Home > News content

TK teacher: Chinese hacker VS foreign hacker,

via:博客园     time:2018/3/30 17:28:08     readed:600

Hello, everyone. I am in history. My daily life is a darling of science and technology. I will try various postures and tell you their endless brain holes and warmth stories. If you particularly want to hear someone's story, you may wish to add WeChat (micro signal: shizhongst) to tell me that I don't necessarily get it anyway.

TK leader: Chinese hackers VS foreign hackers,

They are going to engage in a "birth and bridge" ”

Literary history @ shallow black technology

What I found today is the idol of many hackers: TK leader —— Yu Xi.

The TK leader currently serving Tencent is the boss of the Tencent Security Basalt Laboratory.


Tencent Xuanwu Laboratories Yu Yu, who is known as the TK leader. (The soft thing behind the mouse looks evil...)

Some people commented on TK: The best of the hackers' sections was compiled, and the hacking techniques of the segments were the best. This is actually not powerful, and the great thing is that: In the hacking world, hacking technology has smashed many of his peers; in the sector, there is no one in the right. This is a bit scary.

This legendary cow was once a serious medical student. He was called "Gynecological Holy Hand" and later resolutely abandoned the doctor. The reason is: "I can't casually try my hand at the patient, but the computer is all right." ”

In Baidu search "Xuanwu Lab", there is a special search results:


I do not know whether this girl is a hacking technique admiring TK, or a dandruff level, or gynecological medicine.

Space is limited, not much to introduce, if you do not know him, you can turn off the article on the first to know the last, microblogging search wave: Tombkeeper, you do not lose. (Why did such a formidable big cow join Tencent? I have read in detail in another article "Why hackers have gone to Tencent." Interest can be seen.)

Recently, the TK leader is busy with a major event —— Chinese and foreign hackers & quot; 鹊 鹊 Bridge Conference & rdquo;. (No, this is not a blind date. It is the mingling of Chinese and foreign hackers... I can't say any more...)

Explained a wave, the official name of the conference is called AisaSecWest. What? Have not heard? I didn't hear it. Because this conference has not yet been held.

However, you are likely to hear another prestigious conference in cybersecurity: CanSecWest. Here Can refers to Canada, it has been held in Vancouver. Recently, under the sponsorship of Tencent, this conference will set up a semicolon in Asia, hence the name AisaSecWest. Chinese and foreign hackers will set up a camp together in Hong Kong in June 2018 to hold a conference for the purpose of technological exchanges. Therefore, I call it the "Bridge and Bridge Conference."

CanSecWest has a considerable influence in the world of cybersecurity. Only by making top academic research can we get to its rostrum. Every year, hackers from all over the world contribute to the conference for a speech. The organizing committee only selects 20 topics from among them. "The chance of winning" is actually no less than that of the Beijing license plate. Of course, unlike the luck of the license plate, boarding the CanSecWest's podium relies on hard work.


In 2017, Ding Chuanda, a researcher at the Tencent Security Basal Laboratory, gave a live speech at CanSecWest.

Although far away from the ocean, CanSecWest does not lack Chinese hackers. For example, in 2013, TK entered the CanSecWest podium. After nearly every year he went to Canada and attended the top hacking conference as a speaker.

But this top hacking conference, like Shenma and Bethune, is not quietly staying in Canada, but it is not far away from China.

Why is Tencent rushing to help AisaSecWest?

Why was this election held in Hong Kong?

These seemingly simple questions are not really good answers. Behind them are hidden thought-provoking realities. After talking to TK, I realized that all the answers were centered on one keyword:

“Network Security Community ”

Next I revolved around this keyword and answered the question just now.

First, Chinese and foreign hacking circles, in the end who is more cattle?

TK talked about his own past.

My first time abroad was in 2011. It was the BlackHat hacking conference held in Las Vegas, USA. Before I had already participated in many conferences in China, but BlackHat's scale and the maturity of the conference still give me a great impact.

What impresses me most is the ""community atmosphere" of foreign countries.

He mentioned a key word: "Community Atmosphere".


Hacking Conference held annually in the United States: BlackHat

Many people feel unfamiliar with the word community. In fact, it is what we call "circle". Regardless of your hobbies, you will find that: In a person's growth, communication with “communicating users” in a circle can greatly improve your technology. Especially sophisticated technologies such as cyber security require more communication and mutual learning.

