Brain Dead on IP, part 3   Leave a comment

So aside from generally exploiting unsuspecting users, what other harm could there possibly be from Microsoft’s code sharing?

How about the recipients exploiting weak code against other companies? Oh, and let’s not forget bolstering the local competitor too (from #cablegate #10BEIJING207):

"¶1. (S) Summary:  A well-placed contact claims that the
Chinese government coordinated the recent intrusions of
Google systems.  According to our contact, the closely held
operations were directed at the Politburo Standing Committee

-- Another contact claimed a top PRC leader was actively
working with Google competitor Baidu against Google."


"PRC Sees USG and Google Working Together

Google's recent move presented a major dilemma (maodun) for
the Chinese government, not because of the cyber-security
aspect but because of Google's direct challenge to China's
legal restrictions on Internet content.  The immediate
strategy, XXXXXXXXXXXX said, seemed to be to appeal to Chinese
nationalism by accusing Google and the U.S. government of
working together to force China to accept "Western values"
and undermine China's rule of law.  The problem the censors
were facing, however, was that Google's demand to deliver
uncensored search results was very difficult to spin as an
attack on China, and the entire episode had made Google more
interesting and attractive to Chinese Internet users.  All of
a sudden, XXXXXXXXXXXX continued, Baidu looked like a boring
state-owned enterprise while Google "seems very attractive,
like the forbidden fruit."  He said it "seems clear" to the
Chinese people that Google and the U.S. government were
working together on Internet freedom and to undermine Chinese
government controls on the Internet.  That made some
intellectuals happy, XXXXXXXXXXXX said, but "some others" regarded it
as interference in China's internal affairs."

So in case you didn’t read the “interesting article” links in part 2…

"¶53. (S//NF) CTAD comment: In November 1995, He Weidong
founded the security company Tianrongxin, a.k.a. Beijing
TOPSEC Network Security Technology Company, Ltd. TOPSEC is a
China Information Technology Security Center (CNITSEC)
enterprise and has grown to become China's largest provider
of information security products and services. TOPSEC is
credited with launching China's first indigenous firewall in
1996, as well as other information technology (IT) security
products to China's market, to include virtual private
networks, intrusion detection systems, filtering gateways,
and security auditing and management systems. Additionally,
in September 2000, Weidong founded the company
Tianweichengxin, a.k.a. iTrusChina, which became the first
experimental enterprise to develop business Public Key
Infrastructure/Certification Authority services approved by
China's Ministry of Industry and Information Technology.

¶54. (SBU) CTAD comment: During an interview with China News
Network, Weidong stated that half of TOPSEC's start-up
capital came from the PRC, with the other half coming from
the company's management department. Additionally, he pointed
out that TOPSEC began not as a company, but as a small
research institute that took contracts from the government's
research and development tasks (NFI). "...

"¶55. (S//NF) CTAD comment: Of note, the CNITSEC is responsible
for overseeing the PRC's Information Technology (IT) security
certification program. It operates and maintains the National
Evaluation and Certification Scheme for IT security and
performs tests for information security products. In 2003,
the CNITSEC signed a Government Security Program (GSP)
international agreement with MICROSOFT that allowed select
companies such as TOPSEC access to MICROSOFT source code in
order to secure the Windows platform. XXXXXXXXXXXX

¶56. (S//NF) CTAD comment: Additionally, CNITSEC enterprises
has recruited Chinese hackers in support of nationally-funded
"network attack scientific research projects." From June 2002
to March 2003, TOPSEC employed a known Chinese hacker, Lin
Yong (a.k.a. Lion and owner of the Honker Union of China), as
senior security service engineer to manage security service
and training. Venus Tech, another CNITSEC enterprise privy to
the GSP, is also known to affiliate with XFocus, one of the
few Chinese hacker groups known to develop exploits to new
vulnerabilities in a short period of time, as evidenced in
the 2003 release of Blaster Worm (See CTAD Daily Read File
(DRF) April 4, 2008).
¶57. (S//NF) CTAD comment: While links between top Chinese
companies and the PRC are not uncommon, it illustrates the
PRC's use of its "private sector" in support of governmental
information warfare objectives, especially in its ability to
gather, process, and exploit information. As evidenced with
TOPSEC, there is a strong possibility the PRC is harvesting
the talents of its private sector in order to bolster
offensive and defensive computer network operations

Still think protecting IP is boring?

Certainly, one could argue that China gets a bum wrap. However, some of the most interesting stories about the misappropriation of intellectual property involve China on a regular basis.

Some of them are almost comical in the level of sophistication. Take personal firewall company Cybersitter, who produces a product in the US intended for parents to apply to their kids’ computers to filter what they’re able to see. On January 4th, 2010, Cybersitter filed a lawsuit alleging that its code was stolen and directly incorporated into the “Green Dam Youth Escort” firewall that the Chinese government was requiring be installed on all computers sold in the country.  (article link)

Cybersitter is seeking $2.2B US damages – which sounds like a lot until you consider the scale of the alleged infringement. According to this article, a press release in June of 2009 indicated that the product had been downloaded over 3 million times and had been installed on over 52 million computers. Just using Cybersitter’s 5 home computer license for those numbers yields over $500 Million in licensing fees.

The funny part – apparently the infringing code included instructions for Green Dam users on how to get back to Cybersitter’s website for support.

But wait, there’s more….


Posted February 20, 2011 by jeffkeith in Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: