China Watch Blog has learnt that approximately 4.93 million Gmail usernames and passwords were published to a Russian Bitcoin forum on Tuesday, as first reported by Russian website CNews. That’s the bad news.
The good news is that this leak doesn’t seem as massive upon further inspection. First off, we got in touch with Google regarding the issue. The company does not believe this is the result of any sort of security breach on its end.
“The security of our users’ information is a top priority for us,” a Google spokesperson told TNW. “We have no evidence that our systems have been compromised, but whenever we become aware that accounts may have been, we take steps to help those users secure their accounts.”
Next, since the posting, the forum administrators have purged the passwords from the text file in question, leaving only the logins. Furthermore, tvskit, the forum user who published the file, claimed that some 60 percent of the passwords were valid.
A quick analysis of the text file shows it includes mainly English, Spanish, and Russian accounts, but also that it seems to combine older lists accumulated over a longer period of time. There could thus be a link to hacks of sites unrelated to Gmail or any of Google’s services, especially if users are choosing the same usernames and passwords for other accounts, as well as phishing attacks.
As a result, this leak likely affects significantly fewer than 5 million users. Many have likely changed their passwords, and certain entries could be for suspended accounts, duplicates or simply outdated.
If you want to check whether your account is included in the leak, you can head to isleaked.com and input your email address (English translation here). We wouldn’t necessarily recommend doing so, however (email addresses could always be accumulated for later spamming): changing your password regardless of whether you’re on the list or not can’t hurt.
If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog has learnt that the heart of the Internet is “bleeding” from a bug in widely-used encryption technology, according to security experts.
The online threat, code-named Heartbleed, could affect millions of Chinese computer users by exposing their passwords, credit card numbers and other sensitive information to potential theft by computer hackers.
“Heartbleed is the No. 1 online threat this year,” said Shi Xiaohong, a security expert with Qihoo 360.
Shi likened it to a “nuclear crisis in the Internet landscape” due to its potential for damage.
More than 30 percent of domestic websites requiring web log-ins — covering online payment, e-commerce, online bank and e-mail services — have been affected by the bug. Users can’t protect their information if they have used the services of websites with OpenSSL encryption technology, even if their computers are well protected by anti-virus tools, according to Qihoo 360.
The security researchers who uncovered the threat are particularly worried about the breach because it had gone undetected for more than two years. Hackers may have been exploiting the problem over that period.
Domestic websites, including Taobao, the online shopping site, and train ticket site12306.cn, and global sites such as Yahoo were found to have the bug. By yesterday evening, most websites had been upgraded to fix the bug.
“All of our websites, including Taobao, Alipay and Tmall are safe now with system upgrading,” Alibaba said.
Beijing-based Qihoo 360 sent alerts to around 120,000 website owners in China urging them to upgrade their systems.
The Heartbleed bug was found by Google Inc and US security firm Codenomicon, and prompted the US government’s Department of Homeland Security to advise businesses to review their servers to see if they were using vulnerable versions of OpenSSL, Reuters reported.
Ordinary computer users are advised to change passwords or at least not to access websites that haven’t been upgraded.
Yahoo, which has more than 800 million users worldwide, said most of its most popular services — including sports, finance and Tumblr — had been fixed, but work was still being done on other products it didn’t identify.
In a statement, it said it was “continuously working to protect our users’ data.”If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog reports that authorities around the world should set up emergency communication teams to manage the amount of misinformation circulating on social media during disasters, terrorist attacks and other social crises.
A study on the use of social media in three major incidents, including the 2008 Mumbai terrorist attack, by Dr Onook Oh, of Warwick Business School, Manish Agrawal, of the University of South Florida, and Raghav Rao, of the State University of New York at Buffalo, revealed that Twitter is emerging as the dominant social reporting tool to report eye-witness accounts and share information on disasters, terrorist attacks and social crises as a collective effort to make sense of what is happening.
But when it is the online community who are creating and exchanging the news rather than official news channels, this can not only exaggerate the unfolding situation, but also unintentionally turn it into misinformation, diverting attention from the real problems.
Dr Oh, Assistant Professor of Information Systems, believes authorities or organisations involved in a disaster or terrorist attack need to set up an emergency communication centre to provide speedy, relevant information on the unfolding crisis and to confirm or dispel misinformation circulating on social media.
The study, which is the first application of rumour theory to social media and community intelligence, analyses three large Twitter data sets: the 2008 Mumbai terrorist attacks, where a group of gunmen killed 165 and injured 304 people, the May 2012 shooting of five people by a gunman in Seattle and the recall of four million cars by Toyota in 2009 and 2010 because of a faulty accelerator pedal.
Within minutes of the initial terrorist attack in Mumbai, a local resident posted a stream of pictures on photo sharing website Flickr. Almost concurrently, a group of people voluntarily formed a Twitter page with a link to the Flickr site and spread eyewitness accounts of the terrorist attacks with texts, photos, and links to other sources.