In the Chinese and Western cyber security community, there is a big difference in style.

The first difference is: the area of ​​research.

From the speech of the security researcher can be seen:

Judging from the scope of the issues, most Chinese hackers are concentrated in more practical areas such as vulnerability mining and web protection. Although the research is deep, the scope is relatively narrow.

But what foreign hackers do is, radio, hardware, etc. The research is also deep and covers a wide range.

TK said.


This picture is at the American hacker convention DEF CON, people are studying a kind of circuit board.

This kind of difference between China and the West, we actually have become accustomed to it. Each year, China Sao year can win big prizes at the International Olympic Games, but it is not a good thing in the field of inventions that test creativity.

To open a hole in the brain, this difference in thinking mode actually corresponds to China’s international division of labor:

From the late 1990s, the world has come a mighty job division: China has become a standard world factory, and at the same time, the West has become the center of world innovation.

In other words, China has assumed more responsibility from 1 to 100, and the West has taken on more responsibility from 0 to 1.

Obviously, from 1 to 100 more powerful execution is needed, and from 0 to 1 more divergence and creativity are needed. Starting from this background, children at both ends of the world also develop different thinking characteristics.

The second difference is: community culture.

China’s cybersecurity conference was open and many people ran out to chat. Most of the chat content is not related to technology. Perhaps the most important topic of a meeting is that friends from Tiannan Haibei get together to eat buffets;

Most of the foreign conferences will listen carefully. Even if they communicate, they will focus more on their own research.

In other words, China's network security community emphasizes the relationship between people, while the western network security community emphasizes the simple technology.

“ Of course, this is not good or bad. "The TK said," only this way, China's net security community, and other communities there is no significant difference. I think a technical circle should still strengthen its technical colors. ”

In fact, many people have already made quite a few words about China’s cybersecurity community culture and want to change it.

They found that the best change started with communication. However, after all, Canada is far away from the mountains and it is not easy to get a visa. It is still quite expensive to visit. Therefore, Chinese security researchers who can participate in CanSecWest are after all a minority. For this simple purpose, TK wants to bring the conference to China.


CanSecWest site

Second Tencent and the security community have a relationship with God?

Here, the purpose of AisaSecWest has been clear: China and the West network security community exchanges.

But this is just the expectation of TK as a member of the security community. Behind TK is Tencent, which ultimately sponsors AisaSecWest. It is Tencent Security.

The question arose: At first glance, AisaSecWest and Tencent's eight-sisters could not fight. Why is Tencent so eager to sponsor it? As a giant Internet company, what do they want from the exchanges between the Chinese and Western security communities?

To illustrate this issue, we must first popularize a background knowledge. That is: How much does Tencent need safety?

Tencent’s perception of security, I divided it into four eras:


1, QQ era: protect yourself

In the early days of Tencent, the only competitive product was QQ. Many people have memories. At this time, there is only one security issue related to QQ: hacking.

At that time, Tencent may not have imagined that it would be the giants of today. However, they realized earlier than others that the safety of products is a matter of life and death for enterprises. Therefore, Tencent actually established the security department at very early stage.

This security department is committed to protecting the company's business. It is very pragmatic. This is also the initial background of Tencent Security.


2. The Hacking Age: Protecting Users

Later, Tencent's communications software has continued to expand, become the standard for all citizens, the most visionary investors have begun to discover the company's "giant phase". The most discerning bad guys also began to discover the value of QQ.

At that time, some of the gray transactions or fraud will use communications software, and the QQ with the largest market share will not escape the fate of lying guns.

The key issue is that QQ cannot completely cover bad people in its own territory. For example, Tencent opened a mall and everyone went shopping. The guests came and the thief also came. Because the security in the shopping mall is very powerful, the thieves do not dare to start in the mall, but they will follow the customer, go out of the mall and then start.

Reasonable, customers out of the mall, it does not matter with Tencent. However, Tencent gas, however, they decided to give each customer a "guardian", always protect the user. That's right, this is Tencent Computer Manager (and then the mobile phone butler).


3, era of black production: expeditionary enemy

I can conclude that 100% of the people who can see this article are users of Tencent. You can think about it. As a user, privacy and money are highly related to social software. Therefore, our security requirements for Tencent products are very high.

One can imagine the pressure that Xiaomao feels on Tencent's security.

