China puts Windows 8 on TV, screams: 'SECURITY, GET IT OUT OF HERE!' China has stepped up its war on Microsoft's Windows 8 operating system with a report in state-backed media that questions the security of the software. In a one and a half minute segment aired on China's CCTV television channel, journalists reported that the Chinese government is concerned by the security of the Windows 8 …
Quote: Although China is a strategically important growth market for many IT vendors, it's not viewed as a particularly lucrative one by software companies due to its eye-wateringly high rates of piracy.
Since the government stance is ignore piracy of items developed outside it's borders (hardware, software, consumer goods, etc.), no one really wants to jump into the market. They would lose before they sold the first product.
However, a home brew OS would have the necessary protections from the government along with enforcement provisions. And the family will get the bill for the bullet. Piracy issue solved.
Yes, I believe they have a right to have their security concerns just as we (US and others) have ours. Espionage, spying, cyberwar... it's all a reality and no one is winning.
I'm afraid China doesn't work like that. They will copy it & pirate it if it is of Chinese origin or not.
The only concern is if money can be made from it.
And the risks are really not as high as you suggest, as long as you get a friendly official and a scapegoat to take the rap when the police need to get an arrest to hit a government set KPI then you're good.
"However, a home brew OS would have the necessary protections from the government along with enforcement provisions."
Certainly the latter. But they've already tried this and failed. Who now remembers Red Flag Linux?
Given the vast number of alternative distros in Western markets, you might assume that home brewing an OS isn't that big a deal, but the reality is that there's precious few competing desktop operating systems, even from those regimes (China, Russia, Iran etc) who might seem to have a damn good reason to want an OS not under US control, and who you'd assume could throw the necessary resources at the matter.
Maybe all the recent NSA/GCHQ news has persuaded them that enough is enough, and they'll deliver Red Flag Linux 2 this time and force nationwide adoption (to be followed by all non-Western powers copying the approach but not the software). In that case the world's "security" agencies can sit back knowing that there's far less chance of easily snooping foreign powers, and they can concentrate on inspecting the underpants of their domestic populations. Many might conclude that was the real objective in the first place, because the political elite in all countries aren't really interested in real democracy, merely the sort that gets the right one person elected (eg Syria, Russia, China), or the supposedly "free world" version in which two sets of indistinguishable and incompetent clowns play buggins turn, not really minding who wins so long as they get their turn in due course (eh UK, US, France, etc).
Wow! That is a mighty, mighty thing for China to be saying. However, it does warrant a closer look to see if Windows 8 is forcing the storage of the private data mentioned on US based servers outside of any safe harbour agreements. This could have really serious implications obviously, if there is a grain of truth to that.
That said, there is a lot of hypocrisy in this, as China are the biggest source of attempts to get into my home network. It's got so bad I've had to block access to and from the whole country at the firewall. Statistically we'll always see that though, given the size of their population.
Seconded:
Alias CIDRs Packets
pfBlockerAfrica 2734 71
pfBlockerAsia 16048 25243
pfBlockerEurope 19837 12658
pfBlockerNorthAmerica 1949 323
pfBlockerOceania 146 6
pfBlockerSouthAmerica 2398 1261
Most of "Asia" is China in the above.
Note the above should not be taken too far out of context - whole swathes of the world are still not blocked out of hand but there are a lot of CN hits. Mind you Europe n Russia are pretty popular as well.
Cheers
Jon
I get my ranges from a few web resources and drop them in as tables.
As well as China, I also block Ukraine, Russia, Latvia, North Korea & Vietnam. Seeing any patterns here?
Apart from the occasional oddity, which I set an early rule for, I don't find myself missing out on a single thing and I'm seeing totals on par with yours.
Not forcing so much, but you'll find that Windows 8 does its best to get you to use Skydrive for all your documents, pictures, etc. And of course to do so you'll need an account. And yes, that data is going to the US and as we already know, the safe harbour agreements are meaningless.
As for 'attacks' on my network. Over the last few weeks it seems to be a pretty even split between Russia, the US, China and the rest of the world combined.
Safe Harbour was never about "safe keeping of data", it was only "keep our income safe" of US companies which would otherwise be already out on their ear because of the severe weakening of due diligence requirements in the US legal system. Post Snowden, Safe Harbour is pretty much dead AFAIK, but there is apparently a v2 in the make. If that is again based on self certification and only FTC slaps on the wrist with a wet noodle if you lie about your compliance it will roughly have the same value as v1: none whatsoever.
Safe Harbour is basically politics, forced by the US under threat of trade restrictions because otherwise the EU would have already made it hard for US companies to host EU data. Not sure how v2 will pan out yet, but if your business is in any way dependent on personal information I would very much advise to avoid any US provider, or providers that have their HQ in the US or you be find yourself in breach of Data Protection.
However, it does warrant a closer look to see if Windows 8 is forcing the storage of the private data mentioned on US based servers outside of any safe harbour agreements.
As the recent Irish email case has proved, safe harbour agreements are meaningless where the American Government are concerned.
The writing could really be on the wall for MS int al. Whatever you think of China, it's a huge, huge, err pretty damn big market.
The eye-wateringly* large rates of piracy are for now a bit of a blip or a harbinger of the way things will be in the future when piracy will be unnecessary as we all sink into the relaxing bath of Open Source software. Mmmm.
To refuse a sovereign government the right to review source (or me for that matter) is pretty rubbish, no matter what you think of them and their politics (or mine.) I suspect the story misses one or two facts somewhere.
Trust me, this is simply another small point along the path of how the world is changing rather quickly and the IT field will be unrecognisable in, say, a decade. Not sure what it will look like - that's what I (don't) pay el Reg to tell me.
