China Using Home Servers Admidst Cyber Concerns

A Chinese firm has developed the country’s first homegrown servers, built entirely out of domestic technologies including a processor from local chip maker Loongson Technology.

China’s Dawning Information Industry, also known as Sugon, has developed a series of four servers using the Loongson 3B processor, the country’s state-run Xinhua News Agency reported Thursday.

“Servers are crucial applications in a country’s politics, economy, and information security. We must fully master all these technologies,” Dawning’s vice president Sha Chaoqun was quoted as saying.

The servers, including their operating systems, have all been developed from Chinese technology. The Loongson 3B processor inside them has eight cores made with a total of 1.1 billion transistors built using a 28-nanometer production process.

The Xinhua report quoted Li Guojie, a top computing researcher in the country, as saying the new servers would ensure that the security around China’s military, financial and energy sectors would no longer be in foreign control.

Dawning was contacted on Friday, but an employee declined to offer more specifics about the servers. “We don’t want to promote this product in the U.S. media,” she said. “It involves propriety intellectual property rights, and Chinese government organizations.”

News of the servers has just been among the ongoing developments in China for the country to build up its own homegrown technology. Work is being done on local mobile operating systems, supercomputing, and in chip making, with much of it government-backed. Earlier this year, China outlined a plan to make the country into a major player in the semiconductor space.

But it also comes at a time when cybersecurity has become a major concern for the Chinese government, following revelations about the U.S. government’s own secret surveillance programs. “Without cybersecurity there is no national security,” declared China’s Xi Jinping in March, as he announced plans to turn the country into an “Internet power.”

Two months later, China threatened to block companiesfrom selling IT products to the country if they failed to pass a new vetting system meant to comb out secret spying programs.

Dawning, which was founded using local government-supported research, is perhaps best known for developing some of China’s supercomputers. But it also sells server products built with Intel chips. In this year’s first quarter, it had an 8.7 percent share of China’s server market, putting it in 7th place, according to research firm IDC.

Source

Microsoft Adds Anti-snooping Safeguards

Microsoft has added encryption safeguards to the Outlook.com webmail service and to the OneDrive cloud storage service, in part to better protect these consumer products from government surveillance.

“Our goal is to provide even greater protection for data across all the great Microsoft services you use and depend on every day. This effort also helps us reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data,” Matt Thomlinson, vice president, Trustworthy Computing Security, at Microsoft wrote in a blog post.

The move follows similar ones from other cloud computing providers. For example, Google announced end-to-end encryption for Gmail in April, including protection for email messages while they travel among Google data centers. It recently announced similar encryption for its Google Drive cloud storage service.

It’s not clear from Microsoft’s announcement whether the encryption protection it announced covers Outlook.com messages and OneDrive files as they travel within Microsoft data centers. It’s also not clear what, if any, encryption OneDrive and Outlook.com have had until now. Microsoft didn’t immediately respond to a request for comment.

Cloud computing providers like Microsoft, Google, Amazon and many others have been rattled by disclosures from former National Security Agency contractor Edward Snowden regarding government snooping into online communications, due to the effect on their consumer and business customers.

As a result, these companies have been busy boosting encryption on their systems, while also lobbying the U.S. government to stop the stealthy and widespread monitoring of Internet services.

Source

Is China Hurting U.S. Vendors?

Shipments of servers from Chinese vendors grew at a rapid pace while the top server vendors in the U.S. declined during the first quarter of this year.

Worldwide server shipments were 2.3 million units during the first quarter, growing by just 1.4 percent compared to the same quarter last year, according to Gartner.

Growth was driven by Chinese server vendors Huawei and Inspur Electronics, which were ranked fourth and fifth, respectively, behind the declining Hewlett-Packard, Dell and IBM.

Huawei has been in the top five for server shipments for more than a year, but Inspur Electronics is a new entrant. Inspur builds blade servers, rack servers and supercomputers, and is best known for being involved in the construction of China’s Tianhe-2, which is currently the world’s fastest supercomputer, according to Top500.org.

Chinese servers partly benefitted from the 18 percent shipment growth in the Asia-Pacific region, while shipments in other regions declined, Gartner said in a statement.

Server buying trends have changed in recent years. Companies like Facebook, Google and Amazon, which buy servers by the thousands, are bypassing established server makers and purchasing hardware directly from manufacturers like Quanta and Inventec. That trend in part led to the establishment of the Open Compute Project, a Facebook-led organization that provides server reference designs so companies can design data-center hardware in-house.

