[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FYI] (Fwd) FC: China wants virus samples from software firms, by Te
- To: <firstname.lastname@example.org>
- Subject: Re: [FYI] (Fwd) FC: China wants virus samples from software firms, by Te
- From: "Moritz Molle" <email@example.com>
- Date: Tue, 3 Apr 2001 19:09:45 +0200
- Comment: This message comes from the debate mailing list.
- References: <3AC99AAD.15902.9EF7F@localhost>
- Reply-To: "Moritz Molle" <firstname.lastname@example.org>
- Sender: email@example.com
Ich glaube nicht, dass es wirklich sehr gefaehrlich ist, China diese
Software-Beispiele zu ueberlassen.
Wahrscheinlich haben sie damit etwas nicht ganz korrektes vor, allerdings
gibt es auch so jeden Tag so viele neue Viren, da machen die paar
chinesischen wahrscheinlich nicht viel aus.
Nebenbei habe ich selbst (vielleicht hatte ich sie auch nur, falls ich sie
nicht wiederfinden sollte) eine Datei mit ca 100 Assemblercodes von Viren.
Jemand hat sie mir mal gegeben, aus Jux.
Also, wenn solche Daten so leicht zu haben sind, dann sollte man sich, denke
ich, wirklich keine Sorgen machen.
----- Original Message -----
From: "Axel H Horns" <firstname.lastname@example.org>
Sent: Tuesday, April 03, 2001 9:41 AM
Subject: [FYI] (Fwd) FC: China wants virus samples from software firms, by
> ------- Forwarded message follows -------
> Date sent: Mon, 02 Apr 2001 19:24:29 -0400
> To: email@example.com
> From: Declan McCullagh <firstname.lastname@example.org>
> Subject: FC: China wants virus samples from software firms, by Ted
> Send reply to: email@example.com
> From: "Bridis, Ted" <Ted.Bridis@dowjones.com>
> To: "'firstname.lastname@example.org'" <email@example.com>
> Subject: WSJ
> Date: Fri, 30 Mar 2001 08:36:32 -0500
> China Is Asking Software Firms
> To Provide Samples of Viruses
> By TED BRIDIS
> Staff Reporter of THE WALL STREET JOURNAL
> WASHINGTON -- Security officials in Beijing have been requiring that
> in order to sell their products in China, leading antivirus-software
> companies must provide samples of destructive computer programs and
> rogue wiretap software from their research labs.
> Between 1999 and the end of last year, three of the industry's largest
> vendors -- Network Associates Inc. and Symantec Corp., both based in
> the U.S., and Trend Micro Inc. of Tokyo -- gave the Chinese security
> ministry roughly 300 different samples of the most common, malicious
> software found on the Internet, in exchange for permission to market
> their products in China. The three companies collectively represent
> nearly 75% of the $1.2 billion world-wide antivirus-software market.
> Executives at the three companies said China's Ministry of Public
> Security, the nation's principal police authority, told them that they
> needed virus samples to independently test the effectiveness of their
> software products before they could be sold to consumers.
> "We've met with this organization, developed a certain level of trust
> and believe they're doing what they're talking to us about," said
> Vincent Gullotto, senior director of the research labs at Network
> Associate's McAfee Corp. unit in Beaverton, Ore.
> Still, the move has raised concerns among some international-trade and
> national-security officials here who worry about China developing
> information-warfare tools.
> Others characterized the request as a potential time-saver for China
> that could provide researchers there with insights into developing not
> just future viruses but also an increasingly popular class of
> surreptitious monitoring software known as "back doors."
> It is also possible that the Chinese ministry could be looking to use
> the viruses to develop their own antivirus products at the expense of
> research done by foreign companies, although the authorities didn't
> seek access to the more useful source code that the software companies
> use to write antivirus products.
> An official at the press office of the Chinese embassy directed calls
> to its Commercial Office here. Repeated phone calls to that office
> weren't returned. Executives at the three companies said they rejected
> persistent Chinese demands for their broader research collections of
> viruses and other malicious software.
> A fourth company, F-Secure Inc. of Finland, said it negotiated last
> summer to let Chinese researchers conduct virus studies at its new
> laboratory in Beijing, but declined to surrender the samples directly.
> "This is very unusual," said Mikko Hypponen, virus-research manager at
> F-Secure. "No other country has anything similar to this."
> McAfee President Gene Hodges said that within 90 days of complying
> with the Chinese request, his company notified the U.S. government
> that it had provided the samples. "No specific concern was expressed"
> by the government officials that the company spoke with, Mr. Hodges
> said. He declined to say who or which U.S. government department his
> company contacted.
> Meanwhile, experts also were divided about the potential military
> usefulness of the common viruses turned over to China. Many of those
> samples can be found within rogue virus collections already on the
> Internet, though others are more rare. Mr. Gullotto of McAfee
> estimated that determined Chinese researchers "might be able to find
> 80% to 90%" of what the companies provided, and noted that antivirus
> software currently protects against those samples.
> Still, the unprecedented request to trade virus samples and other
> software programs for market access surprised some researchers at the
> companies. Sharing of viruses for research purposes is usually
> restricted to fewer than three dozen members world-wide of the loosely
> organized Computer Antivirus Researchers Organization. Software firms
> keep their sample virus collections -- code zoos -- in secure rooms
> and on separate computer networks that are off-limits to all but a
> handful of experienced employees.
> U.S. international-trade and national-security officials expressed
> disappointment with the companies' decisions to share any malicious
> software with China's government. They noted that the ministry has an
> intelligence division, and that China's military is developing a "Net
> Force" of young computer experts trained in information warfare. In
> late 1999, the Chinese army's official newspaper discussed the need
> for "software and technology for Net offensives so as to be able to
> launch attacks and countermeasures on the Net."
> These same officials said they were somewhat mollified that the
> software companies had negotiated to hand over to China only samples
> of relatively common viruses, not their more substantial collections
> of tens of thousands of dangerous programs. The shared collection was
> described as easily stored on a single CD-ROM disk.
> "The concept is troubling," said Commerce Undersecretary William
> Reinsch, the outgoing head of the U.S. Bureau of Export
> Administration. "We don't want to promote or encourage information
> warfare or the further dissemination of viruses that even
> unintentionally could bring down our systems." He added that the Bush
> administration may need to consider restricting in some ways the
> intentional export of malicious software to some countries.
> --- POLITECH -- Declan McCullagh's politics and technology mailing
> list You may redistribute this message freely if it remains intact. To
> subscribe, visit http://www.politechbot.com/info/subscribe.html This
> message is archived at http://www.politechbot.com/
> ------- End of forwarded message -------