China Tech News — Unfortunately it would be more of a surprise that a Chinese Internet company did not have a security hole, but the latest finding from an overseas research team confirms that Tencent’s QQ Browser leaks user data. Tencent, China’s largest Web portal company, itself also confirmed the vulnerabilities to the researchers at Citizen Lab, an interdisciplinary laboratory based at Canada’s Munk School of Global Affairs in the University of Toronto.
ZDNet — The QQ browser from Tencent has been found by Citizen Lab, a research group within the University of Toronto, to be transmitting personally identifiable data with little or no encryption, leaving users open to man-in-the-middle data collection. In its findings, Citizen Lab said that QQ is also vulnerable to arbitrary code execution thanks to an insecure update process.
Times of India — NEW DELHI: India’s parliament is set to pass legislation that gives federal agencies access to the world’s biggest biometric database in the interests of national security, raising fears the privacy of a billion people could be compromised. The move comes as the ruling Bharatiya Janata Party (BJP) cracks down on student protests and pushes a Hindu nationalist agenda in state elections, steps that some say erode India’s traditions of tolerance and free speech.
MIS Asia — Some Internet service providers are building powerful tools to track customers, and the U.S. Federal Communications Commission needs to step in, privacy advocates say. Some privacy advocates are calling on the FCC to create new regulations that limit how ISPs can track their customers across the Internet. The agency could release a proposal for ISP privacy rules as soon as this month, FCC Chairman Tom Wheeler said last week.
Myanmar Times — The developer, son of prominent lawyer U Robert San Aung, received inspiration for the app during a trip to Switzerland. Following conversations with UN officials and others human rights workers, and given the problems in Myanmar, he had an idea – a platform that would allow victims of human rights violations to communicate with defenders of those rights.
ZDNet — Kakao, the company behind South Korea’s most popular instant messaging app, KakaoTalk, has said it will cooperate with government prosecutors when they request chat messages, ending a year-long standoff over privacy. The decision marks a 180-degree turn for the company and, to date, the most clear departure in corporate strategy from its former CEO Lee Seok-Woo with new CEO, 34-year-old Lim Ji-Hoon, who took the helm officially during a stakeholders meeting on September 30.
Computer Weekly — Academic organisations in Singapore and the UK collaborate on the privacy questions raised by big data and the cloud Researchers in Singapore and the UK are working together to explore challenges posed by threats to cyber security and privacy in the cloud. A proposal has been submitted for a joint big data project between Singapore and UK industries and government agencies to collaborate on privacy-preserving data analytics.
Times of India — LONDON: Britain secretly obtained vast amounts of communications data from Pakistan to identify terrorists by hacking into routers in the country made by an American firm, according to US whistleblower Edward Snowden. The former intelligence contractor with the US National Security Agency (NSA) said that the Government Communications Headquarters (GCHQ), British intelligence and security organisation responsible for providing signals intelligence, has been monitoring Pakistan’s communication data.
Times of India — NEW DELHI: You may soon need to keep a copy of all messages sent through encrypted messaging services such as WhatsApp (Android version supports encryption), Google Hangouts or Apple’s iMessage, for 90 days, if the proposed National Encryption Policy is implemented in its current form. Online businesses too would need to keep your sensitive information including passwords in plain text for the same period of time, thus exposing your information to potential hacking attacks.
Digital News Asia — THe Singapore Government is using spyware that can copy files from your hard disk; record your Skype calls, e-mails, instant messages and passwords; and even turn on your webcam remotely – and if you’re Singaporean, you have no constitutional right to complain. Yes, that’s right – the Singapore Constitution does not include a right to privacy.
EFF Org — If you operate your own website, be glad that you don’t host it in South Korea (or if you do, you might want to rethink that). Whereas in the United States, an important law called CDA 230 protects you from liability for comments contributed by users to your website, South Korea has some of the toughest liability rules in the world that can leave intermediaries such as website owners carrying the can for content they didn’t even know about.
China Topix — Consumer watchdogs in China are planning to sue Samsung and Oppo as they are found pre-installing apps in mobiles before selling it to customers, saying that this is actually breaching the privacy of the user as no consent is asked for. The apps could be unwanted and are a direct infringement of the customers right to know.
Vietnam Net — Information safety on social networks is an issue in urgent need of attention from the Ministry of Information and Communications and other government agencies. We need to have social media policies that reflect and execute Viet Nam’s laws. When it comes to information safety on social networks, the responsibility of guarding and monitoring public information lies with both network users and management agencies.
Despite a new telecoms law that empowers the Union government to pursue confidential user information under certain circumstances, a framework around its implementation has yet to be hammered out. Industry players have established stopgap measures that balance consumer rights and compliance. Section 75 of Myanmar’s 2013 telecoms law says the Union government may direct organisations to help it obtain information or telecommunications damaging to national security and the prevalence of law, so long as doing so does not impact fundamental rights of citizens.
