Hello,
I was going through the news report about China having 'hacked' our defence computers and allegedly stolen some information. They are even alleged to have stolen email records of 1 year of the Dalai Lama.
My query towards those who may have more information about the same is as follows.
1. Are the compromised machines running doze or Linux? If doze then they are asking for trouble.
2. Since emails are stored as a single database file, how does the attacker steal only one year's record? How does he remotely slice a database inbox file date wise and copy it unless he has had long term access to the user_name and password and keeps copying and saving mails together in a clone offline email client like Thunderbird etc. or one by one using a web interface. Otherwise he has to compromise the actual email server that is hosting the email software and steal the entire inbox file, which is more difficult.