The Chinese government has announced plans to track the real-time location of all cell phones in the city of Beijing, purportedly to ease traffic problems that have plagued the city. Human rights activists have expressed concerns that this plan may well be the newest attempt by the Chinese government to surveil its citizenry against any attempted uprising. As Wang Songlian of the Chinese Human Rights Defenders network told the Guardian:
For ordinary people, the government is worried about social unrest. Often there’s a spark somewhere and everyone gathers and puts out information. By registering people and tracking them, it enables them to find out about particular protests and punish individuals.
Location privacy is an endangered concept. As technology evolves, many networked devices are becoming increasingly more portable and affordable — and increasingly sharing one’s real-time location data without a users’ explicit knowledge or consent. The threats to location privacy in the era of the smart phone are multifarious, including applications that leak private data and obsolete laws that fail to protect civil liberties. As the situation in China demonstrates, modern smart phones may also act as a mechanism for governments to vacuum up data on citizens who might protest authoritarian regimes. While EFF continues to champion cell phone location privacy inU.S. courts and on the Hill, the fundamental privacy conundrum posed by modern cell phones is that they cannot function properly without simultaneously exposing locational information.
This means that Beijing citizens have few choices when it comes to protecting their location privacy from the government, an especially problematic scenario considering China passed a lawlast year mandating that people register their cell phones in their real names. Currently, the only solution for true location privacy, whether in China or anywhere else, is turning off the mobile phone and removing the battery. Unfortunately, there’s no feasible and easily achievable consumer-facing software or hardware anywhere that can effectively circumvent location tracking while leaving modern smart phones functional.
There are, however, some hacktivists and academics beginning to explore creative solutions to this problem. Among the ideas being circulated is the possibility of a “mobile mesh network” connectivity – having cell phones connect directly to one another, rather than routing signals through cell phone towers. While there may be other security concerns around mesh networking, such communication methods hold promise for maintaining communications in “Internet blackout” scenarios such as those seen recently in Egypt and Libya. We look forward to future developments in this arena.
Cui Jie, 62, has been fishing for drowned bodies in Beijing’s waters for 10 years. But he feels his profession has been brought into disrepute by profiteers.
“Unlike them, I do it mostly for the public good,” said Cui, criticizing the fishermen in Jingzhou, Hubei Province who charged 12,000 yuan (US$2,000) for each body they found after three college students drowned while trying to rescue kids on October 24, 2009.
“The case was very bad publicity as they made profits from martyrs,” Cui told the Global Times.
In a famous photo taken in connection with the case, Wang Shouhai, 72, looked like he was negotiating over prices while hauling a half-sunk body from the Yangtze River. Wang insists the award-winning photo misrepresents him.
Recently, the validity of this photo was questioned, throwing light on the hidden yet burgeoning business in China’s dangerous waters.
Chen Bo, Wang’s boss and head of a “gangster-backed” salvaging company, got a 15-day detention and was fined 1,000 yuan for blackmailing teachers and students who begged him for help. After realizing the students had sacrificed themselves to save others, he returned 36,300 yuan. But he still does business in the Baotahe area, where rapids and currents continue taking people’s lives.
Everybody involved has his own version of the story, according to a thorough inves-tigation by the Golden Lens Award organizing committee, which awarded top prize for the photo in August. But what’s the truth?
Public service?
Cui started doing the job after he opened a diving club in 1994. He also collaborated with well-known film directors on underwater construction and rescue.
As a medical graduate, he is not afraid of touching water-logged corpses. “It’s just like handling a chair and at night I can hardly see it anyway,” he said.
Earning about 5,000 yuan for each body, he said the body-hunt is more of a public welfare undertaking than profit-driven business.
The price can be discussed by both sides, and it depends on how much the family can afford, he said. “We will definitely get the body out once we arrive at the site,” Cui said, after handling 17 corpses in the last two months in Beijing’s waters.
Compared with greedy fellow workers, he said he was self-disciplined. “I know how far to go and when to stop,” he said, mentioning that he hasn’t been paid for lugging a female suicide jumper’s body on August 20, as the police had promised him.
“I didn’t care that much because I had to help them out to keep things under control when a big crowd gathered there,” Cui said. It was also not a good time to ask the girl’s relatives because they were grieving in shock.
Extorting families
Though Cui’s been fishing out bodies for years, he disapproves of the job. After running short of professional divers, the Beijing Municipal Public Security Bureau has farmed out the hunt to diving clubs since 2004.
