

Google's half-truths, and a plea for perspective - andreyf
http://andreyf.tumblr.com/post/332303404/googles-half-truths-and-a-plea-for-perspective

======
dtf
What is this, an episode of Lie To Me? :-)

Government spies in the Shanghai office stealing Google's source tree seems to
have been the straw that broke the camel's back. I guess China will just build
their own Google now...

~~~
andreyf
_Government spies in the Shanghai office stealing Google's source tree seems
to have been the straw that broke the camel's back. I guess China will just
build their own Google now..._

The NYT article explicitly says the opposite: "attackers may have succeeded in
penetrating elaborate computer security systems and obtaining crucial
corporate data and software source code, though Google said it did not itself
suffer losses of that kind". In general, that's not the language I hear them
using - "broad", "sophisticated", and "targeting infrastructure of a variety
of major corporations".

~~~
gwern
FWIW, Wikileaks is saying that they were 'infiltrating' the Google repos:
<http://twitter.com/wikileaks/> (and specifically
<http://twitter.com/wikileaks/status/7688415363> ). The NYT is simply
parroting Google, so I give Wikileaks more credence.

(Colloquially, you can be 'stealing' something while haven't yet actually
absconded with it yet, and be foiled if discovered.)

~~~
wrs
Wikileaks: "Several rumours from google sources that China accessed google's
US-gov intercept system which provides gmail subjects/dates"

I'm remembering recent news about convenient gov't web portals to telecom
records...

------
lr
"How did Google find out the other companies were being targeted?"

Google runs data centers, and probably sees a lot more traffic than for its
own services. Also, who is to say these companies are not using Google
products (Gmail, Docs, etc.)? In other words, I think Google might be in a
position to know.

~~~
jonknee
Google supposedly hacked the hackers and found evidence that they had
infiltrated the other companies.

~~~
mahmud
Do you have any evidence for this?

~~~
jonknee
It was in MacWorld's report and I've seen it a few other places, but no first
hand information.

------
mcobrien
Here's my guess. Google initially detected an attack coming from Chinese IP
ranges and subsequently checked what other requests the IPs had made.

This is what led to the accounts that were accessed not "through any security
breach at Google, but most likely via phishing scams or malware placed on the
users' computers".

Although they mention gmail in the statement, the expansion to other
industries is made on the Google Enterprise blog (mainly aimed at promoting
Google Apps to large companies), so it seems likely the same Chinese IPs
accessed users of Google Apps.

So this isn't the Chinese government targeting other industries so much as
dissidents that might work there. Google's statement still seems consistent to
me, although they have shied away from mentioning Google Apps.

~~~
est
> and subsequently checked what other requests the IPs had made.

By how?

~~~
mcobrien
Gmail stores the last IP that accessed your account - it's shown at the bottom
of your inbox:

Last account activity: 14 minutes ago at X.X.X.X

My guess is they used that.

~~~
lutorm
Yes but how do they get the _other_ IP addresses that had been accessed
without having that traffic go through Google?

~~~
roc
That's the six hundred million dollar question in my mind.

How exactly did Google know that those other institutions were under attack?

Unless the attack resulted in rooted Google machines that then attacked
outward, or all those institutions were running on Google Apps.

Major institutions running on Google Apps seems unlikely (Are _any_ major
institutions outside of academia running Google Apps hosted by Google?). And
attacking outward from a rooted box inside Google's network seems careless,
unless the attackers were leveraging some dedicated pathways that made their
job easier. Which suggests the breach was far more serious than indicated.

~~~
lt
_Google's security team eventually managed to gain access to a server that was
used to control the hacked systems, and discovered that it was not the only
company to be hit._

<http://news.ycombinator.com/item?id=1050300>

------
ramidarigaz
I'd never heard of FACS before. The Wikipedia page he links to doesn't contain
much info. Wikipedia says nothing about which AUs correspond to which
emotions. Does anyone know any good articles on this? It's interesting.