Cheers
Jon
* Google, you slaaaag - you can't spell: "wateringly" is a perfectly reasonable English (en_GB) word. You simply whack on -ly to make a word an adjective. I think it's called a gerundive or something. You get extra points for doing it to a compound word.
"refuse a sovereign government the right to review source" - Arrhhh, it sounds like your one of these people that think the government has the right to poke around in whatever they want. If you want to keep your source private, that your choice and the market will make up its own mind about that. For a government to demand access to it? Thats wrong, along with them demanding access to most other data.
@bigtimehustler, you are completely right, Microsoft decides about their source code, but you should also remember the fuss MS made about letting governments audit the source earlier.
As having spent many years programming in machine code or processor code if you like, I would like to point out that you cannot hide behind binary, it's all there to be studied. A tedious task yes, but doable. I still love machine code and the number of instructions I still remember from 1970 is amazing. Also in those years we used "line spies" to test and debug transmission protocols, so you cannot hide what a computer or say, a router, sends and receives either. Encrypted data would make that more difficult but I think you would still see where it's sent to.
"Whatever you think of China, it's a huge, huge, err pretty damn big market."
Not for software, or foreign IP, branded goods etc. A market is where you have a meeting of demand (a desire to purchase backed up by the means to pay), and supply (a willingness to sell at some price offered by a segment of potential buyers. China is still (on a per capita basis) a very poor country, and culturally (as with all emerging economies, including the US and Europe in their times) expensive stuff is there to be copied or stolen.
and you will understand the Chinese point of view.
This post has been deleted by its author
Can't help feeling if you aren't prepepared to identify "page 113" the content might be a little tough going.
It's one thing to assume in some cynical way a cloud service may have been compromised but it's another to see them talking up the benefits to their "Enterprise Customers".
Is everyone forgetting
http://www.theregister.co.uk/2012/08/25/windows8_smartscreen_spying/
Wikipedia:
Windows 8 introduced SmartScreen filtering at the desktop level, performing reputation checks by default on any file or application downloaded from the Internet. Microsoft faced concerns surrounding the privacy, legality and effectiveness of the new system; suggesting that the automatic analysis of files (which involves sending a cryptographic hash of the file and the user's IP address to a server) could be used to build a database of users' downloads online, and that the use of the outdated SSL 2.0 protocol for communication could allow an attacker to eavesdrop on the data. In response, Microsoft later issued a statement noting that IP addresses were only being collected as part of the normal operation of the service and would be periodically deleted, that SmartScreen on Windows 8 would only use SSL 3.0 for security reasons, and that information gathered via SmartScreen would not be used for advertising purposes or sold to third parties
Nothing about not handing it freely over to the NSA, and that MS Office 2013 defaults to saving all your files onto its Amercan based (One Drive) cloud server unless you explicitly tell it not to and that Bing does just as much data harvesting as Google's search engine.
Not at all. The code signing section is just a piece of metadata stuck to the binary and can be stripped without difficulty. This was done to enable signed executables to be able to run on machines that don't understand code signing without needing to modify the file.
Yes and no. Hence messy. For example, online file streams do not contain metadata.
All of the metadata (file streams) attached to an individual file would have to be verified to ensure consistent operation on the off chance that code within that module, or any other for that matter, checks the metadata and changes behaviour as a result.
So Basically, the chinese government has been keeping an eye on the snowden leaks, matching it with their own data and been drawing inferences that mean they think that their data is insecure. What's the chances that it's down to not being able to block traffic to a microsoft server otherwise windows 8 stops working (or won't activate) and needing to block traffic to the same server to prevent data leaking.
Sounds like it would just make it easier for China to spy on US, as well as to pirate the OS. I wouldn't give it to them either.
But while I am grateful to MS for the fact that while Windows continues to exist, I will always have an IT job, when I am home it's a relief to use Linux.
OMG. We're talking CHINA here. They make toys with lead paint. They make drywall with volitile chemicals that make any house uninhabitable. They make poisonous dog food. THEY EAT DOGS.
C'mon, if "people" like that don't want WIN 8, that does that say about the poor, clueless Win 8 fanbois who bought WIN 8 because it looked like their cell phone interface ? Anyone who is still defending WIN 8 is, well, just sad. WIN 8 needs to be buried in an unmarked grave on a pitch black night, right next to the old Atari 2600 ET cartridges. My advise to MS - remember the example of the "New Coke" failure, and try again. Coke brought back "old Coke" real quick. What will MS do ?
"Microsoft would no longer open its Windows 8 source code to the Chinese government, however the security scheme of the Windows 8 operating system is designed to provide better access for Microsoft to users' database. For China it's a big challenge for our cybersecurity," said Yang Min, a professor at China's Fudan University, through a translator.
Meaning, "It's more difficult for the Chinese government to hack into Windows 8 systems without looking at the source code."
A China that is anti-Win8 ia anti-progress. Windows 8 is by far the most usable OS (everyone is now copying its UI idioms from KDE to Cyanogen) and the most secure (BitLocker is the one successor to Truecrypt, according to TrueCryot themselves).
For China to be anti-Windows 8 is just "NIH" here on a grand scale and their economy will usffer as people won't want to buy their non-Win8 products. How will this even work with their major manufacturers like Lenovo who are 100% behind Win8 as they know it's by far and away the best product available?
""The US has a law that requires anyone that has this data to report to the government ..."
Of course they don't, they don't need laws, don't need anyone to report anything the NSA, CIA and friends just barge in and take whatever they want. I doubt if China behaves any differently.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
