Google has said it will stop censoring search results to please the government of China and may leave the country entirely.
The search giant said its decision was based in part on a recent wave of hack attacks from China on it and more than 30 other companies, mostly in Silicon Valley. The attacks were largely based on spear phishing and exploited the Adobe .pdf vulnerability (which was patched yesterday) to plant Trojans. An investigation by Google showed that the attackers were trying to download information from the Gmail accounts of Chinese dissidents and steal source code.
Google, which opened operations in China in 2006, has been facing a constant barrage of pressures from the Chinese government to censor search results and otherwise limit the access that 300 million Chinese Internet users have to politically-sensitive information.
The company only handled one in three search requests in China and has been steadily losing market share to the Chinese Government search site Baidu.
Google and the authoritarian government of China are opposites.
Google has the concept of free access to information in its very source code. The entire point of an Internet search engine is to provide access to ANY information that a user goes looking for.
The government of China has several millennia of traditions of authoritarian control and isn’t going to change any time soon. Its “one-child” policy means that 40 million Chinese guys will never be able to marry by 2020. And no one is even discussing how many female geniuses have been lost to China through gender-based abortions or sale (oops, sorry) adoption to couples in other countries.
But in the view of the Chinese government it works. It’s only been in the last human lifetime that it ended turmoil and out-of-control human reproduction that resulted in famines and periodic mass die offs of millions.
And to put this further in perspective, China is a very big place. There are more Internet users in China than there are people in the U.S. That’s a lot of people to control whether by a democratic or non-democratic system.
What’s the point for computer security? The attacks were based on a known vulnerability (Adobe .pdf hole) that had a known workaround. The technique – spear phishing – has been around for years.
Somebody in China just went after the low-hanging fruit.
New York Times story here.