Operating systems optimize

China chooses FreeBSD as basis for secure OS

What OS would you choose as the basis for your security hardened software platforms? China has made a decision remarkably similar to my own, and it has U.S. officials worried that the Eastern power may be pulling ahead in the realm of information warfare preparedness.

Earlier this month, in China blocks U.S. from cyber warfare, the Washington Times reported that "China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing's networks impenetrable to U.S. military and intelligence agencies." The article goes on to explain that China has developed a custom, security hardened OS called Kylin, which was revealed in recent Congressional hearings. As the specter of "cyber warfare" grows more vivid, US policy makers and security specialists are rightly concerned at the fact that China is taking such direct action to protect itself from potential foreign information warfare threats -- that this may set the US at a disadvantage.

In China installs a secure operating system on all military PCs, The H reports that China claims the design of the OS is proprietary on its official Kylin Website. The H also reports that:

an analysis of the code (Chinese page link) in the kernel indicates that it is in fact a hardened version of FreeBSD 5.3.

While I could paraphrase the message, The H put it succinctly:

This has lead to concern over the state of open source development in China. Furthermore, the advisor said that US systems, which use off-the-shelf American software, such as Microsoft products, open source software, and foreign applications, would be less secure and more vulnerable to back doors allowing access during "times of war".

The harsh truth of the matter is that corporate influence in government has succeeded in retarding the progress of information technology advancement in US defense policy by weighing down decision making processes with political favoritism. Meanwhile, the fact that Chinese government officials are not beholden to powerful public corporations frees them from the kind of untoward influence that has resulted in software acquisition contracts motivated more by reëlection concerns than by security concerns in the US. All too often, the selection process in US government specifically excludes all options except a very few vendors for software acquisitions. The result is that China appears to be well ahead of the curve, selecting the best OS for the job regardless of vendor influence in the West.

When the US Department of Defense is the target of no fewer than 128 information infrastructure attacks per minute from China, and we discover that China is engaged in working toward 100% military deployment of security hardened FreeBSD while the US DoD is almost universally using off-the-shelf Microsoft Windows systems, it becomes clear that there's definitely something wrong with US information security policy.

(note: Initially, this article misidentified the Washington Post as the source of the article China blocks U.S. from cyber warfare. The actual source was the Washington Times, and this article has been edited accordingly.)

About

Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

136 comments
enocheed
enocheed

Didn't free bsd have fbi back doors? If china chose that for their secure os? I guess they are screwed. Dumb chinks.

JCitizen
JCitizen

Now that I've examined this discussion. By adopting a more secure, open source operating system; they don't have to worry about any hidden back doors in the kernel(they believe). And they can let the FOSS community maintain it for them. It will also help make their "front office" operations more secure. And, as they know, when you are already in the habit of being the hack'n crack aggressor, you sure want something that can take the backlash. If you're in the habit of throwing rocks at your neighbor's glass houses, you are not going to settle for anything less than plexiglass for your own windows; (so to speak).

craigkra
craigkra

Here we go again! As soon as any country tries to improve something which the US Government (Democrat or Republican - Obama is in the government but a long way from being in power) thinks is important, they are immediately placed in the "threat to freedom" category. The first and only country to use atomic bombs classifies other countries with nuclear programs as irresponsible threats to peace - The US spendsa a huge proportion of its GNP on weapons but classifies the increase in Chinese military spending as signs of warlike intentions when it actually forms a infinitely smaller proportion of its GNP. How about trying to imagine what kind of real threat US Government actions are perceived as being in all the other countries in the world. Talk about ideologically motivated discussions!!

Derteufel
Derteufel

"Chinese government officials are not beholden to powerful public corporations " Not yet, but they take after the west and are much more ravenous. they want money. The US is complacent, lax, seems arrogant. Then when they get it, no one can beleive it.

plgx
plgx

The article is not from the Washington Post, but from the Washington Times, where many neoconservatives, former Cold Warriors, write. This is the same people who got us in the mess we are in Iraq right now using a bunch of lies and half truths. I'd be extra cautious before believing anything they say.

aohouo
aohouo

No matter what Red China is doing,they own it to us. I have confident that we as American, we will find and develop new techs that will make them Chinese envious again. Be patient

apotheon
apotheon

That's an excellent summary of the major points (at least, those major points that are reasonable -- there are a couple in this discussion as a whole that seem kind of sketchy).

