When is a ban not a ban? Ask the Australian Department of Defence

Posted: August 1, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , | Leave a comment

chinaWell that was a messy week, made significantly messier by news that broke in Australia that I covered for The Reg on Lenovo. This story has taken enough twists and turns in the past few days to satisfy even the most ardent F1 fan.

The original piece in the well-respected Australian Financial Review claimed that intelligence agencies in the “Five Eyes” allied countries of US, UK, Oz, New Zealand and Canada had banned Lenovo from top secret networks since the mid-2000s (when the firm acquired IBM’s PC biz) after finding serious backdoor vulnerabilities.

Although it didn’t claim Lenovo was in cahoots with the Chinese government, or that it had used such vulnerabilities to spy on foreign powers, the article rightly stated that the PC giant’s biggest shareholder is part-owned by Beijing.

Although it used unnamed sources to corroborate the ban across intelligence agencies like GCHQ and the NSA, the story also quoted an Australian Department of Defence spokesman as saying Lenovo “never sought accreditation” for use of its kit in secret and top secret networks at the department.

Now, whether the firm didn’t seek accreditation because it knew it wouldn’t get it is conjecture at this stage, although IBM servers and mainframes are accredited for such use.

In a carefully worded statement, Lenovo said it was “not aware of any sort of a restriction of sales”, and bigged up its “strong relationship” with the Australian government. Strange then that it didn’t seek accreditation for use on the department’s most secure networks.

The story got more murky when a Lenovo spokesperson emailed me a couple of days later with a hard-to-find link to a Department of Defence statement on the story which said the following:

Reports published on 27 and 29 July 2013 in the Australian Financial Review allege a Department of Defence ban on the use of Lenovo computer equipment on the Defence Secret and Top Secret Networks.‪ ‪

This reporting is factually incorrect. There is no Department of Defence ban on the Lenovo Company or their computer products; either for classified or unclassified systems. ‪

As we reported in an update at The Reg, the original AFR story didn’t claim a department-wide ban had been instituted at all, only that Lenovo hadn’t sought accreditation. The ban piece related to the Five Eyes intelligence and security agencies – a different entity altogether.

Just why the DoD decided to release a statement contradicting an assertion no-body made remains to be seen.

It’s possibly just down to plain old incompetence and human error – after all it’s easy to misread a sentence which refers to “multiple intelligence and defence sources in Britain and Australia” as instituting a ban, but then goes on to clarify that in the case of Australia’s defence department it is just the “non-accreditation” piece that was officially confirmed.

However, the conspiracy theorists will claim it did so after pressure from Beijing, after all the DoD statement was not widely publicised – it appeared to have been filed away on a little visited part of the site – but Lenovo was very quick to alert journalists to it.

I also understand that Fairfax Media, which owns the AFR, has received complaints from senior Chinese officials in the past over a certain controversial story.

The AFR has quite rightly written a follow-up piece to clarify the mix-up, which includes clarification from “subject matter experts” stating that intel agency the Defence Signals Directorate doesn’t use Lenovo kit, despite having previously used IBM gear.

Aside from all of this though is another question: if intelligence officials in the UK and elsewhere knew something about serious backdoor vulnerabilities in Lenovo gear, whether deliberate or accidental, did they share such information with the private sector and if not why not?

That kind of information could seriously hurt a company’s bottom line, although Lenovo remains the world’s biggest PC vendor.

This is exactly the sort of thing the UK government’s much lauded Cyber Security Strategy launched in 2011 was meant to promote – improved information sharing between public and private sector. GCHQ should be an asset exploited for the benefit of UK PLC.

China, where the links between government and private business are more secretive and certainly more pervasive, remains streets ahead in this regard.

Apple taking one for the team in new labour rights abuse report

Posted: July 30, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , , , | Leave a comment

foxconn workerOne of the biggest stories of the past week I’ve covered in the Asia technology space was the latest report from China Labor Watch into alleged rights abuses at Apple supplier Pegatron.

