Still, “it’s perfectly appropriate for us to do everything we can to embarrass and punish the Chinese if they’re in our systems, whether or not we’re in theirs,” said former National Security Agency general counsel Stewart A. Baker. “It’s the case that the U.S. and Russia and other countries are much more cautious about getting caught because they think there are going to be consequences. It’s only the Chinese that think there are no consequences to getting caught.”
Stewart Baker making himself look foolish again! Last time he popped up on HN:
I really wonder how someone can come out with stuff like this. I doubt the PRC feels one iota of embarrassment for even one split second, and if senior US officials really bring up Chinese state sponsored hacking "every time they meet with their counterparts in Beijing" then the US Government is living up to its reputation as plumbing the depths of hypocrisy. They embarrass only themselves.
Obama is heading to China again, time to publish a story about them hacking again? This quote was interesting because it seems to confirm that the whole story is smoke and mirrors for some political agenda.
Before Snowden I actually bought into this whole 'the Chinese are hacking us' refrain. I don't see how they can keep up with it with a straight face anymore.
I think the US has zero credibility pointing the finger here. Spend 1/10th as much on defense as offense and then maybe complain your system protected by default passwords and zero encryption got "hacked".
The PRC doesn't feel embarrassment about this, but not because of anything the US is or isn't doing. The way they see it, espionage is a fair method of catching up to (and then exceeding) the US, and if it keeps working then maybe the US should actually do something about it. After all, it's not like the Chinese ever voted for strong "intellectual property" protection, they see it as a rule imposed on them by the rest of the world instead of some universal behavioral norm.
The US complaining about their hacking just proves to them how effective it is.
Now, the US engages in strategic espionage for different reasons (just as China actually engages in strategic espionage, which the US doesn't complain about in public). But US representatives should be embarrassed here just because their whining proves the point to the PRC.
Cause at this point everyone knows the US is trying to get into _everyone's_ systems, so it probably sounded hypocritical to himself for him to say it's a big deal when China does it. He's got to come up with something.
It's too late for "gentlemen do not read each other's mail".
They buried the lede a bit -- since I doubt organized attackers are after the personal information of postal service employees:
"It is also possible that the Chinese were after other types of data, analysts said. For instance, the U.S. Postal Service, at the request of law enforcement officials, takes pictures of all addressing information from envelopes and parcels."
IMO the real goal is HUMINT, getting access to a list of people with security clearance (including all of their personal information) meaning China can now easily target them individually. Blackmail or pay them off, convert them to informants/spies within the postal system. A postal system now flush with tons of data about every American citizen.
It's much easier to have people embedded in the system, long term, extracting data... than it is to exfiltrate data remotely from China via hacking.
The data these people have access to is quite an important intelligence asset:
> the Chinese may be assuming that the U.S. Postal Service is more like theirs — a state-owned entity that has vast amounts of data on its citizens, said James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies. Second, he said, the trend in intelligence is the same as in the commercial sector: amass big sets of data that can be analyzed for previously unknown links or insights.
I worked for USPS. When I saw this title I immediately assumed that China was after the main database which contains information on basically every US citizen. As a developer I had access to some databases and was told that USPS had the third largest database in the world. This was before Facebook, but still, there is a lot to be had other than employee information.
Not really- while the USPS does take pictures of all mail, there is no specific evidence that the hackers were after or accessed that data- making it speculation and not news.
It was USSR before. It has been China since 1990's. An imaginary and powerful enemy has to be created. Iraq, Iran, Afganistan are too small for the title.
> It was USSR before. It has been China since 1990's. An imaginary and powerful enemy has to be created.
I agree that espionage is over-emphasized -- everyone does it. Also I agree that some like to imagine enemies; it fits their narratives. That doesn't make every enemy imaginary.
The USSR was a real enemy. Many Chinese leaders openly proclaim themselves our enemy and they take aggressive actions against us; among the public, aggressive nationalism is at least somewhat popular. Hopefully the relationship doesn't turn out that way, but it's a real risk that I don't think we should ignore.
Sadly, in the "right" hands (or after the "right" catastrophy), nothing is too small for the title. Or it can be just made up, like "they're throwing babies out of incubators". And just as sadly, this goes both ways, "the west" also served as an excuse for decades of atrocities in China and Russia.
"For one thing, the Chinese may be assuming that the postal service is more like theirs — a state-owned entity that has vast amounts of data on its citizens, said James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies."
State-owned? That is true. "has vast amount of data on its citizens"? Please do some homework before speaking.
As a side note, I really hate article titles that use this kind of wildly inaccurate accusation. The nation of China did not breach the U.S. Postal Service, a Chinese government team did. Still inaccurate and vague, but there's a world of difference between the United States launching a drone strike and the CIA, an agent of the US, launching a drone strike.
Edit: I've read more than enough articles where the agent or actor is NOT a member of the government, yet still referred to as "China" or "America". However, even in situations where it is a member of the government or of a company, I still think the connotations conveyed by imprecisely labeling the actors totally throw off expectations and perceptions.
I am not sure if I agree with your rationale. An agent of a government acts on behalf of his or her government. According to your reasoning, a nation cannot breach a system or wage war because it is an agent that does the hacking or a soldier that does the firing.
