
China suspected of breaching U.S. Postal Service computer networks - dbin78
http://www.washingtonpost.com/blogs/federal-eye/wp/2014/11/10/china-suspected-of-breaching-u-s-postal-service-computer-networks
======
mike_hearn
_Still, “it’s perfectly appropriate for us to do everything we can to
embarrass and punish the Chinese if they’re in our systems, whether or not
we’re in theirs,” said former National Security Agency general counsel Stewart
A. Baker. “It’s the case that the U.S. and Russia and other countries are much
more cautious about getting caught because they think there are going to be
consequences. It’s only the Chinese that think there are no consequences to
getting caught.”_

Stewart Baker making himself look foolish again! Last time he popped up on HN:

[https://news.ycombinator.com/item?id=8559454](https://news.ycombinator.com/item?id=8559454)

I really wonder how someone can come out with stuff like this. I doubt the PRC
feels one iota of embarrassment for even one split second, and if senior US
officials really bring up Chinese state sponsored hacking "every time they
meet with their counterparts in Beijing" then the US Government is living up
to its reputation as plumbing the depths of hypocrisy. They embarrass only
themselves.

~~~
diminoten
The US doesn't engage in economic espionage, and then turn around and
give/sell intellectual property to US companies.

~~~
drderidder
In fact their pals at CSEC were found to be doing _exactly_ that.
[http://www.theglobeandmail.com/news/world/brazil-spying-
repo...](http://www.theglobeandmail.com/news/world/brazil-spying-report-
spotlights-canadas-electronic-eavesdroppers/article14720003/)

~~~
diminoten
Which private US company received this information in an attempt to boost that
company's economic power?

I can't find that information in the article.

~~~
xorcist
There are several mentions of this in the Snowden papers. I think the most
well known is Boeing, in their dealings against Airbus.

~~~
diminoten
That's not in the Snowden papers, and the actual source for that is _highly_
suspect.

I forget the name of that project, but the Wikipedia page's reference are
_all_ terrible. Not a single one stands up to scrutiny.

------
semenko
They buried the lede a bit -- since I doubt organized attackers are after the
personal information of postal service employees:

"It is also possible that the Chinese were after other types of data, analysts
said. For instance, the U.S. Postal Service, at the request of law enforcement
officials, takes pictures of all addressing information from envelopes and
parcels.​"

[http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-
mai...](http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-mail.html)

~~~
higherpurpose
So the US spying made Chinese spying _easier_ (as expected). Wonderful.

~~~
diydsp
That's an effect of certain poorly-made security decisions.

For example, if a small organization such as a gym or school makes copies of
all customer/user driver's licenses: They end up creating a small pile of gold
that they can't afford to protect.

~~~
higherpurpose
Don't ask for data you can't securely store. I think that's just common sense.
If you keep the data on paper, you wouldn't leave it out in the open for
anyone to take it would you?

------
jamesli
It was USSR before. It has been China since 1990's. An imaginary and powerful
enemy has to be created. Iraq, Iran, Afganistan are too small for the title.

~~~
hackuser
> It was USSR before. It has been China since 1990's. An imaginary and
> powerful enemy has to be created.

I agree that espionage is over-emphasized -- everyone does it. Also I agree
that some like to imagine enemies; it fits their narratives. That doesn't make
every enemy imaginary.

The USSR was a real enemy. Many Chinese leaders openly proclaim themselves our
enemy and they take aggressive actions against us; among the public,
aggressive nationalism is at least somewhat popular. Hopefully the
relationship doesn't turn out that way, but it's a real risk that I don't
think we should ignore.

~~~
smilekzs
> Many Chinese leaders openly proclaim themselves our enemy and they take
> aggressive actions against us

[who?] [citation needed]

~~~
hackuser
Sorry that I'm not going to spend the time to look them up, but there are
extreme nationalistic military officers who take this position. What I'm
saying is not controversial in foreign policy literature, though perhaps the
position is more often strongly implied than literally stated. Also, realize
that the Chinese government seems to have less control over the statements of
its military officers; I can't imagine U.S. officers making statements like
these.

Try searching for 'kill a chicken to scare the monkeys'. A popular meme (at
least popular enough that I've encountered it many times) is that China
suffered a "century of humiliation" at the West's hands, that China is
ascending and the U.S. is in decline, and now China will take what it wants as
the great power of the world, including control of their region and territory
from their neighbors (some of whom have security guarantees from the U.S.).

As far as actions, for example the Chinese military actively have harassed
U.S. and allied nations' ships and planes, including causing a few serious
collisions.

------
sitkack
Good thing we photograph every piece of mail, OCR and store that information
indefinitely.

~~~
bennyg
Got a source on "every"?

~~~
buttcoinslol
How about TFA?

"It is also possible that the Chinese were after other types of data, analysts
said. For instance, the U.S. Postal Service, at the request of law enforcement
officials, takes pictures of all addressing information from envelopes and
parcels. [1]​"

[1] [http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-
mai...](http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-
mail.html?pagewanted=all&_r=0)

------
omgitstom
“Acting too quickly could have caused more data to be compromised,”
Partenheimer said.

This statement really confuses me

------
jamesli
"For one thing, the Chinese may be assuming that the postal service is more
like theirs — a state-owned entity that has vast amounts of data on its
citizens, said James A. Lewis, a cyber-policy expert at the Center for
Strategic and International Studies."

State-owned? That is true. "has vast amount of data on its citizens"? Please
do some homework before speaking.

------
bicknergseng
As a side note, I really hate article titles that use this kind of wildly
inaccurate accusation. The nation of China did not breach the U.S. Postal
Service, a Chinese government team did. Still inaccurate and vague, but
there's a world of difference between the United States launching a drone
strike and the CIA, an agent of the US, launching a drone strike.

Edit: I've read more than enough articles where the agent or actor is NOT a
member of the government, yet still referred to as "China" or "America".
However, even in situations where it is a member of the government or of a
company, I still think the connotations conveyed by imprecisely labeling the
actors totally throw off expectations and perceptions.

~~~
ppereira
I am not sure if I agree with your rationale. An agent of a government acts on
behalf of his or her government. According to your reasoning, a nation cannot
breach a system or wage war because it is an agent that does the hacking or a
soldier that does the firing.

Nevertheless, I liked this excerpt by the NSA's general counsel:

> Still, “it’s perfectly appropriate for us to do everything we can to
> embarrass and punish the Chinese if they’re in our systems, whether or not
> we’re in theirs,” said former National Security Agency general counsel
> Stewart A. Baker. “It’s the case that the U.S. and Russia and other
> countries are much more cautious about getting caught because they think
> there are going to be consequences. It’s only the Chinese that think there
> are no consequences to getting caught.”