Tony Hopkinson
Tony Hopkinson

Threat assessment in intelligence terms is based on capability not intent, always. Current political opponents has nothing to do with it, I'll wager a large pot of money you are spying on us like mad, and vice versa of course. Anything else would be seriously unprofessional.

apotheon
apotheon

I know it can't be a reply to the article, since the article didn't mention anything about China necessarily being a "threat to freedom", per se. It was just talking about the discrepancy in tool selection policy between two countries. So . . . to what were you replying?

Neon Samurai
Neon Samurai

.. well, the US freedom to poke about in anyone else's affairs anyhow. ;)

JCitizen
JCitizen

Half truths and just plain stupid reporting. I can't believe what the modern editor passes as good journalism now-a-days!

caverdog
caverdog

Red China is doing many things on their own these days. However, the biggest issue here is letting rhetoric cloud judgment. There are real problems and we are no longer the world leaders we once were. It starts with Education. They "owe" it to us, not own it to us. I'm glad you have "confidence" that we as "Americans" will make "the" Chinese envious. Also, space after the comma, period after patient. I don't normally harp on these things, but people need to understand that the rest of the world is moving on. We have a 30% High School drop out rate, and mediocre is the norm. We won't stay ahead of anyone if that doesn't change.

craigkra
craigkra

Leaving aside the interesting question of whether the intelligence services do actually only consider capabilty and not intent, such an approach would be very seriously unbalanced for intention and capability may be inextricably linked while at the same time may be independent of each other. It is perfectly possible for the persons in a country to wish to do harm to some other country on the basis of their point of vew that the other country has done something to harm them, irrespective of having the means to make that intention effective. However, if intelligence operatives know that a country would like to cause harm - has the intent - but not the capability of making that itention real, they would be wrong to ignore that country as not presenting a threat because it is precisely the intention which would lead the country in question to acquire the capability.

JCitizen
JCitizen

at the risk of being repetitive; I totally agree.

santeewelding
santeewelding

Probably right down to ground-hugging radar maps.

craigkra
craigkra

You think not eh? Well how about this extract from the article:- "As the specter of ?cyber warfare? grows more vivid, US policy makers and security specialists are rightly concerned at the fact that China is taking such direct action to protect itself from potential foreign information warfare threats ? that this may set the US at a disadvantage" Or this perhaps:- "The US Department of Defense is the target of no fewer than 128 information infrastructure attacks per minute from China Over you for evaluation and ranking "apotheosis"

craigkra
craigkra

It seems that you are not the only one who supports the contention that the article by Chad Perrin places China in the role of a threat to freedon. Post 4 entitled "Nothing motivates like military threat" and Post 54 "OK now that the Political BS is posted" has this to say: Perhaps we can look at the real facts of the matter. Unless of course you believe that loosing any confrontation is winning because the enemy will end up paying to rebuild your country. Even Apotheon seems to have seen the light because in post 112 he writes, "The actual threat is US policy failing to effectively prepare for the realities of security for governmental networks. Of course, he limits the threat as being from US and not China's policy but that is because his reasoning is flawed due to his unwillingness to accept the logic that what weakens one country (in his case the USA) strengthens its enemy, (in his case China). However, he is more specific when he mentions "evidence that points to China probably being among the most prepared nations in the world for potential intergovernmental "cyberwar", at present." Strangely, he seems to be asking us to believe that even if such a threat exists it wouldn't be a threat to freedom. Maybe it would be a threat to something else - suggestions please - but it would specfically be a threat to freedom (see post 54 - post-ware rebuilidng) irrespective of its other possible but as yet unspecified effects. Actually, it is even stranger that he didn't argue against the points in your Post or in Posts 4 & 54.