~~~
andreyf
Paul Ekman is the guy who popularized it. Here is a good overview of his
life/work: <http://www.youtube.com/watch?v=IA8nYZg4VnI>

Regarding reading expressions in particular, good start is "Emotions Revealed"
[1], which was pretty comprehensive, but not as comprehensive (or as
expensive) as his METT system: <http://face.paulekman.com/products.aspx> The
half-smirk when talking about the other companies is contempt. The raised chin
is shame. A lot of fear and sadness in the beginning, with exceptions of
talking about the technical details of the attack and Google's desire to stay
in China towards the end - lots of confidence there. If you watching him
carefully with the sound off, I think you can pick up on the emotions
intuitively.

In a more cynical light, this is good to keep in mind as well:
<http://en.wikipedia.org/wiki/Facecrime>

1\. [http://www.amazon.com/Emotions-Revealed-Recognizing-
Communic...](http://www.amazon.com/Emotions-Revealed-Recognizing-
Communication-Emotional/dp/080507516X/)

------
natch
I doubt that lie detection voodoo actually works when the person being
interviewed is new to the whole being on TV thing.

~~~
Groxx
That's pretty much accurate. Lie detection methods almost all base around
detecting stress, and large amounts of stress (like being on TV for the first
time) tend to throw them way off. In order to really have a baseline to
compare lies against, you need to have a baseline. If they're not stable
enough to do that, the science of it gets lost, and it's basically up to
totally subjective methods.

------
xsmasher
A quote in Macworld suggests it's Google's law enforcement backdoor that was
compromised. Google didn't mention that in their press release, which is a
mighty big omission.

[http://www.macworld.co.uk/digitallifestyle/news/index.cfm?ne...](http://www.macworld.co.uk/digitallifestyle/news/index.cfm?newsid=28293)

------
Femur
Andreyf, is this original content you have written or was it borrowed in
another social experiment?

<http://news.ycombinator.com/item?id=1049430>

~~~
andreyf
All original, just for you :) I'd appreciate it if you didn't hijack this
conversation into another 30-comment unrelated thread, though.

------
DanielBMarkham
I read an interesting article yesterday about the news coverage of North
Korea's drive towards nuclear weapons. Looking back on it now, it's obvious
that the North started a nuclearization program in 1996 and pursued it each
year no matter what was going on at the negotiating table. (Both political
parties and the Clinton and Bush administration were taken to task in this
article)

Looking at the press coverage, however, was even more interesting. There were
some quite prominent columnists who insisted that the North was misunderstood,
that they weren't committed to continuing to develop weapons, and that the
various tactics used by both administrations were really what was at the root
of the North's belligerence.

Sometimes pleas for perspective can be good, and sometimes they can all be so
much noise. I'm not going to characterize this piece, but I'll note that there
is a great similarity between how NK was covered with nukes and how China is
being covered with CyberWarfare.

I find it disconcerting.

~~~
andreyf
Oops, is "plea for perspective" not the right phrase? I meant to say that a
coordinated attack on a variety (probably all) major US corporations might be
_more_ significant than what Google does with their .cn properties...

~~~
pohl
If that was your goal, your reference to "google half truths" was a big
distraction. If what they do with their cn properties is less signifigant,
then don't devote so many words to them, and instead focus on your message.

------
chaostheory
just speculation, Adobe might be on the list:
<http://www.dailytech.com/article.aspx?newsid=17387>

~~~
andreyf
Hm, the article seems to jump between "Adobe was attacked" and "Adobe software
was used as attack vector", in a way that inspires the least of confidence.
_sigh_

~~~
chaostheory
They were definitely attacked:
[http://blogs.adobe.com/conversations/2010/01/adobe_investiga...](http://blogs.adobe.com/conversations/2010/01/adobe_investigates_corporate_n.html)

Both could be true

------
rortian
I don't think you could ever mine a chief council's interview for much
information. However, human rights activists are certainly targeted but you
are way off base to suggest companys are not.

I am in a rush so I can't pull up a story I recent heard about where a foreign
business man was brought into custody. A large portion of billionaires in
China are children of party officials that were installed in those positions.

The party very much wants to stay in power in China and they are not only
worried about idealistic, which I am sympathetic to, and not so wealth
opposition. They are worried about business leaders and all evidence indicates
they are keeping an eye on them as well.

