Bo mt cho ng dng web

Nhng nm gn y, cc dch v thng mi in t (TMT) nh thanh ton trc tuyn, giao dch trc tuyn ebanking pht trin khng ngng. Cc tin ch cng c pht trin, doanh nghip (DN) cng phi trang b h tng mng chuyn nghip nhm p ng nhu cu vn hnh lin tc v bo mt h thng. iu kin bo mt Mt h thng mng bo mt lun phi m bo cc mc tiu nh: Cho php hoc cm nhng dch v truy cp ra ngoi; Cho php hoc cm nhng dch v t ngoi truy cp vo trong; Theo di lung d liu mng gia Internet v Intranet (mng ni b); Kim sot v cm a ch truy nhp; Kim sot ngi s dng v vic truy cp ca ngi s dng; Kim sot ni dung thng tin lu chuyn trn mng. Vi nhng yu cu v mc tiu do DN t ra, cc nh tch hp h thng s t vn v xy dng mt h thng mng hon chnh: + Kt ni bn ngoi bao gm cc thit b nh tuyn kt ni ADSL, Lease-line cng cc thit b cn bng ti. + Kt ni bo mt: Cc thit b tng la (Firewall), cc h thng phng chng tn cng IDS/IPS... v phn mm gim st h thng. + H thng my ch: Cc my ch (server) ci t h iu hnh Windows, Linux v cc gii php phng chng virus, chng th rc (spam mail)... + H thng lu tr: Cc thit b lu tr d liu tch hp SAN (Storage Area Network)...

u t h thng bo mt

Vic u t mt h thng bo mt theo ng tiu chun m cc nh tch hp h thng em li cho DN c thc s hon ho hay khng? DN c th tham kho bng nh gi ca cc hng bo mt: Chng ta nhn thy mt s vn ni bt v bo mt thng tin nh: Th nht l cc cuc tn cng, xm hi vo cc h thng web site ca DN din ra ngy cng lin tc v tinh vi hn (25,48% cuc tn cng cha xc nh ngun gc). Th hai l cc h thng my ch c trang b tt c cc gii php bo mt tin tin vn chu s tn cng trc tip m khng ngn chn hon ton c. Theo thng k cc phng thc tn cng mng ph bin hin nay, cc kiu tn cng truyn thng nh SQL Injection, Cross-Site Script, Brute Force... vn ang gy thit hi cho h thng mng d c cnh bo t rt lu. Theo thng k cc phng thc tn cng hin nay (hnh 1) chng ta thy cc kiu tn cng truyn thng nh SQL Injection, Cross-Site Script, Brute Force... vn ang gy thit hi cho h thng mng d c cnh bo t rt lu. Cc cuc tn cng ny ch yu tp trung vo cc ng dng web c pht trin trong cc dch v thng mi in t vi nn tng ng dng web 2.0. Vn bo mt cho cc ng dng hin nay ni chung v ng dng web ni ring vn cn kh mi m i vi cc DN Vit Nam. Mt DN cn trin khai mt ng dng TMT h s thc hin cc bc sau: Xy dng ng dng theo cc nhu cu kinh doanh v vic ny s do mt nhm ph trch lp trnh thit k v xy dng; K n l trang b h tng mng trin khai ng dng ny. Cc thit b bo mt hin nay nh tng la (Firewall), IPS/IDS s khng th gim st, nh gi c ht cc ng dng c xy dng trn nn tng web (c th y l giao thc HTTP/HTTPS). Ch c cc thit b bo v ng dng web trc cc cuc tn cng - Web Application Firewall (WAF) chuyn dng mi p ng yu cu ny. Mt bc tng la chuyn dng s lm cc nhim v nh sau: + Thit lp cc chnh sch cho cc kt ni ngi dng HTTP thng qua vic chn lc ni dung cho my ch dch v web. + Bo v h thng trc cc loi hnh tn cng ph bin trn mng nh: Cross-site Scripting (XSS) v SQL Injection. + Ngoi vic nhng ng tc kim tra ca mt bc tng la thng thng, WAF s kim tra su hn, s kim tra cc ni dung HTTP lp ng dng