JCitizen
JCitizen

Did you see how the Chinese grabbed Hummer? Now greenie weenies are want to make fun of the Aahnold's of the world and make debunk the gas mileage; but there is more than meets the eye here. I ran them in the army for years and they were an absolutely astounding military transport vehicle! You could NOT get stuck in them unless you were running old narrow jeep paths in Colorado or Afganistan. I use to climb HUGE boulders with those things without getting stuck!!! But here is the big clincher!: http://www.rasertech.com/media/videos/the-electric-h3 You combine with this - and the Chinese will be building many of the batteries for this tech; and you not only have a modern blizkreg vehicle but a basis for a fantastic urban family sedan. One that we might regret giving away. Americans just flat plain refuse to drive roller skates - even to work! However, weve already given away the kitchen sink? I guess I'm not paranoid enough for this?!

apotheon
apotheon

It takes more than confidence to succeed.

apotheon
apotheon

What planet do you call home, anyway? Your statements about what other people said diverge more and more from reality with every comment you post.

Tony Hopkinson
Tony Hopkinson

Is what it says. And that was specific to intelligence, military or not. The key point is if you have capability, intent is irrelevant. Given the apparent intent of your orginal post was to suggest that Apotheon was showing China as a threat because he didn't like them or some such, all I was saying that whether he was anti-chinese or not was irrelevant. They have the capability, therefore they are a threat, intent is how immediate said threat is. Given how long it takes to come up with counter-measures, waiting until someone with capability moves to intending to use it, is well, silly.

craigkra
craigkra

I said threat assessment was based on capability. If there is a capability, there is a threat, that's it. I agree with the first line but that is not it. I disagree with a possible reverse statement that if there is no capability then there is no threat because this leaves out an extremely important element that should be included in analysis. I assume from you position you would argue that the US Governement is wrong to consider Iran a threat because they do not have a nuclear arms capabilty at the moment. This would be consistent with your position and I have argued that such a posture would be mistaken. It would also contradict your protestation in the title of your post. Perhaps you could explain in what way you think that intent is considered Intent is a political question. Are you a politician by the way? I wondered why you entitled your last reply to me "Ideology" and this question in your second reply seems to confirm that you hold the position that in this area of threat analysis there is a mechanical separation where some things are political (and ideological) and some things are not. So you naturally feel able to separate subjective factors (intention) from objective factors (capability) when, as I tried to show, they are inextricably linked. This leads you to the conclusion that any positions based on subjective factors must be incorrect. So, if you can suggest, show, offer evidence or even prove that I am a politician, ie political, than my point of view is not valid. I think that you should consider a more accurate possibility - nobody has the option of not being political, only the option of choosing which political position he or she has. Inextricably linked while at the same time independant. ????? - Perhaps I could explain it this way - analytically separate (independent) but practally linked. So it is possible to talk about the two areas but not to separate them in the way that you do. Intelligence is about assessing capability, of course they look for it. They just don't burden themselves with whether it's going to be used, just whether it could be. First of all, this statement clearly shows that the reply to the question in your title is that you do separate one from the other. This statement is also an excellent example of the contradictory position that separating two linked items creates. You separate "someone wondering whether something is going to be used" and someone evaluating whether it could be used". I understand that "going to be" = intention and "could" = capability but you use the conditional in the case of "intention" and that is what I am trying to say - it is not simply a question of whether something "can" be used but whether it "could" be, where "could" combines the technical capability and the political intent (not to separate the two as you already know I would argue).

Tony Hopkinson
Tony Hopkinson

No. I said threat assessment was based on capability. If there is a capability, there is a threat, that's it. Intent is a political question. Are you a politician by the way? Inextricably linked while at the same time independant. ????? Intelligence is about assessing capability, of course they look for it. They just don't burden themselves with whether it's going to be used, just whether it could be.

