Security experts speak their brains at InfoSecurity Summit Hong Kong

One of the best things about being in Hong Kong at this time of year is, for the first time in about seven years, I’m missing the annual slog-fest that is the three day Infosecurity Europe show in London. While the speaker line-up in the keynote theatre is always of good quality (at least on the first two days), the constant cajoling from desperate PR professionals trying to set up last minute briefings with their clients is power-sappingly depressing at best.

However, I haven’t managed to shun IT security completely over here, thanks to the 4th MIG InfoSecurity Summit at Wan Chai’s Hong Kong Convention and Exhibition Centre (HKCEC). Eschewing the vendor pitches, as always, I snuck into the panel debates to find some refreshingly honest discussions from the assembled IT experts.

The first was all nominally about disruptive tech, but some of the most interesting comments came about plain old threats. SH Lim, head of infosecurity at Hong Kong Jockey Club hit the nail on the head when he said the future entailed “a lot of us losing our hair”. Humour turned to exasperation soon after when discussing the problems of dealing with zero day threats and tardy patches.

“How fast can any organisation patch versus how fast can the malware writers write malware,” he added. “How do we test our apps within five days? Do we do a self-DOS by causing an app to fail by not testing a patch properly?”

SC Leung, senior consultant at the  HKCERT, went further, blaming cloud computing.

“Cloud computing is great technology but the criminals are using it more efficiently for web hosting and they can subscribe to cloud services to get bandwidth on demand,” he said.

“They can hack computers thanks to the computing power of Amazon and it’s very hard to trace them. We need to solve this problem with the cloud service providers.”

Fair enough. But blaming cloud computing for security threats is like blaming ammunition manufacturers for war. The causes need addressing more holistically to make a difference.

The second panel debate focussed much more on the changing role of the CISO. Nothing ground-breakingly new there but again some good advice for budding security chiefs, namely, brush up on your business skills and learn about risk management rather than get bogged down in tactical, technology-focussed issues.

There was also a word of warning that CISOs everywhere need to heed – beware the regulator.

Chinese government urges local mobile firms to build own platforms

This is a strange one. A report issued by part of China’s Ministry of Industry and IT (MIIT) has apparently warned the country’s home grown mobile phone makers to beware of getting sued by foreign firms looking to assert their patents.

The report is long and in Chinese, so I’ve had to take China Daily’s word for the content of the paper – never the best and most reliable source of the truth, but given the report is government led, the state-run paper is unlikely at least to have hidden any important facts.

The message is fairly clear – now that China produces most of the world’s mobile devices and now its domestic brands have edged out international competition in the People’s Republic, patent holders from abroad may start sniffing around.

All of which is fair enough. China is a dominant player in the global mobile market, but why was the report written now, and what are the alternatives?

Well, as IDC’s Melissa Chau told me, there aren’t really any. Even the supposedly home grown operating systems mentioned in the report from various Chinese operators, Baidu and Alibaba, are based on forks of Android. These have singularly failed to capture the popular imagination, she said.

If the government is suggesting, as appears to be the case, that mobile makers look for alternatives to Android – the OS which is currently battling Oracle over Java patents and Microsoft – then it is going to take some time.

I’ve no doubt that China’s domestic brands will get there in the end. In fact, Deloitte’s William Chou said as much when I chatted to him a month or two ago.

“No Chinese handset maker has a solid platform that can compete with Apple and Google yet but we are at a very early stage,” he said at the time. “Vendors like Huawei and Lenovo are providing smartphones not because they want to earn a profit from the sales but because they eventually want to dominate the application market.”

India could be Japan’s tech saviour as demand rockets

In my brief to cover the science and technology space in Asia for The Reg – yeah, pretty busy at the moment, thanks for asking – India is fast becoming a fertile source for stories.

It can be spoken of in the same breath as China in many ways in that they are both burgeoning nations with huge populations, a growing middle class and aspirations to lead the world in their own ways in the production and consumption of technology.

So it was no surprise when I read Gartner’s latest stats indicating Indian consumption of semiconductors is set to grow faster than any country this year – up by 20 per cent from 2011 to reach a whopping $9.2bn in revenue.

Compared to a global average of just four per cent growth it’s clear the country is undergoing a rapid transition.

Gartner research director Ganesh Ramamoorthy told me that the growth is likely to be sustained for some time to come, driven by huge demand for mobile phones, PCs and LCD TVs in the country.

Due to the low penetration of such kit in India at the moment, the potential is there for CAGR of 16 per cent to 2016, he added.

All of which is good news for Asian companies in general, because while India may be consuming all those semiconductors, it doesn’t make them.

“I do see China based semiconductor companies benefiting a lot because a substantial amount of semiconductor requirements of local manufacturers in India is imported from China,” said Ramamoorthy.

“The strong, growing demand for overall electronic equipment in India benefits other companies as well such as LG, Samsung, Panasonic, Toshiba etc, from countries like Korea and Japan.”

Japanese tech firms in particular have had a tough time of it of late and are struggling in the shadow of China. Salvation comes from strange places sometimes.

The battle to save Apple’s soul

Have just had time to take stock of all the crazy goings on with Apple and Foxconn last week and I think this story will run and run, much to Apple’s frustration, for a while to come yet.

I managed to track down Debby Chan, a project worker at non-profit organisation Students and Scholars Against Corporate Misbehaviour (SACOM) for a fascinating chat which generated some pretty dynamite pieces of information.

