Tag Archives: hacking


An infamous Chinese hacker becomes a “security professional”?

image: iDefense

image: iDefense

Up until now, Wicked Rose has been infamous for one thing, being a prolific hacker. He exploited Microsoft Office security holes in the US Defense Department and obtained sensitive data for over two years before being discovered.

But it appears that Wiked Rose is exploring a new career path.

Investigative reporter, Brian Krebs, reports that Wicked Rose, otherwise known as Tan Dailin, has possibly registered an antivirus company, Anvisoft. Krebs explains this discovery and the maze he went through to track the site to Wicked Rose:

A quick review of the Web site registration records for anvisoft.com indicated the company was located in Freemont, Calif. And a search on the company’s brand name turned up trademark registration records that put Anvisoft in the high-tech zone of Chengdu, a city in the Sichuan Province of China.

Urged on by these apparent inconsistencies, I decided to take a look back at the site’s original WHOIS records, using the historical WHOIS database maintained by domaintools.com. For many months, the domain’s registration records were hidden behind paid WHOIS record privacy protection services. But in late November 2011 — just prior to Anvisoft’s official launch — that WHOIS privacy veil was briefly lowered, revealing this record:

Registrant:
   wth rose
   Moor Building  ST Fremont. U.S.A
   Fremont, California 94538
   United States
Administrative Contact:
      rose, wth  wthrose@gmail.com
      Moor Building  ST Fremont. U.S.A
      Fremont, California 94538
      United States
      (510) 783-9288

A few days later, the “wth rose” registrant name was replaced with “Anvisoft Technology,” and the wthrose@gmail.com address usurped by “anvisoftceo@gmail.com” (emails to both addresses went unanswered). But this only made me more curious, so I had a look at the Web server where anvisoft.com is hosted.

Kreb then used a reverse DNS lookup on Anvisoft’s IP address and tracked it down to three other domains that were once registered to the same email at Anvisoft: wthrose@gmail.com. And then he discovered that Anvisoft was once registered under the user name, “tandailin.” Then Kreb made the connection to a name he came across a few years ago:

When I saw that record, I was instantly reminded of an infamous Chinese hacker who went by the name Wicked Rose (a.k.a. “Withered Rose“). In 2007, Verisign’s iDefense released a report (PDF) on Rose’s hacking exploits, which detailed his alleged role as the leader of a state-sponsored, four-man hacking team called NCPH (short for Network Crack Program Hacker).  According to iDefense, in 2006 the group was responsible for crafting a rootkit that took advantage of a zero-day vulnerability in Microsoft Word, and was used in attacks on “a large DoD entity” within the USA.

Although Kreb can’t confirm that Wicked Rose started Anvisoft, he raises enough questions to justify a serious inquiry:

This may all be a strange coincidence or hoax. Anvisoft may in fact be a legitimate company, with a legitimate product; and for all I know, it is. But until it starts to answer some basic questions about who’s running the company, this firm is going to have a tough time gaining any kind of credibility or market share.

If Wicked Rose did start Anvisoft, then that mean that he’s abandoned his days of international hacking for a more entrepreneurial life? Has Wicked Rose made an ethical turn?  The writers at Darknet are not as hopeful:

Even so, the evidence that has been turned up so far is far from conclusive and as well know just because this chap was mixed up in some dubious activity a few years back – doesn’t mean he isn’t ethically sound now. Some of the best ‘whitehat’ security folks have some distinctly grey stains on their hats.

But in China, infamous hackers are usually plucked up by the Chinese state for cushy jobs. Could this be a signal that capitalism is competing against the Chinese state for knowledge workers, like Wicked Rose? Or as China continues to prove, the state and the market can always find new ways to operate together.

Where are all the creative Chinese people? hanging out in hacker spaces apparently

Finally we get some sense of history to hackerspaces outside of the West from Silvia Lintner and David Li in their latest co-authored article in Interactions, Created in China.

In September 2010, China’s first hackerspace opened its doors in Shanghai under the name XinCheJian (literal translation: new workshop, or new factory). Only a year after the founding of XinCheJian, the Shanghai government announced a call for proposals to build 100 “innovation houses” (chuangxin wu ) to be supported by government funding. Although the official document [4] described this initiative as part of a larger effort to build a citywide platform for supporting popular science work and innovation, national and international media interpreted this move as an endorsement of China’s fledgling maker culture by Chinese politicians.