apotheon
apotheon

I would like you to provide proof that I was "pontificating". Are you for real? As for your difficulty in understanding the parting phrase in my first message, why did you not just ask me what I meant? I did. There is no automatic contradiction between elements which "strengthen arguments" and those that "ask questions", in other words, it is possible to strengthen an argument by asking a question. I think you are excluding any but the most basic technical or literal understandings of what is written, either by you or me. In this case, you are insisting that because the grammar indicates a question it cannot have any other meanings!! I said two things. One was that my question wasn't meant to strengthen an argument. The other was that it was meant to ask a question. I did not, in any way, suggest that the two were incompatible in all cases. I just pointed out that only one applied in this case. The only way you can reasonably assert that I was somehow trying to strengthen an argument by asking you this question, at this point, is to call me a liar. I await your accusation, if you're really attached to this notion that when I asked a question I was really trying to make an argument. I meant that my comments had been offered to you for your evaluation. Thank you for finally clarifying most of the rest of your meaning. Just so we do not get involved in an unproductive discussion about the word "apotheosis", I would like to know what it means as far as you are concerned. 1. Exaltation to divine rank or stature; deification. 2. Elevation to a preeminent or transcendent position; glorification: "Many observers have tried to attribute Warhol's current apotheosis to the subversive power of artistic vision" (Michiko Kakutani). 3. An exalted or glorified example: Their leader was the apotheosis of courage. (source: American Heritage Dictionary of the English Language) I've answered your question. Now try letting me know whether the question has a point. However, at this point I can assure you that it was not intended to be insulting. Incidentally, I find it interesting that, in this case, you are able to go beyond literal meanings with no difficulty. Your passive-aggressive tendencies in argumentation are quite blatantly clear -- such as this statement about "this case". I have no difficulty understanding nonliteral statements in general and, in fact, other users here make your attempts at metaphor and insinuation look positively direct by comparison (santeewelding in particular has quite a knack in that area) without causing me much "difficulty". The problem is that I said something direct and you, for some reason, seem inlined to jump at shadows in my words. Now, regarding proof that the text raises the question of a threat to freedom, I think that the main problem in this discussion is how to go about interpreting a text and so, given the way you approach these questions, I need to ask you what is acceptable proof for you so I can see what you are looking for. What a load of . . . It's simple: explain what made you think the statements to which you directed my attention were indiciative of a "threat to freedom" -- the whole term "threat to freedom", not just some kind of hand-waving about "threat". If you can't do that, you're on the fast-track to being ignored. Maybe that's what you want, though. I don't know.

craigkra
craigkra

I fail to see why my comments are classified as "pontification" - why don't you just say that you do not agree with me and then provide your reasons. You ask me to provide proof that "freedom" was brought up in the quotation that I used. Fine, I will take up this matter later in my reply but I would like you to provide proof that I was "pontificating". As for your difficulty in understanding the parting phrase in my first message, why did you not just ask me what I meant? There is no automatic contradiction between elements which "strengthen arguments" and those that "ask questions", in other words, it is possible to strengthen an argument by asking a question. I think you are excluding any but the most basic technical or literal understandings of what is written, either by you or me. In this case, you are insisting that because the grammar indicates a question it cannot have any other meanings!! On this reasoning, someone would have difficulty in understanding the command "Get lost!" The following two "questions" would also present difficulties, "Do you want to stop saying that?" or, "Why doesn't he try the other door?" I meant that my comments had been offered to you for your evaluation. Just so we do not get involved in an unproductive discussion about the word "apotheosis", I would like to know what it means as far as you are concerned. Let me assure you that I am asking so that I may understand your point of view and not in order to suggest that you really do not know. This will enable me to explain why I used the word. However, at this point I can assure you that it was not intended to be insulting. Incidentally, I find it interesting that, in this case, you are able to go beyond literal meanings with no difficulty. Now, regarding proof that the text raises the question of a threat to freedom, I think that the main problem in this discussion is how to go about interpreting a text and so, given the way you approach these questions, I need to ask you what is acceptable proof for you so I can see what you are looking for.

caverdog
caverdog

In 1962 the CIA quietly contracted the Xerox company to design a miniature camera, to be planted inside the photocopier at the Soviet Union's embassy in Washington. A team of four Xerox engineers set to work in an abandoned bowling alley and built a working model -- a modified home movie camera equipped with a special photocell that triggered the device whenever a copy was made. In 1963, the tiny Cold War weapon was installed by a Xerox technician during a regular maintenance visit to the Soviet embassy. On subsequent visits the Xerox man retrieved and replaced the film.