Hnh 1. Bo co ri ro cc cuc tn cng Web Gii php bo mt ng dng web c din t nh sau: Gii php bo mt ng dng web s h tr tt hn: + Hn ch ti a cc cuc tn cng v cc ng dng thng qua thit b bo v ng dng web chuyn dng (Web Application Firewall). + Tp trung pht trin, xy dng cc ng dng web theo ng tiu chun Web 2.0 vi cc tiu ch bo mt web cao nht (PCI DSS, OWASP) + Kh nng gim st, phng chng tn cng c chiu su v tp trung. + Nng cao hiu nng ca h thng, pht huy ti a cc tnh nng bo mt ca tng thit b trong h thng. C cn bo mt ng dng?

Hin nay, trn th gii cc d n v bo mt ng dng web trong TMT u pht trin trn 2 nm v c nhiu gii php cho vn ny. Bn cnh cng xut hin mt s t chc thng xuyn phn tch, ng gi v a ra nhng tiu ch bo mt mi nht. Chng ta c th k n OWASP (Open Web Application Security Project), mt t chc phi li nhun cung cp cho cng ng cc ri ro pht sinh trong cc ng dng web. Ti Vit Nam, cc DN vn cha c c khi nim chnh xc v nhng ri ro ang tim n trong ng dng web. Chng ta vn cha xc nh c ri ro, sai st trn website dn n him ha tn cng mng. Cc DN ang hng n TMT hoc ng dng chy trn nn tng web cn tng cng yu cu bo mt cho cc ng dng. DN nn tm hiu cc vn bo mt khi xy dng cc ng dng. V d: S dng ngn ng NoSQL thay th cho ngn ng SQL truyn thng lc hu v c nhiu ri ro. S dng cc cng c m ngun m nh Metasploit, SQLmap, Firecat... kim tra v nh gi cc l hng trong h thng mng. Xy dng cc biu mu nh gi ri ro h thng (tham kho cc tiu chun bo mt OWASP, WASC...) nhm phn loi cc ri ro c cc hnh ng c th khi xy ra s c. Nu c iu kin, nn s dng dch v PenTest (kho st an ton ca h thng) chuyn nghip nhm hn ch cc ri ro khi c s c tn cng t bn ngoi. Ngoi ra, cc DN cng nn t chc cc kha hc ngn hn, di hn v an ton thng tin nhm nng cao nhn thc v bo mt cho nhn vin. Tch cc tm hiu cc quy trnh, tiu chun bo mt nh ISO 27000, 27001 Hiu chnh cc ng dng vi s h tr ca cc nh lp trnh r sot cc ng dng, nng cp h thng v tin hnh kho st h thng (Audit) hng nm nh gi thc trng ca ng dng. An ton thng tin i hi c nhn, t chc v DN phi khng ngng nng cao v pht trin lin tc. Cc ng dng web tuy mang li cho ngi dng v DN nhiu tin ch, nhng cng tr thnh mi trng cho hacker trc li. Trc khi trin khai cc ng dng kinh doanh, cc DN cn ch n khu bo mt ng dng web.