In terms of the abuses uncovered by the rights group, they’re pretty similar to those detailed at Foxconn over the years which led to a landmark agreement between Apple, the Fair Labor Association and the Taiwanese manufacturer to sort out conditions at its plants.

When I say “similar” I mean things like overworking and underpaying staff, breaking local employment laws through discriminatory hiring, excessive overtime and the like and subjecting employees to sub-standard living conditions.

You can usually gauge the seriousness of the allegations by the speed of the tech giant in question’s response and the length of its statement. So it was that Apple came back within a few hours with a long response claiming it had undertaken 15 audits at Pegatron and that it had been “in close contact” with CLW investigating findings highlighted by the group.

It added:

Their latest report contains claims that are new to us and we will investigate them immediately. Our audit teams will return to Pegatron, RiTeng and AVY for special inspections this week. If our audits find that workers have been underpaid or denied compensation for any time they’ve worked, we will require that Pegatron reimburse them in full.

One para that was lopped off my story referred to the fact that Pegatron facilities, including the ones mentioned in the report, produce gear for a raft of big name technology brands besides Apple. Microsoft, Dell, HP, Nokia and Asus have all had kit made by the Taiwanese headquartered manufacturer in the past.

Beyond Pegatron too there have reports of various rights abuses, in Samsung suppliers, and Chinese manufacturers making kit for firms including Telstra, Sony and Phillips.

However, the fruity-themed Cupertino giant, unfortunately for it, now has a reputation which makes it easier for hacks like me and rights groups like CLW to build a compelling narrative around such incidents.

For better or worse that’s the way it is but hopefully with Apple taking a lead, as it is certainly appears to be trying to do, on improving labour rights among its suppliers, others will follow. We mustn’t forget Apple boss Tim Cook used to be the firm’s COO and so will be well aware just how big a task it is to clean up the supply chain.

This is a process which will take years, not months, but it’s reassuring to an extent that stories like this still make the headlines, because once they stop then the whole process of improving the rights of shop workers in countries like China is likely to grind to a halt too.

Baidu’s $2 BILLION gamble on mobile apps

Posted: July 17, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , | Leave a comment

baidu logoChinese search giant Baidu has just agreed to pay $1.9 billion (£1.3bn) to acquire mobile app store provider 91 Wireless Websoft in the biggest internet M&A deal ever in the People’s Republic.

Commentators have already been arguing over whether nearly $2bn for effectively two mobile app stores is a good deal for China’s biggest search company.

As with all acquisitions, only time will tell, although it’s certainly a statement of intent for the firm and one it needed to make with the likes of Alibaba and Tencent all making big mobile internet plays.

Beijing-based Forrester analyst Wang Xiaofeng said in comments sent to me that it was a smart move for Baidu to “assure its competitiveness in the age of the mobile internet”.

“Alibaba is working on its m-commerce strategy through its investment in Sina Weibo and an [offline to online] strategy through the acquisition of Autonavi; Tencent is digging out monetisation possibilities from its killer product WeChat, including eBusiness and mobile payment,” she explained.

“91 Wireless’ strength in mobile applications will be a great complement to Baidu’s current business.”

As to exactly what Baidu is buying, well the main bit of 91’s business is two app stores – 91 Assistant and HiMarket – which apparently lead the domestic market with over 10 billion downloads.

This will give Baidu a great distribution channel for its own apps, and to be honest the deal shows a good degree of self-awareness from the web giant – it knows more users in China find info on the mobile net via apps than mobile web-based search engines.

Whether it proves to be a great piece of business or a stunningly ill-judged waste of money remains to be seen but I’d lean towards the former.

Baidu certainly couldn’t sit back and let its rivals gain the initiative in the brave new world of mobile and if this acquisition doesn’t work out it could well be because it left it too late before pouncing.

Intel and Malaysia: 41 years, $4 billion

Posted: July 12, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , | Leave a comment

intel penangSpent a fascinating day at Intel’s Penang facility a week ago today with The Register. Up until now it’s been something of a hidden gem for Chipzilla but, as the largest plant outside of the US, it’s a key part of its Asia and global operations.

