Aug 17 2009

Chinese hacker schools growing bolder

Published by at 7:45 pm under Uncategorized

hackeradbillboardHacker school enrollment advertisements seen all over the streets of Wuhan

In the last few days, there have been several articles covering China’s domestic hackers and their schools.   In the past, this type of recruiting activity was confined to the online world and kept out of view of the general public.  Now it is popping up all over the street.

Internet user questions if Academy’s purpose is to stop hacking or train hackers

An internet user, going by the name “Levi”,  posted a rant on the IPTV website complaining about the enrollment and advertising practices of the Yinhe Info and Tech Academy.  The rant generated thousands of views in just one day.

Levi’s Rant

Levi raised questions about the true nature of the Yinhe Academy and wondered if they were a true tech academy or a hacker training school.   Levi stated that Yinhe’s advertisements were hung all over Wuhan City; a reporter following up on the posting discovered that this was indeed the truth.

The reporter contacted Levi who told him that he had called the number on the advertisement a few days ago to talk with Yinhe personnel about the training.  Levi even took the school entrance exam but felt that the hacker courses were not good enough.  Most of it involved hacker software that attacked servers or stole passwords.  It didn’t hold much interest for someone like Levi, who had a solid tech background and so he refused to pay the school’s fee.

Levi said that Yinhe was trying to enroll junior high and high school graduates between the ages of 17-25.  Levi was already 26 but was still able to successfully enroll in the school and pass their entrance exam.  Following up on Levi’s accusations of questionable advertising, the reporter  located a magazine that contained an article on a Yinhe graduate named Liu Chen, who was able to break into the Fudan University website by scanning the server and finding a loophole.

Yinhe article on intrusion of Fudan University website

Levi said that this was not sufficient and he felt hackers who only learned to operate a few pieces of hacker software were childish.  If you wanted to be a network security expert, you needed to understand computer theory, operating systems and program languages.

In this regard, Director Wang of the Hubei Provincial People’s Government Web Portal Editor Department, agreed.  He said, that it didn’t matter how you took control of another network or stole passwords, it was all illegal.  Secondly, using simple tools to damage other networks would not allow you to learn genuine network  security.

Soon after, the reporter interviewed the Vice-President Zhou Eryun of the Yinhe Hacker Training Academy.  President Zhou said that the teachers at the Yinhe Academy demonstrated hacker software in the classroom so that the students would understand it and then be able to play a role in preventing hacking.

In regards to Levi’s assertions that hackers should not merely be able to operate hacker software but needed to understand computer theory, operating systems and program languages, President Zhou felt that the courses selected needed to take into account the skill level of the junior and high school graduate.

During the course of the investigation, the reporter learned that it is often hard to distinguish between computer attack and defense.  Another IT training organization, Beida Qingniao, in their advertisement openly proclaimed, “Do you want to experience the taste of being a hacker for yourself? Remotely enter another system, remotely control another computer, remotely shut it down, steal passwords…in fact, you can do all of this!”  Furthermore, those in the class will be able to experience what it is like to be a hacker under the guidance of the teacher.

It is understood that some teachers and students, in order to demonstrate their skills, will teach people how to deface a website or steal a qq number.  Levi stated that if a person isn’t just showing off and has a clear economic objective, they will disseminate commercial viruses like the Panda Burning Incense culprit Li Jun and move toward the criminal abyss.

4 responses so far

4 Responses to “Chinese hacker schools growing bolder”

  1. CBRP1R8on 19 Aug 2009 at 11:04 am

    Nice write up….he makes some pretty valid points I think…

  2. gao yulongon 20 Aug 2009 at 6:32 am

    I think the domestic hacker issue inside of china is a breath of fresh air for a polluted internet environment inside china. As the virtual landscape of china changes those inside China are looking for ways within their virtual habit to bring about change as well not always waiting for the government to step forward or place their hope in those outside of china to usher in a new possibility.
    I am glad you are posting these cutting edge events so we can follow them to.

    Jumper….. this month in Canada there was a security conference
    seen here… http://www.usenix.org/event/sec09/
    an interesting paper was presented there:
    by….Martin Vuagnoux and Sylvain Pasini
    it can be seen here , the short version
    it’s about:
    COMPROMISING ELECTROMAGNETIC EMANATIONS OF WIRED AND WIRELESS KEYBOARDS
    http://lasecwww.epfl.ch/keyboard/
    …..have you seen it, any thoughts ????

  3. CBRP1R8on 20 Aug 2009 at 10:30 am

    I have actually seen some of these video demo’s before on youtube (i think) for some tempest monitoring of both laptop and pc keyboards etc through walls…been while though last year sometime when it was posted…it may have actually been the same few guys doing the presentation…

    It all still harps back to my old days in the military, tempest or electronic radiation emanating from electrical sources. This has been going on since the start of the cold war though, the russians would spy on us and us on the russians hoping to get teletype electronic data out of a non-secured location (through windows in the parking lot etc). This page explains a lot of it and how to counter it..including a faraday cage which I’ve lived in most of my adult life until I left the military ..hehe

    http://users.telenet.be/ws36178/security/topsecret/tempest.html

    Good stuff though. Military/Govt’s have been doing it for years the regular Joe is just kind of getting into it seems with these researchers going the extra step. NSA has all kinds of documentation you have to follow in their old DSID’s regarding tempest. I’ve actually had to build out a full tempest SSES before (via contractors of course) and get it certified.

  4. gao yulongon 20 Aug 2009 at 6:27 pm

    CBRP1R8,
    thanks for the notes and comments