Similarly, Chinese cloud providers are building mega data centers and buying servers from local vendors instead of going to the big name brands, said Patrick Moorhead, analyst with Moor Insights and Strategy.

The trend of buying locally is partly due to the security tension between the U.S. and China, but servers from Chinese companies are also cheaper, Moorhead said.

The enterprise infrastructure is also being built out in China, resulting in a big demand for servers. There is also a growing demand for servers from little-known vendors based in Asia — also known as “white box” vendors — in other regions, Moorhead said.

Source

Lavaboom Offers To Encrypt

A new webmail service named Lavaboom promises to provide easy-to-use email encryption without ever learning its users’ private encryption keys or message contents.

Lavaboom, based in Germany and founded by Felix MA1/4ller-Irion, is named after Lavabit, the now defunct encrypted email provider believed to have been used by former NSA contractor Edward Snowden. Lavabit decided to shut down its operations in August in response to a U.S. government request for its SSL private key that would have allowed the government to decrypt all user emails.

Lavaboom designed its system for end-to-end encryption, meaning that only users will be in possession of the secret keys needed to decrypt the messages they receive from others. The service will only act as a carrier for already encrypted emails.

Lavaboom calls this feature “zero-knowledge privacy” and implemented it in a way that allows emails to be encrypted and decrypted locally using JavaScript code inside users’ browsers instead of its own servers.

The goal of this implementation is to protect against upstream interception of email traffic as it travels over the Internet and to prevent Lavaboom to produce plain text emails or encryption keys if the government requests them. While this would protect against some passive data collection efforts by intelligence agencies like the NSA, it probably won’t protect against other attack techniques and exploits that such agencies have at their disposal to obtain data from computers and browsers after it was decrypted.

Security researchers have yet to weigh in on the strength of Lavaboom’s implementation. The service said on its website that it considers making parts of the code open source and that it has a small budget for security audits if any researchers are interested.

Those interested in trying out the service can request to be included in its beta testing period, scheduled to start in about two weeks.

Free Lavaboom accounts will come with 250MB of storage space and will use two-way authentication based on the public-private keypair and a password. A premium subscription will cost a!8 (around US$11) per month and will provide users with 1GB of storage space and a three-factor authentication option.

Source

MediaTek To Offer New LTE SoC

MediaTek has shown off one of its most interesting SoC designs to date at the China Electronic Information Expo. The MT6595 was announced a while ago, but this is apparently the first time MediaTek showcased it in action.

It is a big.LITTLE octa-core with integrated LTE support. It has four Cortex A17 cores backed by four Cortex A7 cores and it can hit 2.2GHz. The GPU of choice is the PowerVR G6200. It supports 2K4K video playback and recording, as well as H.265. It can deal with a 20-megapixel camera, too.

The really interesting bit is the modem. It can handle TD-LTE/FDD-LTE/WCDMA/TD-SCDMA/GSM networks, hence the company claims it is the first octa-core with on board LTE. Qualcomm has already announced an LTE-enabled octa-core, but it won’t be ready anytime soon. The MT6595 will – it is expected to show up in actual devices very soon.

Of course, MediaTek is going after a different market. Qualcomm is building the meanest possible chip with four 64-bit Cortex A57 cores and four A53 cores, while MediaTek is keeping the MT6595 somewhat simpler, with smaller 32-bit cores.

Source

Virtru Goes Office 365

Virtru has added Microsoft’s Office 365 and Outlook Desktop services to its growing list of compatible email platforms available on its encryption product.

The company, headquartered in Washington, D.C. and launched in January, is targeting people using major email providers who want stronger privacy controls for more secure communication.

The service is designed to be easy to use for end users who may not have the technical gumption to set up PGP (Pretty Good Privacy), a standard for signing and encrypting content.

Virtru is compatible with most major webmail providers, including Google’s Gmail, Yahoo’s Mail and Microsoft’s Outlook webmail, which replaced Hotmail.

Emails sent using Virtru through those services would look like gibberish, providing a greater degree of privacy. Law enforcement or other entities would not be able to read the content unless they could obtain the key.

Virtru uses a browser extension to encrypt email on a person’s computer or mobile device. The content is decrypted after recipients receive a key, which is distributed by Virtru’s centralized key management server.

Although Virtru handles key management, the company is working on a product that would allow that task to be managed on-site for users, as some administrators would be uncomfortable with another entity managing their keys.

Virtru has said it put aside funds to contest government orders such as a National Security Letter or law enforcement request that are not based on a standard of probable cause.

Source

Web Pioneer Calls For Bill of Rights

The inventor of the world wide web, Tim Berners-Lee, voiced his support for bill of rights to protect freedom of speech on the Internet and users’ rights after leaks about government surveillance of online activity.

25 years since the London-born computer scientist invented the web, Berners-Lee said there was a need for a charter like England’s historic Magna Carta to help guarantee fundamental principles online.

Web privacy and freedom have come under scrutiny since former U.S. National Security Agency contractor Edward Snowden last year leaked a raft of secret documents revealing a vast U.S. government system for monitoring phone and Internet data.

Accusations that NSA was mining personal data of users of Google, Facebook, Skype and other U.S. companies prompted President Barack Obama to announce reforms in January to scale back the NSA program and ban eavesdropping on the leaders of close friends and allies of the United States.

Berners-Lee said it was time for a communal decision as he warned that growing surveillance and censorship, in countries such as China, threatened the future of democracy.

“Are we going to continue on the road and just allow the governments to do more and more and more control – more and more surveillance?” he told BBC Radio on Wednesday.

“Or are we going to set up something like a Magna Carta for the world wide web and say, actually, now it’s so important, so much part of our lives, that it becomes on a level with human rights?” he said, referring to the 1215 English charter.

While acknowledging the state needed the power to tackle criminals using the Internet, he has called for greater oversight over spy agencies such Britain’s GCHQ and the NSA, and over any organizations collecting data on private individuals.

He has previously spoken in support of Snowden, saying his actions were “in the public interest”.

Berners-Lee and the World Wide Web Consortium, a global community with a mission to lead the web to its full potential, have launched a year of action for a campaign called the Web We Want, urging people to push for an Internet “bill of rights” for every country.

Source

ZTE Attempts To Double Marketshare

China’s ZTE Corp, the world’s seventh-largest smartphone maker, wants to nearly double its U.S. market share in the next three years by increasing spending on marketing.

ZTE, which trails nearby rival Huawei Technologies Co Ltd in selling both smartphones and telecoms equipment, wants more share of the fat profit margins promised by sales of high-end phones in the United States.

But the company needs to first work on its image. Its mainstay telecom equipment business was essentially shut out of the U.S. and other markets after government officials flagged security concerns about Chinese-made equipment.

ZTE targets a U.S. market share of 10 percent by 2017 from 6 percent in 2013, Lv Qianhao, global marketing director of mobile devices, told Reuters at a company event on Thursday.

That would place it a distant third behind Apple Inc with 41 percent and Samsung Electronics Co Ltd with 26 percent, according to September-November data from researcher comScore.

To that end, ZTE will increase its U.S. marketing budget by at least 120 percent this year from last, Lv said without elaborating. Like other Chinese handset makers, ZTE is grappling with low brand awareness in the world’s second-largest smartphone market and perceptions of inferior quality.

Samsung Electronics, which earns around two-thirds of its operating profit from its mobile division, spent $597 million on marketing in the United States in 2012, according to researcher AdAge.

Last year, ZTE signed a deal with the Houston Rockets basketball team and released a Rockets-branded phone.

“We want young U.S. consumers to participate in our marketing activities, so we will have more NBA (National Basketball Association) stores and channels that sell our products,” Lv said.

Globally, ZTE aims to ship around 60 million smartphones this year compared with about 40 million smartphones last year, said Senior Vice President Zhang Renjun.

The company sees much of that growth in developed markets – including Russia and China- which accounted for 68 percent of mobile device revenue last year compared with 35 percent in 2007, said Lv.

ZTE’s mobile device business sells feature phones as well as smartphones. It was the fifth-biggest mobile phone vendor in July-September, according to researcher Gartner, though it fell out of the top five smartphone sellers list in the same period.

ZTE expects to have swung to a profit for last year having booked its first-ever loss as a public company in 2012.

It based its turnaround on cutting costs, signing fewer low-margin contracts, and winning contracts to build fourth generation telecommunication networks.

The company expects global investment in 4G to reach $100 billion this year, Zhang said.

Source

NSA Developing System To Crack Encryption

The U.S. National Security Agency is working to develop a computer that could ultimately break most encryption programs, whether they are used to protect other nations’ spying programs or consumers’ bank accounts, according to a report by the Washington Post.

The report, which the newspaper said was based on documents leaked by former NSA contractor Edward Snowden, comes amid continuing controversy over the spy agency’s program to collect the phone records Internet communications of private citizens.

In its report, The Washington Post said that the NSA is trying to develop a so-called “quantum computer” that could be used to break encryption codes used to cloak sensitive information.

Such a computer, which would be able to perform several calculations at once instead of in a single stream, could take years to develop, the newspaper said. In addition to being able to break through the cloaks meant to protect private data, such a computer would have implications for such fields as medicine, the newspaper reported.

The research is part of a $79.7 million research program called “Penetrating Hard Targets,” the newspaper said. Other, non-governmental researchers are also trying to develop quantum computers, and it is not clear whether the NSA program lags the private efforts or is ahead of them.

Snowden, living in Russia with temporary asylum, last year leaked documents he collected while working for the NSA. The United States has charged him with espionage, and more charges could follow.

His disclosures have sparked a debate over how much leeway to give the U.S. government in gathering information to protect Americans from terrorism, and have prompted numerous lawsuits.

Last week, a federal judge ruled that the NSA’s collection of phone call records is lawful, while another judge earlier in December questioned the program’s constitutionality. The issue is now more likely to move before the U.S. Supreme Court.

On Thursday, the editorial board of the New York Times said that the U.S. government should grant Snowden clemency or a plea bargain, given the public value of revelations over the National Security Agency’s vast spying programs.

Source

NSA Spies With Tracking Cookies

The browser cookies that online businesses use to track Internet customers for targeted advertising are also used by the National Security Agency to track surveillance targets and break into their systems.

The agency’s use of browser cookies is restricted to tracking specific suspects rather than sifting through vast amounts of user data, theWashington Post reported Tuesday, citing internal documents obtained from former NSA contractor Edward Snowden.

Google’s PREF (for preference) cookies, which the company uses to personalize webpages for Internet users based on their previous browsing habits and preferences, appears to be a particular favorite of the NSA, the Post noted.

PREF cookies don’t store any user identifying information such as user name or email address. But they contain information on a user’s general location, language preference, search engine settings, number of search results to display per page and other data that lets advertisers uniquely identify an individual’s browser.

The Google cookie, and those used by other online companies, can be used by the NSA to track a target user’s browsing habits and to enable remote exploitation of their computers, the Post said.

Documents made available by Snowden do not describe the specific exploits used by the NSA to break into a surveillance target’s computers. Neither do they say how the NSA gains access to the tracking cookies, the Post reported.

It is theorized that one way the NSA could get access to the tracking cookies is to simply ask the companies for them under the authority granted to the agency by the Foreign Intelligence Surveillance Act (FISA).

Separately, the documents leaked by Snowden show that the NSA is also tapping into cell-phone location data gathered and transmitted by makers of mobile applications and operating systems. Google and other Internet companies use the geo-location data transmitted by mobile apps and operating systems to deliver location-aware advertisements and services to mobile users.

However, the NSA is using the same data to track surveillance targets with more precision than was possible with data gathered directly from wireless carriers, the Post noted. The mobile app data, gathered by the NSA under a program codenamed “Happyfoot,” allows the agency to tie Internet addresses to physical locations more precisely than was possible with cell-phone location data.

An NSA division called Tailored Access Operations uses the data gathered from tracking cookies and mobile applications to launch offensive hacking operations against specific target computers, the Post said.

An NSA spokeswoman Wednesday did not comment on the specific details in the Post story but reiterated the agency’s commitment to fulfill its mission of protecting the country against those seeking to do it harm.

“As we’ve said before, NSA, within its lawful mission to collect foreign intelligence to protect the United States, uses intelligence tools to understand the intent of foreign adversaries and prevent them from bringing harm to innocent Americans and allies,” the spokeswoman said.

The Post’s latest revelations are likely to shine a much-needed spotlight on the extensive tracking and monitoring activities carried out by major Internet companies in order to deliver targeted advertisements to users.

Privacy rights groups have protested such tracking for several years and have sought legislation that would give users more visibility and control over the data that is collected on them by online companies.

Source

« Previous Page — Next Page »