So exactly why is it such a big deal for Intel? Well it was its first ever foray outside the US some 40-odd years ago and now employs over 6,000 designers and engineers. Crucially it acts as a hub for Intel’s other plants across Asia, providing training and support for engineers from newer facilities in Chengdu, Bangalore and most recently Vietnam.

As if any more proof were needed of its importance to Intel, the firm’s global VP of the Technology and Manufacturing Group, Robin Martin, is based there.

We learned that having everything from product development and design to testing and manufacturing on one site means the firm can respond much quicker to changing market demands and keep up with faster development cycles demanded by today’s mobile computing trends.

Perhaps an even more interesting story, though, is the emergence of Malaysia and Penang as an IT destination during the past 40 years. I spoke to Datuk Noharuddin Nordin, CEO of MIDA, the government’s investment and development agency, who admitted that the reason Intel was lured to the country in the early ‘70s was purely based on cost.

However, the government has taken that early investment and managed to grow it, attracting more big electronics MNCs with skilled labour, solid IPR protection and cheap land.

“We must remember MNCs come here because they want the greatest margins,” he said. “We have to anticipate what’s round the corner and create systems which will help to prepare for that.”

It’s not done a bad job. Intel on its own has invested $4bn in Malaysia over the past 40 years and other big names including Motorola, AMD, Western Digital, Renesas, Bosch and many more have all joined Chipzilla in Penang. Nordin claimed such investment has managed to help to move local firms up the value chain, nurture world class IT talent in Malaysia’s universities and attract MNCs from other related industries like aerospace, medical equipment and automotive.

As we walked through the old colonial streets of Georgetown that evening I couldn’t help but think Penang has come a long way since its days as a British East India Company trading port.

Whether it can continue to lead in the future remains to be seen, with hugely ambitious Asian rivals like China coming up fast. However, alongside Taiwan, Malaysia has something of a first mover advantage in Southeast Asia which will be hard to match in the near-term.

Don’t worry Cisco, you’re not getting kicked out of China

Posted: July 4, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , | Leave a comment

cisco logoA lot of media reports have been flying around this past week or two predicting that US tech firms will find life increasingly difficult for them in China following the various revelations leaked by Edward Snowden.

It’s a compelling narrative and on one level makes quite a bit of sense.

If, as the PRISM whistle-blower has claimed, the NSA really is spying on foreign targets including China and Hong Kong and even allies like the EU, then the logical next step would be to assume it could be doing so with the acquiescence of US technology providers who have managed to establish a firm foothold in the country.

After all, wasn’t it US lawmakers who branded Huawei and ZTE a national security threat due to the perceived risk of the firms being forced by Beijing to modify systems to enable state-sponsored eavesdropping?

No wonder then that Chinese state-run media including the English language Global Times have called for US companies including Cisco to be replaced by domestic providers. China Daily even sourced an anonymous “industry insider” who claimed: “There is a terrible security threat in China from US-based technology companies including Cisco, Apple and Microsoft.”

There’s good reason to believe that Cisco et al won’t be overly concerned about such claims, however.

For one thing, although its kit is all over China’s network infrastructure, the market there accounts for less than 5 per cent of turnover.

Huawei is probably Cisco’s biggest Chinese competitor, especially in the telco edge router market, and has certainly been taking market share from the venerable US giant, but a rip-and-replace policy of the sort advocated in the Chinese media is simply not practical.

“I would say a few vendor replacements had considerations beyond the offerings themselves, for example for certain clients with high security sensitivity,” Gartner analyst Tina Tian told me. “But much more of it would be purely a market decision.”

As for the other US technology providers, the likes of Google Android, Microsoft and Apple between them control just about the entire mobile and desktop operating system market in China.

For that reason and the lack of strong domestic alternatives (for the time being) we’re just not going to see wholesale changes here, which could even work in Cisco’s favour, according to Tian.

“Even if China could replace all the networking equipment from foreign vendors, their data would still need to be handled by IBM, Oracle, HP, EMC, Intel and also Microsoft,” she said.

