I went back to look at what Symantec had published on code signing cert. A couple of things: (1) not many other security groups seem to be interested in how hacker groups and state actors use code signing as a way to mask the illegal use of their software and (2) the attack groups seem to use code signing to hide the introduction of legitimate code and their own malware. So, they steal code signing certs to verify that legitimate code is verifiable by the host. That makes sense, if you think about it. Since so many systems require signed software, they have to get a valid signature from somewhere.
But what China is doing is slightly different than that, at one level. The Chinese do not just hack and collect information. They are building their own domains with their own software (no doubt stolen in those "security reviews" they are doing) and inviting users in. Everything in a domain is not stolen, but some of it is. Some of it has been modified to do collection and penetration for intelligence purposes. Some of it is censored by the same software used in China on its own citizens. Once a user is inside one of those domains, they become infected with all kinds of tools that can trace what networks they use, where they go on them, and what they are reading or writing about. While they criticize the US for doing the same kinds of things, they quietly go about their business. There needs to be more reserach into how big some of these networks have become and how we recognize them for what they are. Toronto University has a good start on it by examining what Chinese browsers are collecting, but that doesn't go far enough to take in the whole of it.
China wants to control the Internet, from China out. In their minds, they are controlling what is good for Chinese citizens and they can justify anything that is done for that reason. If intelligence collection is done for the same reason, so be it. That will be good for them too. They can manage content of other people's networks by filtering the sources of data from the inside out. They can control what you see about China, and what China sees from you.
China doesn't claim to be a democracy. Its citizens have no privacy and have no free speech. That worked well enough that they think the rest of the world could benefit from their experience, and find the joy of a China-controlled Internet. That is arrogance of the highest order.
No comments:
Post a Comment