midfielder
Well-Known Member
Go google ... hardly ever back the yanks ... but go Google...
ccmfans.net is the Central Coast Mariners fan community, and was formed in 2004, so basically the beginning of time for the Mariners. Things have changed a lot over the years, but one thing has remained constant and that is our love of the Mariners. People come and go, some like to post a lot and others just like to read. It's up to you how you participate in the community!
If you want to get rid of this message, simply click on Join Now or head over to https://www.ccmfans.net/community/register/ to join the community! It only takes a few minutes, and joining will let you post your thoughts and opinions on all things Mariners, Football, and whatever else pops into your mind. If posting is not your thing, you can interact in other ways, including voting on polls, and unlock options only available to community members.
ccmfans.net is not only for Mariners fans either. Most of us are bonded by our support for the Mariners, but if you are a fan of another club (except the Scum, come on, we need some standards), feel free to join and get into some banter.
midfielder said:Go google ... hardly ever back the yanks ... but go Google...
A new approach to China
1/12/2010 03:00:00 PM
Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident--albeit a significant one--was something quite different.
First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses--including the Internet, finance, technology, media and chemical sectors--have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.
Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.
Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.
We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations. People wanting to learn more about these kinds of attacks can read this Report to Congress (PDF) by the U.S.-China Economic and Security Review Commission (see p. 163-), as well as a related analysis (PDF) prepared for the Commission, Nart Villeneuve's blog and this presentation on the GhostNet spying incident.
We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China's economic reform programs and its citizens' entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.
We launched Google.cn in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that "we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China."
These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the web--have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.
The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make Google.cn the success it is today. We are committed to working responsibly to resolve the very difficult issues raised.
kevrenor said:I am more focussed on internet censorship in Australia ... Conroy and his loonies
http://www.smh.com.au/business/assertive-china-goes-a-great-leap-too-far-20100117-meej.html
Assertive China goes a great leap too far January 18, 2010
The possibilities that spin from the Google-in-China and China-in-Google story are potentially game-changing, and they may reveal more about vulnerabilities in China than the rest of the world.
Sources who have been briefed on the investigation say the cyber-hacking that prompted Google to step towards pulling out of China was more about theft of source code than tampering with Gmail accounts. Censorship was also important, but a separate issue.
Google says the cyber attacks originated in China. A report by iDefense, a cyber intelligence firm, says 33 other major US firms were also hacked from a "single foreign entity consisting either of agents of the Chinese state or proxies thereof".
At the same time, US intelligence leaks say US defence systems are facing an unprecedented surge of attacks from China. Given the effectiveness of the Chinese Government in tackling internet-based dissent at home, if most of these hackers are not employed or contracted by the Chinese Government then it seems they are condoned.
One implication of this evolving Google-plus story is that China's new assertiveness on the world stage could already be drifting into over-reach. The Obama Administration bent over backwards to accommodate China's legitimate aspirations but may now take a different tack.
Second, there is now a potential tipping point for multinational companies - at least those with real market power - when they lose faith that China is evolving towards a freer and rule-of-law-based market place. Patience with mounting layers of arbitrary regulation and protectionist discrimination is wearing thin.
Third, these and other activities suggest China's intelligence agencies are increasingly behaving like they're out of control, with little regard for other bureaucratic or broader Chinese national interests. Short of the Ministry of State Security spray-painting its initials on the White House door, it's hard to think of a more counter-productive prank than pilfering source code from some of America's most sophisticated companies and its military establishment while leaving footprints back to China.
Fourth, China's economic miracle is still dependent on foreign technology, despite $US2.4 trillion ($2.6 trillion) in official foreign exchange reserves and a seemingly endless line of the world's most technically capable graduates.
All of these four problems flow in one way or another from the Chinese Communist Party's self-imposed predicament: how to screw down its one-party dictatorship while harnessing the creativity of the biggest, most diverse and most rapidly changing society on Earth. Just look at innovation.
