Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
China Security

When China Hoards Its Hackers Everyone Loses (engadget.com) 89

An anonymous reader shares a report: For over a decade Pwn2Own -- happening this week -- has brought together security talent from across the globe in a friendly hacking competition that is a cornerstone of research and advancement on par with Black Hat and Def Con. China's hackers routinely win, sweeping the board -- notably, the Tencent and Keen teams. Pwn2Own is good-natured, and all in the name of researchers finding big bugs, nabbing great bounties and drawing attention to security holes and zero-days that need to be fixed. But this year, according to Pwn2Own manager Brian Gorenc, China is no longer allowing its researchers to compete. Prior to the start of Pwn2Own this week, Gorenc told press "There have been regulatory changes in some countries that no longer allow participation in global exploit contests, such as Pwn2Own and Capture the Flag competitions."

One thing's for certain: yearly champions Tencent's Keen Labs and Qihoo 360's 360Vulcan team are nowhere to be found and Trend Micro, the conference organizer, has confirmed to Engadget that there are no Chinese competitors in this year's competition. [...] It's a worrying development in the direction of isolationism and away from the benefits of competition in the spirit of improving security for all. It comes at a time when relations between the US and China strain under the weight of Huawei security concerns, which are not at all new, but are certainly coming to a head as American companies sever business ties with the firm.

This discussion has been archived. No new comments can be posted.

When China Hoards Its Hackers Everyone Loses

Comments Filter:
  • by Anonymous Coward

    Why would you want to reveal your capabilities to your enemy? They have confirmed now they have the best in the world. They don't need to prove anything any more. Now they can build their army behind the curtain. And they will. Better hope your firewalls are up to the challenge. And you might want to start teaching Chinese in elementary school (says Wernher von Braun).

    • by Luckyo ( 1726890 )

      They haven't actually proven that, because CIA certainly doesn't let its crew participate, nor does GRU.

      Chinese were basically that up and coming country that didn't yet control it's top talent, and allowed it to become targets for foreign agencies through competitions like this. Now they passed that development stage and keep their top NatSec talent out of sight, just like everyone else is.

  • .... China gears up for a cyber war.

    These are the wages of empowering stupidity.

    • Re: (Score:2, Flamebait)

      I don't like Trump either, but I doubt his trade war stupidity is the issue. More likely, China wants to keep any Chinese-discovered exploits in-house to aid in it's Orwellian pursuit of 100% monitoring and control over its citizens (and, probably, others beyond its borders).

      • FIFY
        The USA wants to keep any US-discovered exploits in-house to aid in it's Orwellian pursuit of 100% monitoring and control over its citizens (and, probably, others beyond its borders).
        • by Anonymous Coward

          FIFY

          The USA wants to keep any US-discovered exploits in-house to aid in it's Orwellian pursuit of 100% monitoring and control over its citizens (and, probably, others beyond its borders).

          The United States are not the ones banning their citizens from competition, dumbass.

      • Orwellian pursuit of 100% monitoring and control over its citizens (and, probably, others beyond its borders).

        Much like the NSA does. The WannaCry [wikipedia.org] attacks were enabled by NSA-developed weapons which the NSA lost control of [wikipedia.org]. The NSA knew about these exploits for years, weaponized them, and never told Microsoft because they wanted their weapon to be viable for as long as possible.

        There are no cleanskins here.

        • by rtb61 ( 674572 )

          Cleanskin brings to mind why China does not want it best hackers exposed, they mind end up working in a awkwardly secure location, that the government of China of even a Chinese corporation might desire to be temporarily less secure. Instead of making things more secure the fuckwits at the CIA and NSA decided that playing Sir Hacksalot would be more sensible. We have yet to see the full ramifications for that stupidity in a growing corporate conflict, hack and expose you opposition and your market share wil

      • Mod up; only someone with non-existent reading comprehension skills would've modded this "flamebait."
  • by Anonymous Coward

    that's all I read when I see these complaints and accusations. For decades their NSA and CIA engaged in cyber espionage and sabotage, literally acts of war, and now that they get beat in their own game, they are crying about it.

    You should've chosen a more peaceful and diplomatic way. Now you have to suck it up instead.

