Monday, November 17, 2014 at 12:02AM Edward Snowden's disclosures are about the abuse of power and the abuse of laws that put limits on power.
NSA, Snowden, cybersecurity in Hacking Friday, June 14, 2013 at 4:25PM 
Amid the blizzard of information in the Snowden affair, the factoid that caught this blog’s attention was the hacking into the Hong Kong Internet Exchange (HKIX).
According to Snowden, the NSA listened into the HKIX, the city’s prime internet exchange, through the internet backbone.
We hack network backbones – like huge internet routers, basically – that give us access to the communications of hundreds of thousands of computers without having to hack every single one," he said.
He named one target as the Chinese University of Hong Kong, home to a handful of advanced internet research facilities such as the Hong Kong Internet Exchange, which "essentially connects all of the city's internet access providers to a single infrastructure," the [SCMP] reported.
We don’t know if Snowden is telling the truth, or even if he knows what he is talking about. And while we should probably take most denials on this topic with a large grain of salt, let’s just note that the CUHK said it had not “detected any form of hacking to the network, which has been running normally.”
Maybe, just maybe, “running normally” actually means with a hidden security backdoor already built-in by its router vendor, Cisco. I stress this is pure speculation; there is no evidence Cisco or anyone else provided a key.
But it is striking that that is exactly the kind of behaviour that the US fears that the Chinese will execute on American networks through Huawei.
I can’t help but wonder: when the Pentagon, Congress and the CIA label Huawei a security threat, are we looking at the world’s biggest case of projection?
HKIX, Huawei, Snowden, cybersecurity in Hacking Friday, March 1, 2013 at 5:07PM This is no surprise: in the wake of damaging revelations about its online attacks on the west, China has disclosed attacks on its networks.
Not only was last week's Mandiant report a gamechanger, I’m predicting that within a year or two China will drop its large-scale corporate espionage programme.
In part, that's because China's disclosures in fact highlight the criminal nature of the PLA hacks. Whereas China has only suffered attacks on military sites, the real damage in the reports by Mandiant and Business Week were the details of China’s theft of business secrets.
Sooner rather than later China will come to see the corporate attacks as a low-percentage play.
The underlying narrative in western reporting has been of a clever China Inc. stealing into foreign networks, downloading terabytes of data and seamlessly transferring it to its own corporate sector for easy profit.
In truth, China’s giant, secretive bureaucracies don’t play well. They are severely constrained by their size, dysfunction, deep-rooted corruption and suspicion of each other (proof point: it took Beijing a typically tardy ten days to respond to Mandiant).
Mandiant estimates PLA hacking teams have stolen data from hundreds if not thousands of foreign organizations. The task of sifting through those petabytes of material, identifying valuable corporate information and somehow directing it to the ‘right’ agency or state enterprise would tax the most efficient system.
To take one prominent example, the attempts to steal Google’s search engine secrets don’t seem to have helped Jike, the Chinese state-backed search engine with a market share of close to zero.
More likely, I suspect, is that the corporate attacks have taken place with the tolerance of rather than the active direction by the top leadership. Few officials would wish to get into a scrap with the PLA, and certainly not on behalf of foreign corporations.
Plus, this being China, it’s not beyond the bounds that some PLA officers are running these hacks commercial agendas in mind.
This is not to say that politically-motivated attacks, such as those on activists’ Gmail accounts, or on the New York Times and Bloomberg, aren’t directed from the highest level, or that none of the corporate spying has yielded results.
But these industrial-strength raids on corporate networks surely yield little, except increasing embarrassment. China may despise the democratic west but it can ignore world opinion only up to a point.
Just as diplomatic and trade pressure forced China to stop transferring weapons technology to the Middle East in the 1990s, transparency will help it abandon its heist of foreign commercial secrets.
Mandiant, PLA, cybersecurity in Hacking, Internet China