Sweaty palms as Myanmar stalls telco license decision

Posted: June 27, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , , , | Leave a comment

burma templeOver on The Register I’ve been following quite closely the carve up of Myamar (Burma) by international technology giants.

This deceptively massive country bordering China, Thailand, India and Laos, has of course only recently opened its doors to the global community after decades of self-imposed exile thanks to rule by a military junta.

So Myanmar not only offers tech firms a market of 60 million+ users to tap, but also offers rich business opportunities for infrastructure providers and could even serve as an outsourcing destination in the years to come.

An IDC report from last year, Myanmar ICT Market 2012–2016 Forecast and Analysis, predicts 15 per cent year-on-year growth in IT spending in 2012, with the market to reach $268.45m (£172.9m) by 2016.

One of the biggest opportunities lies in the telecoms space where global operators have been eyeing up the two licenses set to be awarded this month. However, the decision – due to take place today – was postponed at the last minute until lawmakers pass a new telecommunications law, still be being drafted.

It emerged that an emergency statement was submitted by a telecoms committee urging lawmakers to favour local joint ventures over global bids.

Whether this ends up scuppering the ambitions of France Telecom, Qatar Telecom, Singtel, Telenor and others remains to be seen, but it must be said that some operators are walking a fine line in getting stuck into the country before human rights concerns have been fully allayed.

Human Rights Watch, for example, has been lobbying telcos to boycott the country until legislation is passed which does better to outlaw things like mass surveillance and hardline censorship.

In fact, Vodafone and China Mobile withdrew their joint bid last month, in what some think was a decision influenced by Myanmar’s current failure to protect online freedoms.

John Morrison executive director of the Institute for Human Rights and Business (IHRB), told me that if nothing else, the recent NSA debacle has shown that even in western democracies, telcos are vulnerable to mass surveillance requests from governments.

“Given Myanmar’s human rights record it is all the more important that the companies that secure the license to operate in the country do so in a way that respects privacy and free expression,” he added.

“As Myanmar continues political and economic reforms, it should work towards making telecommunications technology a tool for advancing human rights, including guarding against hate speech that incites violence.”

Time will tell whether Myanmar can make a stable transition from repressive hermit state to 21st century Asian tiger, but if it does, technology will be a major driving force.

EU’s $30 billion data security block on India’s BPO giants

Posted: June 19, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , | Leave a comment

taj mahalI don’t often cover India’s outsourcing market but an interesting piece of news emerged this week when local media reported that the EU has found some notable gaps in the country’s data protection legislation which could scupper a major trade agreement between the two.

Basically the two have been trying to thrash out the Broad-based Trade and Investment Agreement since 2006.

The idea is that India opens up more of its vast market for EU firms and vice versa, but with one of India’s biggest industries in Business Process Outsourcing, a key demand from that side was that the country be recognised as a “data secure destination” by Europe.

According to the Data Security Council of India (DSCI), this single accreditation could propel outsourcing revenues from European customers from $20bn to $50bn in no time at all.

Sadly for India, the EU Justice Department decided to launch a consultation on India’s data security credentials and now the mutterings are it doesn’t like what it sees.

Any further delays which require legislative amendments could take years – not exactly what IT services giants like Infosys, Mahindra and Unisys want.

However, Forrester security analyst Manatosh Das told me all may not be quite as bad as it seems.

For starters, he said, India is taking information security a lot more seriously nowadays since recent high profile cyber attacks.

With the proposed electronic surveillance Central Monitoring System, the country is apparently planning for stringent privacy laws, while the DSCI, set up by Nasscom, has a strict remit to monitor data security and privacy in the IT and BPO industries, he said.

“I really don’t think in the current scenario outsourcing will take a back seat,” Das added.

“Private organisations in India follow international security frameworks like ISO 27001, PCI DSS, SOX, HIPAA. They have strong contractual agreements with their clients. Clients have the right to audit the vendors as per the agreement.”

However, he did admit that the IT Amendment Act 2008 lacks enforcement and needs amending again to “remove ambiguity” and create specific exceptions.

