Security

Chinese Security Vendor Qihoo 360 Caught Cheating In Anti-virus Tests 62

Posted by Soulskill
from the hand-in-the-virus-jar dept.
Bismillah writes: China's allegedly largest security vendor Qihoo 360 has fessed up to supplying custom versions of its AV for testing according to an investigation by Virus Bulletin, AV-Comparatives and AV-Test. "On requesting an explanation from Qihoo 360 for their actions (PDF), the firm confirmed that some settings had been adjusted for testing, including enabling detection of types of files such as keygens and cracked software, and directing cloud lookups to servers located closer to the test labs. After several requests for specific information on the use of thirdparty engines, it was eventually confirmed that the engine configuration submitted for testing differed from that available by default to users."
China

China's Tencent Launches Smart Hardware OS To Rival Alibaba 22

Posted by timothy
from the diversity-in-approach dept.
An anonymous reader writes: Chinese internet and media giant Tencent Holdings has today launched an operating system for mobile devices such as internet-connected phones, TVs, smartwatches and other IoT products. Tencent Operating System (OS) TOS+ is open to all developers and manufacturers free of charge should they agree to share their revenue – a framework similar to Google's popular Android mobile OS. The new Tencent OS offering, which provides voice recognition and mobile payment systems, will rival other home-grown operating systems looking to conquer the smart hardware arena with connected wearables, TVs and smart homeware technology. These competitors include smartphone maker Xiaomi and Asia's largest internet company Alibaba, who hopes to see its recently launched Yun OS eventually installed on tens of millions of smartphones. The Chinese systems for mobile and hardware products provide an alternative to Google's services, which constantly face challenges across the country due to strict censorship and licensing laws.
China

Alibaba Looks To Rural China To Popularize Its Mobile OS 20

Posted by samzenpus
from the taking-it-to-the-country dept.
itwbennett writes: E-commerce giant Alibaba Group hasn't given up on its YunOS mobile operating system, and is taking the software to China's rural markets through a series of low-cost phones, which will be built by lesser-known Chinese brands and will range from 299 yuan ($49) to 699 yuan. Slashdot readers may remember that in 2012, Google claimed it was a variant of its Android OS, sparking a clash that threatened to derail Alibaba's effort to popularize the mobile OS.
China

Github DDoS Attack As Seen By Google 52

Posted by Soulskill
from the i-can-see-my-house-from-here dept.
New submitter opensec writes: Last month GitHub was hit by a massive DDoS attack originating from China. On this occasion the public discovered that the NSA was not the only one with a QUANTUM-like capability. China has its own "Great Cannon" that can inject malicious JavaScript inside HTTP traffic. That weapon was used in the GitHub attack. People using Baidu services were unwitting participants in the denial of service, their bandwidth used to flood the website. But such a massive subversion of the Internet could not evade Google's watchful eye. Niels Provos, engineer at Google, tells us how it happened. Showing that such attacks cannot be made covertly, Provos hopes that the public shaming will act as a deterrent.
Medicine

Chinese Scientists Claim To Have Genetically Modified Human Embryos 182

Posted by samzenpus
from the super-babies dept.
Annanag writes: There were rumours — but now it's been confirmed. Chinese scientists have attempted the ethically questionable feat of genetically modifying human embryos. The scientists try to head off ethical concerns by using 'non-viable' embryos, which cannot result in a live birth, obtained from local fertility clinics. The study is a landmark — but also a cautionary tale.
Security

Chinese Hacker Group Targets Air-Gapped Networks 71

Posted by samzenpus
from the minding-the-gap dept.
itwbennett writes An otherwise unremarkable hacking group likely aligned with China appears to be one of the first to have targeted so-called air-gapped networks that are not directly connected to the Internet, according to FireEye, which released a 69-page technical report on Sunday on the group. FireEye picked up on it after some of the malware used by the group was found to have infected defense-related clients in the U.S., said Jen Weedon, manager of strategic analysis with FireEye.
China

