←back to thread

286 points 2OEH8eoCRo0 | 1 comments | | HN request time: 0s | source
Show context
clwg ◴[] No.42132630[source]
I was working with MISP[0], an open-source threat intelligence sharing platform, and came across a really interesting dataset from the Australian Strategic Policy Institute on China's technology research institutions[1]. I liked the data so much I built a quick cross-filter visualization on top of it to help explore it[2].

The data offers a fairly comprehensive and interesting perspective on China's research priorities and organization, I can't speak to the effectiveness of the programs themselves, but it does make me concerned that we are falling far behind in many areas, including cyber security.

[0] https://www.misp-project.org/

[1] https://raw.githubusercontent.com/MISP/misp-galaxy/refs/head...

[2] https://www.layer8.org/8541dd18-ff05-4720-aac7-1bd59d3921dd/

replies(5): >>42132801 #>>42133485 #>>42134891 #>>42137891 #>>42143837 #
acheong08 ◴[] No.42132801[source]
> we are falling far behind in many areas, including cyber security

In terms of quantity and quality of talent, I don't think the western world would fall behind China, especially with their strict control of information. Most people there will have difficulty independently learning about cybersecurity.

The difference is that most talent is captured by the private sector with higher compensation or bounties. Meanwhile, China can very easily compel anyone they need into the government so the % utilization on outward attacks is probably higher.

replies(10): >>42132860 #>>42132946 #>>42133034 #>>42133113 #>>42133133 #>>42133189 #>>42133488 #>>42133564 #>>42133646 #>>42135370 #
equestria ◴[] No.42132946[source]
> especially with their strict control of information. Most people there will have difficulty independently learning about cybersecurity.

I'm puzzled by this assertion. I know quite a few self-taught infosec folks who grew up there. China is not North Korea. The government, by and large, doesn't monitor what you're doing day-to-day, unless you're a political activist or some other "undesirable". The Great Firewall doesn't stop you from accessing infosec content; and in any case, the use of VPNs is prevalent among techies.

To be fair, the parent's claim that China is "ahead" in infosec also feels like fearmongering. The one thing that's true for China is that their government has far fewer qualms about hacking Western infrastructure to get dirt on dissidents, steal IP, and so on. But that's a matter of ethics and law, not tech.

replies(2): >>42133383 #>>42133847 #
tivert ◴[] No.42133847[source]
> To be fair, the parent's claim that China is "ahead" in infosec also feels like fearmongering. The one thing that's true for China is that their government has far fewer qualms about hacking Western infrastructure to get dirt on dissidents, steal IP, and so on. But that's a matter of ethics and law, not tech.

I've heard China also has many more personnel working in this space.

replies(1): >>42135433 #
medo-bear ◴[] No.42135433[source]
Ive also heard that China has many more people living in it than the US. Ive also heard that Chinese higher education system is state funded
replies(1): >>42136367 #
tivert ◴[] No.42136367[source]
> Ive also heard that China has many more people living in it than the US. Ive also heard that Chinese higher education system is state funded

So? It kinds sounds like you're making an excuse, but excuses don't do anything to address the capability difference caused by the larger number of personnel.

replies(1): >>42139747 #
medo-bear ◴[] No.42139747[source]
The US used to be by far the largest country in the developed world. It could be argued that sheer numbers allowed it to succeed and dominate throughout the previous century. Today the US is no longer the largest country in the developed world, not by a long shot
replies(1): >>42142702 #
tivert ◴[] No.42142702[source]
What's your point? Your comment doesn't really address anything relevant regarding the US's goals and positioning to achieve them.

For instance, if the US wants to to secure its networks and be able to respond effectively to hacking threats from its geopolitical rivals, it may have to invest proportionally more of its human resources in infosec to remain competitive. I see no good reason why it can't do that.

Also, noting that one reason China may be ahead in infosec is because it may have many more people working in that area was to rebut claims that "China is ahead in infosec" was "fearmongering."

In short, China having a larger population may be one reason why they're ahead, but that why is not very relevant to decisions about what to do about it.

replies(1): >>42145569 #
medo-bear ◴[] No.42145569[source]
Im just offering you an explanation about evolution of powers in the world, and human resources is a huge factor. Already in his last mandate Trump was constantly talking about the power of US military, much like Russia does about its nukes. These sort of things are done out of weakness, not strength
replies(1): >>42154334 #
tivert ◴[] No.42154334[source]
> Im just offering you an explanation about evolution of powers in the world, and human resources is a huge factor.

Sorry, that wasn't an explanation that was needed nor asked for.

And its sounds like weird sort of demographic determinism, which is kinda so oversimple to be obviously not true.

replies(1): >>42155660 #
1. medo-bear ◴[] No.42155660[source]
I'm sorry I didnt realise you think Im only allowed to respond in the way you find appropriate.

If you do not want to take into account China's huge and relatively well educated and quite capable working class that is your issue