Archive for China

« Older Entries
Newer Entries »

China Cracks Down On VPNs

Posted in Commentary with tags on July 11, 2017 by itnerd

It seems that the Chinese government is not cool with VPNs as it gives Chinese citizens access to services that may not be approved by the government such as Google, Twitter and Facebook or news websites like The New York Times. I say that because according to The Verge that VPNs are pretty much verboten, or at least will be:

Citing sources familiar with the matter, Bloomberg reports that the Chinese government ordered state-run telecoms to begin blocking VPNs by February 1st. Earlier this year, China’s Ministry of Industry and Information Technology announced that all VPN services would need to obtain government approval, as part of a “cleanup” of unauthorized internet connections.

Many Chinese internet users use VPNs to privately access websites that are blocked under China’s so-called “Great Firewall,” including restricted news sites and social media services like Facebook and Twitter. It is unclear whether the VPN block would affect foreign corporations, many of which use VPNs to secure data and circumvent web filters.

So how does this affect VPN providers? How does this affect tourists and visiting business users that may need VPN access to their companies? I reached out for comment from NordVPN and got this from NordVPN’s CMO, Marty P. Kamden:

“NordVPN stands for freedom of speech and free access to Internet around the world. When it comes to China, nothing is ever certain, and that’s the approach we took from the get-go. It’s not yet clear how the Chinese government is going to implement the ban from the technical point of view. However, we at NordVPN will do everything within our power to enable our users to continue enjoying the Internet freedom.”

We’ll have to see how this plays out, but if you’re going to China, plan accordingly.

2 Comments »

Threats Tied To China Have Far Reaching Effects For Android Smartphone Users

Posted in Commentary with tags on November 23, 2016 by itnerd

If you use an Android smartphone, you should read this story as it’s pretty scary. The Hacker News is reporting that there’s a backdoor that is potentially pre-installed on 700 million Android phones that sends your data to China:

Security researchers from Kryptowire discovered the alleged backdoor hidden in the firmware of many budget Android smartphones sold in the United States, which covertly gathers data on phone owners and sends it to a Chinese server without users knowing.

First reported on by the New York Times on Tuesday, the backdoored firmware software is developed by China-based company Shanghai AdUps Technology, which claims that its software runs updates for more than 700 Million devices worldwide.

That’s pretty bad. Here’s what it does:

Besides sniffing SMS message content, contact lists, call logs, location data and other personal user information and automatically sending them to AdUps every 72 hours, AdUps’ software also has the capability to remotely install and update applications on a smartphone.

The secret backdoor is said to be there intentionally and not accidently or due to a security flaw, although, according to the US authorities, at the moment it is unclear whether the data is being collected for advertising purposes or government surveillance.

Apparently the software has been supplied to BLU Products, ZTE and Huawei among others. BLU for one is removing the software and ZTE says that the software doesn’t exist on US smartphones. But this doesn’t exactly inspire confidence. For it’s part, AdUps has said that its software featured on the smartphone tested by the security firm was not intended to be included on smartphones in the United States market and was just designed to help Chinese phone manufacturers to monitor user behavior.

Sure.

Now if you want to ensure that you’re not one of the potential 700 million Android users affected by this, there is a detection tool that has been created to sniff this backdoor out which you can get from here. But if you find it, you can’t disable or remove it. You’ll need whomever manufactured your phone to do that for you like BLU has. So if you find it, you’ll need to bug them for a fix.

However, I’m not done yet. There’s a second threat from China that affects Android users. In short, third-party firmware included with over 2.8 million Android smartphones allows attackers to compromise Over-the-Air (OTA) update operations and execute commands on the target’s phone with root privileges. Anubis Networks found the issue and ThreatPost has the details:

The problem stems from what researchers call an insecure implementation of an OTA mechanism used for updates associated with software made by Ragentek Group, a Chinese firm based in Pudong, Shanghai. According to researchers with Anubis Networks, who disclosed the issue last week, communications over the channel from the responsible binary are unencrypted, which opens the door for a man-in-the-middle attack.

