Security

US pinpoints author of Google attack code, says report

China had 'special access' to work

Cade Metz Mon 22 Feb 2010 // 18:06 UTC

US investigators have pinpointed the author of a key piece of code used in the alleged cyber attacks on Google and at least 33 other companies last year, according to a new report.

Citing a researcher working for the US government, The Financial Times reports that a Chinese freelance security consultant in his 30s wrote the code that exploited a hole in Microsoft's Internet Explorer browser. The report also says that Chinese authorities had "special access" to this consultant's work and that he posted at least a portion of the code to a hacking forum.

The story follows another report from The New York Times that traced the attacks to a pair of Chinese schools - Shanghai Jiaotong University and Lanxiang Vocational School - claiming that the latter had ties to the Chinese military. A day later, representatives of both schools denied involvement to the Chinese state news agency, and the Lanxiang representative denied ties to the military.

According to The Financial Times report, the unnamed security consultant who wrote the exploit code is not a full-time government worker and did not launch the attacks himself. In fact, the FT says, he "would prefer not to be used in such offensive efforts."

The reports says that when he posted the code to the hacking forum, he described it as something he was "working on."

With a January blog post, Google announced that attacks originating from China had pilfered unspecified intellectual property from the company, and Microsoft later said the attack had exploited a hole in its Internet Explorer 6 browser. According to security researchers, at least 33 other companies were targeted by similar attacks. ®

Similar topics

Broader topics

Narrower topics

Corrections Send us news

Other stories you might like

Alibaba Cloud adds third datacenter in Germany

More Euro-presence than any other Chinese company, but still nowhere near Google or AWS

Laura Dobberstein Tue 17 May 2022 // 14:46 UTC

Alibaba has pulled ahead of its Chinese rivals in Europe with the opening of a third datacenter in Germany.
The company said the Frankfurt datacenter serves cloud computing products to Europe and "adheres to the highest security standards and the strict compliance regulations set out in the Cloud Computing Compliance Controls Catalog (C5) in Germany."
The addition brings Alibaba Cloud to a network of 84 availability zones in 27 regions worldwide. The company's first European cloud center arrived in Frankfurt in 2016.

Continue reading
Hardening in the enterprise: SUSE releases Rancher 2.6.5 and NeuVector 5.0

Still a 'nimble idea factory' under the gaze of the Chameleon

Richard Speed Tue 17 May 2022 // 14:12 UTC

Kubecon SUSE acquisition Rancher is growing up, with a decidedly enterprise-friendly 2.6.5 release and version 5.0 of NeuVector.
SUSE appears to be increasingly becoming the container company, and used this year's EU Kubecon event to make its first release of NeuVector since it open-sourced the container security platform earlier this year.
Dubbed a "Full Lifecycle Container Security Platform", NeuVector turning up with Rancher is further evidence of an increased folding in of security and scanning into container solutions.

Continue reading
Inkscape adds multi-page support with v1.2 update

Pain points plugged in open-source vector art package

Richard Speed Tue 17 May 2022 // 13:30 UTC

Open-source vector drawing package Inkscape has resolved at least one user pain point with v1.2 – multiple-page documents.

Continue reading

Percona launches management system aimed at open-source databases

PostgreSQL, MongoDB, MySQL tools for overly busy DBAs, less experienced devs

Lindsay Clark Tue 17 May 2022 // 13:01 UTC

Percona Live Open-source database services biz Percona has confirmed general availability of a database management platform initially targeted at PostgreSQL, MySQL, and MongoDB.
Dubbed Percona Platform, the company's first product will be available as a subscription service aiming to bring together the management of three open-source databases under a single system.

Continue reading
Intel shareholders revolt against Pat Gelsinger's pay package

Investors want compensation-performance link, but manufacturing plan will dent bottom line

Dan Robinson Tue 17 May 2022 // 11:49 UTC

Intel shareholders voted to reject the compensation packages for the chipmaker's top execs, according to regulatory documents filed with the Securities and Exchange Commission (SEC), although the vote was non-binding on the company.
The Intel Form 8-K submission to the SEC dated May 12 shows that about 1.78 billion votes were cast against Intel's executive compensation of its listed officers, with about 921 million votes cast in favor, nearly a two-to-one ratio against the packages.
This is not a new development, and last year's compensation measures also failed to gain shareholder approval.