“It’s like a pile of garbage they throw on the street for us to take care of. Although we were hired to clean it up, new garbage coming from the sewers continues to pollute the environment,” he told the Global Times, blaming the authorities for neglecting their duties.
He recalled one summer day in 2006, when the body of 26-year-old Chen Mansheng was left missing in the moat for 24 hours near south Beijing’s Longtan Lake after he drowned, because his brother couldn’t pay the 20,000 yuan asked by divers from a notorious club.
Police said the price has been decided by the club and it was a very difficult job to search under flowing water within a large area. The diving equipment used was expensive.
But according to Cui, “The diving club was shamelessly extorting money, because they thought they were doing business. They even believed charities should pay for it if the family couldn’t.”
He said that the government should take back the business, since the black market was getting messier.
Corpses for cash
Zhang Feng, a deputy of the Beijing Municipal People’s Congress, proposed the salvage business return to the public sector this July, and called for market regulation.
“Driven by huge profits, some unqualified companies or individuals have gone too far. They have no professional ethics, take advantage of helpless families and drive up prices,” Zhang said.
But there is still social stigma and discrimination against the divers, as they are often stigmatized by the general public for not rescuing those in mortal danger and making money from the dead.
Cui said they shouldn’t be blamed. In fact, drowning is very quick, occurring in only 2 or 3 minutes in freshwater and 6-8 minutes in saltwater.
“Their job is to find the ‘objects’ that could disrupt social order, cause public panic and pollute natural waters. Saving life is not their concern,” Zhang said.
Ma, who refused to give his full name, is a 33-year-old diving coach from Kunming, in Southwest China’s Yunnan Province. He said he had participated in hunting for bodies for several times, as part of professional underwater assistance requested by the local government. “I didn’t charge a penny, it was totally voluntarily,” he said. They also helped with rescue operations in reservoirs and rivers.
Ma said most victims were swimmers who drowned in reservoirs, rivers and lakes. Some died in sinking cars after accidents.
Commenting on the profiteers, he said. “Those people have no ethics.” They have no valid business license, international diving certification and authentication, he added.
Hunting for an important corpse, such as a head of a company, could cost up to 250,000 yuan. The number of equipment used in the hunt also added to the price tag.
“Normally firemen are sent to join in the rescue work but they are not capable of doing the job underwater,” he said.
“If these convicted criminals continue doing business, it only shows the local government is corrupt,” Ma commented on the Jingzhou case.
Trapped students?
Meanwhile, some suspected the Jingzhou case was even dirtier. An unnamed Jingzou resident claimed in a post on tianya.cn that the fishermen colluded with the drowned kids, trapped the college students and made money from their bodies.
Zhang Yi, who took the photos, said the speculation was “completely nonsense” and he refused to give more comments.
He said the public attention has seriously affected his life. As the fishermen threatened to kill him, he left his hometown and found a job in nearby Hunan Province.
“The situation hasn’t changed,” Zhang told Guangzhou Daily, “Just days ago parents waited for their children’s body to surface in the same river stretch for three days because they couldn’t pay 12,000 yuan.”
He questioned the problem resulted from ill-functioned governmental departments. “I think every life is equal, why are heroes free of charge but ordinary kids should pay?”
He called for rules to be established on body salvaging to put an end to the huge profits and subsequent chain of interests.
Incorporating body-hunters
Zhou Yu, director of The Other Shore, a documentary on corpse-fishers in the Yellow River, who captured fishermen for body-hunt for a month, told the Global Times the government should take charge of this industry and make regulations.
“This is a gray zone that lacks supervision from any related departments,” Zhou said, “The best way is for the government to take charge and establish a special department to deal with corpse-fishing.”
Actually, some local governments have considered establishing a regulatory department, but most of them dropped the idea after looking at the potential difficulties with personnel and financing.
“This problem involves many departments and is also difficult to deal with, so, it is impossible for us to launch an organization to regulate it,” Guan Haobo, the director of Fishing Department of Zhengzhou Bureau of Aquatic Products, told the Beijing News.
Guang suggested the fishermen establish a non-government organization (NGO) to regu-late themselves .
“It’s a good idea to establish such a NGO, as it can encourage fishermen to take part in the hunt, and also set standard prices for the hunt,” Guan said.
Meanwhile, some corpse-fishers expressed their willingness to become public servants.
“I wish the government could hire and pay us a suitable monthly salary,” a fisherman in Hubei Province, told the Global Times.
