Its been several weeks since Google threatened to pull out of China, we have been subjected to a tremendous amount of "you show em Google!" breast beating, especially in the security blogosphere, even normally insightful people got suckered in. I expressed a double dose of cynicism at the time, and well looky here, google.cn still works, Google is still in China, and they have no intention of leaving:
Mr. Schmidt maintained Friday that Google wants to continue operating in China
"We debated this," said Schmidt, of Google's move into China. Of the letter, he said: "That does not then follow that we do not want to be in China."No way! They really do want to operate in what's soon to be the world's largest market? Should anyone be surprised by this? I wonder why this was announced by Google on Friday before Davos, when companies traditionally like bury bad earnings reports and such, could it be that this is about PR not security? Nah. Will we see the same breathless blogging that accompanied Google's supposed aversion to doing business in China the first time around? Remains to be seen, but I tend to doubt it.
If on the other hand PR posturing and cold war fantasies are not your idea of fun, you might be interested in what kind of huge changes the web is actually unleashing in China. Check out this Geeks Revolt in China post from Tim Hanson (one of the few who called shenanigans on the original Google-China story), turns out that the Web does unleash creativity and free speech after all.
And lastly, I gotta blog this. The Google stuff then dovetailed right into the current hysterics around APT as something new rather than business as usual. Check out this graphic from the APT report that everyone is citing, its demonstrates a...wait for it...real live attack - the way it really happens.
Its amazing to see the level of sophistication here, the Victim has tremendous resources and they have setup an Advanced security architecture to protect their enterprise, you can clearly see the Victim has actually set up a network address translationFIREWALL but then the Attacker simply goes right by it like its not even there!!! Check it out again, see right there at the top, the flaming brick wall? How do they get through that? But somehow they did and then, its almost like there is no other defense after network address translation THE FIREWALL
Geez, someone shoulda told these guys if you are serious about security you gotta use network address translationFirewall *AND* SSL, otherwise the attacks just keep coming!!!
(And yes as a friend pointed out to me the funny thing is that Google went running to SSL as soon as the problem broke is not lost on me)