Bear in mind the following are all allegations, some from chats Debby has had with Foxconn staff, so it’s best to remain sceptical, but still:

• Local governments ‘repay’ Foxconn for choosing to locate factories in their area by helping to man them with vocational students. Apparently it doesn’t matter what the vocation is, they get shipped off anyway for a few months or more of misery which could mean them failing to graduate or having to drop out. This is basically forced labour.
• High profile they may have been but the FLA inspections of Foxconn’s factories are flawed because the company has prepared for them by giving workers more breaks, and by hiding the underage workers away – so they pass inspection.
• The FLA itself could be accused of favouring the interests of the big name companies like Apple which are members and sit on its board, making a mockery of these ‘independent’ inspections.

Now Foxconn has strenuously denied the allegations of underage workers and wages have been put up, while Apple CEO Tim Cook has made noises about micro-managing timesheets to make sure workers aren’t put under too much pressure.

But how much of this is just spin? Some people have suggested that this is Apple’s Nike moment and it’s important to remember that ultimately all a company wants to do is make money – sell products, maximise its profits and dominate the market. It’s capitalism, and it’s never been particularly pretty.

The only way of stopping these companies from doing what they want no matter how horrendous the human cost, is by helping their affluent, mostly white, middle class, western customers realise what’s going on.

So well done to Debby and the people at SACOM and their various partners for trying to bring these issues to light. It seems to be working, as witnessed by the inspections themselves, although as Chan explained to me, the time for inspections is over. There needs to be proper union representation in the factories and a way of monitoring conditions on an ongoing basis.

I think the arguments saying Foxconn is a relatively good payer in China and that some of the suicides at its plant could be blamed on the mental health of rural workers not being able to cope with such hard and monotonous work is missing the point.

I don’t know many people who’d rather not spend a little more on their shiny new iPhone/Pad/Pod etc if they could be assured it was manufactured in decent conditions by workers who receive a decent wage and are treated with respect.

The only worry is that the ever fickle customer will eventually get distracted and move onto some other piece of news long before the problems have been properly addressed, while Apple’s spin machine works overtime to claim enough improvements have been made.

Can Baidu make it big on the world stage?

Chinese search engine Baidu had a busy week last week, launching a new version of its browser software, announcing decent financials and planed expansion internationally and into the mobile space.

As I wrote in The Register, however, it’s unsure whether the company which has roundly trounced Google in its home market has the ability to do the same to the US web behemoth across the Pacific.

Reports emerged that the firm is planning to set up some kind of outpost in Brazil – dangerously close to Googleland – while CEO Robin Li said it would be looking to build on its strong financial performance in 2011 by monetising mobile traffic and social media platforms and expand internationally.

The mobile piece makes absolute sense. With the mobile internet expected to far outgrow its fixed line antecedent – especially in developing countries – it’s an area any web company should be concentrating on.

Gartner analyst Roger Sheng told me that the firm would look increasingly to hardware partnerships with the likes of Lenovo, ZTE and others to gain a bigger foothold in the mobile space and to make money out of this market, while also looking to monetise its mobile search traffic.

The international picture is a little less clear, however. Baidu has traditionally failed to set the world alight outside China. Despite launching various services in Japan, Thailand and even the Middle East, the firm has struggled to differentiate its offerings from local competitors.

According to SEC figures cited in a recent China Daily report, the firm actually lost over $100m from its international operations between 2008 and 2010.

Put simply, it is still an immature company on the world stage and will be roundly beaten in Brazil,  where Google has a virtual monopoly, just as it was in Japan. Those tasked with masterminding a reversal of these fortunes from the firm’s new offices currently being built in Shenzhen will certainly have their work cut out.

Baidu made great play of being the home grown champion when Google was falling out of love with China, and may have won users over by ramping up the nationalism. It is also thought to have been simply better at dealing with Chinese language queries.

Both strategies are doomed internationally. It’s going to have to come up with something a little different to conquer markets outside the People’s Republic.

Facebook and China: a marriage definitely not made in heaven

So, much of the talk this week has been whether Facebook’s latent desire to crack the Chinese market is actually going to lead anywhere. I wrote a piece for The Register based around some excerpts from the social networking giant’s IPO which indicate it is definitely still keen.

The next question to ask, then, is whether this is a good idea for Zuckerberg and co. I mean, he may be trying to learn Mandarin but that’s not going to count for much in the hard nosed business world in which Facebook now operates.

Firstly, it’s obvious that any Facebook – China detente is likely going to have to involve the former making some pretty big concessions over censorship and restricting certain content. That may give it the keys to the Chinese kingdom but it’s certainly not going to win it any friends internationally.

The repercussions of Twitter’s recent decision to allow tweets to be removed at a country level are still to be felt but the firm may be in danger of undoing all the good work its service has managed in the Middle East and beyond giving voice to the oppressed and ignored. Facebook could very easily follow in its path.

Secondly, as I mentioned in my news story, the firm will have some fierce competition from some quite mature and very popular home grown social networking rivals such as Sina, Tencent and Renren.

Finally, and maybe more importantly for Zuck and co, was the point made in a Reuters report that online advertising is still not a very big deal in China. As I’m sure the social networking behemoth is aware, the Chinese market is not the cash cow many are making it out to be.