Besides, the government can help shoulder the equipment for hunt, such as hooks, ropes and travel expenses.
If this happens, he swore, “We won’t charge a penny from the relatives of the dead.”
Chen Tao, a lawyer in Beijing, told the Global Times that it’s time for the government to regulate the market and fix a price for the body-hunt industry.
“After all, there is a demand from the public,” he said.
Yet officials from police stations and the bureau of aquatic products admitted that local fishermen are skillful at corpse-fishing, and they always turned to them for help when the water situation is complicated, according to the Nanjing-based newspaper Modern Express.
“The fishermen are more familiar with the waters and skillful at swimming, so we are relieved to let them hunt bodies,” an anonymous official told the newspaper.
Canadian researchers have uncovered a vast “Shadow Network” of online espionage based in China that used seemingly harmless means such as e-mail and Twitter to extract highly sensitive data from computers around the world.
Stolen documents recovered in a year-long investigation show the hackers have breached the servers of dozens of countries and organizations, taking everything from top-secret files on missile systems in India to confidential visa applications, including those of Canadians travelling abroad.
The findings, which are part of a report that will be made public today in Toronto, will expose one of the biggest online spy rings ever cracked. Written by researchers at the University of Toronto’s Munk Centre for International Studies, the Ottawa-based security firm SecDev Group and a U.S. cyber sleuthing organization known as the Shadowserver Foundation, the report is expected to be controversial.
The researchers have found a global network of “botnets,” computers controlled remotely and made to report to servers in China. Along with those servers, the investigators located where the hackers stashed their stolen files, allowing a glimpse into what the spy ring is looking for.
“Essentially we went behind the backs of the attackers and picked their pockets,” said Ron Deibert, director of the Citizen Lab at the Munk School of Global Affairs, which investigated the spy ring.
The report, titled Shadows in the Cloud, comes one year after the same team discovered a spy ring with links to China that it dubbed GhostNet. Using information gleaned from that investigation, investigators followed a trail of websites that led to a much larger operation, also with links to China.
“Is the buyer paying the thief to go after this stuff, or is the thief doing it themselves because they know they can find a buyer? ”— Rafal Rohozinski, co-author of the report
The report is careful not to conclude the Chinese government is behind the operation, since it is difficult to tell who is orchestrating the attacks. Last year, the Chinese government denied any involvement in GhostNet after the researchers uncovered nearly 1,300 infected computers in 103 countries linked to servers in China.
But computers belonging to exiled Tibetan leader, the Dalai Lama, who is denounced by China, have been the most compromised.
Almost every e-mail sent to or from the Dalai Lama’s offices in 2009 has shown up in the files, the report says. Nearby India has also taken the brunt of the cyber attacks, with numerous secret government documents recovered by the Canadian researchers. They include 78 documents related to the financing of military projects in India, details of live fire exercises and missile projects, and two documents marked “secret” belonging to the national security council.
Sensitive data from 16 countries, such as visa applications by Canadian citizens, were also recovered. It is believed the hackers accessed those files through computers at India’s embassies in Kabul, Dubai, Nigeria and Moscow, which were corrupted.
Rafal Rohozinski, a principal of the SecDev Group and a principal investigator and co-author of the report, said such a collection of sensitive information represents a new era in online spying. A decade ago, hackers generally looked for quick paydays – for example, by blocking access to a gambling site and demanding a ransom. But the Shadow Network operation exposes much bigger game: information that, if it isn’t being collected by governments, could be sold to the state.
“It’s like the world of art theft, where you steal things that have a very high value, so long as you can find a buyer,” Mr. Rohozinski said.
“So the question of course is, who’s the buyer? Is the buyer paying the thief to go after this stuff, or is the thief doing it themselves because they know they can find a buyer? That’s one of those things that we don’t really have a good answer for.”
A small number of computers at the University of Western Ontario were also found to be connected to the network, and potentially used to surrender files, although it is not clear how they were affected. Similarly, computers at New York University and Kaunas University of Technology in Lithuania were also linked to the infected network.
The Shadow Network structure was ingenious for its simplicity. Command servers, which are used to issue instructions to computers – such as “send me all of your documents” – connected to victims through a variety of seemingly innocent networks such as Google groups, Yahoo e-mail and Twitter accounts. Those intermediaries were used to relay links or files to a recipient in a target organization. Once the user clicks on the link or opens an attachment in an infected e-mail, the computer relays a beacon to the command server, which instructs it to start sending files to a dump zone.
