Tag Archives: China

Can Apple make more stuff in the USA?

One of the more topical discussions in Steve Jobs’ biography addresses Apple’s tendency to “employ” a disproportionately large number of workers in China. And that strategy has been fodder for debates on national news networks like CNN because of stubbornly high levels of unemployment in the U.S.

Let’s start with some recent statements by luminaries as politically diverse as Jim Hoffa, International Brotherhood of Teamsters President, Donald Trump, and CNN’s Piers Morgan.

Here’s what Hoffa said in a segment entitled “Fixing the Jobs Crisis” with CNN’s Candy Crowley on September 4. “Instead of investing here, everything they (Apple) do is in China…I think the president should challenge the patriotism of these American corporations.”

Piers Morgan made a similar statement this week to Donald Trump, who has been an advocate of making things in the U.S.

“More people were working for Apple in China than in America,” Morgan said when talking about Steve Jobs’ reign at Apple. Trump also had plenty to say about manufacturing things overseas, such as: “You must stop our jobs from leaving this country. We must start manufacturing our goods.”

Could Apple tap more U.S.-based chip manufacturers like this Globalfoundries plant in New York? Could Apple tap more U.S.-based chip manufacturers like this Globalfoundries plant in New York? Continue reading Can Apple make more stuff in the USA?

Weibo, China’s Twitter-like service, hit by worm


Its popularity dwarfs that of Twitter, but most people have probably never heard of the Sina Weibo micro-blogging site.

Weibo is huge in China, with over 140 million users merrily micro-blogging away in Mandarin and Cantonese, and following the latest updates from their favourite celebrities.

But all this popularity, of course, simply means that there’s an opportunity for more users to be hit by malware should one break out on the system.

Sina Weibo says that a worm broke out on their site at 8.20pm on Tuesday night, Beijing time, exploiting a cross-site scripting (XSS) vulnerability in the site to spread quickly.

Fan BingbingAccording to online reports, the worm originated from a Weibo account called “@hellosamy” and worm forwarded itself to other users with a range of enticing subjects to catch out the unwary.

These ranged from claiming to be links to bloopers from a newly-released propaganda movie, nude pictures of popular actress Fan Bingbing, and phrases such as “Move a woman’s heart with 100 lines of poetry” and “Software to listen to other people’s phones.”

Clicking on any of the links meant that your own Weibo account would automatically repost the link, and send messages to your online friends. Some users reported having received thousands of affected messages.

Fortunately, Sina Weibo reports that they patched the vulnerability on the site in just over an hour – a good response, but still not quick enough to stop thousands of people from being put at risk.

The fact that the worm originated from an account called “@hellosamy” certainly caused me to raise an eyebrow. It seems to me that this is an homage to the Samy worm (also known as JS/Spacehero-A) which spread rapidly across the MySpace network in 2005, infecting many users’ accounts via a cross-site scripting vulnerability.

This isn’t the first time, of course, that an Asian social network has been hit hard by malware. For instance, in 2009 Naked Security reported on a cross-site scripting worm which spread across RenRen posing as a video of Pink Floyd’s classic song “Wish you were here”.

As more and more people put their trust in social networks, the sites themselves have to adopt a mature attitude to security and ensure that users are not being unnecessarily exposed to attacks.



China accuses US of starting ‘internet war’

A group of Chinese academics from a military academy has accused the US government of creating a global internet war.

The group doesn’t refer directly to Google’s claims thatthis week’s attackon the Gmail accounts of US government officials originated in China – but was struck, perhaps, by the coincidence of the episode coming so soon after US calls for such attacks to be treated as acts of war.

The group, writing in the government-controlled China Youth Daily newspaper, accuses the US of launching an ‘internet war’ against Arab nations, Reuter reports.

“Of late, an internet tornado has swept across the world … massively impacting and shocking the globe. Behind all this lies the shadow of America,” it reads.

The article calls on the Chinese government to maintain an ‘internet border’ – the filtering system known as the Great Firewall of China’.

Google says it’s traced the government attacks to China’s Shangdong province, where, it says, a national-security arm of the People’s Liberation Armyis based – a claim which the Chinese government strongly denies. Chinese Foreign Ministry spokesman Hong Lei says the allegation is ‘unacceptable’ and ‘a fabrication’.

The state-run Xinhua news agency has criticized the US government for suggesting that a cyberattack could be legitimate grounds for military action.

Contact me at : contactme.bijay@gmail.com




Government officials, activists targeted in Gmail attack

FILED UNDER: PrivacyData lossFeatured

Gmail logoGoogle has posted to their blog information about a targeted attack against the personal Gmail accounts of US government officials, political activists, military personnel and journalists.

Mila from contagioblog provides much more detailed information about the attacks. The messages appear to be handcrafted and spoofed to seem to be from governmental colleagues of many of the victims.

Gmail view/download linksNormally attachments in Gmail appear with a paper clip and links to view or download the item. The attackers created HTML that used fake attachment links that actually lead to a phishing page designed to look identical to the Gmail login page.

Mila wrote about these attacks in February, but the big news is Google sharing this information publicly. Most organizations prefer to keep security problems to themselves and maintain the illusion that their services are perfectly secure.

While this attack is not specifically a problem with Gmail, it is a widespread security weakness in many cloud services. Google sharing information with the public about how these attacks are executed helps all of us learn from these situations and build better systems.

Google gives some good advice in their post, although it seems strange that they feel the need to push Google Chrome as a solution to all security problems…

Gmail sign inHow should we respond to this news? We should take a moment to remind our users about best practices when using web-enabled technologies.

If you are ever presented with a login screen in your browser and you didn’t type in the address of the site you are trying to visit, close the window. Only enter your password into pages where you entered in the URL.

Contact me at : contactme.bijay@gmail.com