While the flurry of social media activity had many positive outcomes, enabling people to contact family members, encouraging blood donations and providing eyewitness accounts, it also caused many rumours to circulate.
In total 20,920 tweets were analysed on the Mumbai attacks in the study, ‘Community Intelligence and Social Media Services: A Rumor Theoretic Analysis of Tweets During Social Crisis’ published in MIS Quarterly, from the moment the terror attack occurred on November 26 until November 30.
Dr Oh said: “Natural disasters and crises such as terrorist attacks provide the optimum conditions for rumours to spread which can exacerbate the situation for emergency response operations and cause panic amongst the public. For example, during the Mumbai terrorist attacks, the police control room was flooded with incorrect reports of explosions at leading hotels.
“Misinformation on the internet was also influencing what was being reported on official news channels. In fact, the BBC was forced to admit they had made a mistake after using Twitter coverage of the Mumbai terror attacks as a source of their official news.”
Dr Oh believes the main motivation for people turning to Twitter in a crisis is to find out what is happening in their immediate area or to acquaintances, so in order to control the flow of misinformation, emergency communication centres need to be set up quickly to respond to misinformation through social media channels.
“People use mainstream media to try to make sense of the situation but it usually provides general information or repeatedly broadcasts a few sensational scenes over and over again,” said Dr Oh, who cites the US Federal Emergency Management Agency’s Rumour Control Centre website during Hurricane Sandy in 2012 as an example of one way of using emergency communication centres. “Whereas what people involved in the crisis really want is very localised information in real time to aid their decision-making. Hence they rapidly realise that mainstream media do not provide them with local information that they desperately need to overcome the extreme situation, hence, they turn to social media such as Facebook and Twitter.
“Emergency response teams need to put in place prompt emergency communication systems to refute the misinformation and provide citizens with timely, localised, and correct information through multiple communication channels such as website links, social network websites, RSS, email, text message, radio, TV or retweets.
“In cases of community disasters, emergency responders need to make extra effort to distribute reliable information and, at the same time, control collective anxiety in the community to suppress the spreading of unintended rumour information. This includes the setting up of an ‘emergency communication centre’ in the local community who would monitor social media very closely and respond rapidly to unverified and incorrect rumour information.
“Given that the motivation of rumouring is fundamentally to make sense of uncertain situations such that people can deal with a possible threat, the provision of timely and certain information may lead to successful crisis management in partnership with voluntary online citizens.If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog reports that twenty-five distinguished scholars and internationally recognized experts have been appointed to the Global Commission on Internet Governance’s (GCIG) new Research Advisory Network (RAN).
The Global Commission is a two-year initiative launched in January 2014, by the Centre for International Governance Innovation (CIGI) and Chatham House. Chaired by Sweden’s Foreign Minister Carl Bildt, the commission will produce a comprehensive stand on the future of multi-stakeholder Internet governance.
The commission’s RAN, led by CIGI Senior Fellow Laura DeNardis, will assist in identifying and prioritizing Internet governance and Internet policy related issues within the commission’s mandate. Members of the RAN will provide expert briefings to the members of the commission and conduct research and analysis for the commission’s preparatory work and final report.
“The research advisory network will be an indispensable component of the Global Commission on Internet Governance,” said Fen Osler Hampson, co-director of the commission and director of CIGI’s Global Security & Politics program. “Under the direction of Laura DeNardis, the RAN will be of great benefit to this initiative’s critical analysis and findings. I’m grateful that these experts have agreed to participate.”
The twenty-five member network consists of:
Peng Hwa Ang
Rolf H. Weber
Christopher S. Yoo
Additional RAN members will be confirmed over time. For more information on the GCIG, including its twenty-nine commissioners and twenty-five research advisers, please visit: www.ourinternet.org. Follow the commission on Twitter @OurInternetGCIG.If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog has learnt that At a recent event where the young change-makers gathered to discuss an agenda, one spotted actor Ranveer Singh addressing the crowd.
While addressing the audience, that was full of youngsters, Ranveer went on to confess wholeheartedly that he cannot do without sex. Well the forum was supposedly for the change makers and Ranveer surely did make a difference.If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog reports that no one could argue very convincingly that mobile isn’t one of the most disruptive, transformational factors in business – and in life – today. Consumers are armed 24/7 with ever more powerful smartphones and tablets. But most aren’t dying to download the app you paid handsomely to develop.
Most consumers are using their mobile devices to access the web while away from home and from the couch. They’re using them to read your opt-in emails, clicking on your links and forwarding your offers to friends. They’re comparison-shopping, pitting brick-and-mortars with online stores, and reading reviews as part of their decision-making process. They’re relating their experiences with ratings and photos in real time with their social networks.
Anyone competing today for consumers’ hard-earned income, loyalty or even just their attention simply MUST embrace mobile. And they must develop a multi-faceted strategy to take advantage of it..