Technological innovation, including writing software code, tends to happen when free-ranging minds can freely connect with others in different companies, institutions and walks of life. It requires systems that reward the taking of good, long-term risks.
The Chinese Communist Party has never coped well with any of these.
Hacking, in contrast, requires technical capacity, discipline and resources for identifying high-value targets and their weaknesses. These attributes are abundant in China.
In a narrow, technical sense, whoever hacked into the backbones of the world's most sophisticated companies are obviously good at what they do. But the skills of innovating and stealing other people's innovations are very different.
At its simplest, the Google hackers had to personalise email attachments that targets would be tempted to open. An iDefense analyst, Ryan Olson, said these people were "incredibly good" at finding new exploits and infecting the right people but there was no indication they were above average in writing malicious code.
Technical strength and innovative weakness is consistent with the broader pattern of developing indigenous Chinese technology. China does not yet have the technological capabilities that many outsiders imagine. The reasons for its comparative failure are all embedded in the peculiarities of Communist Party governance.
Research by George Gilboy, senior fellow at the Centre for International Studies at Massachusetts Institute of Technology, found that China is massively more dependent on imported technology than Japan and Korea were in the 1970s and '80s, when they blazed the export-led development path before it.
Innovation, he says, requires much more than capital and capability in science and engineering. It needs vibrant links between research institutions, financiers, partners, suppliers and customers.
These horizontal conduits for knowledge, capital, products and talent are abundant in Silicon Valley but stymied in China.
"With a few exceptions, Chinese firms focus on developing privileged relations with officials in the Chinese Communist Party hierarchy, spurn horizontal association and broad networking with each other and forgo investment in long-term technology development and diffusion," wrote Gilboy, in a 2004 article in Foreign Affairs magazine.
"China's 21st-century technological and economic landscape looks like a pattern of 'nodes without roads' - a few poorly connected centres of technological success."
Since 2004, Gilboy says, the broad picture remains unchanged. China's social and individual spaces have widened but the privileged power of state-owned enterprises has grown at the expense of the more entrepreneurial private sector.
"The real key for China to be successful is whether innovators can connect with others," he says. "That requires transparent laws, markets and regulations, including in the allocation of capital."
The Chinese Communist Party is a vast tree of patronage that punishes those who make mistakes but does not reward those who take creative risks that work. Mistakes stick and credit gets passed up the tree.
The structure is the world's best at activating a small number of unambiguous commands from the very top. But it hasn't evolved to circulate ideas and information horizontally or send them back up the tree.
Much to its great frustration, the Chinese leadership hasn't come close to re-creating Google and its peers.
http://www.smh.com.au/technology/security/calls-to-ditch-internet-explorer-after-china-hacks-20100118-mfef.html
Calls to ditch Internet Explorer after China hacks January 18, 2010 - 12:30PM
Internet users are being warned off Internet Explorer after it was revealed that recent sophisticated cyber attacks on Google and other businesses exploited a previously unknown flaw in Microsoft's web browser.
Germany's Federal Office for Information Security, or BSI, told Germans to avoid use of all versions of Explorer after the security hole led to hacks against Google and others.
Microsoft confirmed the weakness after Google announced that hackers in China had pried into email accounts of human rights activists. However, the company said that the hole could be closed by setting the browser's internet security zone to "high".
But the BSI insisted that such measures were not sufficient.
"Using Internet Explorer in 'secure mode', as well as turning off Active Scripting, makes attacks more difficult but can not fully prevent them," BSI said in a statement.
Google said last week that in mid-December, it detected an attack on its corporate infrastructure originating from China that resulted in the theft of its intellectual property. It eventually found that more than 20 other companies had been infiltrated.
Security firm McAfee said on Thursday that those who engineered the attacks tricked employees of the companies into clicking on a link to a website that secretly downloaded sophisticated malicious software onto their PCs through a campaign that the hackers apparently dubbed "Operation Aurora".