ng dng v an ton ca cng ngh web services

I.TNG QUAN T nhng ngy u ca Internet, ngi ta quan tm n tnh an ton trong trao i thng tin. Mc du, khng c s an ton tuyt i, nhng nhng pht trin trong lnh vc ny th rt nhanh v mang li nhiu thnh qu v y l vn cp bch ca nhiu doanh nghip. Khng c mt mc an ton thch hp, s khai thc thng mi ca Internet th khng hon ton an ton. Do nhng gii thut kim chng, s m ha kha thng tin, v ch k s ha c th l nhng gii php cung cp mt mc an ton. Chnh v th s an ton ca web service trn mng cng khng th nm ngoi vn ny. C th ni ngy nay ngoi vic nghin cu lm sao to ra mt web services tt mang li nhiu li ch th vic nghin cu lm sao mang li s an ton cho web services cng l mt trong nhng vn quan trng nht. Tht kh tin tng s dng mt business service nh- mua chng khon hay chuyn tin trc tuyn m li khng c mt s an ton cn thit. Mt chun an ton chung cho cc h thng giao dch trn mng thng phi tp trung vo nhng iu sau: - Identification: nh danh c nhng ai truy cp ti nguyn h thng. - Authentication: chng thc t cch truy cp ti nguyn ca ngi mun s dng. - Authorization: cho php giao dch khi xc nhn nh danh ngi truy cp. - Integrity: ton vn thng tin trn ng truyn. - Confidentiality: an ton, khng ai c th c thng tin trn ng i. - Auditing: kim tra, tt c cc giao dch u c lu li kim tra. - Non-repudiation: mm do, cho php chng thc tnh hp php ha ca thng tin n t

mt pha th ba ngoi 2 pha l ngi gi v ngi nhn. Nhng yu cu trn gip cho h thng an ton hn , trnh c phn no nhng truy cp khng hp l . Trong : Loan Amount: S tin vay n Interest Rate (%) : Li sut Installments : Thi gian tr n (tnh theo thng) Result : S tin phi tr hng thng HTTP (HyperText Transfer Protocol) l giao thc thng s dng nht cho vic trao i thng tin trn Internet, tuy nhin khng an ton, bi v tt c thng tin c gi di dng vn bn trong mng ngang hng khng an ton. HTTP thuc v nhm ca nhng ngh thc, nh- SMTP, telnet, v FTP, c thit k trong giai on u ca Internet khi m vn an ton cha c quan tm n nhiu. Mt pht trin ca HTTP l HTTPS, n l mt chun an ton cho HTTP, HTTPS cho php chng thc client v server qua nhng chng thc gia client v server. Trc khi c web servives security ( WS-Security ) th ngha thng thng ca an ton web service l bo mt knh truyn d liu. N c thc hin cho nhng SOAP/HTTP da trn c ch truyn thng ip bng # cch s dng giao thc HTTPS. Khng ging s an ton mc thng ip, HTTPS cung cp s an ton ti ton b gi d liu HTTP. Bi vy, chng ta khng c mt ty chn no p dng s an ton c chn lc ch trn nhng thnh phn ca mt thng ip. Mc du HTTPS khng bao ph tt c cc kha cnh trong chun an ton chung, nhng n cng cung cp mt mc bo chng y vi nh danh v chng thc, s ton vn thng ip, v tin cy. Tuy nhin, authentication, auditing, and nonrepudiation cha c cung cp. Bn cnh , HTTPS l mt giao thc nn khi thng ip i qua HTTP server th li khng an ton. II.AN TAN WEB SERVICES Trc ht chng ta xem xt nhng nhn t ri ro nh hng n mc an ton ca nhng ng dng da trn web service. Chng ta s s dng mt kch bn rt tin ngn hng qua mng xem xt vn . y l mt ng dng client/ server n gin m t mt ngi rt tin (client) kt ni ti trung tm d liu ca ngn hng s dng mt ng dng web service thc hin yu cu ca mnh. Nu khng c s an ton no c p dng, th c ba nhn t mo him chnh: - Nhng giao dch khng hp php (Unauthorized transactions) : mt ngi no khng c quyn nhng vn yu cu rt tin. Giao dch ny khng hp php. Chng ta cm vn ny bng cch s dng c ch chng thc ca WS - Security. Mt v d ca s chng thc bao gm phi c mt kt hp user ID/ password trong SOAP message. - Nhng thng bo khng m ha (Readable messages in clear text-no encryption): s hiu ti khon v s d ti khon trong gi SOAP rt d b c ln trn mng. Vic l thng tin ny l do thng tin ti khon v s d c gi qua mng di nh dng vn bn. gii quyt vn ny, thng tin ny phi c m ha mc knh chuyn thng ip hoc mc thng ip (WS - Security). - Nhng thng ip b thay i hoc mt mt (SOAP message susceptible to modificationno integrity): Trong qu trnh chuyn thng tin t ngi rt tin n trung tm d liu, n c th b chn. V nhng thng tin ny c th b thay i, v d nh s ti khon l 1234 th b thay i thnh s 9876. Vn ny dn n thiu s ton vn. Trong nhng kch bn trn, chng ta m t s an ton lin quan ti nhng yu cu ca s chng thc, tnh b mt, v s ton vn thng tin.

