Talk:GhostNet

infiltrated computers with malware

Why no mention that these 'computers' are almost always desktop machines running Microsoft Windows emacsuser (talk) 14:09, 29 March 2009 (UTC)

Because window is the most popular OS? --85.108.82.254 (talk) 14:31, 29 March 2009 (UTC)

For the same reason it's not mentioned that they use electricity. 67.240.138.106 (talk) 17:44, 29 March 2009 (UTC)

audio and video

this sounds very sensationalist: "The network possesses "Big Brother-style" capabilities, allowing it to turn on the camera and audio-recording functions of infected computers for in-room monitoring." If you infiltrate a computer, you can do anything you want with it, don't you? Open CD-Drive, print, and, yet yes, switch on cam and mike. To stress this fact for GhostNet sounds very much like disinformation to me. Jasy jatere (talk) 10:47, 29 March 2009 (UTC)

Well maybe the phrase "Big Brother" is sensationalist, but the fact that the PC can be used for covert audiovisual surveillance is important to note. —Preceding unsigned comment added by 86.42.185.96 (talk) 13:29, 29 March 2009 (UTC)

this is surely an interesting feature, which was first widely noted in the coverage of GhostNet. But in my view, this seems to be a change in reporting, not a fundamental difference between GhostNet and other mal/spyware. Jasy jatere (talk) 17:41, 29 March 2009 (UTC)

Jasy, you are correct, but I believe that no existing malware networks have implemented such functionality. For zombie networks being used for spam generation and the like, bugging the room the PC is in is irreleveant. For an infiltration network being used to gather intelligence, bugging the room the PC is in is extraordinarily valuable. As such, the fact this functionality is present provides information about the nature and use of the network. Toby Douglass (talk) 22:16, 29 March 2009 (UTC)

US computers

presumably no evidence of infiltration was found for any countries not on the list of 103, why is the US mentioned? Nickmuddle (talk) 11:48, 29 March 2009 (UTC)

Probably because most readers are American and they'll need that bit of extra reassurance... --candle•wicke 13:21, 29 March 2009 (UTC)

Because it was taken from the New York Times article, verbatim. Also, many readers will probably be interested in knowing if American computers were affected, given the gravity of Sino-American relations. It's not a US-centric Wiki Cabal, jeez. ZeaLitY [ DREAM - REFLECT ] 13:52, 29 March 2009 (UTC)

If it's taken verbatim from the NYT article then likely it's a copyvio. Incidentally, the version Nick was referring to was this [1] where it was taken from Reuters Nil Einne (talk) 14:00, 29 March 2009 (UTC)

No evidence was found that U.S. or U.K. government offices were infiltrated ===>> Proof of USA and UK spying operation! M Haoran (talk) 14:47, 29 March 2009 (UTC)

M Haoran - you are a brand new user and your only contributions to the Wiki have been to this article and its discussion where in the space of about ten minutes you attempted, mainly by large deletions, to place a purely pro-Chinese view onto this article. Personally speaking, I cannot help but wonder if you are employed by whoever is responsible for Ghostnet. Toby Douglass (talk) 22:08, 29 March 2009 (UTC)

Firstly please WP:AGF. If M Haoran's actions are bad, explain to him why, there's no need to make accusations of sinister motives without any evidence of that. Especially, don't prescribe silly motives without evidence. There are a lot of people with pro-Chinese views on the internet, just as there are many with pro-Tibetian, pro American et al. To presume that every person who is pro Chinese works for the Chinese intelligence, is as dumb as presuming everyone who is pro-Tibetian works for the Dalai Lama or everyone who is pro-American works for the CIA. Many people with biased POVs of all types join wikipedia and start off poorly, some of them can be convinced to act properly, some of them still can't set aside their POVs and therefore fail to obey WP:NPOV etc and may eventually be banned. Some of them just never come back. We have no way of knowing which one M Haoran is going to be, but we should still respect him/her and WP:AGF that he/she is hear to improve wikipedia until he/she proves they're not worthy of respect Nil Einne (talk) 00:15, 30 March 2009 (UTC)

I have to agree with Nil Einne, the chances that M Haoran is employed by the people responsible for Ghostnet is infinitesimal. Let's try and and keep this from becoming the trainwreck of a talk page that is on the Beijing olympics. ƒingers^on_Roids 01:18, 30 March 2009 (UTC)

connection with conficker possible?

Is it possible that this ghostnet is responsible for the conficker virus? 75.166.97.83 (talk) 17:37, 29 March 2009 (UTC)

Anything is possible but you must be very careful with how you consider such questions. The human mind has a specific bias towards associating events of similar magnitude, regardless of the evidence or lack of evidence for a connection. The very fact two events are of a similar magnitude causes us to assume correlation. Toby Douglass (talk) 22:10, 29 March 2009 (UTC)

How can you say the government is not involved?