After 2010, Tencent became a recognized Internet giant. However, the hackers in that year had also shotguns and formed a black production army. Black-gang gangs in various positions have already played guerrilla warfare against Internet giants.

This kind of guerrilla warfare sounds strange to you, but its most important means are familiar to all Chinese: telecom fraud.

The basic idea of ​​telecommunication fraud is: Didn't you Tencent keep the Internet's chain securely? Well, I jumped out of the Internet world and came to an "O2O" line to make money directly with voice calls.

Thus, this leads to the mighty Tencent Security "Guardian Action". In short: put security technology in telecommunication operators, directly block fraudulent calls, put security technologies in banks, and directly block the circulation of funds; hand off security techniques to uncles of the police and arrest people directly.

Truthfully speaking, these contents have exceeded the business scope of Internet companies. However, hundreds of millions of users were burdened by Tencent and were in a good sense. Regardless of whether they were out of social responsibility or out of commercial interests, “did the enemy’s advance” and had to do it. And almost every year at the Guardian Conference, Ma Ying-jeou has "emerged" and personally stands on the stage, which shows his importance. (For the discussion of this part, I have read in detail in another article, "Distant Ephemeral Mobei: Tencent's Black War". There are some brain holes in it. Interest can be taken and seen.)


4, the ecological era: to help teammates

If the entire Chinese security force is like a football team, then Tencent is one of the star players. However, just like the actual Chinese team, although there are often international stars appearing, they play great games. However, if they work together with teammates, they will be instantly replaced by seconds.

For so many years, hard working hard to improve safety skills, nothing more than BAT these big factories, but watching other teammates around him, a little bit tired or not love.

Therefore, the current strategy of Tencent Security is:

1) Help teammates: Start ToB service to help other companies strengthen their security.

2) To train the next generation: The so-called football should be picked up from the baby, and it seems safe to rely on the next generation. . .

Similarly, using the analogy of football to train the next generation depends on what? Of course, we must rely on the people's passion for football. Translated into another word, is not "community building" Well.

Wow, grow a breath. . . Taking such a long distance is to solve this problem: Why is China's safe community building so important to Tencent?

the answer is:

Because Tencent wants to survive, we must protect users;

To protect users, we must combat black production;

To fight black production, there can be no pig teammates;

To avoid pig teammates, we must strengthen China's overall security level;

To improve the overall level of security, we must rely on community building;

The best way for China's security community to develop is to communicate with Western security communities.

The important way to communicate is to organize regular meetings and exchange with everyone.

OK, the conference is coming, AisaSecWest.


Three Why Choose in Hong Kong

The last question, why was it chosen in Hong Kong?

A: I am willing to.

No no no, this answer is not terrible.

We still take the TK sitting on the side and come back.

The TK who regularly attend international cyber security conferences can actually see the details of this:

For example, visas are a big problem.

China, the United States, and Russia are basically the areas where cybersecurity researchers are most concentrated. However, these countries get visas from each other and the rejection rate is quite high. Therefore, many safety issues are very good, English is also very good, and also very much want to communicate, but it is refused.

It is also very difficult for Americans to get a Chinese visa. Between the United States and Russia. . .

For another example, language is also a big problem.

Many Chinese hacking techniques are great, but English is a scum. The international hacking conference basically requires the use of English to vote on issues and speak in English. This will stop many people.

For another example, confidence is also a big problem.

Many Chinese researchers actually have enough issues to vote at the level of the international conference, but they are afraid of failure, so their approach is: I will not fail without investing.

With so many problems, the solution requires only two words: Hong Kong.

When it comes to visas, Hong Kong should be the only place where Westerners and Chinese can freely enter and leave. TK compares it to the space port on Tatooine in Star Wars, where all kinds of bizarre aliens can Stay.

When it comes to confidence, Hong Kong is an inseparable part of the Chinese territory. The hackers who are not confident enough see the fact that they are holding a conference in their own homes. The threshold is not so high, and they may be able to cast their own questions with confidence.

As for the language, "We have found simultaneous interpretation in Chinese, English, and Russian." The TK solution is rude and effective.

In the heart of TK, the Chinese and foreign hacker communities have long been short of a happy exchange.

China has long been demonized by Western media for its propaganda. Many foreigners feel that China is a very dangerous thing.

