
U.S. may act to keep Chinese hackers out of Defcon - moo
http://www.reuters.com/article/2014/05/24/us-cybercrime-usa-china-idUSBREA4N07D20140524
======
GuiA
Oh no, the US has its delicate sensibilities hurt by cyber espionage! Come on
China, why would you spy on us? It's so mean and unfair, why would anyone do
it?

Despicable.

Why not host Defcon in Canada, or somewhere else? If Chinese hackers cannot
attend industry events because of the US's imperialistic tendencies, it's our
responsibility to modify our events so that they can.

~~~
d0ugie
Perhaps our discomfort with the Chinese[1] has more to do with defending our
secrets (business, political, military, infrastructure etc) than our delicate
sensibilities, though I hear where you're coming from.

Still, wouldn't you say it's in the US's interests (and Canada's, for that
matter) to try to marginally disrupt the flow of tips of the hacking trade to
the Chinese, in spite of the despicable aftertaste?

[1]
[http://www.projecthoneypot.org/statistics.php](http://www.projecthoneypot.org/statistics.php)

~~~
hkmurakami
Oh it's undoubtedly in the US's interests to do so. So is our proliferation
and maintenance of military presence throughout the globe.

Obvious moral issues with both though. ;)

------
growupkids
The indictments against the five charged Chinese citizens are not for
espionage, they are for theft of trade secrets and associated IP law
violations. The Chinese government, so far, has denied the allegations. This
happens between countries, the French, for example, also have been known to
use their intelligence agencies to steal information from other countries to
help their domestic industries.

China is alleged to have done the same, so the US is upping the ante to try to
get China to stop. This is just one more way countries do this to each other.
Don't get sucked in by the click bait on this. This is pure economics between
commercial competitors, and the use of government resources to steal IP to
help their domestic industries, it's not anything else.

~~~
higherpurpose
As did US:

[http://www.theguardian.com/world/2013/sep/09/nsa-spying-
braz...](http://www.theguardian.com/world/2013/sep/09/nsa-spying-brazil-oil-
petrobras)

Last I checked they still haven't given an explanation for that. Probably
because their default explanation for spying over the past years has been
"because terrorists", but they couldn't give that one for the spying on
Petrobas because they would be laughed out of the building. And that's just
one example of US economic espionage, as it's probably part of the foreign
policy by now.

Or how's this for "IP stealing":

[http://www.scmp.com/news/china/article/1266892/exclusive-
nsa...](http://www.scmp.com/news/china/article/1266892/exclusive-nsa-targeted-
chinas-tsinghua-university-extensive-hacking)

~~~
tzs
> Last I checked they still haven't given an explanation for that.

They gave an explanation right in the article you linked to.

~~~
droope
Well the chinese have given explainations too. :)

See?

> China has denied the charges, saying they were "made up."

The charges are "made up". It says so clearly right there. I am sure the
chinese goverment wouldn't lie to its people, in the same way the US does not.
</s>

------
joewee
This benefits no one. No real Chinese hackers or security professionals would
ever risk coming to the USA in the first place. And Chinese government
officials involved in cyber security would never come without a diplomatic
passport. So really all this hurts are academics.

This is a dog and pony show.

~~~
rdl
Plenty of commercial security people from China would attend, too (Huawei
engineers, etc.) Not just academics.

~~~
joewee
Yes that's very possible. But I do know for a fact that Chinese working at
security companies in China are already afraid to visit the USA.

Anyone working for Huawei in security visiting a hacker conference is going to
have troubles getting a visa, even before this. I think this announcement is
just for show.

~~~
rdl
There's also a language barrier -- a lot of engineers in Chinese companies
aren't as fluent in English as would be necessary to have a good or productive
time at DEF CON, so it would have to be more senior/management type people.

------
jff
Oh no, not Defcon! The world's premier mohawk-and-utilikilt cosplay event!

When I used to go, it would have really livened things up to hang out with
some PLA guys at the bars on the main casino floor...

------
rdl
If they do this, Defcon 23 will be in Mexico or Canada, I suspect. (I'm
speaking AT DC22, but I can't speak _for_ Defcon, but I've been going since
DC7 and I'm pretty familiar with how they think.) Montreal would rock.

BTW, there's an awesome conference in Beijing I'm going to submit to --
[http://xcon.xfocus.org/](http://xcon.xfocus.org/)

~~~
zitterbewegung
How long of a notice would Defcon have to reschedule? Especially since they
probably have the hotel booked and everything else? Also they would have to
inform all speakers that it would be held in Mexico / Canada and some people
might not want to come so it really just hurts the Conference in general. But
regardless we still have to wait and see if Visa letters start getting
rejected.