Report: Chinese Government Plans To Put 3D Printers In All Elementary Schools 99

Posted by samzenpus
from the class-printer dept.
InfiniteZero writes The Chinese government has a new plan to install a 3D printer in each of its approximately 400,000 elementary schools over the next two years. Education is probably one of the areas that will benefit the most from 3D printers in the long run. The problem though is getting the machines into the schools in the first place. With prices generally ranging from $400 to $3,000 for typical desktop 3D printers, they are not cheap, and with budgets within many school districts running dry, both in the United States and overseas, the unfortunate fact is that many schools simply can’t afford them, not to mention the materials and time it takes to train teachers to use them.
Intel

US Blocks Intel From Selling Xeon Chips To Chinese Supercomputer Projects 229

Posted by Soulskill
from the demands-recall-of-intel-inside-stickers-too dept.
itwbennett writes: U.S. government agencies have stopped Intel from selling microprocessors for China's supercomputers, apparently reflecting concern about their use in nuclear tests. In February, four supercomputing institutions in China were placed on a U.S. government list that effectively bans them from receiving certain U.S. exports. The institutions were involved in building Tianhe-2 and Tianhe-1A, both of which have allegedly been used for 'nuclear explosive activities,' according to a notice (PDF) posted by the U.S. Department of Commerce. Intel has been selling its Xeon chips to Chinese supercomputers for years, so the ban represents a blow to its business.
China

China's 'Great Cannon' -- a Cyber-weapon to Accompany the Great Firewall 81

Posted by Soulskill
from the speak-softly-and-carry-a-bunch-of-packets dept.
An anonymous reader writes: A new report from The Citizen Lab identifies a distinct new technology entity sitting next to the Great Firewall of China. Dubbed the 'Great Cannon', the multi-process cluster revealed itself quite openly in the recent attacks on Greatfire.org and its two Github pages. The DDoS attack was so sustained that CL was able to study the new technology in depth, determining architectural similarities and unearthing many strong indications that it is a product of the Chinese authorities.
Security

Apple Leaves Chinese CNNIC Root In OS X and iOS Trusted Stores 100

Posted by timothy
from the trusted-by-whom dept.
Trailrunner7 writes When it was revealed late last month that a Chinese certificate authority had allowed an intermediate CA to issue unauthorized certificates for some Google domains, both Google and Mozilla reacted quickly and dropped trust in CNNIC altogether. Apple on Wednesday released major security upgrades for both of its operating systems, and the root certificate for CNNIC, the Chinese CA at the heart of the controversy, remains in the trusted stores for iOS and OS X. The company has not made any public statements on the incident or the continued inclusion of CNNIC's certificates in the trusted stores.
Businesses

LG Will Lend You a Free Phone If You Talk About It On Social Media 22

Posted by samzenpus
from the phones-for-flattery dept.
jfruh writes LG will let people in a host of countries use its G4 free for 30 days — with the hope that this will result in positive buzz on social media sites. From the article: "By offering 4,000 people a G4 for 30 days, the company hopes to create some buzz around its new device as flagship devices from its rivals Samsung Electronics and HTC go on sale. The Consumer Experience Campaign kicks off in South Korea on Wednesday, and will then expand to Turkey, Indonesia, Singapore, U.S., China, India, Brazil, Canada, U.K., France, Germany, Mexico, Japan and Hong Kong, LG said."
The Almighty Buck

Google, Apple and Microsoft Squirm As Global Tax Schemes Scrutinized 312

Posted by Soulskill
from the all-about-the-benjamins dept.
An anonymous reader writes: Google, Apple and Microsoft chiefs were hauled in front of an Australian Senate Committee on Wednesday and forced to answer questions about their tax dodging structures. "Under questioning from Greens Senator Christine Milne, [Google's Maile Carnegie] revealed none of the revenue derived from Google's lucrative advertising business is taxed in Australia, rather it is booked in Singapore where the corporate tax rate is set at 17 per cent, as opposed to Australia's 30 per cent. ... However in the strongest defense yet of the company's complex tax structure, Ms Carnegie attempted to highlight the hypocrisy of criticising global technology companies for using the same approach that Australian mining firms, like Rio Tinto, use when deriving profits from China. 'These are international tax arrangements and what Google is doing in Australia is very very similar to what Australian companies are doing outside of Australia. I am not sitting here today trying to defend whether those practices are right or wrong, they are simply the way the global tax system is currently working and we are trying to operate within that.' Ms. Carnegie said it was up to the government to create a different system, which the company would then abide by."
HP