Neon Samurai
Neon Samurai

Not at all surprising though. I was thinking within the article?s scope on this one. Also that the OS choice alone is not an indication though it may lead to what area more information is needed for confirmation. My point was that any foreign nation?s base choice of OS alone is not an indication of increased attack potential. I?d see the attack potential as being an ongoing thing regardless of OS choice. If they?d gone to Haiku or Plan9, they?d still be continuing research into effective attack strategies against target networks. Assuming that the risk of attack to US networks has somehow increased involves more than an OS choice. In the same way, wrapping a layer of iron around the great wall increases defense but the attack potential of archers on that wall is still the same. It may increase a better military strategist behind that decision but this extends the topic of discussion outward to include more than just the choice of iron plating or less vulnerable OS. Expanding the conversation outward beyond your article, I?d agree that it shows a higher interest in strategic computing (is that a term yet?). If the rumors are true and they really did surface a sub in the middle of a NATO training mission undetected; you can be sure they are keeping up and in some areas leading in advanced nation?s military research. I can accept that is an indication of attack potential when combined with other information though absolutely.

apotheon
apotheon

Assuming all traffic out of China is chinese may not be accurate but as you point out I think it's reasonable to operate under a working assumption than most of it actually originates from people in China, though. Using a proxy isn't a foolproof means of obscuring the true source of one's activities, effectively hiding may not be as high a priority for Chinese government security crackers because the US government isn't going to send FBI agents to try to arrest the Chinese government, and there's plenty of reason to believe the Chinese government may be motivated to carry out such attacks. On the other hand, it's always possible that the US government is inflating numbers a lot, too. Still, China has not improved it's attack potential only it's own defense. Let's assume, for the moment, that Chinese espionage and military agencies are engaged in regular attacks on other nations' governmental and military networks. Let's assume China is doing its level best to gain footholds in foreign networks to provide a striking advantage in case of "cyberwar", and to disrupt "enemy" operations without stepping over the line into all-out war. It would make sense that China would then be engaged in improving its offensive capabilities, learning about what it takes to penetrate foreign networks and about what targets provide the best bang for the buck -- the greatest combination of easy targets and high-value targets. With that kind of ongoing improvement and execution of offensive capabilities, Chinese espionage and military agencies would learn a lot about what systems are easiest to compromise, and about what kinds of characteristics make a given system easier or harder to compromise. Given that knowledge, it seems inevitable that this would lead to greater understanding of how to defend oneself against foreign attacks. With that understanding, Chinese IT security people should definitely be employing the knowledge gained when selecting and deploying software, including the OS. In short, it's entirely possible that China's selection of FreeBSD as the basis of its custom security hardened OS is a symptom of its offensive security cracking activities. As China's security crackers learn about which OSes provide the best security characteristics without sacrificing needed functionality, its defensive security experts find themselves avoiding MS Windows and choosing FreeBSD instead. It's just a theory, but I think it's entirely plausible -- more so than the notion that people working for the Chinese government are reading what I write and taking my word for it.

Neon Samurai
Neon Samurai

Assuming all traffic out of China is chinese may not be accurate but as you point out, assuming all chinese traffic is rerouted from elsewhere is equally incorrect. I'm sure a number of the X attacks per minute are from chinese crime or government programs. I'm just not convince that all of it is or that one should react over the name of the country alone. In your case, your taking the required extra step of verifying the source more closely. It would take old fashion spy work to confirm if it was actually government, crime under cover in the government or some lucky well places independents. A portion of those attacks being from sanctioned military is also to be expected though. Still, China has not improved it's attack potential only it's own defense. Also that being unable to effect the opposition's attack potential, we can only focus on our own defense improvement regardless of where that traffic starts from or routs through. That's where the questions of "what can I do to improve my own servers" and "why is my government so far behind in this area" come back too mind.

JCitizen
JCitizen

But I can't help it, because although I KNOW that you are right about the proxy run around, there is something I have found perplexing about attacks on my own perimeter. My IDS reports attacks from a Chinese military industrial complex from a well known province where you would assume things would be pretty tight because of the secretive nature about the Chinese on what goes on there. If Bulgarian(or whatever) proxies are routing data through this ISP, you got to ask yourself; are the Chinese daft? Why would you want to let suspect foreigner's route through a locked down IP like that? I submit that they have become so bold they don't even try to hide their hijinks from the obvious. Either that or they are actually that clueless. If that is the case, this news story is just a veil to make the PLA feel good about their security decisions!

