[Dailydave] China's security problem with pirated software

Darkpassenger darkpassenger at unseen.is
Tue Sep 22 15:38:21 EDT 2015 

yo dave ,
i would like to through a bunch of dexter quotes at you before i make my 
speech though not sure you finally watched it or not . not cool to spoil 
, they say :P

what you refered to is also a classic Iranian case . the vast software 
theft and organized piracy is hard to describe to outsiders who lived 
under senses of copyright . suffice to say , despite the internet piracy 
, Iran has HUGE pirate market on CD/DVD . it would be Iranian to buy a 
laptop and a "king" at the same time . king is a term , relative to many 
brand of CD collections sold in market filled with categorized stolen or 
cracked software range from yahoo messenger to autocad . what you just 
described as a Chinese issues , is the normal life here . it is funny 
when i see elders of family complain they cannot install some keygen 
because kaspersky detects it as a dropper ( and "what is dropper ? i 
agree to have it , who is kaspersky ? i just dont want virus..i paid 40K 
for this crap" ) and even the KAV is pirated when i take a look , while 
this company actually sells product here legally and got local update 
servers :>

so why dexter quote ? what is almost unique here is the sanctions . so 
many of the typical software or updates cannot be installed because the 
vendor doesnt allow iranian IPs to browse their page . this makes the 
Security of the average computer users much worse than its anywhere else 
. 1-piracy 2-the #filternet 3-sanctions .

but there is a more serious issue . culture . the general mindset is 
this : software is what you obtain freely yourself . so even if a decent 
company has paid for subscription or a service and suppose to receive 
updates and shit , the IT guys -- the "Engineers" go the Iranian way and 
engineer the system themselves with weird methods you might not 
understand . well , you dont have a partner or legal official reseller 
here ( satanic laugh ) .

Stuxnet is the suitable for dd readers as an example of our 
"engineering" process . while Iran was in contract with Siemens and a 
couple of other contractors to provide full services in the Natanz 
enrichment facility , they preferred to install outdated and pirated 
copies of SCADA . there is a Farsi paper that analysis the root and 
origins of Stuxnet here http://www.0days.ir/news/Stux-Author.pdf , not 
going to get into the actual analysis here and now , but at page 9 you 
see a public picture of the pirated and outdated SCADA with a clean 
license error messagebox , that nobody cared about it , apparently . so 
i read here the attack is done by people with detailed knowledge of this 
"situation" 
http://webcache.googleusercontent.com/search?q=cache:haPPpuCAKvMJ:cryptome.org/lic/2012/09/corrupt-ir-us-12-1001.htm

-dp


On 2015-09-22 06:42, Dave Aitel wrote:
> So we have a lot of customers in China and we've gone to visit them in
> Beijing and Shanghai and I will say that one of the issues with Chinese
> security is the Great Firewall. I think if you have not tried to do
> business inside China it is rather a hard thing to believe, because
> words don't do the experience inside China justice.
> 
> While on the face of it, a giant filtering engine can be quite useful
> for security (especially if you define it, as most Governments do, in
> "securing" the delicate minds of your populace from horrendous thoughts
> from the wider world) a speedbump of extraordinary size has security
> downsides.
> 
> To wit, when sitting in the office of our main CANVAS reseller, we 
> could
> not download CANVAS sales videos faster than 1KB/sec. Our policy when
> visiting China is to bring with us all sales videos and materials that
> we could possibly need on a thumb drive because even getting access to
> our website for a PDF may be impossibly slow.
> 
> SILICA requires VMWare to run, and when we asked one of our partners (a
> major Chinese company you would have heard of even here) to download
> VMWare Player (which is free) he immediately reached out to one of the
> Chinese pirate sites to grab an old copy of cracked VMWare Workstation.
> He was not wrong: Actually browsing to VMWare.com itself would have
> taken literally forever, even though he is connected at his desk to one
> of the fastest networks on Earth.
> 
> I understand that from the Chinese Govt's perspective it would be 
> better
> if the entire Internet was duplicated within mainland China where they
> could manage it. But this is unrealistic, even for China. What it's 
> done
> instead is force a universal culture of pirated software EVEN FOR FREE
> DOWNLOADS. Basically nothing software related is up to date. You know
> how in the US we lament when a company is a couple months out of date 
> on
> patches and your Vulnerability Management report is full of horrible
> Orange and Red marks to enforce updates? That's not even an option in
> Chinese terms.
> 
> In summary: Not only is the recent XCode hack going to happen again and
> again, it is in some ways a uniquely Chinese problem and allows them to
> pressure Apple and similar companies to put infrastructure inside China
> to solve, which is Interesting.
> 
> -dave
> 
> 
> 
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave

More information about the Dailydave mailing list