At Tuesday’s Senate hearing on Internet censorship, someone in the press asked Google VP and Deputy General Counsel Nicole Wong about an action against the Chinese government at the World Trade Organization.

Well, the press (again) has taken the bait and is talking about the possibility. The Financial Times kicks their coverage off with this tagline:

If Google chooses to take its case to the WTO, the battle could be both bloody-minded and counterproductive.

Sounds dramatic. I like the blood part.

So, should Google take China to the WTO? Great idea, if the WTO allowed non-Member States entities other than Member States to initiate proceedings. IT DOESN’T!!! (more…)

Latest news goes against conventional wisdom:

The computer attack which led Google to threaten leaving China and created a firestorm between Washington and Beijing appears to have been deployed by amateurs, according to an analysis by a U.S. technology firm.

“I would say this particular botnet group was not well funded, in which case I would not conclude they were state sponsored, because the level of the tools used would have been far superior to what it was,” said Gunter Ollmann, vice president of research at Damballa, an Atlanta-based company that provides computer network security. (CNN)

Hmm. What does that say about all those stories of high-level military involvement, hacking academies, scary espionage initiatives? Well, it has the potential to tarnish them a bit, or at least make all that hyperbolic language look stupid in retrospect.

The level of sophistication certainly does not come across as high end:

The botnet used in the attack began being tested in July, nearly six months before the attack, according to Damballa analysis.

He added, “Some of the codes within the malware were at least five years old” — ancient, by software development standards. The attackers used technology “that had been abandoned by professional botnet operators years ago,” he said.

On the other hand, as some of the comments to the CNN article reflect, them Chinese sure are sneaky, and this new information tells us nothing:

. . . and do you think we believe it? This looks like a paid news item from China to hide its military’s hacking activities. Since when amateur Chinese started to hack so sophisticatedly [sic]?

and

the best hackers are not state controlled silly.

I’m surprised that no one suggested the unsophisticated nature of the attacks was actually proof of a highly sophisticated misdirection campaign by the PLA.

First you use outside contractors, then you give them shitty software, and finally you make sure that they use servers that can’t be traced to the government. It’s brilliant!

I guess we’ll all just continue to believe what we want to believe.