Trc khi c WS-Security, s an ton knh chuyn thng ip rt thng c s dng. S an ton knh chuyn thng ip ch l n m ha ton b thng ip, dn n s dng CPU cao hn. Tuy nhin vi WS-Security, n cung cp nhng cch ti u ha nhng thao tc an ton, m yu cu t thi gian s dng CPU hn. Da vo mc an ton cn thit m mt hoc nhiu hn nhng c ch an ton ny c th c p dng cho mt ng dng. III. KT LUN Ngy nay cng ngh web services v ang c trin khai v ng dng trong rt nhiu lnh vc khc nhau bao gm c nhng lnh vc nhy cm, i hi tnh an ton cao nh ti chnh, ngn hng, do web service cn cung cp mt mc an ton h tr nhng cng vic nh th. Bn cnh mt c ca cng ngh web services mang li th vic m bo an ton, tin cy, ton vn thng tin trao i trn web service cng l mt iu rt quan trng trong qu trnh xy dng web services, bng vic s dng ws security v cc thnh phn ca n gip cho thng tin trao i trn web services tr nn an ton hn. Tuy nhin vic chn c ch an ton cho web service phi i hi sao cho ngi dng khng cm thy qa phc tp to mt s g b, do vic chn c ch an ton no trong ws security th ph thuc nhiu vo loi service v nhng tnh nng m servive ny cung cp, v d nh service v giao dch ti chnh ngn hng phi c c ch an ton hiu qa hn so vi service chn lc v phn loi tin tc hay service cho bit t gi trao i gia cc loi ngoi t,. Bn cnh cn mt im cn quan tm l s an ton khng ch ph thuc vo nhng gii thut, nhng tiu chun, v nhng c ch m ws security mang li, m n cn ty vo thi ca cc cng ty c hiu r tm quan trng ca an ton thng tin khi trin khai cc ng dng, giao dch trn mng hay khng cng rt cn thit. L QUANG HNG
10 li an ton thng tin ph bin trn trang TTT ICTnews - Theo B TT&TT, tn cng Injection, cu hnh bo mt, lu tr m ha khng an ton... hin l nhng li ph bin nht trn trang/cng thng tin in t. Thc hin ch o ca Th tng Chnh ph v vic bo m an ton thng tin cho cc cng thng tin in t, ng thi thng nht v ni dung v phng php qun l an ton thng tin theo yu cu ca Ngh nh s 43/2011/N-CP, B TT&TT c cng vn s 2132/BTTTT-VNCERT ngy 18/7 hng dn cc c quan nh nc trin khai p dng ti liu "Hng dn mt s bin php k thut c bn cho cng/trang thng tin in t" nhm mc ch cung cp nhng kin thc v yu cu thit lp h thng phng th, bo v. T , cc n v qun l cng/trang thng tin in t c th nh gi mc an ton thng tin v chn gii php ph hp nhm xy dng cng/trang thng tin in t an ton. Theo , vn hnh ng dng web an ton, ti liu ch r "10 li an ton thng tin ph bin", qua nhn din nguy c mc li ca cng/trang thng tin in t ti n v, c bin php khc phc hp l hoc sa i m ngun web loi b cc nguy c tim n. Tiu biu, trong s c nhng li c nhc n rt nhiu thi gian qua nh tn cng Injection, thng xy ra khi ngi dng gi cc d liu khng tin cy n ng dng web nhm phc v cho mc ch xu hay cu hnh bo mt ng dng, framework, my ch web khng an ton... Thng 7/2011, theo BKAV c t nht 88 website ca cc c quan, doanh nghip ti Vit Nam b hacker xm nhp, trong c 9 trng hp gy ra bi hacker trong nc, 79 trng hp do hacker nc ngoi. Mt khc, c 3.068 dng virus my tnh mi xut hin ti Vit Nam. Cc virus ny ly nhim trn 5.627.000 lt my tnh. Virus ly nhiu nht trong thng qua l W32.Sality.PE ly nhim trn 415.000 lt my tnh.