The revelations are a warning to governments, Mr. Deibert said, since countries are only as strong as their weakest link in a global data network. So while files may be safe in paper form in a locked cabinet, as soon as nations begin exchanging data electronically, cracks can be exploited, as they appear to have been with India.
“Unfortunately, Canada has no cyber security strategy, although one’s been promised for many years,” Mr. Deibert said. “We have no foreign policy for cyberspace either, which is mind boggling, considering how important this domain is for us.”
It came as a surprise this month to Wang Jianwei, a graduate engineering student in Liaoning, China, that he had been described as a potential cyberwarrior before the United States Congress.
Larry M. Wortzel, a military strategist and China specialist, told the House Foreign Affairs Committee on March 10 that it should be concerned because “Chinese researchers at the Institute of Systems Engineering of Dalian University of Technology published a paper on how to attack a small U.S. power grid sub-network in a way that would cause a cascading failure of the entire U.S.”
When reached by telephone, Mr. Wang said he and his professor had indeed published “Cascade-Based Attack Vulnerability on the U.S. Power Grid” in an international journal called Safety Science last spring. But Mr. Wang said he had simply been trying to find ways to enhance the stability of power grids by exploring potential vulnerabilities.
“We usually say ‘attack’ so you can see what would happen,” he said. “My emphasis is on how you can protect this. My goal is to find a solution to make the network safer and better protected.” And independent American scientists who read his paper said it was true: Mr. Wang’s work was a conventional technical exercise that in no way could be used to take down a power grid.
The difference between Mr. Wang’s explanation and Mr. Wortzel’s conclusion is of more than academic interest. It shows that in an atmosphere already charged with hostility between the United States and China over cybersecurity issues, including large-scale attacks on computer networks, even a misunderstanding has the potential to escalate tension and set off an overreaction.
“Already people are interpreting this as demonstrating some kind of interest that China would have in disrupting the U.S. power grid,” said Nart Villeneuve, a researcher with the SecDev Group, an Ottawa-based cybersecurity research and consulting group. “Once you start interpreting every move that a country makes as hostile, it builds paranoia into the system.”
Mr. Wortzel’s presentation at the House hearing got a particularly strong reaction from Representative Ed Royce, Republican of California, who called the flagging of the Wang paper “one thing I think jumps out to all of these Californians here today, or should.”
He was alluding to concerns that arose in 2001 when The Los Angeles Times reported that intrusions into the network that controlled the electrical grid were traced to someone in Guangdong Province, China. Later reports of other attacks often included allegations that the break-ins were orchestrated by the Chinese, although no proof has been produced.
In an interview last week about the Wang paper and his testimony, Mr. Wortzel said that the intention of these particular researchers almost did not matter.
“My point is that now that vulnerability is out there all over China for anybody to take advantage of,” he said.
But specialists in the field of network science, which explores the stability of networks like power grids and the Internet, said that was not the case.
“Neither the authors of this article, nor any other prior article, has had information on the identity of the power grid components represented as nodes of the network,” Reka Albert, a University of Pennsylvania physicist who has conducted similar studies, said in an e-mail interview. “Thus no practical scenarios of an attack on the real power grid can be derived from such work.”
The Chinese Ministry of State Security (MSS) is the intelligence agency of the People’s Republic of China. China’s MSS (like the CIA in the US or MI6 in the UK), is probably the country’s largest and most active foreign intelligence agency.
Former MSS agents say that the agency is engaged in counterintelligence and repressing internal dissent within China. The internal repression includes efforts against religious groups and Tibetan and Taiwanese independence movements as well as censoring the Internet to prevent China’s population from knowing what is going on outside the country.
The actual mission of the MSS is to ensure “the security of the state through effective measures against enemy agents, spies, and counter-revolutionary activities designed to sabotage or overthrow China’s socialist system.” One of the primary missions of the MSS is undoubtedly to gather foreign intelligence from targets in various countries overseas. Many MSS agents are said to have operated in the Greater China region (Hong Kong, Macau, and Taiwan) and to have integrated themselves into the world’s numerous overseas Chinese communities. At one point, nearly 120 agents who had been operating under non-official cover in the U.S., Canada, Western and Northern Europe, and Japan as businessmen, bankers, scholars, and journalists were recalled to China, a fact that demonstrates the broad geographical scope of MSS agent coverage.
60 Minutes has obtained an FBI videotape showing a Defense Department employee selling secrets to a Chinese spy that offers a rare glimpse into the secretive world of espionage.