How can you say the Chinese government is not involved when it was the Chinese government that acted on the stolen information, in the case of the Dalai Lama's emails??? Haiduc (talk) 17:40, 29 March 2009 (UTC)

The Wiki community isn't stating the Chinese government is not involved. We're simply reiterating what the New York Times and The BBC are speculating, and quoting the Chinese response. It's more than possible that the Chinese government is behind this program; but it's far from definite; and untill that information is conclusive, it's best to represent all sides without assumptions. 92.13.134.192 (talk) 17:55, 29 March 2009 (UTC)

The article reports merely what is written elsewhere. We do not offer opinions. Personally speaking, I concur. Unless they were perhaps selling that information to the Chinese Government, I can see no reason why a non-Government infiltration network would spend any time working on computers run by the Tibetien Government-in-exile. Toby Douglass (talk) 22:12, 29 March 2009 (UTC)

Just want to point out that within Mainland China, given the amount of public outrage against 2008 Tibet protests, it is entirely plausiable that a private group of Chinese nationalistic zealots could've done this. Jim101 (talk) 04:32, 30 March 2009 (UTC)

If you read the report provided in the external links, the Cambridge group do believe the Chinese government is to blame. I think there is ample evidence to suggest the Chinese government is responsible: the fact that it occurred in their country, the fact that they used the information to their advantage, and the fact that they have a sincere motive to profit from it – the monitoring of pro-Tibetan autonomy movements.Laneb2005 (talk) 18:22, 29 March 2009 (UTC)

Indeed, it points to the likelihood; added with the fact that the majority of targeted systems are the property of Asian states, that China has direct or indirect interest in. However, since no conclusive evidence could be drawn by the teams investigating the breach, and the Chinese government have denied the operation; other eastern governments, civilians, corporations, or even foreign intelligence services trying to embarrass China; shouldn't be ruled out, for now. Nigholith (talk) 18:43, 29 March 2009 (UTC) (DY:92.13.134.192)

Seconded. We do not know the truth. To assume it is an error. Toby Douglass (talk) 22:13, 29 March 2009 (UTC)

Thirded. If you read the paper, the 'attack' itself is quite primitive (read: scriptkiddies could have done it). There is no attempt to hide that servers in china made connections and downloaded files. There is then later use of some proxies that the authors say is 'unexplained' (ie. it could have been anyone from anywhere).--Dacium (talk) 01:09, 30 March 2009 (UTC)

A more reasonable question...

Do we have any sources that address the origin of the name "GhostNet"? Nyttend (talk) 21:42, 29 March 2009 (UTC)

Per the NYT, it's simply what the Canadian researchers decided to call what they detected. 86.44.33.122 (talk) 22:00, 29 March 2009 (UTC)

And the NYT article got the name from the title of the University of Toronto paper. Nigholith (talk) 22:19, 29 March 2009 (UTC)

Spanish version

Can someone move the Spanish version (es:Ghostnet) of this article to "GhostNet" instead of "Ghostnet"? I noticed the interlanguage link was added, but it goes to an empty page. I've never edited es:wiki, so I can't move it. Gracias. APK thinks he's ready for his closeup 01:31, 30 March 2009 (UTC)

Thanks Jondel. APK thinks he's ready for his closeup 02:28, 30 March 2009 (UTC)

Chinese government

Without support of Chinese government, Chinese spynet wouldn't have became like this GhostNet, the article should mention about Chinese government involvement and why they are doing this.--Korsentry 03:15, 30 March 2009 (UTC) —Preceding unsigned comment added by KoreanSentry (talk • contribs)

Without support of Chinese government, Chinese spynet wouldn't have became like this GhostNet - Logical assumption, but no creditable source I find confirms this statement. It's one thing to say Chinese government knows the existance of GhostNet. It is a completely different level to say that they own and operate it. Where is the source of your claim that Chinese government owns and operates GhostNet besides the signs that Chinese Cyber-police let it slip under their nose?

Currently, there are three parties the could've create GhostNet: Chinese government, private hackers/criminals, and thrid countries. If you want to explain in the article on who created the GhostNet and why, you should include the other two parties besides the Chinese government to maintain NPOV, unless there are conclusive evidences that Chinese government indeed created GhostNet. Jim101 (talk) 04:02, 30 March 2009 (UTC)

Is there a way to remove "GhostNet?"

Is there a way to remove "GhostNet?"