“All transactions from the binary to the third-party endpoint occur over an unencrypted channel, which not only exposes user-specific information during these communications, but would allow an adversary to issue commands supported by the protocol. One of these commands allows for the execution of system commands,” said Dan Dahlberg and Tiago Pereira, researchers with Anubis Networks who on Thursday disclosed the vulnerability.

Researchers with the firm claim that 2.8 million devices – spread across 55 different device models – checked into a sinkhole tied to the binary.

CERT put out a warning on this and tied this issue to devices made by BLU, Infinix, DOOGEE, and LEAGOO among others. BLU says that a future firmware update will cure this, but no other company affected by this has commented on this. That does not inspire confidence.

Perhaps the way to avoid either of these threats is to not buy budget
Android smartphones? Or dare I say it, switch to iOS? Honestly, I am not 100% sure how one can avoid this otherwise.

1 Comment »

Hackers Hit Health Insurer…. “Tens Of Millions” Of Records Stolen…. China Possibly Involved

Posted in Commentary with tags , , on February 6, 2015 by itnerd

If you’get your health insurance from Anthem who is one of the largest health insurers in the US, then you likely have something to worry about. According to The Wall Street Journal, they got hit by hackers on an epic scale:

Investigators are still determining the extent of the incursion, which was discovered last week, and Anthem said it is likely that “tens of millions” of records were stolen. The health insurer said the breach exposed names, birthdays, addresses and Social Security numbers but doesn’t appear to involve medical information or financial details such as credit-card or bank-account numbers, nor are there signs the data are being sold on the black market.

Anthem, which offers Blue Cross Blue Shield plans in California, New York and other states, said it doesn’t know precisely how many people may be affected. So far, it appears that the attack detected last week is the only breach of Anthem’s systems, and it isn’t yet clear how the hackers were able to obtain the identification information needed to access the database said Thomas Miller, the insurer’s chief information officer.

That’s just delightful. Affected customers will be contacted by Anthem. But what’s got my attention is this Bloomberg story that points the finger at China:

Technical details of the attack include “fingerprints” of a nation-state, according to two people familiar with the investigation, who said China is the early suspect.

The Federal Bureau of Investigation is leading the investigation, according to Anthem, which has hired FireEye Inc., a Milpitas, California-based security company, to assist.

China has said in the past that it doesn’t conduct espionage through hacking. The Chinese embassy in Washington didn’t immediately respond to a request for comment.

I personally would like to see proof of that as it’s really easy to point a finger at someone and say “they did it.” But let’s say that China is behind this. I’d like to know what the US government is doing to protect its citizens from state sponsored hacks like this? Assuming that they are doing anything at all of course.

Leave a comment »

Apple Products May Not Be Banned In China

Posted in Commentary with tags , on August 7, 2014 by itnerd

So, this story from yesterday where a Bloomberg report said that a list of Apple products had been banned in China just got interesting. News.com is saying that Apple isn’t being banned in China:

But Bloomberg and/or its sources may have confused some facts of the matter, thereby drawing the wrong conclusions. A report from Chinese news site Caixin cites sources close to China’s Ministry of Finance who say that Apple simply neglected to apply to be included in the procurement list, which actually is geared toward energy-saving products, according to The Wall Street Journal.

Why Apple didn’t file an application or at least not the right application is unknown, though authorities are currently looking into the issue, AppleInsider said. Caixin’s take is that Apple may have simply failed to submit the necessary documents, including energy-saving product certification, which are required to make the list.

Now Bloomberg stands by its story, but one has to wonder what the truth is. When I get it, you’ll see it here.

Leave a comment »

RUMOR: China To Ban Government Purchases of Apple Hardware Amid Security Concerns

Posted in Commentary with tags , , on August 6, 2014 by itnerd

Frequent readers of this blog will know that Apple has had some security related issues with the Chinese recently. That may have  just increased if this report from Bloomberg is to be believed:

China’s government excluded Apple Inc.iPads and MacBook laptops from the list of products that can be bought with public money because of security concerns, according to government officials familiar with the matter.

