Censor much? What to expect from the Great Firewall in 2015

chinese flagI’ve been speaking to anti-censorship organisation Greafire.org about online freedoms in China and what we’re likely to see in 2015. It makes for pretty depressing reading.

First of all, the app market will see an ever-tightening regulatory regime following new regulations passed in October, according to co-founder Percy Alpha.

“I fear that in the future, apps will be like websites, i.e you have to get a license before publishing any,” he told me by email.

Then there’s the current trend for Man in the Middle attacks as a way to monitor and block access to various online services and sites.

The Great Firewall has already tried this tactic on Google, Yahoo and iCloud to name but three. It’s the only way the authorities can see what people are up to once a site switches to HTTPS.

The smart money is apparently on more of these attacks in 2015, but increasingly focused on smaller sites so as to not arouse much media attention.

The Chinese authorities have also been going after Greatfire itself of late, proof the anti-censorship group must be doing something right.

Their mirrored sites, which allow users behind the Great Firewall view blocked content, have been a minor irritant to the authorities until now. But since last week Beijing upped the ante in two astonishing moves against the content delivery networks (CDNs) Greatfire uses.

The first resulted in EdgeCast losing all service in China – which could mean tens of thousands of sites affected. Then another swipe took out an Akamai subdomain also used by HSBC. The result? Its corporate banking services became unavailable. It just shows the lengths the Party is prepared to go to control the flow of information.

The last word goes to co-founder Charlie Smith:

“I think we will continue to see the kinds of crackdown we have seen this past year. I think that for a long time, many optimists have said, give the authorities some time, restrictions will loosen up and information will flow more freely. If anything, the exact opposite is happening – I’m not sure why people seem to make comments otherwise.

 If anything, I think the authorities will take censorship too far in 2015. They will push the Chinese over the limit of what they are willing to tolerate.”

Advertisements

China set for Windows XP meltdown in 2014

big dataThis week news emerged that Beijing officials have been leaning on Microsoft to try and get it to extend support for Windows XP, due to run out in April 2014. I covered it here for The Register.

Now the arguments apparently made by Yan Xiaohong, deputy director of the National Copyright Administration, seem to be two-fold. First, he warned of a potentially huge security risk if Redmond stops releasing patches, with the archaic OS still accounting for over 50 per cent of Windows licenses in the Middle Kingdom.

Secondly, he seems to be saying the government has done its bit and led by example in ditching its pirated software for genuine licenses, so the least Microsoft can do now is support the still-popular OS. Oh yes, and Windows 8 is too expensive to upgrade to.

The second is a typically arrogant argument from a Beijing official. Microsoft has been trailing this switch off for years now so it should have had time to plan an upgrade path, or at least factor it into government plans to “go legit” with  its stock of software.

However the security issue is more valid and in reality could affect consumers and IT security bosses all over the world. According to Akamai, China was just pipped to first place in Q2 2013 in terms of biggest source of attack traffic by a late surge from Indonesia. It has a sizeable 33 per cent share while Indonesia’s stands at 38 per cent.

Not only will this percentage jump significantly higher post-April but if XP levels stay as high as they have been, we can expect a large number of new infected machines appearing in China in 2014. Why should you care? Because these machines will be remotely controlled by cyber criminals to do their bidding. A DDoS campaign or targeted attack against your organisation perhaps, or an information stealing Trojan designed to lift credit card credentials from customers.   

SC Leung, senior consultant at Hong Kong CERT, told me there’s no doubt that the OS will come under greater attack post April.

“If Microsoft ceases to support WinXP, that means service patches, hot fixes and support is no longer provided,” he warned. “If Win7 or Win8 vulnerabilities are shared by WinXP, hackers may reverse engineer the patch for Win7 and Win8 to find out the vulnerability they can use to exploit WinXP.

Attackers may even craft fake patches containing malware to trick users and infect their machines, Leung claimed.

There also exists a longer term problem for WinXP Professional for Embedded Systems, which will run out of support on December 31 2016.

“They are typically used in POS terminals and ticketing systems,” he explained.

“Hardware vendors providing devices using this embedded version of WinXP has to develop plan for upgrade. Changing development platform takes time. They should plan now.”

Unfortunately for many Chinese users and businesses time is not something they have.

“From an information security point of view, we advise users to use a more secure OS, by either upgrading to newer versions of Windows or use other OS that has continuous support,” Leung counselled.

Let’s hope that at least governments and businesses can stump up the extra cash to upgrade to a newer version before the deadline.

The last thing the global info-security industry needs is for infection rates of epidemic proportions to sweep the Middle Kingdom next year.