The Dark Visitor

Thanks to everyone who showed up to the Dark Visitor meetup at DEFCON 17.  It was a lot of fun and I had a great time joking around and talking shop with everyone.  The only gambling that I did was deciding on the Korean BBQ place close to the con hotel – the food was pretty good and they reserved a nice area for the group (of 21) so I guess the gamble paid off. I hope everyone had as much fun as I did. There was a lot of praise for Heike’s book as well as the work we’re doing together on the blog – that was all very much appreciated. We need to convince Heike to come out to DEFCON18 next year… Come on, Vegas isn’t so bad.

I spent most of my time at the con attending presentations.  There were at least two presentations that featured a slide devoted to Xiao Tian and the Dark Visitor got mentioned in two presentations.  I think that we should setup a scholarship fund to sponsor Xiao Tian so she can come to Vegas next year and meet with us.

So I decided to put together a give away for people who attended the meetup and settled on a CD packed full of Chinese hacker papers and videos. I put a nice lightscribe label on all of them and included “The Dark Visitor” in Chinese characters. Well apparently I entered the characters rather hastily and instead of 黑客, I put 黑咯, which means Dark Cough (according to Ming Zhou). So at least I learned a new character and maybe that will be the name of the next big disease that comes out of Asia. Who knows? Maybe the flawed Dark Visitor CD will turn out to be the next ultra rare one-eyed beanie baby or something (I’ll start planting them on ebay tomorrow).

Heike and I have talked about having some TDV wearable stuff. Perhaps a Titan Rain Suit? Maybe a “Certified Great Firewall Engineer” T-Shirt? How about a Javaphile Coffee Shop baseball hat? Sunwear tanktop? Let us know what you think. We’ll think of something clever to do with the proceeds like buy Xiao Tian an HD webcam.

Now for a break from the Adobe zero day stream…

The censors in the PRC are now apparently blocking searches and taking down articles related to a recent bribery scandal over a multi-million dollar contract in Namibia.  The censors at baidu.cn got a little ambitious and briefly blocked any searches that contain the word Namibia so any search was filtered rather than just results that contained information about the scandal.  As of this post, it appears that baidu.cn searches for “纳米比亚” work just fine without any error message – news about the scandal still does not appear however.  Maybe next they will reach into Chinese Kindles to delete anything related to Namibia.

baidu.cn briefly blocked searches for 纳米比亚 (namibia)

Source: Open Net Initiative:  http://opennet.net/blog/2009/07/no-more-namibia-china-blocks-search-results-entire-country

If you don’t read Chinayouren, you should.  Hell, I didn’t even know that “anonymous” netizens had planned an attack on Chinese censors.  Chinayouren is one of those people who is not only a fantastic linguist but also very well  attuned to the current social issues on the Chinese net.  He certainly knows more about the mechanism of censorship inside of China than just about anyone I know.

The article on the failed attack on Chinese censors is a must read and his analysis of those “anonymous” netizens will probably surprise you.  Click the links inside the post to get the full story.

On May 1, a zip file was posted to wikileaks.org that contained several internal files that appear to be from Baidu.cn, the most popular search engine in the PRC.  There is an html file within the zip that contains several sections with a list of key phrases that will cause the search engine to filter the results.  Here is an automated translation of each category (after the jump):

Continue Reading »

If you follow China’s online development or political movements, then you are probably aware of the anti-pornography campaign.  What you might not know is that Chinese netizens are pushing back with online activism and Beijing is responding.

Clothing Renaissance paintings…freakin’ priceless!

The State Bureau of Surveying and Mapping (SBSM) and Central Propaganda Department, along with various local areas, are in the process of reviewing online mapping and geographical information websites to determine if they present a threat to national security.

According to the report, Chinese citizen’s territorial consciousness needed to be strengthened, the mapping marketplace required order and online “problematic maps” needed to be decreased.

The SBSM used technical methods to carry out an internet search and discovered there were 15,648 mapping sites.  Among these, 14,760 published maps and 888 provided geographical information services.  According to incomplete statistics, there were actually over 41,000 such sites, of which 8% posed a problem.

An SMSM spokesman said that despite the illegal actions of online mapping and geographical survey services, the “management” work had obtained tangible results but that problems and deficiencies still remained.  Online mapping presented a serious political problem and there was a high-degree of danger in revealing secrets.

Blah, blah, blah…the state would continue to carry out this work and develop a state approved map, available to all.

When China announced a crackdown on porn sites, you would have thought the internet exploded.  Daily updates on the number of porn sites shut down.  Now they come for maps…crickets.

On 18 January, we gave you a look at how to spot hot trends in China and the possibility that Chinese hackers were using similar tools to find targets for malware.  Getting the most bang for your buck.  Today, I’ve decided to see if my knowledge is worth anything.

Prediction: “Chinese body art” sites and body art pictures (人体艺术照片) will be high on the list for hackers.  Why?

According to Google Insight, there has been a 2400% increase in the number of searches for this term over the last seven days.

It is also showing up in the #19 spot as hot searches on Top Baidu.  What is Chinese body art?  Shhh, it’s pron.  Artsy pron.  Let’s see, China announces crackdown on pron…now this “art” makes the top searches on Google and Baidu.  Hmmm?

Going back to Google Insight, you can get your tags for search engine optimization over the past 30 days:

1. 艺术照片

2. 人体艺术

3. 人体

4. 人体艺术图片

5.  人体写真

Really want to get fancy and you could add cities:

Good article on the trinity that makes up China’s censorship system.

Man gave names to all the animals, and let’s give clear names to these ones too so that we can avoid further confusion. China’s Censorship system is composed of: the Net Nanny, the Great Firewall (GFW), and the Search Engines Manipulation (SEM). Note the important difference between the three, which can be summarized as follows:

cont…

The Chinese national soccer team is in Tehran to play a friendly game against the local boys.  However, all is not well.

During their downtime, the Chinese team likes to get online to see what is happening back home.  The hotel has wireless broadband in the rooms but it costs USD $5 per hour to surf.  The business center in the lobby also has access but that costs USD $4 per hour.

The team members decide to pay the price and use their laptops in the room only to discover that they can’t access Chinese websites such as Sina, Sohu and Netease.  They inquire and find out sure enough, Iranian authorities have them blocked.

H/T: Thomas

Some very interesting news coming from Radio Free Asia on regulations forcing Chinese internet cafes to switch from Microsoft XP to Red Flag Linux (a Chinese produced system).  Officials promoted this as an effort to crack down on pirated software but the move has angered cafe owners who were not happy with the 5,000 yuan licensing fee.

My thoughts:

1. A response to the recent Black Screen of Death incident.  However, if this is only required for internet cafes, it won’t make a dent in the problem. Just doesn’t make much sense.
2. Trying to force internet cafes to close down.  Chinese officials aren’t very fond of the cafes and the extremely high licensing fee could be a way to force them out of business.
3. As per the article, better monitoring.
4. Forced on China by our good friend Eastwood, who owns massive shares in Ubuntu.