C ch bo v bng k t phc tp (CAPTCHA) ang ph bin trong ng dng web. Nhng gi y, cc chuyn gia cho thy n khng cn an ton na. Ngy 17/6/2010, Chi hi An ton thng tin pha Nam t chc bui hi tho Bo mt ng dng web. Ni dung gm 3 ch : gii thiu OWASP Top 10 Bo mt hin c cc doanh nghip quan tm c bit. phin bn 2010, gii thiu cch khai thc li bo mt ca c ch chng thc ngi dng bng k t phc tp (CAPTCHA) v quy trnh bo mt web. OWASP Top 10 l ti liu cng b 10 ri ro bo mt ca ng dng web. V l mt phn ca Open Web Application Security Project, vit tt l OWASP. Cho n thi im ny, OWASP Top 10 c 3 phin bn: 2004, 2007 v 2010. Trong phin bn 2010, ri ro chn d liu c (injection flaws) xp u tin, kch bn cho trang tn cng ngi dng cui (Cross-Site-Scripting) v tr th 2 v chim phin truy cp ca ngi dng (Broken Authentication and Session Management) t v tr s 7 nm 2007 ln th 3 nm 2010. Hai ri ro b loi b khi danh sch l thc thi m c (Malicious File Execution), v qun l thng tin li tr v (Information Leakage and Improper Error Handling). Hu ht cc h thng web cho php ng k ngi dng u c c ch xc thc ngi dng bng hnh nh cha cc k t kh c. Mc ch m bo l con ngi thc ang thao tc. Tuy nhin, ng Dng Ngc Thi, Trng phng an ton thng tin ca ngn hng ng A v cng tc Juliano Rizzo ch ra cch lm trn khng cn c an ton na. chng minh, ng Thi trnh din gii m chui k t cn ngi dng nhp vo t 1 chui k t m ha. Tng thi gian tm ra chui k t hn 4 pht. khc phc im yu ny, ng Thi chia s thm, cch c bn l cc nh pht trin nn dng cc th vin m ha c sn nh Cryptlib khi ci t c ch xc thc ngi dng. quan im l ngi nh gi, kim nh h thng bo mt ng Cng Phm, Gim c d n ca Athena chia s: nh gi ng dng web c an ton hay khng l mt quy trnh gm nhiu bc. T thu thp thng tin, phn tch cho n thm nh h thng theo nhiu cch khc nhau.

GIN IP TRUNG QUC

Cc bn tin v gin ip Trung Quc ti ngoi quc:

2012

1. VOA (9-2-2012): Hoa K khi t cng ty Trung Quc v ti gin ip kinh t. 2. RFI (19-5-2012): Bc Kinh mua hay nh cp cng ngh Ty Phng canh tn qun i. 3. VN+ (22-5-2012): V kh M trn ngp cc linh kin gi t Trung Quc. 4. RFI (30-7-2012): Gin ip mng Trung Quc lm nghing nga phng Ty.