You might not think that an academic computer science course could be classified as an export of military technology. But under the Defence Trade Controls Act – which passed into law in April, and will come into force next year – there is a real possibility that even seemingly innocuous educational and research activities could fall foul of Australian defence export control laws. Under these laws, such “supplies of technology” come under a censorship regime involving criminal penalties of up to ten years imprisonment. How could this be?
NEW DELHI: Trishna Saikia (name changed) could not believe it when her best friend created a fake profile of her on a social networking site and sent derogatory messages to common friends in a bid to get back at Saikia for dating a boy she liked. “She used my personal images and insulted me on a public forum,” the victim related. Like Saikia, many young girls and boys fall prey to online abuse and cyberbullying, which experts describe as “the intentional use of harmful words to put another person down.”
Australia’s largest telco Telstra has pleged to keep the metadata it is required to store on its customers for two years safe after the data retention scheme passed the Senate last night. The Government and the Labor Party united last night to vote through the Coalition’s data retention bill, despite a last-ditch effort by the Greens and several independents to make changes to the bill.
Part of Indonesia’s future development hinges on how quickly and efficiently the world’s fourth most populous nation is able to embrace digitization and make it work in its favor. The man in charge of shepherding Indonesia’s digital development is Minister of Communications and Information Technology, Mr. Rudiantara. He was inaugurated in October 2014 as part of President Joko Widodo’s new cabinet.
The parliamentary committee tasked with investigating the Government’s data retention bill has put its support behind the long-mooted introduction of a mandatory data breach notification scheme. The committee made the recommendation today in its report on the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014. Australia’s Privacy Commissioner Timothy Pilgrim has long pushed for the introduction of laws that would force companies to notify customers as well as his office if personal information had been compromised in a data breach.
Security researchers warned that an adware program called Superfish, which was preloaded on some Lenovo consumer laptops, opened computers to attack. However, it seems that the same poorly designed and flawed traffic interception mechanism used by Superfish is also used in other software programs. Superfish uses a man-in-the-middle proxy component to interfere with encrypted HTTPS connections, undermining the trust between users and websites. It does this by installing its own root certificate in Windows and uses that certificate to re-sign SSL certificates presented by legitimate websites.
There have always been worries that the Chinese government could use its power to force homegrown technology companies like ZTE, Huawei, Qihoo 360 and Lenovo to spy on user communications, but now a bombshell has landed that shows Lenovo is forcing adware onto users’ computers on the company’s own volition.
Computer giant Lenovo has come under fire from users and security pundits after its consumer laptops were found to contain pre-installed adware/malware which could be used to intercept and hijack encrypted Transport Layer Security communications in Microsoft Windows. The ‘Superfish’ adware is a third-party application that was, until last month, installed on all Lenovo consumer laptops.
To eliminate fake social media accounts that impersonate public figures, the Chinese government has issued new rules that go much further and outlaw anonymity in blogs, social networks, discussion forums and IM services. The move, announced Wednesday, is the latest in a recent string of Chinese government actions that have increased online censorship in the country.
China plans to impose a ban on internet accounts that impersonate people or organisations, and force users to register with their real names online, its internet watchdog said on Wednesday. China has repeatedly made attempts to require internet users to register for online accounts using their real names, although with mixed success.
The Korea Communications Commission (KCC) plans to inspect Google Korea and other leading location-based services (LBS) providers over data and privacy protection. It will look into the Korean offices of Google, Apple, Microsoft, Qualcomm and BMW to check their latest updates for addressing privacy concerns. The nation’s dominant web portals Naver, Daum Kakao, along with the country’s three carriers ― SK Telecom, KT and LG Uplus ― Samsung and LG Electronics, SK Energy and Hyundai Motor will all be subject to questioning about their privacy policies, said a senior official at the KCC.
TAIPEI: Taiwan’s communication regulator on Tuesday said 12 mobile phone brands sold locally, including Chinese smartphone maker Xiaomi Inc, do not violate personal data protection laws. Handsets made by China’s Huawei Technologies Co Ltd and ZTE Corp, Apple Inc, Samsung Electronics Co Ltd, LG Electronics Inc and Sony Corp also do not breach the laws, the National Communications Commission said.
People across Asia Pacific are working in new ways, at varying times and from different locations. They can work from home or semi-permanent locations including project sites, customer event sites or even on-the-go. The era of connectivity and technological speed has improved internal and external collaboration while enhancing employee engagement within and between organizations that transcends geographies.
Coolpad, the world’s sixth largest smartphone manufacturer, installed a back door that allows the company to install applications, send alerts, and monitor communications without user knowledge or approval. According to Palo Alto Networks, which discovered the security flaw, the “CoolReaper” backdoor has been found on 24 Coolpad phone models sold in China, adding up to over 10 million devices.
Apple can have access to China, as long as it protects users’ privacy, a top Chinese official told the company’s CEO last week. The head of the country’s Cyberspace Administration, Lu Wei, met with Apple’s Tim Cook on Saturday as part of a visit to the company, China’s state-run Xinhua News Agency said in a Monday report.