They article is more than just a report on hackerspaces. They do several important things. First, they show that Chinese hacker spaces are incredibly politicized on a local level and on a national level. Silvia Lindtner has done a lot of research on the politics of Chinese hacker spaces for her dissertation that is a must-read for the juicy back stories that link hacker spaces to larger national efforts for innovation. In the article, they ask,

What motivated politicians in China to support the growth of a community that has come to be known for its commitments to a do-it-yourself (DIY) approach toward making technologies and to the free and open exchange of knowledge? How does maker culture manifest itself in China, where “making” in the DIY sense collides with China’s image as the world’s largest manufacturer?

They share some details about this politicized space:

Members of the growing scene are not only into making and remaking technologies, organizing workshops, and showcasing their work to others, but also are actively engaged with political debates. For example, the announcement by the Shanghai government to support the establishment of hackerspaces as innovation houses has been the subject of heated debate.

They also connect the hacker space culture to shanzai culture, which is a very important link that reveals the bottom up nature of these spaces.

This form of open source manufacturing has co-evolved with the formation of new production sites, including, for example, counterfeit/copycat design houses. Over the years, these copycat productions have adopted these open source processes and moved beyond simply copying popular brands such as Nokia or Apple. Today they often produce new, consumer-specific products, such as mobile phones with additional features tailored to particular customer segments or location-specific demands. Examples include dual-SIM-card mobile phones that support two operator networks on one device—such as the G5 phone, a made-in-Shenzhen brand for the Indian market—and phones with built-in compasses that are shipped to consumers in the Middle East, who may need to know the direction of Mecca during prayers [11,12]. Many of these innovations were later reappropriated by mainstream mobile manufacturers; for example, in 2010 Nokia launched two dual-SIM mobile phones.

Copycat productions from Shenzhen are often described with the term shanzhai (山寨). However, in the hackerspace community, shanzhai now speaks to a new form of innovation based on the principle of open source manufacturing and continuous remaking. The literal translation of shanzhai is “mountain village” or “mountain stronghold,” the home to bandits or Robin Hood–like figures who oppose and evade corrupted authority. China’s hackerspaces invoke this image of subculture in order to argue for an alternative take on the meaning of copying through the lens of remaking.

In their concluding comments, they make a case that hacker spaces are signs of Chinese people being creative. They are critical of statements that contribute to “cultural stereotypes and extend existing systems of power” that portray Chinese people to be uncreative. They cite  James Landay, a professor who helped lead Microsoft Research Asia’s HCI group in Beijing, in a quote where he says Chinese researchers are not as creative as US researchers.

He [James] argued that “the level of innovation and creativity in this cohort is much lower than in similar cohorts in the U.S. And in fact, the ones that are the best on the ‘creativity’ scale almost invariably are folks who received their Ph.D.s in the U.S./Europe or worked in the U.S./Europe.”

My research on Chinese youth lines up with James’s assessment. In my work, I show that the lack of trust between individuals and social trust with institutions is hindering creativity. The problem is that institutions can really promote or damper the expression of creativity, and in the case of China, its education system (combined with cultural elements and political control) has hindered, not promoted, creativity among Chinese youth. The students WHO DO make it to research labs like the one that James’s was overseeing in Beijing or in more elite positions like running companies aren’t necessarily the most creative ones, they are the most privileged ones and sometimes they are the most knowledgeable ones.

But creativity is not about how much you know, but about how much you can think beyond what you know.

The reality is that Chinese people are not as creative as they could be, for now. There is nothing inherently uncreative about the Chinese. I mean who really thinks that about Chinese people after spending a day on the streets. Migrants and youth all over are doing mind-blowing stuff. China is dripping with creativity as your research confirms. But we aren’t’ seeing the mind-blowing stuff happening within formal spaces.

So where are the creatives in China? I don’t think the future crazy ass disruptive innovators are going to come through Tsinghua, this is not to say that there aren’t brilliant freaking people there doing cool stuff. But the crazy kind of thinking-out-of-the-box-crazy-ass-imaginative-attitude needed for disruptive innovation may be more attracted to space like XinCheJian. Researchers like James work in a very institutional formal place so his assessment makes sense for the kind of researchers who are coming through Microsof. But of course Silvia and David know where the most exciting energy in tech innovation lies – hackerspaces!

That’s why more research like Silvia’s on hacker spaces is super important because it highlights the possibilities for alternative spaces of creativity in China. Hackerspaces promote the exploration of the unknown – their cultures around sharing and teaching all create an informal environment to get people to learn new things. So more research please! Creativity is not dead in China, it’s just happening in informal spaces.