2011
1. RFI (29-1-2011): Nhng chin binh trong bng ti. 2. TN (8-2-2011): M x gin ip thng mi. 3. RFI (10-2-2011): M c th ngng cung cp v kh hin i cho i Loan sau v gin ip. 4. RFI (10-2-2011): Theo bo i Loan, vin tng lm gin ip sp by m nhn k ca Bc Kinh. 5. BBC (14-2-2011): Gian ip TQ 'xm nhp ai Loan su rng'? 6. DV (23-5-2011): 'Ngn ht ct' Trung Quc v c my tnh bo khng l. 7. TN (19-6-2011): Gin ip Trung Quc sn b mt M. 8. TN (23-6-2011): Gin ip Trung Quc sn b mt M: nh cp cng ngh nhy cm. 9. BVN (6-10-2011): H vin M bo ng v tnh trng gin ip kinh t Trung Quc. 10. DV (22-11-2011): Php bt 2 gin ip Trung Quc. 11. TN (22-11-2011): H vin M iu tra cng ty Trung Quc. *****

Hoa K khi t cng ty Trung Quc v ti gin ip kinh t

VOA - Th Nm, 09 thng 2 2012

Trung tm nghin cu ca cng ty DuPont ti Meyrin gn Geneva - Hnh: REUTERS

Gii hu trch Hoa K t co mt cng ty quc doanh Trung Quc m mu nh cp b mt thng mi ca cng ty ha cht cng nghip DuPont. Cc gii chc B T php hm th t cho bit Tp on Pangang (Phan Cng) b mt i bi thm on San Francisco khi t v ti gin ip kinh t v nhng ti khc. 3 cng ty con ca tp on ny cng b truy t trong v ny, cng vi cng ty USA Performance Technology, mt cng ty ngnh k s California. Lnh khi t cho bit Pangang v cc cng ty con cu kt vi USA Performance Technology ly thng tin v mt ha cht qu gi do DuPont pht minh v c dng ch to nhiu loi sn phm nh giy, sn, v cht nha. Nm c nhn cng b truy t, trong c ng Walter Liew, mt ngi Singapore ly quc tch M, cng vi v l b Christina, ng s hu cng ty USA Performance Technology, cng vi hai vin k s tng lm vic cho DuPont. *****

BC KINH MUA HAY NH CP CNG NGH TY PHNG CANH TN QUN I

RFI - Th by 19 Thng Nm 2012

B trng Quc phng M Leon Panetta ti Lu nm gc (Reuters)

T Anh Trung Quc vi ngn sch quc phng ng hng th hai sau Hoa K, tip tc gia tng khng ngng v ci tin sc mnh qun i qua cng ngh mua hoc nh cp ca ty phng. Trn y l ni dung ca bn phc trnh va c b Quc phng M cng b hm qua. Trong bn tng trnh hng nm v sc mnh v trang ca Trung Quc gi Quc hi M, b Quc phng Hoa K thm nh ngn sch qun s ca Bc Kinh c th ln n 180 t la ch khng phi 106 t nh thng bo chnh thc. Theo s liu ca Bc Kinh, th ngn sch quc phng nm 2012 tng thm 11.2% so vi nm trc. Nhng bn bo co ca Lu nm gc M cho rng con s ny khng bao gm nhiu loi chi tiu khc nht l tn ph canh tn v kh ht nhn v mua v kh ca nc ngoi. Tng ngn sch quc phng ca Trung Quc do vy c th ln n 180 t la hoc t ra khng th di 120 t. B quc phng M nhn nh Trung Quc theo ui mt chnh sch canh tn qun s ton din vi mc tiu chin thng mt trn xung t cp vng hay tin hnh mt chin dch qun s vi cng cao trong mt thi gian ngn. i Loan v s ym tr ca M vn l trong tm chin lc ca Hoa Lc. thc hin mc tiu ny, Bc Kinh, bng bin php hp php ln bt hp php, s hu nhiu cng nghip ca ty phng gi l lng dng tc l va dn s va qun s. Qun i Hoa K e rng vi th on ny, kh nng qun s ca Trung Quc s gia tng ng k. Lu nm gc cng c bit lo ngi vn chuyn giao k thut in hnh qua vic tp on Airbus ca chu u m hng sn xut my bay ti Trung Quc. Theo ng David Herley, c trch chu s v ca Lu nm gc, th Hoa K thao di st sao gii doanh nghip Trung Quc u t ci tin k ngh quc phng v kh nng sao chp trang thit b qun s. Vn gin ip cng nghip do vy l mt mi e da ln. Trung Quc cng tn dng internet lm v kh tn cng ph hoi. Qun i Trung Quc hin nay trang b t 50 n 75 ha tin lin lc a c u n ht nhn khng k hng ngn tn la tm trung. Hi qun hin c 7 tu ngm nguyn t, 48 tu ngm chy bng du cn, ba hm i vi 79 chin hm v 86 tun dng hm. Trung Quc cng ang chy ua vi thi gian canh tn mt hng khng mu hm c do Nga ch to.