~~~
rdl
8-12 months, most likely. I guess the most plausible situation would be a
split con, with most of it still in Las Vegas, but live VTC stream to a
parallel con elsewhere.

Black Hat would not move; Defcon and Blackhat hate each other now, but it's
still a big draw (your work usually will let you expense Blackhat, and Defcon
is on the weekend after)

~~~
tptacek
Defcon and Black Hate "hate each other now"? Huh?

------
pabb
>Federal prosecutors said the suspects targeted companies including Alcoa Inc,
Allegheny Technologies Inc, United States Steel Corp, Toshiba Corp unit
Westinghouse Electric Co, the U.S. subsidiary of SolarWorld AG, and a steel
workers' union.

These are all Pittsburgh-based companies. Why?

~~~
tomschlick
There is still a lot of manufacturing based tech companies in PGH, something
China is competing with.

------
Havoc
Stifle security events held on your own turf...right. Its almost like they are
trying to intentionally lose.

Honestly US politics and policy are a mystery to me...

~~~
keithpeter
UK spectator: yes, I thought that the US is currently the centre of the IT
world. Seems strange to deliberately _accelerate_ the drift to the periphery.

Downvoters of parent: what is your case?

Downvoters of this post: can you state arguments? China has more graduates
than the UK has people. It is basically a matter of time, no?

~~~
Havoc
>Downvoters of parent: what is your case?

Its my comment about US politics and policy...anything along those lines gets
downvoted into oblivion on reddit and lately hn too. (Previously on hn you'd
get angry yet reasonable responses - now its all silent downvotes)

------
munin
Now the Chinese hackers will have no choice but to go to the security
conferences in Asia. All of them are way better than Defcon though, so who is
really losing?

------
stuki
Are they also going to force participants not to blog, talk about, or
otherwise disseminate the information they gleaned there?

Otherwise, this childishness is just another act by the clueless to try
grabbing some attention for themselves, while doing something of no practical
value. While simultaneously flaunting how little they know, about how the
world really works.

------
hondje
They banned a few from this years Space Symposium in Colorado Springs already.
I expect this to continue

~~~
greendata
Exactly, this does nothing. Let's not forget the US is operating on the same
level as China. The US spies on China as much China spies on us. We spy on our
own citizens as much as China does. The only real difference is that the US
doesn't actively censor internet but I expect that to change.

------
mythealias
Ignoring the NSA debate, do such actions achieve anything (from security point
of view)?

~~~
jacquesm
They make matters worse. After all, conferences aid in transparency, less
transparency is bad for security.

~~~
jqm
And, with little real positive effect, these types of actions can appear
aggressive, petty, unreasonable and produce negative sentiment.

Personally I don't see the need for the bellicose rhetoric emanating from
Washington lately. I would think it wiser to at least appear friendly and co-
operative whenever possible while warning in private up until it's time to
take real measures. Then take those for real. Don't indict 5 guys you are
never going to get, then make a big show of suspending conference visas. It
appears paranoid and weak in my opinion. But maybe that's why I am not a
policy maker.

------
josephlord
It's interesting that the US regards as criminal and prosecutable the same
actions that the NSA conduct against foreign telcos and others. I would have
thought that there might be caution about bringing indictments in such cases.

~~~
mhurron
Government looks the other way regarding it's own actions, More at 11.

It's not interesting, it's standard operating procedure.

------
na85
Seems like a silly idea. Why not send some NSA or CIA people to DEFCON, find
the Chinese nationals in question, and then pwn their devices with one of what
I'm sure must be many 0days that NSA have in their pockets?

~~~
krapp
Maybe the government is sending this signal in order to encourage DEFCON to
move outside the US, because that would make tracking and surveillance easier
for them than within the US, and create a false sense of security for
attendees?

Or maybe i'm just giving them too much credit.

~~~
na85
>Or maybe i'm just giving them too much credit.

I think you are giving them too much credit. The US Government has already
demonstrated that it and its 3-letter agencies are above the law when they
failed to prosecute high-ranking officials for lying to Congress which is
supposedly a capital crime.

I'm sure that if they wanted to surveil DEFCON, it would be trivial for them
to do so.

------
mindcrime
So who's going to block US govt officials from Defcon due to their cyber
espionage acts?

What's good for the goose is good for the gander and all that...

~~~
schoen
Defcon itself did that -- last year!

------
skimmas
defcon happening in the same country every year is in itself a security issue.
It should start moving.

