Archive for May, 2009

May 24 2009

To those who gave so much

Published by under Uncategorized

While placing the US flag in front of the house today, I thought of all that it meant and those who sacrificed so much to defend it.   Soldiers were giving out poppies in front of the PX and my little one got a stuffed “Buddy Poppy.”  A little dog covered with red poppies, it really touched me.

We cherish too, the Poppy red
That grows on fields where valor led,
It seems to signal to the skies
That blood of heroes never dies.

2 responses so far

May 23 2009

Chinese internet shut down by simple DDoS attack

Published by under Uncategorized

Well, a large portion of it anyway. A DDoS attack on one domain server created a cascade reaction that left five provinces struggling to get online:

This is what happened during the DNSPod incident, however, it triggered a chain of unexpected events, which led to network congestions for the carrier networks. DNSPod’s servers happen to be used by Baofeng, a highly popular Chinese video streaming service. Once the millions Baofeng users fired up their desktop application, all the requests bounced off on the ISP servers, which did not know how to process them.

The intense traffic on the high-level servers caused bottlenecks, slowing everyone’s Internet connection down to a crawl. In addition to the users in the five aforementioned provinces, who were severely affected, customers in Henan, Anhui and Gansu have also reportedly experienced problems.

2 responses so far

May 22 2009

…and boy are my arms tired

Published by under Uncategorized

paper1

Hey guys, just got back from China and picked up a couple of books that should be of interest.  The book on the left is International Situation and Security Strategy by General Xiong Guangkai.   I read about the book in China Daily and went all over Beijing to find it.  General Xiong is considered “the ultimate insider” with knowledge of policy-making in China.

The second book is Internet Wars (Win the Internet, Win the Future) and the author is described as an internet researcher with a background in policy.

Oh, I am now certified Swine-Flu free in three countries.  Mom is awful proud.

…must sleep now.

8 responses so far

May 18 2009

More on Kylin…

Published by under China internet

Update 3 (May 21, 0130 GMT): Apparently there is another more recent version of Kylin out there.  A TDV reader commented that although the site (www.kylin-os.com) is down, the Kylin v3.0 based on a 2.6 Linux kernel does in fact contain some security features including MAC, RBAC and file system ACLs.  The information in the Google cache is limited but it appears that this is a lot closer to what was described in the Washington Times article.  I tested the kylin-os.com website from a proxy in the PRC to be sure that it wasn’t just blocked outside of the mainland and it appears to be down there too.  Thanks a lot to Spath for pointing out the gaping hole in my research.

So… There has been a lot of hype about the supposedly secure made-in-China OS called Kylin.  I’d like to take a moment of your time to explain the backstory and provide some of the details that I was able to find out after downloading it and taking it for a spin.

This all started with a May 12 Washington Times article titled “China blocks US from cyber warfare” by Bill Gertz.  The article starts off with a compelling bit:

China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing’s networks impenetrable to U.S. military and intelligence agencies.

I found this to be very interesting because it was the first time I had ever heard about this effort.  I was aware of Red Flag linux and Asianux but hadn’t heard of any made-in-China operating systems designed for security.  I was intrigued for sure and surprised to find out that the operating system can be downloaded in two iso files from kylin.org.cn.  It took about four days to complete both of the downloads and about ten minutes to install in a VM.

For a more complete back story, check out this article by Jonathan D. Abolins.  One thing to note is the reference to the dancefire.org site that compares the Kylin kernel to FreeBSD and indicates that the two are practically the same.  It isn’t clear what version of Kylin the dancefire.org blogger was working with on this comparison but Kylin 2.1, which is presently available for download is Linux 2.4.  Perhaps earlier versions of Kylin used FreeBSD with Linux compatibility but the only version available for download at present is Linux:

uname -a = Linux 2.4.18

The interface is a themed Gnome similar to Microsoft Windows.  The menus look more like KDE to me but Gnome is the only manager running.

