摘要: 早上起来上网,Zwell发给我一篇文章,看地址是HP安全产品的博客,地址是: http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/01/15/china-googl...
早上起来上网,Zwell发给我一篇文章,看地址是HP安全产品的博客,地址是:
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2010/01/15/china-google-and-web-security.aspx
英文好的自己看,英文不好的听我说大意……嘿嘿
文中首先说Google、Yahoo、Symantec等公司遭受了来自中国黑客的攻击,并且获取了部分“人*权&人士”(就如达$赖、热!比^娅之流?)等的邮箱等信息,并且说中国长期赞助间谍活动……哪个国家不做信息收集?更何况是威胁国家安全的分子?我们知道当年美国和苏联间谍战才是发挥到了极致……
当然,里面有这样一段:
In a directly related point, consider the curious appearance of a new website called iiScan. This service (based in China) offers to scan your web application for vulnerabilities - for FREE. Just sign up and point their software to your website, and they will, ‘figure out’ how vulnerable to an attack you might be. After the scan is done, they will email you a PDF based report to your email account.
Wow. This service sounds like an overwhelmingly bad idea. It doesn’t take much to imagine all the things that could go wrong in this scenario, even if the Chinese government didn’t directly fund targeted attacks, IE didn’t have multiple zero-day exploits, and a proof of concept embedded malicious PDF exploit had not just been released. Can you say ‘Beijing Cocktail’?
It might very well turn out that NOSEC Technologies Co., Ltd. (the company behind iiScan) may be legitimate, or at least may have started out that way. Even if they are not actively attacking websites, it shouldn’t take long for them to become a high profile target for either private hackers, or for the Chinese government itself. What would be a better target than a database full of public websites and their known vulnerabilities? These sites, if not already compromised by iiScan, could be used as command and control drones, payload hosts, pieces of a distributed file-system, or merely SPAM relay channels.
iiScan和NoSec也扯了进来,并且牵扯到了中国政府,大家都知道Zwell在N年前就做网络安全,您可以在“中国顶尖黑客排行榜”查到这个名字,现在人家是自己公司……诺赛科技的产品是Jsky和Pangolin,主要应对WEB安全评估的,诺赛旗下的iiScan是可以直接在WEB进行安全评估的,当然国内的安恒也有这样的产品。HP说这样不好,因为会收集用户网站的敏感信息,造成信息泄露……云云,当然还是如SuperHei说的,这会严重影响HP旗下WebInspect安全评估软件的销量?毕竟两者是有竞争关系,并且貌似NoSec的产品价格比HP低好多?
文中提到了一个Internet Explorer的0-day,但是貌似和HP一点关系都没有。
虽然我希望我使用的Google是完整版的,但是我更支持政府打击威胁国家安全的人和事,并且是毫无条件的支持。