Khng qun vi 1570 chin u c v 550 my bay oanh tc. Lc lng b binh ln n 1,205,000 qun vi 8,000 xe tng v 7,000 i pho. Hoa Lc b tr 400 ngn qun i din vi i Loan cng vi 1,200 tn la. Tags: Chu - Hoa K - Quc T - Trung Quc *****

V kh M trn ngp cc linh kin gi t Trung Quc

TTXVN - 22/05/2012

Trc thng SH-60B ca Hi qun M - Ngun:airliners.net Bo co cng b ngy 21/5 ca Thng vin M cho bit hn mt triu linh kin in t gi ca Trung Quc c lp t cho cc my bay qun s, e da ti s an ton v an ninh quc gia ca M. Theo y ban Qun lc Thng vin M, trong cuc iu tra ko di mt nm do Ch tch y ban, Thng ngh s Dn ch Carl Levin, v Thng ngh s Cng ha John McCain khi xng, cc chuyn gia pht hin 1,800 v vic lin quan ti linh kin gi, trong c linh kin ca cc loi my bay vn ti hng nng ca Khng qun M, cc trc thng dng trong cc chin dch qun s c bit v my bay do thm ca Hi qun. Bn bo co di 112 trang ca Thng vin phc tho nhng nguy c i vi an ninh quc gia cng nh e da an ton trong hot ng ca qun i do linh kin nhi, c ngun gc t Trung Quc. S hng gi trn bao gm cc linh kin trong cc Mng lc giao thoa in t (EIF) s dng trong cc chin dch ban m v vn hnh cc tn la trn trc thng SH-60B ca Hi qun M. Ngoi ra, chng cn b pht hin trong cc con chip nh ca h thng hin th trn cc my bay vn ti qun s hng nng nhC-17 Globemaster III v C130J, cc mun pht hin bng trn my bay P-8A Poseidon, dng my bay Boeing 737 ci tin c kh nng "sn" tu ngm v tu chin, ca Hi qun M.

Bo co ca Thng vin M cho rng B Quc phng khng lng c quy m cng nh mc tc ng tiu cc ca linh kin in t gi i vi h thng phng th quc gia; ng thi cnh bo vic s dng cc nh phn phi c lp m khng c kim sot cht ch cung cp cc linh kin qun s quan trng dn n nhng ri ro khng th chp nhn c i vi an ninh v an ton quc gia ca M. *****

Gin ip mng Trung Quc lm nghing nga phng Ty

RFI - Th hai 30 Thng By 2012

Josh Mayeux, nhn vin an ninh mng lm vic cho trung tm an ninh mng ti cn c khng qun Peterson, Colorado, 20/07/2010 - REUTERS/Rick Wilking/Files L Phc Phng Ty khng ch lo ngi v s ln mnh kinh t ca Trung Quc, m cn mt n mt ng v ci ti ca cc hacker mng ca nc ny. Nht bo cnh T Libration hm nay c bit dnh bi phn tch ch nhy cm ny vi dng ta gy ch : Chu u nm di s theo di ca tin tc Trung Hoa. K cp gp b gi Hi thng 7 nm ngoi, mt nhm gin ip mng ca Trung Quc thm nhp thnh cng vo hp th in t cc quan chc Hi ng Chu u n 5 ln. Nhm hacker ny tng rng vic lm trn tri khng bit, t khng hay, nhng ng u mt nhm chuyn gia chng tin tc ti M bao gm cc ging vin i hc v cc cng ty tng l nn nhn ca hacker Trung Hoa bit tn tng v vic. Cu chuyn gia hai ngi bng chc c c th gii bit n