TK Tucao.

In fact, every time they see foreigners, they will be curious to ask TK: “ You study cybersecurity in China, will you be arrested? ”

This is actually a very strange impression, which stems from the fact that Westerners have no concept of the development of China. "Their hearts of China remain in the thinking during the Cold War." & rdquo; TK said.

Well, if you dare not come to mainland China, you can always come to Hong Kong.

This is the good intentions of choosing in Hong Kong:

We must let the Chinese security community learn from the advantages of foreign countries: broad thinking, attention to technology, and seriousness;

At the same time, we also want to show the real Chinese community to foreign communities: we are open and inclusive, we like our friends, we are not monsters.

"We can pass. You can also come here. This is the meaning of the bridge." ” Duan Zishou TK, this moment's focus is long.

IV. Chinese Community VS Foreign Community

Coincidentally, in early 2018, Baidu also announced the introduction of another internationally renowned hackers "DEF CON" into Beijing. The two giants Baidu and Tencent did not communicate, but did a similar layout. This just explains some issues.

As China’s economic development has reached a certain stage, the exchange of Chinese and foreign technologies has also reached a certain stage. Just like the Chinese participated in the Olympic Games for so many years, and then the Olympic Games was brought to China.

This is a good thing for the security community.

TK said.

In fact, in order to contribute to the security community in China, Tencent has been working hard for the past two years. Just to name a few examples:

1) Sponsor GeekPwn crack show. Through various national security researchers on the stage to display a variety of wonderful crack, so that more people pay attention to network security. (In the words of the great bullfrog, it is said: Let's despise the security researcher's wife's mother-in-law, your daughter-in-law is bullish, though I don't have a car for a while, but I can go on TV!)

2) Hold TCTF Cyber ​​Security Contest. Many young hackers team up to compete on the field, and the winner can get bonuses and honors. Let more young people are interested in cyber security and join in the career of love and hate. In order to strengthen community exchanges, TCTF has also invited many foreign teams.

3) Hold CSS China Internet Security Leaders Summit. Committed to allowing traditional industries can also use mature security technology. In 2017 on the CSS, the world’s number one hacker was also invited: Kevin · Mitnick.


Seeing that there are more and more opportunities for international security exchanges in the Chinese security community, many people do not have a good experience in international exchanges. TK has been in circles for so many years. He summed up two experiences:

1. An international conference like this still has an opportunity to fight for speeches.

Instead of just being a participant, let someone else hear your voice. Only when you hear your voice will others begin to understand you, and then there will be better communication.

2. Do more interaction with the community.

For example, international open source projects can actively participate. In fact, non-secure open source projects, China's programmers have gradually made a lot of contributions, the most typical is PHP, where the main developers are Chinese.

There are many ways to interact, TK gives an interesting example:

A while ago, Intel CPU exposed a loophole. Everyone is discussing the risks. Tencent Xuanwu Lab has quickly made a test tool to test whether your browser will be attacked remotely due to this loophole.

This tool is rapidly circulating in the international cybersecurity community and is even popular in the browser community. Everyone has tested and tested the problem, "questioning" "Development, how do you still not repair?" Developers are open-minded and quickly upgrade.

This is actually a good interaction between the Chinese and foreign security communities. The vulnerability is discovered by foreigners, and the testing tools are indeed done by the Chinese. Everyone cooperates with each other to increase understanding.

Having said so much, TK is actually an ancient truth in the description:

Everyone has his own hobby, but also has his own specialty. No matter what the community is, your level may not be as good as it was at the beginning. No matter, learn slowly, you will find that you can gradually contribute some strength to the community. Slowly, the contribution is getting bigger and bigger, and your right to speak is getting bigger and bigger. Whenever you get away from your goal, you get closer.

Every young person interested in technology, Tencent's security, including our Chinese security community, are not all such step by step growth?

Remember the girl who asked questions and wanted to join the Xuanwu laboratory? In fact, TK himself answered the question below. His answer ends with:

"The arts are endless and don't make donations." ”


Let me introduce myself. My name is Shi Zhong, a science and technology reporter who is enamored with stories. My daily routine is to chat with various gods. If you want to be friends with me, you can follow Weibo: @ Chinese guns, or search WeChat: shizhongst.

If you don't want to lose it, you can also pay attention to my own media public number. "Black technology".


China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments