Tag: China

By Rual de Vries for MyBroadband

Chinese authorities are censoring any posts on domestic social media platforms regarding an alleged data leak containing 1 billion citizens’ data, Financial Times reports.

In a post on Breach Forums, user “ChinaDan” claimed they possessed one billion Chinese nationals’ data, including names, addresses, ID numbers, mobile numbers, and any criminal records or case details, BleepingComputer reported.

The hacker named the Shanghai National Police database the leak’s source.

To confirm the claims, The Wall Street Journal’s Karen Hao called five individuals listed, who verified their names and associated case details.

Following news of the leak, hashtags like “Shanghai national security database breach” and “data leak” started to trend on Chinese social media platforms Weibo and WeChat.

However, by Monday, 4 July, the respective platforms had blocked any mention of the leak.

Chinese authorities reportedly invited some Weibo users to discuss their posts and removed a popular cyber security blogger’s post exploring the leak’s implications.

Binance CEO Zhao Chanpeng said its threat intelligence spotted these records for sale on the dark web and added the leak was likely due to a bug in an Elasticsearch deployment by a government agency.

“Apparently, this exploit happened because the gov developer wrote a tech blog on [the Chinese Software Developer Network] and accidentally included the credentials,” Zhao said.

By Jan Cronje for Fin24

The Supreme Court of Appeal (SCA) in Bloemfontein has upheld an appeal by the SA Revenue Service (SARS) justifying its decision to seize 19 containers of cheap clothes from China.

“There was no credible explanation for the unbelievably low prices charged by the suppliers of the goods,” the court ruled on Tuesday. “The goods and the containers in which they were imported were liable to forfeiture.”

The ruling means that SARS was within its rights to first seize and then detain the containers. It also overturns a previous high court ruling ordering that the containers be released.

‘Unrealistic and unattainable’

The tax agency confiscated the goods in 2020 on the basis that they had been clearly under-invoiced.

It argued that Gauteng-based clearing agent Dragon Freight and six other importers had been unable to explain how they were able to source the goods at such low prices.

But the revenue collections agency’s seizure order was overturned in December 2020, when Judge Selby Baqwa of the North Gauteng High Court in Pretoria ordered that the containers be released.

Baqwa argued that SARS should have accepted the initial answers given by the importers. The subsequent research it conducted and the follow-up questions it posed were “procedurally unfair” or “irrelevant”.

But the SCA found Baqwa’s decision was flawed.

“The high court erred in disregarding not only the evidence showing that the agreements were false, but also the reasons for the impugned decision, despite quoting those reasons verbatim in its judgment.”

In its case, SARS had relied on evidence provided by textile expert Dr Jaywant Irkhede, who noted that the importers claimed they were able to source clothes for just $0.21 or around R3 per item.

While the importers disputed Irkhede’s calculations, the court found that his evidence “makes it clear that the prices declared by the importers were unrealistic and unattainable”.

Johann Baard of the SA Apparel Association welcomed the SCA verdict.

“We sincerely hope that this sends a strong message to those who do not play by the rules,” he said. “Illegal imports and illicit trade pose a significant threat to the sustainability of compliant clothing manufacturers who employ many thousands of people domestically.”

Source: Bloomberg

More than 30 Taiwanese companies including Pegatron Corp and Macbook maker Quanta Computer Inc. have now halted production in the electronics hubs of eastern China to comply with local Covid-related restrictions, spelling more trouble for an already fragile global tech supply chain.

On Wednesday, Quanta said it was suspending a Shanghai plant to comply with government restrictions. At least 30 other companies are suspending output in nearby Kunshan until April 19, they said in filings to Taiwan’s stock exchange. Some said the effect on their finances is still unknown, while others expect no major impact. Kunshan, a bustling city that hosts Apple Inc. suppliers including Pegatron and Luxshare Precision Industry Co., began a city-wide lockdown in early April.

The companies make parts for consumer electronics products ranging from PCs and smartphones, with many of the components critical for their global customers. The global supply of key tech has already been hobbled by China’s zero tolerance toward the virus and its measures to stamp it out in cities such as Shanghai and Kunshan.

On Tuesday, Pegatron suspended its iPhone assembly campuses in those two cities as China struggles to control the worst virus outbreak in two years. Other key Apple Inc. manufacturing partners including Luxshare and Compal Electronics Inc. also have major operations in Kunshan.

Widespread Chinese lockdowns have begun to exact an unquantifiable toll on the world’s No. 2 economy, the biggest buyer of semiconductors and the largest producer of electronics from iPhones to PCs.

Disruptions to local manufacturing are set to worsen the logistics hurdles of global companies already grappling with a shortage of cargo capacity that’s pushed shipping costs to record highs and a prolonged chip crunch. Gaming consoles, server computers and electric vehicles are among products facing further supply challenges.

Many of the most critical factories in Kunshan and Shanghai have managed to keep humming by operating so-called closed-loop systems that are quarantined from much of the outside world. But worsening logistics jams are constricting shipments of components, draining inventories to the point where some manufacturers including Pegatron and Quanta are down to just a few weeks’ stocks, Taipei-based consultancy TrendForce estimated.

Local officials on Wednesday placed two Kunshan districts with significant electronics manufacturing into lockdown for an indefinite period, while for certain other districts the lockdown was extended by seven days.

Some contract electronics makers have been unable to secure CPUs, battery modules and panels amid prolonged lockdowns, and certain manufacturers are facing a shortage of multilayer ceramic capacitors for servers and automotive products.

“The biggest problem for MLCC suppliers at this stage is they cannot deliver materials to Shanghai and Kunshan,” TrendForce said in a note on Tuesday. “Limited manpower and logistics and suspended transportation options mean [contract electronics makers] can only rely on onsite inventory to barely meet the needs of production lines, further exacerbating component mismatches.”

Source: BBC

The US government has added a dozen more Chinese companies to its restricted trade list, citing national security and foreign policy concerns.

Washington says that some of the firms are helping develop the Chinese military’s quantum computing programme.

This latest move comes as tensions grow between the US and China over the status of Taiwan and other issues.

Trade was among the items discussed at a virtual summit between the leaders of both countries earlier this month.

Eight Chinese-based technology firms were added to the so-called “Entity List” for their alleged role in assisting the Chinese military’s quantum computing efforts and acquiring or attempting “to acquire US origin-items in support of military applications”.

This entity list has increasingly been used for national security reasons since the previous Trump administration.

The US Commerce Department also said 16 individuals and entities operating in China and Pakistan were added to the list due to their involvement in “Pakistan’s unsafeguarded nuclear activities or ballistic missile program.”

A total of 27 new entities were added to the list from China, Japan, Pakistan, and Singapore.

Separately, the Moscow Institute of Physics and Technology was added to the department’s military end user list, although the listing gave no more details other than it had produced military equipment.

The new listings will help prevent American technology from supporting the development of Chinese and Russian “military advancement and activities of non-proliferation concern like Pakistan’s unsafeguarded nuclear activities or ballistic missile program,” Commerce Secretary Gina Raimondo said in a statement.

Potential suppliers to firms on the list will now need to apply for a licence before they can sell to them, with applications likely to be denied.

Chinese telecoms giant Huawei was added to the list in 2019 over claims that it posed a risk US national security.

The move cut it off from some of its key suppliers and made it difficult for the company to produce mobile phones.

The Chinese government has previously denied that it takes part in industrial espionage.

By Wesley Diphoko for IOL

The Chinese government is flexing its muscle against consumer technology companies and South Africans are affected. It started with just Ant Financial, Jack Ma’s company, and now almost all Chinese consumer technology companies are under the scrutiny of the Chinese government including Tencent, a company which is partly owned by South African founded technology giant, Naspers. It is the Naspers exposure to Tencent that should worry South Africans, here’s why.

Tencent shares have plummeted by over 16% since the Chinese government ordered the company to cease all exclusive music streaming rights and licensing deals with record labels globally. On 24 July 2021) the Chinese technology giant was also fined 500,000 yuan (US$77 000) by authorities, following an official investigation that found that the company has engaged in monopolistic practices that gave it an unfair advantage over its competitors.

Initially, it was Jack Ma led companies that were receiving attention and now there’s more. The Chinese government has also been going after other fintech companies, including those owned by Didi (China’s Uber). As Didi prepared to IPO in the U.S., Chinese regulators announced they were reviewing the company on “national security grounds”, and are now levying various penalties against it. The government has also embarked on an “antitrust” push, fining Baidu — another top Chinese internet company — for various past deals. Leaders of top tech companies (also including ByteDance, the company that owns TikTok) were summoned before regulators and presumably berated. Various Chinese tech companies are now undergoing “rectification”.

As a result of these developments in China, Naspers & Prosus (Naspers sister company) fell sharply in Amsterdam and Johannesburg trading after China’s move to place restrictions on the country’s education-technology sector caused a plunge in shares in online giant Tencent. Earlier this week, Prosus was down 8.5%, while Naspers plunged 8.4%.

The current situation with Naspers should be a matter of concern for South Africans as the Public Investment Corporation is heavily invested in this company.

It’s also important to note that this happens at a time when other tech companies are performing well. Negative developments around Naspers will ultimately impact on South African pensioners who are investors via the PIC.

This should be a matter of concern as changes in China seem to be significant and may last for a foreseeable future. It seems China’s leaders want to prevent the emergence of alternative centres of power. The value of Ma’s business empire has collapsed. China’s attack on its tech companies seems far more comprehensive — it’s not just attacking the biggest internet companies, it’s attacking the entire sector (consumer tech). At the same time China is not attacking companies with the focus on hardware (e.g Huawei) but more on the companies in the consumer and software side of tech, areas that Naspers has invested heavily in.

It’s important that developments in China are understood for what they truly are. The ground seems to be shifting. China is now focusing on the most important part of technology and less on fun stuff in consumer tech.

Alibaba accepts record fine

Source: BBC

Chinese tech giant Alibaba said on Monday that it accepted a record penalty imposed by the country’s anti-monopoly regulator.

Regulators slapped a $2.8bn fine after a probe determined that it had abused its market position for years.

The fine amounts to about 4% of the company’s 2019 domestic revenue.

Alibaba Group’s executive vice chairman Joe Tsai indicated that regulators have taken an interest in platforms like Alibaba as they grow in importance.

“We’re happy to get the matter behind us, but the tendency is that regulators will be keen to look at some of the areas where you might have unfair competition,” he told an investor call on Monday.

The company added that it was not aware of any further anti-monopoly investigations by Chinese regulators, though it signalled that Alibaba and its competitors would remain under review in China over mergers and acquisitions.

The main issue for regulators was that Alibaba restricted merchants from doing business or running promotions on rival platforms.

The company said it would introduce measures to lower entry barriers and business costs faced by merchants on e-commerce platforms.

“With this penalty decision we’ve received good guidance on some of the specific issues under the anti-monopoly law,” Mr Tsai said.

The group does not expect any material impact on its business from the change of exclusivity arrangements imposed by regulators.

The message from Alibaba today in its investor call was: we may be the biggest and the first Chinese tech firm to attract regulators’ attention – but we are by no means the last.

Alibaba executives sought to reassure investors that they are playing ball with the regulators. They’re going to make it cheaper for businesses to sell on their platform, and not force them to pick and choose between platforms – a practice seen by some in the industry as a case of “it’s my way or the highway”.

So far, Alibaba says, the discussions with regulators have been amicable, and the statement from the firm on accepting the penalty is markedly contrite.

It may also be heaving a sigh of relief. The 4% of 2019 revenue penalty is a record fine, but for Alibaba, which has a huge war chest, it’s a drop in the ocean.

But there will be more oversight and scrutiny of it and other firms.

The e-commerce giant indicated that while for now Alibaba is in the clear in terms of future investigations, the same could not be said for other firms in this sector.

Chinese tech firms are a powerful force in the country, and Beijing is keen to regulate them. Alibaba’s experience is a sign of more of the same to come.

The penalty is the latest in a chain of events targeting the company that kicked off last October, after its co-founder Jack Ma criticised regulators, suggesting they were stifling innovation.

Shortly after the speech, Chinese regulators scuppered the share market launch of Ant Group, which is Alibaba’s sister company and China’s biggest electronic payments provider.

However, some commentators noted that regulators had legitimate concerns about Ant Group’s consumer finance arm.

Ant Group was expected to be last year’s biggest share market launch on the Hong Kong exchange.

But Alibaba isn’t the only Chinese company to come under scrutiny by China’s increasingly assertive regulators.

Last month, China’s State Administration for Market Regulation (SAMR) said it had fined 12 companies over 10 deals that violated anti-monopoly rules.

The companies included Tencent, Baidu and Didi Chuxing – which are among China’s largest tech companies.

 

By Laura He for CNN Business

Two prominent Chinese media outlets are urging Beijing to kill what they call a “dirty” and “unpalatable” deal intended to keep TikTok operating in the United States.

The editorial boards of China Daily and the Global Times — both state-run publications — this week blasted an arrangement that would give American companies at least some ownership in the short-form video app. TikTok’s parent company ByteDance is based in Beijing.

“What the United States has done to TikTok is almost the same as a gangster forcing an unreasonable and unfair business deal on a legitimate company,” China Daily wrote in an editorial published Wednesday, which called the deal a “dirty and underhanded trick.”

The terms of the tentative deal for China’s most successful global app have caused a lot of confusion.

The initial announcement last weekend implied that ByteDance would continue to own a majority of Tiktok going forward, raising questions about how that could resolve the Trump administration’s national security concerns about Chinese control of the app and its data.

But Trump has since indicated that investors Walmart (WMT) and Oracle (ORCL) would “own the controlling interest.” A person familiar with the deal told CNN Business earlier this week that a new US entity — TikTok Global — will be partially owned by ByteDance’s international and Chinese investors, but that ByteDance itself will hold zero percent of the company to be created by the deal to run the app outside of China.

“It seems as if TikTok can remain in the US. But only if ByteDance allows Oracle and Walmart to effectively take over the company,” China Daily added. “China has no reason to give the green light to such a deal.”

The Global Times, a state-run tabloid, also slammed the deal this week in two editorials calling on Chinese regulators to block it.

“It’s hard for us to believe that Beijing will approve such an agreement,” the Global Times wrote in one editorial. In a second piece titled “TikTok extortion deal is unpalatable gambit,” the publication added that “we should not let Washington control the lifeline of China’s technological development in the future. ”

Chinese state media is a powerful tool in the country’s propaganda machine, and the various outlets and their editorials are often looked upon as barometers of sentiment among senior officials. Some publications, like the Global Times, are more hawkish than others.

Notably, the China Daily and Global Times editorials were published in English — an indication that the TikTok editorials are likely intended for an overseas audience. State media editorials in China may also act as trial balloons for ideas, or to send a message to Western governments. (China Daily is an English-language paper, but Global Times also has a much more popular Chinese edition. Similar editorials were published in that edition, too.)

The extent to which Beijing still needs to review the deal is also not entirely clear.

Last month, Chinese regulators introduced new rules that govern the sale of certain kinds of technology to foreign buyers — a change that experts pointed out would likely require ByteDance to obtain government permission before selling TikTok to a foreign company. ByteDance has said that Oracle would be able to review the app’s source code, but that the deal does not involve the transfer of its algorithms and technologies.
A source familiar with the negotiations, meanwhile, told CNN Business this week that ByteDance isn’t concerned about regulatory approval from China. The source said there are still a few details left to sort out in the United States, indicating optimism that the deal could still close despite the media and political firestorm.

Selina Wang contributed to this report.

By Eddie Spence for Bloomberg

President Donald Trump’s tariffs on Chinese imports are getting a lot of blame for slowing the global economy, but it’s all the uncertainty from his Twitter habit and trade policy more broadly that could be even more harmful.

According to a report by Bloomberg Economics’ Dan Hanson, Jamie Rush and Tom Orlik, uncertainty over trade could lower world gross domestic product by 0.6% in 2021, relative to a scenario with no trade war. That’s double the direct impact of the tariffs themselves and the equivalent of $585 billion off the International Monetary Fund’s estimated world GDP of $97 trillion in 2021.

China would be hit harder by the uncertainty factor, with its GDP lower by 1% compared with a 0.6% chunk taken out of America’s economic output, the analysis showed.

“The tweet is mightier than the tariff,” the Bloomberg economists wrote in their report.

The U.S. president’s social media posts on trade, many of which are about China, sometimes appear several times a day and other times not at all. His contradictory takes on the progress of negotiations with Beijing send a chill through businesses that are making decisions about investing and hiring.

A survey released last week by the Federal Reserve Bank of New York found a growing conviction among businesses that tariffs were hitting their bottom line.

The Fed responded to economic headwinds with a rate cut of 0.25% last month. The Bloomberg Economics report said that while monetary policy can be used to mitigate uncertainty shocks, it cannot prevent the damage entirely. If central banks respond to demand weakness, world GDP will be 0.3% lower in 2021 than it would be in a no-trade-war scenario.

By Tom Head for The South African

South Africa could be set for another round of drama from Eskom, as the ailing power utility has reportedly failed to receive R7 billion in loan payments initially set to come from the Chinese Development Bank (CDB).

That’s according to City Press, who have reported that the creditors do not trust their promises over proposed maintenance work. It would be the second time in just over two weeks that one of Eskom’s promised loans failed to materialise after the Brics New Development Bank also did not part with their billions.

Why haven’t Eskom received the loan?
On Easter Friday, Finance Minister Tito Mboweni was forced to grant the power giants an emergency bailout in order to meet salary demands and diesel costs. It’s reported that the CDB has taken note of their actions, and fear that this particular instalment of their cash will be used to plug holes, rather than go towards maintenance.

The loan in question will come to R33 billion in total, and it has been earmarked for the development of the Medupi and Kusile power plants. The new builds are yet to get up to full speed, and they’re struggling to produce the amount of electricity needed to keep South Africa illuminated as more “old units” come to the end of their lifespans.

Load shedding fears resurface
Eskom is very much living hand-to-mouth at the moment. In fact, some of their biggest critics believe this will be the last week where the lights stay on: Natasha Mazzone of the DA has accused the firm of diverting funds from long-term projects in order to keep voters happy before the general election this Wednesday.

Public Enterprises Minister Pravin Gordhan has also refused to rule out the return of load shedding this winter, despite unveiling plans to nip it in the bud at the beginning of April. We’ve already seen how one defaulted payment can spark a financial crisis, so a second one within two weeks is a terrible omen for the company… and its consumers.

By Lily Hay Newman for Wired 

For two hours on Monday, internet traffic that was supposed to route through Google’s Cloud Platform instead found itself in quite unexpected places, including Russia and China. But while the haphazard routing invoked claims of traffic hijacking—a real threat, given that nation states could use the technique to spy on web users or censor services—the incident turned out to be a simple mistake with outsized impacts.

Google noted that almost all traffic to its services is encrypted, and wasn’t exposed during the incident no matter what. As traffic pinballed across ISPs, though, some observers, including the monitoring firm ThousandEyes, saw signs of malicious BGP hijacking—a technique that manipulates the web’s Border Gateway Protocol, which helps ISPs automatically collaborate to route traffic seamlessly across the web.

ThousandEyes saw Google traffic rerouting over the Russian ISP TransTelecom, to China Telecom, toward the Nigerian ISP Main One. “Russia, China, and Nigeria ISPs and 150-plus [IP address] prefixes—this is obviously very suspicious,” says Alex Henthorne-Iwane, vice-president of product marketing at ThousandEyes. “It doesn’t look like a mistake.”

Malicious BGP hijacking is a serious concern, and can be exploited by criminals or nation state actors to intercept traffic or disrupt a target service—like Google. Hence, many developers and website builders alike ensure to bolster the security of their website by seeking the help of agencies like https://thedigitalswarm.com and optimise their websites. But the technique also has a dopey, well-intentioned cousin known as a prefix leak, or sometimes “accidental BGP hijacking.”

In both cases, rerouting occurs when an ISP declares that it owns blocks of IP addresses that it doesn’t actually control. This can be an intentional deception, but can also simply come down to a configuration error that, while disruptive, is not intentional. On Monday, a Google spokesperson said that the company didn’t see signs of malicious hijacking, and instead suspected that the Nigerian ISP Main One had accidentally caused the problem.

“The problem here is a failure to apply basic best current practices to these routing sessions.”

There are minimum best practices that ISPs should implement to keep BGP routes on the up and up. These are important, because they apply filters that catch errors in the event of a route leak and block problematic routes. Not all ISPs implement these protections, though, and in a prefix leak like the one that affected Google, traffic will flow chaotically across networks, not based on efficiency or established paths, but based on which networks haven’t put the BGP safeguards in place and will therefore accept the rogue routing.

Indeed, on Tuesday morning Main One said in a statement that, “This was an error during a planned network upgrade due to a misconfiguration on our BGP filters. The error was corrected within 74mins.”

In this case, it appears that the Russian and Chinese ISPs, and perhaps others as well, offered a path to the Google traffic because they hadn’t implemented protective configurations.

The protocols underlying the internet were written decades ago, in a different era of computing, and many have needed major security overhauls and additions to improve trust and reliability around the web. There was the effort to encrypt web traffic with HTTPS, and the growing movement to secure the internet’s Domain Name System address lookup process so it can’t be used to spy on users, or for malicious rerouting.

Similarly, ISPs and internet infrastructure providers are starting to implement a protection called Resource Public Key Infrastructure that can virtually eliminate BGP hijacking, by creating a mechanism to cryptographically confirm the validity of BGP routes. Like HTTPS and DNSSEC, RPKI will only start to provide true customer protection when a critical mass of internet infrastructure providers implement it.

“This incident had a non-trivial impact because Google and some other prominent network routes were accidentally leaked,” says Roland Dobbins, a principal engineer at the network analysis firm Netscout. “But the problem here, as it is in most of these cases, is a failure to apply basic best current practices to these routing sessions. The key is for network operators to participate in the global operational community, get these kinds of filters put in place, and move to implement RPKI.”

While Google’s incident wasn’t a hack and instead gets into obscure internet protocol drama, the impact for users on Monday was apparent—and shows the pressing need to resolve issues with BGP trust. The flaw has been maliciously hijacked before, and could be again.

  • 1
  • 2

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top