As a side note, I’m sure the recent “landmark” agreement between the UK and India on data security will also help reassure European customers considering offloading some services to Indian firms.

As always though, rigorous planning and due diligence and early involvement from the IT department should be a given to prevent any unexpected outsourcing problems down the line.

The truth about PRISM (no, honestly)

Posted: June 12, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , | 2 Comments

big dataJust a short post this week because it has quite frankly been a quiet week apart from one massive story that has dominated the headlines worldwide, except quite notably mainland China: PRISM and the IT whistle-blower Edward Snowden.

By far and away the most balanced most informative and least hyperventerlatingly hyperbolic piece was over at El Reg, where Duncan Campbell picked through the actual facts about PRISM so far to conclude that, actually, most of it is legal and definitely not tyrannical.

My key observations from his piece are as follows:

  • Prism is nothing compared to the powers the UK government was asking for in its draft Communications Bill – now shelved for the time being. It is also pretty similar to what goes on in police offices and other agencies all over the country where officers act on RIPA requests to collect comms data.
  • The NSA has numerous other similar schemes including direct Deep Packet Inspection, which have been going on in the background and arguably are more intrusive on personal freedoms.
  • The scheme costs around $20m year and as such is definitely small fry in terms of the extent and type of surveillance involved. NSA’s overall budget is an estimated $10 BILLION.
  • The number of requests disclosed by Microsoft, Google et al via PRISM are even far lower than the government requests they’ve disclosed not associated with the scheme
  • Where Microsoft is concerned, at least, most requests (2%) were for non-content data – ie just account details but not the content of messages. I imagine the same is true of other web service providers.
  • These providers may have said they didn’t known about PRISM because it is just an internal codename used by NSA.

What people should REALLY be worried about here is not PRISM per se but the other Guardian scoop – that Verizon was issued with a secret warrant “requiring wholesale delivery of all call data records from their entire system”. That and the doubtless other similar requests which other comms providers have been issued with are more insidious and certainly warrantless compared with PRISM.

It’ll be interesting to see whether the future “scoops” which The Guardian promises will focus on these. I for one would be interested to see whether UK operators have been subject to similar orders from GCHQ.

Computex 2013: chips with everything

Posted: June 6, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , , , | Leave a comment

windows OEM devicesSo that was Computex Taipei 2013. Asia’s largest IT show and the world’s second biggest was dominated this year by the launch of Intel’s 4th generation Haswell processor family, and to be perfectly honest there wasn’t an awful lot of other news knocking around, but here’s my brief take on events.

Local heroes Asus and Acer kicked things off in usual hyperactive fashion with a bevy of tablets, notebooks, smartphones and other hybrid devices. The most notable was probably Asus’ 3-in-1 Transformer Book Trio, which combines a notebook, tablet and even desktop functionality in one.

Acer’s presser was more subdued and it remains to be seen whether it’s done enough to win back some of the market share it’s been hemorrhaging over the past few quarters. It actually also depends on whether users decide they want 2-in-1 notebook/tablets – as Intel believes they do –  or a regular notebook with a smaller companion 7 or 8 inch tablet (phablet) device like the Acer Iconia W3.

How this market shakes out will be interesting to watch and to be perfectly honest no-one knows how it’s going to play out, least of all the many analysts I spoke to. It’s all about price, performance, and user experience – nail those three and as a manufacturer you’re giving yourself the best chance of success. Intel was marketing the hell out of the 2-in-1 concept at the show on the back of its Haswells and Silvermont Atoms, but I’m not convinced this will work out as intended.

It makes sense on paper – a tablet for tablet stuff and a notebook for work, in one hybrid device – but if you’re a fanboi, for example, you’re not going to want to give up your iPad, so a convertible isn’t going to cut it.

Form factor chat aside, Microsoft held its first public demo of Windows 8.1  at the show – the OS Windows 8 should have been. There are a lot of cool features in there – better search, the ability to view several apps on one screen and resize them, and the long awaited return of the Start icon. However, the experts are pretty guarded about whether it will be enough to a) rejuvenate the PC market and b) help Redmond grab more market share in the mobile computing space – tabs, phabs and notebooks.

