Google Hacked by Chinese Government

This news has been developing all week, with extensive coverage: the technology media picked it up first, but so did the law media and the mainstream media.

Google announced that it (and an estimated 33 other companies) had been attacked by sources in the Chinese government and that GMail accounts of Chinese dissidents had been targeted. Many companies refuse to specify whether they were, in fact, attacked by China (including Yahoo and Symantec). Also attacked were Dow Chemical, Northrup Grumman, and Juniper Networks, as well as an attack against Gibson Hoffman & Pancione, the law firm prosecuting a lawsuit against China for code theft involving an Internet filter.

In response to the attack, Google said that it would seek to provide uncensored results on (Google’s Chinese search engine) and that it would pull out of China if it could not – shutting down their Chinese offices entirely.

The US Secretary of State, Hilary Clinton, stated that she would be lodging a formal complaint this week.

The attack against Google has been picked apart; a zero-day exploit in Internet Explorer was the method. The method was covered at CNET and is described in detail by McAfee’s CTO, George Kurtz, in a blog post. The blog Praetorian Prefect has a description and video of the attack in action.

Another aspect of the attack is that the surveillance tools were in fact, compromised, providing easy access to a lot of data. This was covered by Timothy Lee over at the Freedom to Tinker blog.

Not all accept the fact that Google would pull out of China because of human rights issues; at the French blog Transnets by Francis Pisani at Le Monde, there is a two-part article (Google Power/1 and Google Power/2, in French) about the unanswered questions behind Google’s possible removal from China.

The Electronic Frontier Foundation (EFF) took note; there is an article about the unanswered questions related to the events, including commentary and links.

Several countries have been recommending that their citizens not use Internet Explorer; specifically, Le Monde has an article (in French) that the countries of Germany and France are suggesting that their citizens use other browsers.

Media coverage has been extensive. Elinor Mills over at CNET has a complete FAQ, as well as a video description of what happened. The New York Times is also covering the story.

The Surveillance Self-Defense Project


The Electronic Frontier Foundation recently created the Surveillance Self-Defense Project, with this focus:

Surveillance Self-Defense (SSD) exists to answer two main questions: What can the government legally do to spy on your computer data and communications? And what can you legally do to protect yourself against such spying?

This will help you take back your privacy (in as much as it can ever be taken back).

This information is specific to the United States government, but there are other parties that are very interested in spying on you: your employer, advertisers, foreign governments, online stores, and many copyright holders.

Read the documents at the SSD Project and see how to increase your privacy in the surveillance society of today.