Editor's note: An earlier version of this story incorrectly stated the number of cyber intrusions detected by the security firm Solutionary in March. It was 128 per minute. The story also misidentified Kevin G. Coleman, a computer security specialist at Technolytics. He is a consultant to the office of the director of national intelligence. Both errors have been corrected in this version.
China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing's networks impenetrable to U.S. military and intelligence agencies.
The secure operating system, known as Kylin, was disclosed to Congress during recent hearings that provided new details on how China's government is preparing to wage cyberwarfare with the United States.
"We are in the early stages of a cyber arms race and need to respond accordingly," said Kevin G. Coleman, a private security specialist who advises the government on cybersecurity. He discussed Kylin during a hearing of the U.S. China Economic and Security Review Commission on April 30.
The deployment of Kylin is significant, Mr. Coleman said, because the system has "hardened" key Chinese servers. U.S. offensive cyberwar capabilities have been focused on getting into Chinese government and military computers outfitted with less secure operating systems like those made by Microsoft Corp.
"This action also made our offensive cybercapabilities ineffective against them, given the cyberweapons were designed to be used against Linux, UNIX and Windows," he said.
The secure operating system was disclosed as computer hackers in China - some of them sponsored by the communist government and military - are engaged in aggressive attacks against the United States, said officials and experts who disclosed new details of what was described as a growing war in cyberspace.
These experts say Beijing's military is recruiting computer hackers for its forces, including one specialist identified in congressional testimony who set up a company that was traced to attacks that penetrated Pentagon computers.
Chinese Embassy spokesman Wang Baodong declined immediate comment. But Jiang Yu, a Chinese Foreign Ministry spokesman, said April 23 that the reports of Chinese hacking into Pentagon computers were false.
"Relevant authorities of the Chinese government attach great importance to cracking down on cybercrimes," Ms. Jiang said. "We believe it is extremely irresponsible to accuse China of being the source of attacks prior to any serious investigation."


http://washingtontimes.com/news/2009/may/12/china-bolsters-for-cyber-arms-race-with-us/

China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing's networks impenetrable to U.S. military and intelligence agencies.

That's the first step in getting your network compromised, believing it is impenetrable.

^ Yeah especially when we talk about computers.

I give it 6 months before some 13 year old hacker trying to find Kewl shizit for CoD4 breaks in

I give it 6 months before some 13 year old hacker trying to find Kewl shizit for CoD4 breaks in

Yeah, lets hope there system is as good as NASA's.

Computer security can't be achieved through an operating system. Its mostly obtained by managing human behaviors. Its fair to say that most vulnerabilities today are created rather than discovered.

That said, the FreeBSD OS, which this is reportedly built on, has been acknowledged to be the most secure freely available OS. Ironically, I read a report that the very site the project is hosted on has a SQL injection vulnerability.

As I said... human behavior.

That said, the FreeBSD OS, which this is reportedly built on, has been acknowledged to be the most secure freely available OS. .

Dang.

Certainly better than this "secure XP" crap being peddled to the air force.

But yeah, human behaviour is the greatest threat to security.

Too many agencies allow admin rights for end users. As you stated, human behavior. I've seen where title and status equate to admin rights rather than knowledge, or better yet -- true necessity (which is rarely the case). And how many users at home don't want to be bothered with so much as a logon screen? How about one of the most popular passwords out there? --password --12345 How many regularly perform Windows updates? How many people load software when they know absolute zero about the originator? How many load software from unreliable sites? How many idiots open every single e-mail and subsequent attachment? The list goes on.

All Windows products come with so many default vulnerabilities out of the box it's scary. Since our governmental agencies, including the miltary, cater to the lowest common denominator, which happens to be Windows, the threat is very real to our networks and infrastructure. Why is this the lcd? Because that's "what people use at home." That's all you ever hear when arguing against Windows.

Windows could detach all their products from the kernel which would increase security 100 fold. They don't want to because then they'd lose their stranglehold (read: monopoly) on the desktop.

But there is another possibility... The government/military crying wolf so as to be able to shove more governmental interference down our collective throats.