Nevertheless, I liked this excerpt by the NSA's general counsel:
> Still, “it’s perfectly appropriate for us to do everything we can to embarrass and punish the Chinese if they’re in our systems, whether or not we’re in theirs,” said former National Security Agency general counsel Stewart A. Baker. “It’s the case that the U.S. and Russia and other countries are much more cautious about getting caught because they think there are going to be consequences. It’s only the Chinese that think there are no consequences to getting caught.”
The actors are members of a larger system, the government, and act on its behalf and in most cases with its explicit approval and support. They're all parts of the same entity and by trying to distance the actor from the system would be to remove some level of responsibility that all parties share in.
Also, I don't think there's a world of difference between saying the CIA launched a drone strike and America launching a drone strike. I know the general public would like to believe they are not personally responsible for what our country does but as citizens, we collectively share in what we as a whole have decided to do or what those we've put in charge have decided to do.
Functionally, what's the difference? Supposedly a Chinese government team would be acting on behalf of the nation of China and at their orders. I don't think anyone would interpret that as saying that every single Chinese citizen was involved.
[+] [-] mike_hearn|11 years ago|reply
Stewart Baker making himself look foolish again! Last time he popped up on HN:
https://news.ycombinator.com/item?id=8559454
I really wonder how someone can come out with stuff like this. I doubt the PRC feels one iota of embarrassment for even one split second, and if senior US officials really bring up Chinese state sponsored hacking "every time they meet with their counterparts in Beijing" then the US Government is living up to its reputation as plumbing the depths of hypocrisy. They embarrass only themselves.
[+] [-] zaroth|11 years ago|reply
Before Snowden I actually bought into this whole 'the Chinese are hacking us' refrain. I don't see how they can keep up with it with a straight face anymore.
I think the US has zero credibility pointing the finger here. Spend 1/10th as much on defense as offense and then maybe complain your system protected by default passwords and zero encryption got "hacked".
[+] [-] mpyne|11 years ago|reply
The US complaining about their hacking just proves to them how effective it is.
Now, the US engages in strategic espionage for different reasons (just as China actually engages in strategic espionage, which the US doesn't complain about in public). But US representatives should be embarrassed here just because their whining proves the point to the PRC.
[+] [-] diminoten|11 years ago|reply
[+] [-] jrochkind1|11 years ago|reply
It's too late for "gentlemen do not read each other's mail".
[+] [-] semenko|11 years ago|reply
"It is also possible that the Chinese were after other types of data, analysts said. For instance, the U.S. Postal Service, at the request of law enforcement officials, takes pictures of all addressing information from envelopes and parcels."
http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-mai...
[+] [-] dmix|11 years ago|reply
It's much easier to have people embedded in the system, long term, extracting data... than it is to exfiltrate data remotely from China via hacking.
The data these people have access to is quite an important intelligence asset:
> the Chinese may be assuming that the U.S. Postal Service is more like theirs — a state-owned entity that has vast amounts of data on its citizens, said James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies. Second, he said, the trend in intelligence is the same as in the commercial sector: amass big sets of data that can be analyzed for previously unknown links or insights.
[+] [-] higherpurpose|11 years ago|reply
[+] [-] legohead|11 years ago|reply
[+] [-] hammock|11 years ago|reply
[+] [-] shitehawk|11 years ago|reply
[+] [-] jamesli|11 years ago|reply
[+] [-] hackuser|11 years ago|reply
I agree that espionage is over-emphasized -- everyone does it. Also I agree that some like to imagine enemies; it fits their narratives. That doesn't make every enemy imaginary.
The USSR was a real enemy. Many Chinese leaders openly proclaim themselves our enemy and they take aggressive actions against us; among the public, aggressive nationalism is at least somewhat popular. Hopefully the relationship doesn't turn out that way, but it's a real risk that I don't think we should ignore.
[+] [-] PavlovsCat|11 years ago|reply
[+] [-] sitkack|11 years ago|reply
[+] [-] bennyg|11 years ago|reply
[+] [-] omgitstom|11 years ago|reply
This statement really confuses me
[+] [-] jamesli|11 years ago|reply
State-owned? That is true. "has vast amount of data on its citizens"? Please do some homework before speaking.
[+] [-] evo_9|11 years ago|reply
[deleted]
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] bicknergseng|11 years ago|reply
Edit: I've read more than enough articles where the agent or actor is NOT a member of the government, yet still referred to as "China" or "America". However, even in situations where it is a member of the government or of a company, I still think the connotations conveyed by imprecisely labeling the actors totally throw off expectations and perceptions.
[+] [-] ppereira|11 years ago|reply
Nevertheless, I liked this excerpt by the NSA's general counsel:
> Still, “it’s perfectly appropriate for us to do everything we can to embarrass and punish the Chinese if they’re in our systems, whether or not we’re in theirs,” said former National Security Agency general counsel Stewart A. Baker. “It’s the case that the U.S. and Russia and other countries are much more cautious about getting caught because they think there are going to be consequences. It’s only the Chinese that think there are no consequences to getting caught.”
[+] [-] internet_arguer|11 years ago|reply
I think it's accurate to describe NSA instrusion sets as the work of agents of the United States.
Or does it change context when it's an organization you don't like (NSA) ?
[+] [-] calbear81|11 years ago|reply
Also, I don't think there's a world of difference between saying the CIA launched a drone strike and America launching a drone strike. I know the general public would like to believe they are not personally responsible for what our country does but as citizens, we collectively share in what we as a whole have decided to do or what those we've put in charge have decided to do.
[+] [-] imgabe|11 years ago|reply
[+] [-] tantalor|11 years ago|reply