Kylin 2.1 Desktop

Kylin 2.1 also has RPM installed so it is probably a Red Hat derived Linux.  It has some interesting things installed in the base install like tripwire and webalizer.  Apache 2.0.46 is installed but it doesn’t start automatically.  The sshd starts at boot and is version 3.6.1p2.  There doesn’t seem to be anyway to get updates for Kylin through something like yum or synaptic.  In fact, there aren’t any updates posted to the kylin.org.cn website to download even.

The kylin.org.cn website gives us a glimpse into the activity level behind the OS.  There hasn’t been a new bug report filed in at least two years.  The forum has some recent activity but there have been long periods without any posts on the forum.  Many of the forum posts are related to complaints about how much English is used in the OS and posters seem to want an OS that is more in touch with Chinese culture and language.  There are a number of technical areas of the forum but there isn’t a lot of recent activity there.  The news page on the kylin.org.cn website is updated frequently with general news about technology in China.

So it seems that this operating system is not really what is was presented as.  The Washington Times article references Kevin G. Coleman, an advisor to the government, as the primary source for the Kylin information.  I doubt that it was an intentional misrepresentation but it is difficult to imagine presenting Kylin as anything to be concerned about when it didn’t take very much effort to figure out that it isn’t worthy of anyone’s attention.  Not only is it not widely deployed, it isn’t new, unique or in any way innovative in terms of security.

Update: This whole article was based on my very limited analysis of Kylin 2.1.  Kylin 3.0 contains several security features similar to what is found in the SELinux extensions.  Kylin 3 sounds much more like what Kevin G. Coleman was talking about in the hearing.  I was not able to download Kylin 3 and didn’t find out about it until long after this post was made.

Update: After some comments on other blogs and forums, I took a closer look at the kernel files and this is clearly FreeBSD with linux binary compatibility.  Everyone knows what happens when you ass-u-me…

Update 2: Here is a screenshot of the partitioning stage of the installer for Richard:

Kylin disk partitioning

16 responses so far

May 13 2009

Kylin Secure OS

Published by under Uncategorized

First, I want to thank J.D. Abolins for taking the time this week to school me on cyber warfare.  Needed to get up to speed on the latest and greatest in current thinking on the subject and J.D. provided me with chapter, line and verse.  As I recall, he was also one of the first people to link to this blog.

So, how do you repay someone who took time out of their busy schedule to do you a personal favor? Manners dictate that you steal their detailed research on Kylin of  course! Yep, we here at TDV just roll that way.

J.D. Abolins on Kylin Secure OS

Thanks J.D.

10 responses so far

May 11 2009

China cyber laws: Getting tough on hacking at home

Published by under Uncategorized

Robert McMillan, from PCWorld, was kind enough to give us a link in his article on China strengthening its cyber laws.

However, the paper concludes that the country’s laws are still in the early stages of development. “Gaps and inadequacies exist in traditional offense provisions,” said Qi, a senior lecturer in the Department of Computing at Canterbury Christ Church University in the U.K.

Robert’s full article…As Hacking Hits Home, China Strengthens Cyber Laws.

7 responses so far

May 08 2009

It’s a man baby!

UPDATED: Webshell, in the comments, may be saying that Yingcracker (also fixed, I had typed in yinghacker) is a female.  Anyway, finally located his/her website.  If it is a guy, he is very much in touch with his feminine side.

In the last few days, the story of Yingcracker, “the most beautiful female hacker in China,” has been making the rounds  in Chinese news outlets and blogs.  Her exploits and earnings, in this male dominated society, have been posted by  numerous online sources.  The number of male friends added to her blog since the story first appeared have been impressive.

Problem: Yingcracker is a man baby! He thinks it’s kinda funny to pretend to be a MM (girl) online.  Xiao Tian e-mails me this:

xiaotian3

16 responses so far

May 05 2009

Baidu Censorship Keyword Leak (wikileaks)

Published by under Censorship,China internet

On May 1, a zip file was posted to wikileaks.org that contained several internal files that appear to be from Baidu.cn, the most popular search engine in the PRC.  There is an html file within the zip that contains several sections with a list of key phrases that will cause the search engine to filter the results.  Here is an automated translation of each category (after the jump):

Continue Reading »

11 responses so far