Continue reading
Turing Pi 2 crowdfunding goal smashed within a day

Go host yourself with a tiny low-powered Arm cluster in a box for $219

Liam Proven in Prague Tue 17 May 2022 // 11:04 UTC

The Turing Pi 2 crowdfunding campaign has soared past its $64,000 goal in single a day, currently standing at $1,027,428 with more than 3,400 backers.
Early-bird backers will be able to build their own Arm cluster in a box for $199 (compute modules come extra). Now the entry-level pledge stands at $219 for one Turing Pi 2 Cluster Board.
We covered the Turing Pi 2 at the end of last year and at last the waiting is over – in principle at least. It has been a year and a half since Turing Machines initially announced the product, and a good nine months since it published the specifications.

Continue reading

Tech pros warn EU 'data adequacy' at risk if Brexit Britain goes its own way

Show us that benefits outweigh the cost, BCS challenges government

Lindsay Clark Tue 17 May 2022 // 10:10 UTC

BCS, The Chartered Institute for IT, has warned that proposed changes to Britain's data protection rules must not put the flow of data between the EU and the UK at risk.
The professional body said the supposed benefits of a leaner data protection regime – something the government promised last week – should not come at the expense of the UK's current "data adequacy" arrangement with the EU.
The UK remained compliant with the EU's General Data Protection Regulation (GDPR) when it formally left the EU at the end of 2020. Its interpretation of EU law meant that the trading bloc gave the UK an "adequacy" ruling, permitting data sharing across the border.

Continue reading
Arm, Microsoft at pains to say this CPU arch can be trusted with real server work

It should just run like x86, pair basically stress

Tobias Mann Tue 17 May 2022 // 09:24 UTC

Arm is this week celebrating passing a few of its own self-set milestones in its long quest to compete against x86 stalwarts Intel and AMD in the server processor space.
One, we're told, is that Microsoft Ampere Altra-based Azure servers are now Arm SystemReady SR certified, "the first cloud solution provider (CSP) server to do so," said Arm Chief System Architect Andy Rose on Monday.
Another is that Azure VMs powered by Altra processors are the first of their kind to be certified as compliant with the SystemReady Virtual Environment standard. And the other breakthrough, according to Rose, is that there have been more than 50 certifications of SystemReady products since the launch of the program.

Continue reading
The sad state of Linux desktop diversity: 21 environments, just 2 designs

You look like Windows, and you look like Windows and you look like Windows ...

Liam Proven in Prague Tue 17 May 2022 // 08:30 UTC

Analysis As a mainstream desktop OS, Linux is doing better than ever. The Year of Linux on the Desktop came some time ago, and it is ChromeOS (Chromebooks were outselling Macs until recently). But there's a problem – there is almost no diversity of design.
Let's count the number of desktop designs in active development. Not desktop projects, different user interfaces. There's GNOME, Ubuntu's Unity somehow still hanging on in there, and Elementary OS's Pantheon. All have a vaguely macOS-like look: a top panel (woefully underused except by Unity, so mostly wasted space) and a dock, which if you are lucky you can reposition.
So, arguably, that's… one.

Continue reading
Europe moves closer to stricter cybersecurity standards, reporting regs

More types of biz fall under expanded rules – and fines for those who fall short

Jessica Lyons Hardcastle Tue 17 May 2022 // 07:26 UTC

Europe has moved closer toward new cybersecurity standards and reporting rules following a provisional network and information systems agreement dubbed NIS2 by the European Council and Parliament.
Once approved, NIS2 [PDF] will replace the current Directive on Security of Network and Information Systems, aka NIS, which was adopted in 2016. The new directive sets more stringent requirements — and possible sanctions, including fines — for a larger number of sectors that must comply with the computer security rules.
It also aims to eliminate "the wide divergences" among EU member states' risk management and security reporting rules by establishing uniform criteria for assessing, reporting on, and taking steps to reduce cyber risk.

Continue reading
Telcos fear Big Tech will bleed them until they can’t afford network builds

The GSMA would say that, yet Big Tech is making it harder for carriers to turn a quid

Simon Sharwood, APAC Editor Tue 17 May 2022 // 06:58 UTC

Telcos risk missing out on revenue needed to fund new networks, despite demand for their services soaring – and Big Tech is to blame.
That’s the thrust of GSM Association’s 2022 Internet Value Chain Report, released yesterday.
The Association considers the internet value to chain to comprise revenue won by all players involved in the end-to-end service experienced by end users using the internet for any purpose. The report suggests the value of that chain has grown markedly, from $3.3 trillion in 2015 to $6.7 trillion in 2020, helped by growth in the online population from 3.2 billion to 4.4 billion.

Continue reading

ABOUT US

MORE CONTENT

SITUATION PUBLISHING

The Register - Independent news and views for the tech community. Part of Situation Publishing

SIGN UP TO OUR DAILY NEWSLETTER

Security Scorecard

Biting the hand that feeds IT © 1998–2022

Do not sell my personal information Cookies Privacy Ts&Cs