Carly Fiorina Calls Apple's Tim Cook a 'Hypocrite' On Gay Rights 653

Posted by timothy
from the fightin'-words dept.
HughPickens.com (3830033) writes "David Knowles reports at Bloomberg that former Hewlett-Packard CEO and potential 2016 presidential candidate Carly Fiorina called out Apple CEO Tim Cook as a hypocrite for criticizing Indiana and Arkansas over their Religious Freedom Restoration Acts while at the same time doing business in countries where gay rights are non-existent. "When Tim Cook is upset about all the places that he does business because of the way they treat gays and women, he needs to withdraw from 90% of the markets that he's in, including China and Saudi Arabia," Fiorina said. "But I don't hear him being upset about that."

In similar criticism of Hillary Clinton on the Fox News program Hannity, Fiorina argued that Clinton's advocacy on behalf of women was tarnished by donations made to the Clinton Foundation from foreign governments where women's rights are not on par with those in America. ""I must say as a woman, I find it offensive that Hillary Clinton travels the Silicon Valley, a place where I worked for a long time, and lectures Silicon Valley companies on women's rights in technology, and yet sees nothing wrong with taking money from the Algerian government, which really denies women the most basic human rights. This is called, Sean, hypocrisy." While Hillary Clinton hasn't directly addressed Fiorina's criticisms, her husband has. "You've got to decide, when you do this work, whether it will do more good than harm if someone helps you from another country," former president Bill Clinton said in March. "And I believe we have done a lot more good than harm. And I believe this is a good thing.""
China

Outside Beijing, a Military-style Bootcamp For "Internet Addiction" 91

Posted by timothy
from the just-got-caught-up-in-it dept.
Press2ToContinue writes Last year, China recognized internet addiction as an official disorder. Since then, over 6,000 patients have submitted themselves for treatment, after some spent up to 14 hours a day online. And as these amazing pictures show, dealing with it is serious. The Daxing Internet Addiction Treatment Centre (IATC) is a military-style bootcamp nestled in the suburbs of Bejing. The young men that enter its doors are subjected to a strict military regime of exercise, medication and solitary confinement. Any kind of electronic gadgetry is completely banned. Additionally, patients are frequently subjected to psychiatric assessments and brain scans to make sure they stay on the straight and narrow. And the concept is gaining steam; the first Internet Congress on Internet Addiction Disorders was held in Milan in early 2014. Despite its recent official classification, Is internet addiction a real disorder? Or is it a red herring masking depression and escapism? And to make things more indeterminate, Isn't more and more time online the inevitable future?
China

EFF: Wider Use of HTTPS Could Have Prevented Attack Against GitHub 48

Posted by timothy
from the one-day-one-day dept.
itwbennett writes The attack against GitHub was enabled by someone tampering with regular website traffic to unrelated Chinese websites, all of which used a JavaScript analytics and advertising related tool from Baidu. Somewhere on China's network perimeter, that analytics code was swapped out for code that transparently sent data traffic to GitHub. The reason GitHub's adversaries were able to swap out the code is because many of the Chinese websites weren't encrypting their traffic.
China

Chinese Certificate Authority CNNIC Is Dropped From Google Products 176

Posted by timothy
from the reject-your-reality-and-substitute-our-own dept.
eldavojohn writes A couple weeks ago, Google contacted the CNNIC (China's CA) to alert them of a problem regarding the delegated power of issuing fraudulent certificates for domains (in fact this came to light after fraudulent certificates were issued for Google's domains). Following this, Google decided to remove the CNNIC Root and EV CA as trusted CAs in its Chrome browser and all Google products. Today, the CNNIC responded to Google: "1. The decision that Google has made is unacceptable and unintelligible to CNNIC, and meanwhile CNNIC sincerely urge that Google would take users' rights and interests into full consideration. 2. For the users that CNNIC has already issued the certificates to, we guarantee that your lawful rights and interests will not be affected." Mozilla is waiting to formulate a plan.
Power