Ten Apple products — including the iPad, iPad Mini, MacBook Air and MacBook Pro — were omitted from a final government procurement list distributed in July, according to officials who read it and asked not to be identified because the information isn’t public. The models were on a June version of the list drafted by the National Development and Reform Commission andMinistry of Finance, the officials said.

Now to be fair, Apple is the latest tech company to be banned from selling in China as they join, Symantec and Microsoft among others. Still, seeing as Apple is really trying to break into that market, this isn’t good for them.

I fully expect Apple to respond to this in some way. When they do, you’ll see it here.

Leave a comment »

Apple Under Pressure In China And Russia Over Security Issues

Posted in Commentary with tags , , , on July 30, 2014 by itnerd

I’m betting that this isn’t going over very well at 1 Infinite Loop at the moment.

Russian officials are calling out Apple over their security issues. A Reuters report says that the Russian Government wants Apple along with SAP to hand over source code so that they can prove that they have no security issues:

The Russian proposal was voiced last week when Communications Minister Nikolai Nikiforov met Apple’s general manager in Russia, Peter Engrob Nielsen, and SAP’s Russian managing director, Vyacheslav Orekhov, the Communications Ministry said in a statement.

It said the proposal was designed to ensure the rights of consumers and corporate users to the privacy of their personal data, as well as for state security interests.

While couched in the language of protecting privacy, any Russian move to force these companies to divulge the inner workings of their software could pose a major threat to their viability if they were to lose control of the source code.

Given the current climate of relations between Russia and the west, this has got to be a ploy. At least one would hope so. And you can bet that there’s zero chance that this would ever happen. Though they did invoke the name of Edward Snowden to further force the issue:

“Edward Snowden’s revelations in 2013 and U.S. intelligence services’ public statements about the strengthening of surveillance of Russia in 2014 have raised a serious question of trust in foreign software and hardware,” Nikiforov said in the statement released late on Tuesday.

That’s not good. Neither is increasing pressure from China. Fang Xingdong who is the founder of Blogchina and web research consultancy Chinalabs as well as being the director of the Center for Internet and Society at Zhejiang University of Media and Communications is saying that Chinese officials should be banned from using the iPhone. Here’s a Google translated document (original version can be found here) that spells out his concerns:

Internet Lab founder Fang Xingdong told reporters that for the Apple exposed “reserved port” for a long time, consumers did not know, so there is a certain risk. He stressed that as a technical support side, Apple could get some of the data used for the sale, but this exposes data acquisition significantly exceeded the limits of technical support.

What he’s referring to is the infamous iOS backdoor gong show that blew up last week. I’m pretty sure that this is the last thing that Apple needs in a market it wants to make inroads into.

Clearly, Tim Cook and company have some work to do to put these fires out.

Leave a comment »

National Research Council Hacked By The Chinese

Posted in Commentary with tags , , on July 29, 2014 by itnerd

It seems that the Canadian Government was the target of another hack by the Chinese. This time the target was the National Research Council and here’s what the CBC is reporting:

A “highly sophisticated Chinese state-sponsored actor” recently managed to hack into the computer systems at Canada’s National Research Council, confirms the country’s chief information officer, Corinne Charette.

The attack was discovered by Communications Security Establishment Canada.

In a statement released Tuesday, Charette confirms that while the NRC’s computers operate outside those of the government of Canada as a whole, the council’s IT system has been “isolated” to ensure no other departments are compromised.

I’m pretty sure the Chinese will deny involvement, just like they did the last time. But China has so called patriot hackers which give the Chinese government the ability to say “it wasn’t me” while benefiting from whatever info the hackers steal. So they’re unlikely to be believed. As if to underscore that, John Baird who is Canada’s Minister Of Foreign Affairs was scheduled to have a news conference in Beijing today. But that was quickly cancelled with no reason given. Though it should not take a lot of effort to read between the lines to figure out what the reason is.

Leave a comment »

Apple Responds To Chinese Over Location Tracking

Posted in Commentary with tags , , on July 15, 2014 by itnerd

Last week you’ll recall that I wrote about Chinese State Media claiming that Apple’s location tracking was a “national security concern.” I also said that because of Apple’s desire to be a player in the Chinese market, they’d have to respond. Well, they have on their Chinese website in both Chinese and English. Here’s a portion of what the statement said:

Our customers want and expect their mobile devices to be able to quickly and reliably determine their current locations for specific activities such as shopping, travel, finding the nearest restaurant or calculating the amount of time it takes them to get to work. We do this at the device level. Apple does not track users’ locations – Apple has never done so and has no plans to ever do so.

And:

Frequent Locations are only stored on a customer’s iOS device, they are not backed up on iTunes or iCloud, and are encrypted. Apple does not obtain or know a user’s Frequent Locations and this feature can always be turned “Off” via our privacy settings. 

Apple does not have access to Frequent Locations or the location cache on any user’s iPhone at any time. We encrypt the cache by the user’s passcode and it is protected from access by any app.

They conclude by saying this:

As we have stated before, Apple has never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will. It’s something we feel very strongly about.

Now, that’s a very definitive statement. One wonders why they didn’t come out with something similar last year when iOS 7 first appeared and people (including yours truly) first found this feature. Perhaps if they did, we wouldn’t be talking about it now.

Leave a comment »

China Claims That Apple’s Location Tracking A “National Security Concern”

Posted in Commentary with tags , , on July 11, 2014 by itnerd

Chinese state run media, which means it’s essentially the Chinese Government, has made a very interesting claim. They claim that because iOS 7 tracks your movements that this makes it a “national security concern.” Here’s what the Wall Street Journal had to say:

In its national noon broadcast, state-run China Central Television criticized the “frequent locations” function in Apple’s iOS 7 mobile operating system, which tracks and records the time and location of the owner’s movements. The report quoted researchers who said that those with access to that data could gain knowledge of the broader situation in China or “even state secrets.”

Apple didn’t respond to requests for comment.

Now I have talked about the frequent locations option previously. At the time I said that other phone makes do something similar and that I don’t think there’s anything sinister going on here. But I also mentioned that Apple should clear the air on this feature. Perhaps if they did, we wouldn’t be talking about this right now. Given that Apple really wants to make inroads into the Chinese marketplace, I think they’ll have to address this now.

This is one of those stories to keep an eye on.

Leave a comment »

Hey IT Nerd! Do US Charges Against Chinese Hackers Mean Anything?

Posted in Commentary with tags , , on May 20, 2014 by itnerd

Another question from a reader popped into my inbox today:

Good afternoon. Yesterday, the US Government laid charges against a number of Chinese officials for cybercrimes against six US companies. My question is, does that really matter as I don’t see China handing these people over to stand trial?

Thanks for the question. Before I answer your question, let me do a quick recap. Yesterday the US Department of Justice laid charges against five people who they accused of hacking six US companies and then turning over whatever they electronically stole to Chinese based companies. In effect, these five people are accused of cyber espionage for commercial gain. Now, I’m all for going after those who hack other people or companies and I am all for them being punished to the fullest extent of the law. However, that’s likely not going to happen in this case. There’s zero chance that China will hand over these people. Which means they will never face justice. Plus this is likely to increase tensions between the US and China. Thus other than give the appearance that the US is going after cybercrime, I fail to see the point of this exercise. Perhaps there’s something going on behind the scenes that is connected to this that will clarify things, assuming we find out about it. But as it stands now, the logic of laying these charges escapes me.

Perhaps some of the readers of this blog has some further insight on this? If so, please leave a comment and share your wisdom.

Leave a comment »

« Older Entries
Newer Entries »