Home > Critical Infrastructure Security, Information Security > After Kylin-OS expect China’s very own Secure Hardware

After Kylin-OS expect China’s very own Secure Hardware

In today’s networked/cyber world, its perfectly normal for self-aware countries to invest in developing in-house cyber capabilities, even if you are a nation that is not mobilizing itself for cyber war, giving your critical infrastructures a good head start “security wise” by standardizing on a non-windows system is a justified and conscious decision.

Recently, Some media claims that the recent report by the washington times about the Kylin-OS (See my posts below ) is unsubstantiated and have contributed to a hype without proper researching. those claims are simply not true and misinformed.

According to this annual DoD report (Annual Report to Congress on the Military Power of the People’s Republic of China ) which has been issued every year since 2002. China is developing a secure OS and their very own secure Microprocessor among many other cyber capabilities.

according to the same DoD report, the PLA (People’s Liberation Army) is ” investing in electronic countermeasures, defenses against electronic attack (e.g., electronic and infrared decoys, angle reflectors, and false target generators), and Computer Network Operations (CNO). China’s CNO concepts include computer network attack (CNA), computer network exploitation (CNE), and computer network defense (CND). The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks. In 2005, the PLA began to incorporate offensive CNO into its exercises, primarily in first strikes against enemy networks.”

having said that, a chinese article published on May 15th claims that they are far from happy with what they have achieved over the past 5 years in terms of innovation :

“According to Ni Guangnan, China spends tens of millions of RMB each year on Linux development.
So far, five companies have been set up to develop Linux. The government invested millions of RMB to help establish them and has spent millions more supporting them. However, the only progress that seems to have been made by the Chinese companies is in product imitation, and this provides no return on such a huge investment” Full Article in English (HERE)

More DoD reports on china can be found at (http://www.dod.mil/pubs/china.html)

Advertisements
  1. CyberSpy
    May 20, 2009 at 10:38 pm

    DoD stated the following.

    “China has also identified 16 “major special items” for which it plans to develop or expand indigenous capabilities. These include core electronic components, high-end universal chips and operating system software, very large-scale integrated circuit manufacturing, next-generation broadband wireless mobile communications, high-grade numerically controlled machine tools, large aircraft, high-resolution satellites, manned spaceflight, and lunar exploration.”

    The PLA is investing in electronic countermeasures, defenses against electronic attack (e.g., electronic and infrared decoys, angle reflectors, and false target generators), and Computer Network Operations (CNO). China’s CNO concepts include computer network attack (CNA), computer network exploitation (CNE), and computer network defense (CND). The PLA has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks. In 2005, the PLA began to incorporate offensive CNO into its exercises, primarily in first strikes against enemy networks.”

    The above was taken from the US DoD Annual Estimates of Information Warfare Capabilities and Commitment of the PRC

    NOW LOOK AT

    The information from a summary of China’s trusted computing program TCP

    They specifically talk about the “trust chain” and that includes “new OS component, OS, BIOS and CRTM. (PAGE 6)

    Their extended trust chain model includes an “OS loader and the OS Cernal as well as Applications” (PAGE 8)

    Their security architecture shows “strengthened bios and a strengthened OS TSS” (PAGE 9)

    They also present a secure memory area on a microprocessor. (PAGE 10)

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: