Chinese government website security is often worryingly bad, say Chinese researchers Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according to a not-yet-peer-reviewed study released last week. The authors, all from the Harbin Institute of Technology, described the study as …
It was just two years ago that dozens of .gov sites in the US had been hijacked due to a vulnerability in a third party product that they all used.
Most all of the sites were just pushing Viagra spam all except one site that was used exclusively by congress members that was silently fingerprinting the browsers of visitors and sending the results back to a Yandex server
We need to revise all website and internet issues to completely prevent access to everything other than just allowing visitors to view the text.
Hacking is universal ... the Internet was only designed originally just to provide universal access ... a feature when there were no websites and the Internet was only being designed ... ever since websites first appeared they have only been planned to be accessible ... "safety" was never much of a risk originally but hacking has now become virtually a universal internet feature.
... meaning the security researchers were given a spreadsheet with stale data, or with applications available only on private networks. I know because my shop's infosec team flags similar "issues".
While some findings in this list are concerning, this is generally "dog bites man" given the general state of internet security. Commenters seem eager to extrapolate some dictum about China but I promise you similar results will be found in a sample of 14k websites in any of our home countries.
Had no working HTTPS support until quite recently and part of their role is to ensure cyber security is maintained by telling other people what to do when it comes to that side of things.
Their website did fit the bill though, it was definitely CAC.
"found worrying lapses that could lead to malicious attacks"
Well gosh. Attempts to warn Chinese networks about this in the 1990s usually led to them blocking mail from the messengers (China Unicom in particular)
Surprisingly, they weren't as bad as the Japanese or Koreans for this behaviour
The worst offenders were usually US government/military. Thankfully the group involved had backchannels to DISA which "solved the issues" - usually by replacing the people responsible
was that any of the zones behind the GFW were (dnssec) signed.
Puzzled what use zones without NS records would be. No delegation from parent zone for a start. Internal root servers or opennic arrangement?
Sounds like the same dog's breakfast as found on this side of the GFW. :)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