  • by minstrelmike ( 1602771 ) on Sunday March 18, 2018 @05:48PM (#56281099)
    There are many ways to lose a trade war. I'm not that thrilled about the Chinese government, but for anybody who's a true-blue (or red) free marketer, which is better (i.e., more profitable):
    A. a market of 340 million Americans
    B. a market of 1.4 billion Chinese, or
    C. a market of 7 billion humans?
    • free market ? (Score:2, Insightful)

      by gDLL ( 1413289 )
      I'm a capitalist myself but shouldn't a free market be equal too all players ? Aka like if you pollute and dump whatever into the atmosphere should you be able to compete with someone who spends more on cleaning after themselves ? Same goes for other more subtle and indirect state interventions. It's human nature to want to gain every advantage possible over the competition, this is just objective fact.

      Also not sure there is such a thing as a market of 7 billlion humans except if you're selling... air/w
      • if you pollute and dump whatever into the atmosphere should you be able to compete with someone who spends more on cleaning after themselves ?

        On a per capita basis, America emits more than twice as much CO2 as China.

    • by Anonymous Coward

      China doesn't have a free market. Its government directly owns huge swathes of the economy, well over 50% in some sectors. It passed laws deliberately designed to benefit itself and harm other countries. That's not free trade. China manipulates its currency to give itself an unfair advantage. They have done wrong for quite a long time now and need to be shown the error of their ways.

    • Since all people have equal buying power... wait; they do, right? (Otherwise you're just spewing nonsense... and no one ever does that here.)
    • Turns out it's usually A; few American companies have managed that holy grail of getting one dollar each from a billion Chinese.

  • A lot of this is the result of not turning off features that people don't use.

    Every program and protocol is stuffed with bells and whistles that no one uses.

    Unused features are frequently not disabled which means they're just sitting there in some default state waiting for someone to come in and blow gently in its ear to pervert that feature to take control over whatever.

    We need to get better about disabling features we don't use.

    First step on that road is getting a really good list of all the features that

    • I'm pretty sure this is part of the security mindset which Linus Torvalds claims makes all the security-above-all-else types incredible.
    • the idea is to make things either impossible or so absurdly difficult that it won't happen.

      You underestimate how much time and determination some people have. It only takes one.

      • My standard of almost impossible is rather extreme. When I say "almost impossible"... I tend to mean some james bond shit would have to happen.

        And really nothing is going to stop that. The guy will tell everyone his name, kill/have sex with all your guards, and break into whatever using rocket packs and lasers...

        As I said before, I'm a big fan of security through literally disabling or breaking features in programs that aren't used or can't be secured.

        James Bond will get physical access to whatever we've st

  • My guess is that (Score:5, Insightful)

    by rainer_d ( 115765 ) on Sunday March 18, 2018 @07:03PM (#56281319) Homepage

    they don't get anything out of it that they don't already know and don't want to show everybody else how far out they are.

    • by AHuxley ( 892839 )
      The next stage is not the browser.
      Its the broadband network support used by US officers, contractors in the city next to the USA base, fort, camp, port.
      China becomes part of their daily networking in that once secure part of the USA. Consumer crypto supported and trusted by the browser and consumer OS.
      That a communist nation would stay with huge numbers of generational trusted human spies all over the USA for the FBI and CIA to find.
      The NSA always thought China would be a contained digitally by distanc
    • by AmiMoJo ( 196126 )

      In theory they demonstrated that they have the best cyber security people in the world, and therefore their systems and products should also be the most secure.

      Maybe the decided it wasn't worth the bother any more because no matter how good they are it can't overcome all the innuendo about Chinese state back doors, and US efforts to block their products on national security grounds.

  • This is part of Emperor Xi's crack down on foreign interactions generally. If you want to control a country and its IT in particular, then the last thing you want is your hackers interacting with foreigners.

    For get Putin and Russia. China will give us more grief. And Putin will go after one more term, whereas Xi is no in for life, and by all accounts his health is good.

    I would hate to be living in China now, even if the economy is booming. For the time being at least.

  • China has or is tightening restrictions across the board on sharing research. Agriculture research labs for instance in some cases at least can't get funding if they work together with groups in america. And I'm sure the same thing is true for other fields. China has no problem taking or stealing the research of others but keeps a very jealous grasp on their own.

Genius is ten percent inspiration and fifty percent capital gains.

Working...