Building your own mobile app is hardly ever a best first step. Building a useful app is a considerable investment in time and money. Instead, these four strategies can make you immediately mobile friendly. Plus, they can actually inform your future app development process.
1. Make your website mobile friendly
More than half of your customers are searching for your information using their smartphones. Three-quarters of them won’t come back if your site isn’t optimized for mobile. More than 90 percent of websites are not optimized for mobile, so optimizing yours becomes a competitive advantage. What’s more, your mobile site can incorporate features unique to mobile device like geolocation, tap-to-call and others.
An easy way to make your site mobile friendly is to create a dedicated mobile website, separate from your main site. This site would be served up automatically when people navigate to your site using a smartphone or tablet. The drawbacks to having separate sites are that the branding between the two can be limited and the need to coordinate the content between the main site and the mobile version.
Responsive design is a set of web technologies that enables developers to change the visual appearance of specific elements of your website depending on the screen size the site is displayed on.
2. Collect customer and prospect contact info with a tablet in your store
People love to have insider access to special offers, flash sales and seasonal discounts. While they’re in your store or interacting with you at an event, use a tablet to collect their email address for exactly those purposes. Never use paper forms—they send the wrong message in this age of mobile and require someone to input the data after it’s collected. Offering a coupon or chance to win in exchange for contact information will significantly increase the volume of contact details you collect.
Even if you don’t yet have a structured email marketing process in place, you can start collecting this info to build this very strategic asset for future marketing activities.
3. Use mobile to grow your social following
People engaged with a personable employee in your store or at an event are great candidates to become Facebook or other social media followers. All you have to do is ask. Why not have them—right then and there—use their personal mobile to like your FB page or follow you on your other social outlets?
(photo attribution: http://www.wildli.com/blog/slick-facebook-like-counter-for-your-shop-or-event/)
4. Engage event attendees using mobile
Event attendees can be easily engaged with a mobile survey at your booth or out on the floor of the event. You can survey in real time via a QR code or offline with a tablet-based survey that will upload survey results the next time the tablet connects to the internet.
This real-time interaction with your audiences yields a goldmine of fresh insights and opinions you simply won’t be able to capture days or weeks later—assuming you even have their email address.
Mobile has changed everything, and you can leverage it to your advantage.
Use some of these quick-strike strategies to begin creating a more well-rounded mobile strategy.
Stefan Debois is Co-founder & CEO of Survey Anyplace. Survey Anyplace Mobile Surveys allow for the capture of real-time customer insights without an app or need for an email address.If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog reports the leak of information via Alipay, China’s largest third-party payment platform, has sparked a public outcry over transaction security at a time when the Internet is soaring as a major shopping avenue.
“The leaked data revealed only transaction information before 2010. They excluded sensitive information such as usernames or passwords, which were ciphered through a sophisticated method that is not available to anyone,” according to a statement by Alipay on Sunday.
The China Daily reported that Alipay apologized for the leak, saying it has notified Chinese regulators and will keep the public informed about the investigation in a timely manner.
Alipay accounts for 61 percent of the country’s third-party payment market, according to IT consultancy iResearch. Currently, about 200 banks and 400,000 e-commerce vendors or online units of brick-and-mortar stores accept Alipay as an online payment channel, according to company statistics.
Earlier media reports said police have held a former employee of Alipay, who told police he downloaded 20 gigabytes of personal information in 2010 — including users’ names, cellphone numbers, e-mail addresses, home addresses and purchase records — and his accomplices sold the information to others. Industry insiders said the information was useful for some e-commerce websites who need to locate their potential customers.If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog reports that an online Islamic sex shop selling condoms, massage oils and perfumes has been launched in Turkey, becoming the first of its kind in the predominantly Muslim country.
The “Halal Sex Shop” website presents its products as being “entirely safe,” and in compliance with Islamic norms, AFP reports.
Internet users who enter the site find two different links directing them to separate sections for male and female products.
Other sections of the website are designed to discuss sex in the context of Islam under various headings: “Oral sex according to Islam,’’ “Sex manners in Islam” and “Sexual life in Islam.”
The anonymous founders of the website said they believed the online shop would help correct prejudices against Islam which they claimed is perceived as “against sex.”
“The religion of Islam has praised sex under certain circumstances,” they wrote on the site. “The use of every product on sale is in compliance with Islam.”If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal
China Watch Blog has learnt that Hong Kong has banned imports of Australian chicken and eggs from the state of New South Wales.
The Centre for Food Safety imposed the ban based on information from the World Organization for Animal Health of an outbreak of highly pathogenic H7 avian influenza at a poultry farm in New South Wales, Australia.
A spokesman said 4,600 tonnes of frozen and chilled poultry meat and 500,000 poultry eggs from Australia were imported into Hong Kong last year.If you think China Watch Blog's information is useful, click on cup of coffee on left hand side and make a small contribution via PayPal