apotheon
apotheon

The actual threat is US policy failing to effectively prepare for the realities of security for governmental networks. China's contrasting policies make it more publicly clear and obvious just how far behind the curve the US government actually is in some respects. Meanwhile, the indication that Chinese information technology security policy makers and experts are ahead on defense, coupled with intrusion attempts being strongly linked statistically with Chinese sources, adds up to evidence that points to China probably being among the most prepared nations in the world for potential intergovernmental "cyberwar", at present. . . . and that is what the quoted passages from the article were actually about. Of course, none of that in and of itself specifically implies any "threat to freedom", per se. In short, Neon Samurai is basically right, and craigkra is basically wrong.

apotheon
apotheon

1. None of your pontification on whether anything in the quoted passage implied a potential threat proved that a "threat to freedom" was suggested. Show me where "freedom" was brought up in that statement, please. 2. What are you talking about? I asked whether the reason your statement didn't make any sense was a grammatical error as a result of being a non-native speaker. It's not meant to strengthen an argument: it's meant to ask a question. I guess "over to you for evaluation" makes more sense than the original formulation, but I'm not really sure what you're specifically suggesting I evaluate at that point. I know what "apotheosis" means, but that doesn't make the second half of your very confusing statement any more meaningful in context. Were you just trying to inject some kind of insulting reference to my user name into the discussion?

Neon Samurai
Neon Samurai

I?ve been tracking this topic across a number of news sources and they all seem to have the same outcome that China is doing computer security right though that may suck for the people trying to break into Chinese networks. This particular article seemed to have two main points; China is doing security right and why is the US still not doing it right? The first being more of an introductory point for background with the focus on the second point. Your first comment I do agree with. The knee jerk reaction is that China is the new red menace. It?s boogeyman marketing because fear sells news papers only second to sex. My reply to that was sarcastic agreement as you correctly interpreted. The original article was not about a foreign nation being a threat but rather a foreign nation doing something better than the US. Hence, I thought your comment more applicable to the few knee jerk responses higher up in the discussion rather than the article itself. Your second comment pulls two quotes in what seems to be imposing a topic into the article that was not there. I don?t think discussing any foreign nation as a threat is without value but simply a separate topic from this article. Also, with the way discussions and threads fork constantly, I tend to read comments as separate ideas unless obviously a continuation of the thread?s topic; to the point of not usually noting the poster?s name until after reading and/or responding. The two quotes you pulled simply list some facts to support questioning the US lack of security. They don?t appear to be the key topics of the article or suggest that China is an increased looming threat any more than all other nations with internet connectivity. My second response was more a matter of thinking those two quotes through. Remove the evil empire "China" from the equation and it can be considered with less "red menace" emotion attached too it. Heck, the US should consider more secure platform choices in response to US citizens are trying to break into each others computers let alone citizens from outside the borders. "As the specter of ?cyber warfare? grows more vivid, US policy makers and security specialists are rightly concerned at the fact that China is taking such direct action to protect itself from potential foreign information warfare threats ? that this may set the US at a disadvantage." The US is at a disadvantage strategically because they can?t walk into a foreign nation?s computers like a hot knife through butter while at the same time, continuing to manage there own data with the world?s most insecure but popular software brand. The US vulnerability has not increased or decreased though the Chinese defense has potentially increased. I?m open to the idea that my logic is flawed but I?m not seeing the error yet. Attack and defense are two separate things. China is not increasing the effectiveness of offensive tools but of defensive tools. It?s not malware that protects itself from detection better but the system protecting itself from penetrating malware better. They are still the same offensive threat that they where before and all potential targets still have the same options open for increasing self protection. The evidence does not explicitly demonstrate that china is the looming threat or that those criminals within (or routing traffic through) Chinese borders for X number of attacks per minute are government employees. In a physical fight, the two are much closer related though so I do see your point now that you clarify it further. In the meat world, defense means being able to shoot the other person more than they are able to shoot you. Sen-no-sen; attack the attack or attack during/before attack. In the digital world, an attack response to attack is simply not effective given the variables involved (example being the inability to divine the true source of an attack). Personally, I see all network traffic as a potential threat regardless of source location. I can?t effect the other side?s attack or defense capability though, only my own. Sources that may have more effective attacks simply make me wonder how I can protect what I have some effect over better. Sources with better defense make me wonder what they are doing and why I am not.

