shin Bet, accessed exclusively by News18. ALSO READ | Israel-Hamas War LIVE Updates  HERE The Israeli military has claimed that those featuring in the video released on Saturday are Hamas terrorists, who participated in the  October 7 attack  on Israel. “Most of the tunnels are hidden in hospitals. There are multiple underground levels. Al-Shifa Hospital is not small, it is a big place that can be used to hide things," a man is seen saying. “The Al-Shifa
Read more

Islam Has Massacred Over 669+ Million Non-Muslims Since 622AD

By Explorer -
Image
In fact, no ideology has been as genocidal as Islam… Islam has killed more than 5 times the number of people killed by communism. In the total numbers we have updated over 80 million Christians killed by Muslims in 500 years in the Balkan states, Hungary, Ukraine, Russia. Then we have India. The official estimate number of Muslim slaughters of Hindus is 80 million. However, Muslim historian Firistha (b. 1570) wrote (in either Tarikh-i Firishta or  the Gulshan-i Ibrahim) that Muslims slaughtered over 400 million Hindus up to the peak of Islamic rule of India, bringing the Hindu population down from 600 mil to 200 million at the time. With these new additions the Muslim genocide of non-Muslims since the birth of Mohammed would be  over 669 million murders. Islam: The Religion of Genocide Perspective:   Think the Spanish inquisition was bad? More people are killed by Islamists each year than in all 350 years of the Spanish Inquisition* combined. The Spanish inquisition ( Tribunal del Sant
Read more