"We have never seen attacks of this sophistication in the commercial space. We have previously only seen them in the government space," said Dmitri Alperovitch, a vice-president of research with McAfee.
The programs allowed the hackers to take control of the PCs without the knowledge of their users, said McAfee, which has been researching the matter on behalf of several companies involved in the attacks since late last week.
Alperovitch declined to say which companies had hired McAfee, saying they had signed confidentiality agreements.
So far the only other victim to come forward is design software maker Adobe Systems, which has said that it is still investigating the matter.
Some researchers have speculated that the attackers may have exploited flaws in Adobe's Acrobat software and its widely used Reader program for opening PDF documents.
McAfee's researchers said that they found no evidence that was the case.
Still, they said that the hackers might have used other types of malicious software to break into Google and the other companies.
Internet Explorer is vulnerable on all recent versions of the Windows operating system, including Windows 7, McAfee says. Microsoft said attacks had been limited to IE6, an older version of the application.
http://www.smh.com.au/technology/security/ie-security-threat-overblown-australian-experts-20100119-mhkj.html
Australian computer security officials believe France and Germany are jumping the gun in advising citizens to ditch Internet Explorer.
The advisories, from Germany's Federal Office for Information Security and France's Government-owned Certa cyber threat agency, said all versions of IE were vulnerable to attack and people should switch to Firefox or Google's Chrome.
They came after it was revealed that recent sophisticated cyber attacks on Google and 20 other businesses exploited a previously unknown flaw in Microsoft's web browser.
The code needed to exploit the hole was published online over the weekend, leading to fears that regular consumers could be at risk of having their computers infected with nasty viruses. Microsoft has yet to issue a patch.
But Australia's computer emergency response team, AusCERT, which compiles the cyber threat alerts for the Government's Stay Smart Online website, says the threat has been overblown.
Although Microsoft has yet to issue a patch to fix the issue, AusCERT has published instructions allowing people to greatly reduce their risk of being attacked by changing settings and installing a temporary fix .
"It doesn't remove the problem. It just stops the exploit from working properly," AusCERT senior information security analyst Zane Jarvis said.
"IE 6, 7 and 8 are all vulnerable to the exploit but those customers running IE8 have built-in protections, which is called data execution prevention, and it's also on by default in Vista Service Pack 1 and later."
On the Government's Stay Smart Online website, AusCERT says those who do not wish to install the "temporary fixes" should "consider using an alternate web browser until an update becomes available".
Paul Ducklin, head of technology at computer security firm Sophos, said abandoning IE might give people some security, but "it would be security through obscurity".
"Your chosen replacement browser might itself turn out to contain a vulnerability. Then what? Are you going to switch again?" he said.
The attack on Google targeted the Gmail accounts of human rights activists. It led Google to announce that it might withdraw from China, from which it said the attacks originated.
Google is now investigating whether one or more employees might have helped facilitate the attack, Reuters reported.
Jarvis said that, in order to be affected by the security flaw, users would need to visit a compromised website. This was echoed in a report released by McAfee this week.
"What would happen is you'd visit a website, some malware would be installed on your computer using the exploit and run silently," Jarvis said.
"And then that would start stealing your login details to your banking websites and your email account, which is likely what happened with the Google Gmail issue."
Microsoft has recommended that people switch to Internet Explorer 8 or, if using Internet Explorer 6, adjust security settings to "high".
However, Jarvis said the IE6 "fix" was not good enough as setting security to high disables Javascript, which most websites now depend on.
FFC Mariner said:Do people still use IE?
(Is now humming "Great Leap forward" - thanks SMH)
FFC Mariner said:Is chrome any good? The latest Firefox is really unstable with some sites
dibo said:chrome has the issue that it basically runs separate instances of itself for each new tab. this is so any one tab doesn't kill the whole lot, but after opening 3-4 tabs, it starts to slow down a lot!