
I sent an email to a monk in Nepal and my blog was hacked by the Chinese - smalera
http://qz.com/669572/i-sent-an-email-to-a-monk-in-nepal-and-my-blog-was-hacked-by-the-chinese-government/
======
fblp
Is is just me or was the authors transition from "How I got hacked by the
Chinese" to "Here's some analysis of articles on Medium" kind of jolting?

I would have liked to see some analysis on the prevalence of these attacks on
blogs instead.

~~~
josefresco
Came here to say this - your comment showed up after I submitted mine. Can
anyone else explain the extreme change of topic?

~~~
minimaxir
Apparently the article has a linkbait title, and the Medium
analysis/advertisement is the primary thesis.

This is disappointing to say the least.

~~~
sdegutis
You know, HN was supposed to be this "no click-bait allowed" place, but it's
almost exactly the opposite, everything here is clickbait and almost nothing
on the front page is ever worth actually clicking and reading.

~~~
mgiannopoulos
I'm subscribed on the HN page on Facebook so I see the front page articles on
my feed. I always check the HN comments first before I decide to read the
article. Saves a lot of time.

------
ksenzee
> short but brutal DDoS

> blog was deluged with thousands of comments

> the target was the shared hard drive

It would be nice to know what the actual attack here was. Was it really a
DDOS? Did they take advantage of an out-of-date version of Wordpress to get
access to the hosting account and cause some actual damage? Or did they just
post a lot of spam?

~~~
duskwuff
And how on earth did "thousands of comments" lead to "about €3,000 ($3400) in
various fees", unless the author _seriously_ overpaid a security consultant?

------
Alupis
> The content left little doubt on the origin of the attack. I had sent an
> email to one of the most notorious opponents to the Chinese regime. It
> retaliated mercilessly.

Wait what?

Your blog becomes the target of common everyday run-of-the-mill comment spam,
and you just immediately assume this is a State Sponsored attack? Please...
you, and your blog are really not that important.

And we're supposed to just accept the Chinese government monitors all monk's
email inboxes, and then launches attacks against anyone who dares email them?
Ya right... If the Chinese government was going to go through that much
hassle, why not just shut down or intercept/delete all inbound email coming to
the monks? Or prevent the Monks from responding?

The much more plausible narrative is this blogger had an outdated Wordpress
install, and some bots pwned his server in a completely unrelated scenario.

Checking his blog, he is indeed running an outdated Wordpress install (even
after the attack!)[1].

[1]
[http://builtwith.com/?https%3a%2f%2fmondaynote.com%2f](http://builtwith.com/?https%3a%2f%2fmondaynote.com%2f)

~~~
cubano
But wait...he spent $3400 on a WP "security pro" to fix everything for him!

------
josefresco
I'm confused ... the article starts with an account of the "hack" (although it
seems to have actually been just comment spam) and then ends with a rant about
WordPress and then a data analysis of the posts on Medium ... ?? ... am I
missing something?

~~~
tantalor
The problem is "Hence my interest in Medium." is a non sequitor. The story
doesn't speak to whether Medium is better at repelling spam than standalone
Wordpress or an alternative like tumblr, blogger, etc.

------
paradite
So basically the fact is, two weeks after the author sent an email to this
monk, his blog got spammed by comments in Chinese.

And the conclusion is his blog was hacked by the Chinese. Maybe there are some
correlation here but it seems too quick to jump to the conclusion that the
email caused the Chinese government hacked your blog?

Maybe it is because of something you posted on your blog rather than the
email?

------
nathancahill
Confusing piece. Not hacked, DDoS'd. Wordpress is bad for non-techies. Medium
is _drastically_ limiting the number of tags on articles.

------
atonse
Just to note that the "a monk" he emailed is one most well-known monks in the
world, so I'm really unsurprised that his communications are being monitored.
Certainly not close to fame as the Dalai Lama, but he's well known if you read
even a little about meditation, tibetan buddhism, or the science of
meditation.

Mattheiu Ricard has written a lot about the intersection of meditation and
neuroscience, etc. Really fascinating stuff. Here's a TED talk he gave:
[https://www.ted.com/talks/matthieu_ricard_on_the_habits_of_h...](https://www.ted.com/talks/matthieu_ricard_on_the_habits_of_happiness?language=en)

------
jackreichert
> For instance, adding a feature to perform a specific function means you will
> have the choice between literally thousands of plug-ins.

Therefore I prefer not having the option to add custom features.

What?

------
hackuser
> It turned out to be the most costly email I ever sent to anyone.

Not 100% applicable, but worth thinking about IMHO:

One dissident in the Soviet Union, I think Joseph Brodsky, said not to talk
about the abuses that oppressors inflict on you. You only magnify their
impact: They do those things to scare and intimidate, and every time you
repeat the story you help them do it again, to an ever wider audience (who
themselves will repeat it). Let their attempts to terrify their victims die,
without an echo, in the room where they occur.

It's hard to oppress hundreds of millions or billions of people; you can't
really control them all if they don't submit. Terror is a tool for keeping
them in line.

(In fairness, it doesn't necessarily apply to this situation, and sometimes
talking about things helps people organize, find support, and alert the world
to the abuses. But how many people who read this story will now hesitate to
help a critic of the Chinese government?)

------
pbhjpbhj
So are there accounts of state sponsored DDoS followed by cracks that have
been managed/diverted on Medium or is the article just saying journalists
should use infrastructure and not self-host?

------
hackuser
> _As a publisher, the experience made me realize the potential in a service
> like the one from Ev Williams’s Medium._

Is this an ad?

------
nitinics
Him sending an email to the .np cctld has nothing to do with the hack he's
talking about. More likely, his plain text email was intercepted 'on the wire'
and would have been the same to whichever cctld he would have sent to.

------
differentView
>The content left little doubt on the origin of the attack.

That's quite a leap.

------
dempseye
Do DDoS and comment spam count as hacking now?

------
taesu
Really? clickbait on hackers news? GREAT

------
overcast
Monks read email? A big part of Buddhism is getting rid of all materialism.

~~~
nkrisc
Sure, they're not cavemen.

~~~
overcast
This was a legitimate question. A big part of Buddhism is getting rid of all
materialism. They aren't even allowed to cook their own food, and can only eat
before noon!

~~~
jmagoon
What about email implies materialism?

You're also mixing different traditions here, that all have their own
perspectives on what monks can and can't do.

Materialism in the Buddhist sense is about mental attachment. Desire
(attachment) stems from the mind, not the object itself (attachment is not a
property of the object), and different meditation practices have different
techniques to work with that mental attachment. Reducing your possessions is a
very effective strategy in reducing attachment--but it certainly doesn't do
anything without developing mental renunciation simultaneously. I'm curious if
this is an American or Western perspective on poverty--that poverty itself is
somehow liberating.

In terms of email, there's nothing luddite about Tibetan Buddhism. Technology
is embraced as another avenue for speech, which the mind can be attentive to.