“Being able to lock it in desktop mode and having a ‘Start Point’ will remove the chief barriers that people have with Windows 8. But that doesn’t necessarily address the things that are holding back the PC market as it is,” Forrester analyst David Johnson told me.

“Right now, at the consumer and enterprise level, non-Windows tablet adoption is massive, and Windows 8.1, while improving the tablet experience, will still be competing with Apple iOS and Android. Secondly, most enterprises are completely distracted by just getting to Windows 7 before the April 2014 deadline. They’re at capacity with that transformation and few will have the resources to worry about Windows 8.1.”

Taiwan was quite honestly the star of Computex this year.

I mean, it always has been, but the lack of news made it even more obvious. This is a country whose technology producers account for 80 per cent of the global “branded” tablet market and over 90 per cent of Intel notebooks. They might all be physically made in China but they’re designed here. The IP, basically, is Taiwanese.

It raises an interesting point about whether the People’s Republic of China can ever hope to emulate its tiny neighbour the Republic of China. The Communist Party desperately wants it to start innovating, but you can’t just turn on that tap at will after decades of stealing and copying IP.

Rubber ducks perfectly illustrate just how far it has yet to go.

Hong Kongers have been fawning over a new installation from Dutchman Florentijn Hofman for weeks now. It’s a giant, six storey, yellow rubber duck floating in Victoria harbour.

Now reports have emerged that similar ducks have been spotted across China, from Wuhan to Xi’an. They say imitation is the sincerest form of flattery, but in the tech world, it’s going to get China absolutely no-where.

Lenovo will struggle in US smartphone market … for a while

Posted: May 28, 2013 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , | Leave a comment

lenovoLenovo has been talking up its move into the US smartphone market this week, as global PC sales continue to stagnate, but the analysts I spoke to are far from convinced that the Chinese hardware giant can repeat its success in the traditional computing space.

CEO Yang Yuanqing told the WSJ that the firm would be taking aim at the US mobile space within a year. You can’t argue that it doesn’t represent a “new opportunity” for growth, given that PC shipments are still falling in most markets around the world.

In Western Europe they declined by the biggest ever amount in the last quarter – down 20 per cent year-on-year – and even in the still healthy Chinese market they are only forecast to grow by 3-4 per cent this year.

So can the hardware behemoth, which recently became the world’s number one PC vendor, tap a user trend which is seeing more and more gravitate towards mobile devices instead of traditional notebooks and desktops?

Well, Gartner has forecast it will take the lead in its domestic market – the world’s biggest for smartphones – as early as this year, but the US would seem harder to crack.

“The only way Lenovo would have a way to even have a chance would be to have a key carrier support it by lining up one or more of their products in the portfolio. Even this way, I believe consumers will not necessarily see the brand as sexy,” Gartner research VP Carolina Milanesi told me.

“Lenovo’s position in the corporate PC market might give them an opportunity in the prosumer segment especially if they brought to market an Android based device with an enterprise class security and manageability feature set. Bottom line: it’s a tough job and Lenovo would be better off capturing more of the tablet market first so that they could get one step closer to consumers.”

Canalys research director Nicole Peng was not much more optimistic of its chances in the near term, telling me China sales would continue to make up the majority of its global volume.

“The competition landscape in the US smart phone market is far more challenging for new comers, with Apple and Samsung dominating over 70 per cent share,” she added. “However to start selling smart phone in the US, more importantly to gain carrier support is strategically important for Lenovo’s overall PC+ strategy globally.”

All reasonable comments and I think they’ll be true in the short term, but I wouldn’t be surprised to see Lenovo up there in the top three or five US smartphone vendors in a couple of years’ time. ZTE, with all of its problems and negative publicity in the US, has already nabbed third place, according to new stats from ITG Market Research.

With a hefty R&D team and vaulting ambition, Lenovo will be hard to ignore, even if its brand image is not exactly an enticing one for smartphone users Stateside at the moment.

← Older Entries
Newer Entries →