craigkra
craigkra

From your first contribution, I understood that you did not believe that China is threat, hence the way that you put it in what I understood was an ironic comment. However, your line of argument now seems to be that I am wrong to criticize the author for portraying China as threat because either the author and I, or perhaps only I, am wrong about the real existence of a threat. This is not relevant because my original point was that the article does portray China as a threat and the author being wrong about the threat doesn't change that. In other words this is primarily a social question not a technical one. If the author is wrong, it could even be argued that his social point of view has clouded his technical judgement. Please note that in the excerpt that I quoted before the writer says that "US policy makers and security specialists" are correct to be concerned about China: "As the specter of ?cyber warfare? grows more vivid, US policy makers and security specialists are rightly concerned at the fact that China is taking such direct action to protect itself from potential foreign information warfare threats ? that this may set the US at a disadvantage." I also think that even your technical logic is incorrect because you say that China would not have an increased capacity to attack the USA because it has a stronger defence when the point is that China's stronger ability to defend itself against US attacks is taken to be a threat in the article. In other words, an opponent becomes a greater threat not simply because it has a stronger attack capability but also because it has a stronger defence capability as well. Thus, your second objection about the number of attacks per minute is also not relevant. At some points in your reply you seem to be arguing with me about whether China is a threat, based again on technical aspects, so I should make it quite clear that I don't thing China is a threat to the USA but I do think that the article is based on this assumption and is quite clear in painting China as a threat.

craigkra
craigkra

I disagree with your statement in point 1. Let us examine the choice of words in the first of my quotes more closely: "As the specter of ?cyber warfare? grows more vivid, US policy makers and security specialists are rightly concerned at the fact that China is taking such direct action to protect itself from potential foreign information warfare threats ? that this may set the US at a disadvantage" How about the choice of such expressions as "specter of 'cyber warfare'. If the term "specter" doesn't "necessarily" elicit the idea of a threat then we should check if we are using the same language. If that doesn't convince you then ask yourself what it is that "US policy makers and security specialists are rightly concerned at". You could also meditate over the nature of the "disadvantage" is. Last of all, I hope you can produce some reasoning to back up your opinions in your next contribution instead of simply giving your opinion. You should also think about whether your references to "non-native speaker" strengthen your argument. In case you really had difficulty in understanding my parting sentence (1) insert the word "to" between "Over" and "you"; (2) Check in a dictionary for the meaning of "apotheosis".

Neon Samurai
Neon Samurai

The first quote you pulled out says that the US is concerned because China is going to use an OS that makes it much harder for the US to break into it. So, the US inability to invade foreign nation's computer systems is a threat to US freedom? Wouldn't an actual threat to US freedom be a foreign nation complaining about the US deciding to use a system that made it harder for the other nation to break in? If I understand your issue with the quote. Your basically saying that your neighbor changing to a more secure front door lock is a threat to your freedom in your own home because it makes it harder for you to break into the neighbor's home. That just seems backwards unless your misunderstanding is that China using a more secure OS somehow improves it's chances of unrelated US networks being breached; which it doesn't, the US has already done that to itself through excessive use of Windows systems in sensitive areas. The second quote does not increase the insecurity of US networks either. Before the announcement of China's BSD based OS, the US had no fewer than 128 attacks per minute. After the announcement of China's BSD based OS, the US had no fewer than 128 attacks per minute. So, what's the difference? Again, you have a leak in your roof that lets water through at a rate of five drops a minute. Your neibour repaints there home and somehow this increases the leak in your roof to now allow water through at a rate of five drops a minute? Is that what your suggesting? In the case of 128 attacks per minute on US system, the source can't be confirmed. Is it really starting from Chinese computers within the great wall or is it network traffic simply being routed through? Maybe eastern some group in eastern Europe has a proxy setup within china; traffic goes to the proxy and back out from there. The result is your traceroute hits the proxy in China rather than the true source in Europe. Heck, it could be groups within the US bouncing traffic through China. Your talking about people with enough technical knowledge to attempt breaking into US networks; you don't think they also have enough knowledge to setup a proxy or exploit infected machines?

apotheon
apotheon

1. Neither of those quotes necessarily implies a "threat to freedom". 2. I have no idea what Over you for evaluation and ranking "apotheosis" means. Are you a non-native speaker of English who got the grammar (and my user name) wrong?

santeewelding
santeewelding

Happy Fourth! Cut some slack for yourself even if I don't. You earn it.