California Has Become the First State To Get Over 5% of Its Power From Solar 265

Posted by Soulskill
from the ignore-the-next-group-of-stories-if-you-hate-fun dept.
Lucas123 writes: While the rest of the nation's solar power generation hovers around 1%, California clocked in with a record 5% of power coming from utility-grade (1MW or more) solar power sources, according to a report from Mercom Capital Group and the Energy Information Administration. That's three times the next closest state, Arizona. At the same time, 22 states have yet to deploy even one utility-grade solar power plant, according to the Solar Energy Industry Association. Meanwhile, the rest of the world saw a 14% uptick in solar power installations in 2014 for a total of 54.5GW of capacity, and that figure is expected to grow even faster in 2015. While China still leads the world in new solar capacity, Japan and the U.S. come in as a close second and third, respectively. In the U.S. distributed solar and utility-grade solar installations are soaring as the solar investment tax credit (ITC) is set to expire next year. The U.S. is expected to deploy 8.5GW of new solar capacity in 2015, according to Mercom Capital Group.
Security

Angry Boss Phishing Emails Prompt Fraudulent Wire Transfers 36

Posted by Soulskill
from the fear-trumps-common-sense dept.
chicksdaddy writes: Lots of studies have shown that assertiveness works in the professional sphere as well as the personal one. It turns out to work pretty well in the cyber criminal sphere, also. Websense Labs has posted a blog warning of a new round of spear phishing attacks that rely on e-mail messages posing as urgent communications from senior officers to lower level employees. The messages demand that the employees wire funds to a destination account provided in the message.

According to Websense, these attacks are low tech. The fraudsters register "typo squatting" domains that look like the target company's domain, but are subtly different. They then set up e-mails at the typo squatted domain designed to mirror legitimate executive email accounts. Like many phishing scams, these attacks rely on the similarities of the domains and often extensive knowledge of key players within the company, creating e-mails that are highly convincing to recipients.

The key element of their attack is – simply – "obeisance," Websense notes. "When the CEO or CFO tells you to do something, you do it." The messages were brief and urgent, included (phony) threads involving other company executives and demanded updates on the progress of the transfer, making the request seem more authentic. Rather than ask the executive for clarification (or scrutinize the FROM line), the employees found it easier to just wire the money to the specified account, Websense reports.

Websense notes the similarities between the technique used in the latest phishing attack and the grain trading firm Scoular in June, 2014. That company was tricked into wiring some $17 million to a bank in China, with employees believing they were acting on the wishes of executives who had communicated through e-mail.
China

Bitcoin In China Still Chugging Along, a Year After Clampdown 31

Posted by timothy
from the government-vs-the-people dept.
angry tapir writes A year after China began tightening regulations around Bitcoin, the virtual currency is still thriving in the country, albeit on the fringes, according to its largest exchange. Bitcoin prices may have declined, but Chinese buyers are still trading the currency in high volumes with the help of BTC China, an exchange that witnessed the boom days back in 2013, only to see the bust following the Chinese government's announcement, in December of that year, that banks would be banned from trading in bitcoin.
China

China's Foreign Ministry: China Did Not Attack Github, We Are the Major Victims 137

Posted by samzenpus
from the it-wasn't-us dept.
An anonymous reader writes At the Regular Press Conference on March 30, China's Foreign Ministry Spokesperson Hua Chunying responded on the charge of DDoS attack over Github. She said: "It is quite odd that every time a website in the US or any other country is under attack, there will be speculation that Chinese hackers are behind it. I'd like to remind you that China is one of the major victims of cyber attacks. We have been underlining that China hopes to work with the international community to speed up the making of international rules and jointly keep the cyber space peaceful, secure, open and cooperative. It is hoped that all parties can work in concert to address hacker attacks in a positive and constructive manner."