khi vo cui tun ri, tp on truyn thng v ti chnh Bloomberg ca M cho cng b kt qu iu tra v v vic. Theo cuc iu tra ni trn, th phm v hacker va cp l mt nhm hacker mng m mt v Hoa K t cho ci tn l Byzantine Candor (tm dch l : S ngy th vin vng). Theo ti liu m Wikeleaks tng cng b, cc nh ngoi giao M cho rng, nhm hacker ny thuc quyn qun l ca qun i nhn dn Trung Hoa, c tr s ti Thng Hi. Ngoi Hi ng Chu u, nn nhn ca Byzantine Candor cn c t nht 20 cng ty phng Ty, trong c tp on du la Halliburton. im chung ca cc cng ty nn nhn ny l h c nhng d liu hoc nhng k ngh mi c th c li cho Trung Quc. Ngoi Byzantine Candor, cc chuyn gia Hoa K cho bit cn c t 10 n 20 nhm hacker khc n t Trung Quc. Cc nhm ny hot ng rt c t chc, chng rt bit cch xa du vt khng b truy ra ngun gc. Th nhng, chng khng ng k cp gp b gi, mi hnh vi thm nhp b mt ca chng li b cc chuyn gia M b mt quan st tng tn. Hacker Trung Quc, ai m ch s ! Libration nhc li, cu chuyn hacker my tnh n t Trung Quc bt u t hn chc nm nay, vi mc tiu chnh l nhng i tng m chnh quyn Bc Kinh xem l k th, v cc cng ty v kh ln Phng Ty, c bit l ca M. Nm 2009, hng ngn th in t (e-mail) ca c t Lai Lt Ma b hacker my tnh ca Bc Kinh sao chp li. Libration cho bit, n hin ti, dng nh ai cng c th tr thnh nn nhn ca hacker Trung Quc. Ni m nh n mc m hi thng Su ri, trc khi t chn ln lnh th Trung Quc trong chuyn thm chnh thc nc ny, b trng quc phng c ng Stephen Smith phng bng cch khng mang theo in thoi di ng v my tnh xch tay. Nm ngoi, mt quan chc cp cao Hoa K khng nh rng nh cm quyn Trung Quc u t nhng khon tin khng l pht trin cng ngh gin ip mng, v hin ti nc ny c trong tay mt t chc gin ip rt ln v rt thin chin. Cng nm ngoi, truyn hnh quc gia Trung Quc cho pht mt phim ti liu v ch khoa hc v cng ngh quc phng, trong cho bit nc ny trang b c nhiu phng tin tn cng mng, v cn a ra minh chng l tn cng thnh cng mt trang mng Bc M ca mt nhm Pht Gio Php Lun Cng (vn b Bc Kinh cho l "t o"). Ni v nhn lc ca cc t chc hacker Trung Quc, Libration cho bit, qun i nhn dn Trung Hoa tuyn m nhiu ngn ngi ang lm vic cc cng ty cng ngh hoc ang nghin cu ging dy cc trng i hc. y l tuyt chiu ca hacker mng Trung Quc, bi ngun nhn lc ny rt tinh vi nn rt kh b pht hin.

T bo nhc li, hi thng 8 nm 2011, c n 70 cng ty ca M, Hy Lp, i Loan v Kazakhstan b tin tc xm nhp. Khi y, mt nghin cu ca M khng nh, Trung Quc chnh l th phm. File: ITN-073012-CHINA-1-Gian diep Trung Quoc.doc Nguyn Mnh Tr E-Mail: prototri@yahoo.com www.tranhchapbiendong.com Tu chnh: 30 thng 7 nm 2012