apotheon
apotheon

Tendentiousness is for amateurs and hobbyists. I'm a professional, dammit. I'm elevendentious. edit: apologies to Spinal Tap for stealing their schtick

apotheon
apotheon

Let me know when you're done constructing, and burning, straw men -- and when you want to try responding to what I said, rather than whatever fantasy of ludicrous misrepresentations you've assigned to me this time. You keep telling people (me included) what I said, and you're 98% wrong 98% of the time. It's damned pointless trying to have a discussion with you. Since you're telling me what I said, and that I'm wrong about what I meant, you should just have this discussion all by yourself. You obviously don't need anyone else to say anything at all; you can just say they said whatever you want them to have said, and argue about that all day. It won't change a thing, other than how much time the rest of us have to spend telling you that no, nobody else actually said the things you claim they did.

Neon Samurai
Neon Samurai

Since the US can't change Chinese policy, wouldn't the greater concern be what the US can change such as there own network security? It's still not China increasing it's threat but the US continuing to not increase it's defense. Also, as I said much later in the discussion, OS choice alone does not indicate an increase in threat potential though it does give you an idea where to start looking for additional information which may support that conclusion. Still, the discussion is long since died off so I'm quite finished with this one.

JCitizen
JCitizen

You're right! I looked up a diagram of the H3 Raser drive train, and it is totally conventional after the main drive transmission. But it makes me wonder if they are planning on absorbing the hybrid tech as well; even though Raser is an independent organization separate from FMC,Hummer, or GM. That kind of thing never stopped them before - their track record on stealing civilian designs rivals their record on DoD espionage!

apotheon
apotheon

The military HMMWV and the civilian Hummer are actually completely different beasts. The very first Hummers for civilian sale were much closer to the original, but that went away in a hurry. Even before the H2 came out, the Hummer brand was no longer particularly similar to the military HMMWV. I've taken HMMWVs places, while I was in the Army, that would get any 4x4 civilian vehicle I've ever had occasion to touch (including Hummers) stuck so that there's no way to get them out without a winch, some shovels, a fair bit of wood, and some shovels -- and didn't get stuck. This, despite the fact I've never had to actually throw the HMMWV into four wheel drive. What you say about getting the things stuck being nigh impossible is true -- but only for the military vehicles. The civilian knock-off isn't up to anywhere near the same standard. Hell, the H3 only offers 225 foot-pounds of torque. Double that, and you still don't have the total torque rating of an HMMWV. There are motorcycle engines that provide more torque than that! I just felt compelled to share.

JCitizen
JCitizen

because she claimed it was above my reading level. But, despite being in the third grade, I had learned to love the bomb, and I wanted to know what made it tick; so I stole the book from the library, and returned it after I was done(surreptitiously). It was just a basic book on nuclear energy. (edited) I have no particular love for public education, that is for sure.

caverdog
caverdog

Weird, we agree... :-) I'm pretty sure that's the first sign of the Apocolypse.

apotheon
apotheon

Judging by my own public schooling experience, the way schools are run produces a stultifying, oppressive environment that sucks all the fun out of learning. I love to learn, but for many years I spent a lot of energy avoiding having to deal with the "learning" environment that is the public school system. In my opinion, nothing has done more in my life to retard my enthusiasm for learning -- and, thus, to discourage the learning process itself -- than the public school system. There are other problems as well, such as the fact that now that I'm an adult I look back and see that a lot of what is taught as fact in public schools is, in reality, nothing but opinion and propaganda. Public schools are actually "teaching" kids things that are demonstrably incorrect, and failing utterly to teach the single most important thing a school can teach: critical thinking skills.

Dumphrey
Dumphrey

is that is basically a non-linear thought process that occurs after or during the absorption of existing knowledge. So researcherA spends 5 years learning about SubjectA. In their sleep/bath/shower/coffee, their brain makes non-linear connections and we have an Eureka! moment. To over simplify the process. But, this plays into the education system. American public education has taken budget cut after budget cut. Teachers are payed insultingly low wages, and kids are bored, uninterested, and unmotivated. With fewer high school graduates, you have fewer college grads. Fewer educated populous means fewer opportunities for development. The more you play to the lowest common denominator, and the lower the value of that denomiator, the farther behind the country gets in terms of technology.