THE HACKER credited with leaking VMware source code as well as a raft of documents relating to the Chinese CEIEC organisation has told The INQUIRER that he did it to raise awareness and will keep on doing what he does.
We spoke to Hardcore Charlie over a secure IRC connection yesterday, and he told us that while VMware has dismissed stories about the scale of the leak, what was actually found went a lot deeper.
He offered to show us snippets of code and screenshots that proved this. We have calls in to VMware for its take on this, and are waiting for a response.
Hardcore Charlie said that the leak was not made for profit but with a purpose. He said that there need to be open avenues of discussion over leaks not dismissals, as the latter can hide the scale of what has been exposed and what it actually means.
He pondered what EMC's response would be to more information he has, which is available to it if it wants. "I wonder what they will say if looked at the screen," he said. "Obviously they realize that the code will get to public - we are not here for money we are for lulz so we don't cover up. We found the whole EMC line of products on Chinese network."
He added that the code is different from what would normally be released by a company, adding further suggestions that it is not the bog standard sample that the firm insists it is.
The Chinese network mentioned relates to hundreds of thousands of sina.com email accounts that are at Charlie and his team's disposal. There is some incendiary stuff there, he says, and again he has made offers to share it, though this time with law enforcement and the military.
He's not in it for financial gain, but to close down leaks and secure borders. For example, he says that a string of military communications, a pipeline, could have been shut down by now, thanks to an early leak, but is still active.
"Stop US sensitive military information [from] being exploited. Hey we still receive updates dated same day of new release. Why wont you fucking stop it or ask us for information on how this info comes forward? No one has read the information we put forward," he said.
"We are not to lulz with. We don't like being ignored like that. Once you apprehend us and put behind bars then you can shut us down. But not until then and not until the problem is addressed."
Security researcher Jeffrey Carr has poured over the documents so far and published his take on them. He's found details of a mining firm that is supported by Chinese defence outfit Norinco and is buying equipment to dig up silicon, despite that being against the U.S. Export Administration Act. That's just the tip of his take on the documents.
Charlie said that it was this sort of discovery that made leaking the information so important. "This means this hack reveals many secrets with every day," he said. "It is not only limited to VMware. There is much more of significance there."
We should be shocked, but...
But the search giant has now squashed the bug
But it's not yet available here in Blighty