Matrix Security

Computer Security NewsFebruary 9, 2006 7:11 pm

Yahoo accused in jailing of a Journalist

Copyrited By Http://www.reciprocity-Failuer.com/Yahoosucks.html
ARTICLE

September 8, 2005 latimes.com : World News Print

THE WORLD
Yahoo Accused of Aiding China in Arrest
Reporters Without Borders says the Internet portal firm handed over data to authorities that led them to a cyber
dissident.

By Ching-Ching Ni, Times Staff Writer

BEIJING — A media watchdog group has accused American Internet giant Yahoo of helping the Chinese
government track down a journalist, who later was sentenced to 10 years in prison on charges of e-mailing state
secrets.

Reporters Without Borders said Internet portal Yahoo provided information that enabled the Chinese government
to link sensitive materials found on the Internet to the personal computer of reporter Shi Tao.

“We know Yahoo has been collaborating with the Chinese government on censorship issues, that’s well known,”
said Julien Pain, head of the group’s Internet monitoring group in Paris. “We guessed they might also be helping
the Chinese government identify cyber dissidents, tracking people down. It’s the first time we have proof they are
doing this.”

Pain cited a translation of the April verdict, in which prosecutors say they obtained information from Yahoo Holdings
(Hong Kong) Ltd., part of Yahoo’s global network.

Yahoo’s legal department in Beijing didn’t respond to inquiries, and its U.S. spokesman refused to answer
questions about the case.

“Just like any other global company, Yahoo must ensure that its local country sites must operate within the laws,
regulations and customs of the country in which they are based,” the company said in a written statement.

Industry insiders say Yahoo probably had no choice but to provide whatever information the Chinese authorities
wanted for an investigation allegedly involving national security.

“As a company they are in no position to resist the government,” said Fang Xingdong, chief executive of Bokee,
China’s largest web log service provider. Rights advocates counter that the government can define state secrets so
vaguely that in effect, it criminalizes any communication it deems threatening.

Big technology firms such as Yahoo, Microsoft and Google have come under international criticism for yielding to
Beijing’s strict censorship rules in order to protect their advances in the potentially lucrative Chinese online market.
With nearly 100 million users, it is second only to that of the U.S.

That cooperation has meant finding ways to forbid words that Beijing says are subversive. Microsoft and its
Chinese partner, for example, have agreed to restrict sensitive words such as “liberty,” “capitalism” and “human
rights,” warning users to “delete the prohibited expression.”

Microsoft has said it must follow local laws, and added that its Chinese users are nonetheless sharing information
and building relationships.

Some critics are concerned, however, that technology companies are being pressured into taking actions, such as
tracing e-mails, that amount to suppression of free speech.

“What this incident tells people is that there is no safe place on the Chinese Internet under Chinese Net police, and
there is no privacy or security in Yahoo’s China service either,” said Xiao Qiang, director of the Berkeley China
Internet Project at UC Berkeley.

The convicted journalist, Shi, 37, had been an editor at Contemporary Business News. In April 2004, he attended
an editorial meeting in which officials read out an internal document outlining media restrictions ahead of the 15th
anniversary of the 1989 Tiananmen Square massacre, according to Reporters Without Borders.

Shi wrote about the contents of the meeting and sent it to a U.S. based pro-democracy website under the alias of
198964, the date of the June 4, 1989, massacre. For that, the government accused him of endangering national
security, Reporters Without Borders said.

“Shi Tao leaked this information to an overseas hostile element,” according to a translation of the verdict obtained
by Reporters Without Borders this week.

The court document stated that evidence of the crime came from Yahoo Holdings (Hong Kong) Ltd. Shi sent the e-
mail from his terminal on the second floor of his office building in Changsha in Hunan province “at 11:32:17 p.m. on
April 20, 2004.”

Shi was arrested in November at his home in northwestern China’s Shanxi province and sentenced in April after a
trial that lasted two hours.

“Without the help of Yahoo maybe there are other ways to prove he’s guilty,” Pain said. “Certainly [Yahoo] made it
so much easier for the Chinese government.”

——————————————————————————–
Times staff writers Don Lee in Shanghai and Chris Gaither in San Francisco contributed to this report.

Comments (2)
Computer Security NewsFebruary 4, 2006 8:25 pm

Microsoft’s OneCare firewall draws fire

The firewall component in Microsoft’s Windows OneCare security bundle has holes, experts have warned.

The firewall allows anyone application that uses java vurtial machine or has a digital signature to connect to the net. What is going on here I ask you should the Firewall be not allowing the programs out and also where does it ask you to let you choose what you want to do with the programs. Security at microsoft has taken a back seat to getting programs out and being the first one out on the market with the latest and greatest software. After they just got the award for windows xp sp2 for security and now this happens. Foundstone, a part of McAfee said this about the new software.
“Any firewall, any security device should have a default deny,” Curphey said in an interview Tuesday. “Any door should always be closed.” He has made a good point this reader was already picked up on. when going to the Microsoft blog posting this is what was said about the problem.

“It is highly unusual for malware to be signed,” according to the Microsoft blog posting. Furthermore, if an application is signed, it can be traced to its author, it said.

Blocking Java would result in many applications being disabled, Microsoft, the posting added. And asking users to allow applications to pass through each time they are invoked would be too confusing. If a malicious program that uses the Java Virtual Machine does land on a user’s PC, the antivirus component of OneCare should catch it, the OneCare team wrote.

Oh Really Unusual for malware to be sigined? Not so said Spyware expert Ben Edelman.
It is really easy to get the the Signatures for the software on the Internet.

Asking users to allow applications to pass through each time they are invoked would be too confusing.

To confusing what do the mean? That is what in the old days of Zone Alarm, Black Ice Defender and Kerio and Norton Internet Security and Sygate did. That is what you want you do not want the computer running software that does things for you. Like I have said people are becomming lazy when it comes to security. The Fast food people want to get it done with out having to play with anything. Man what is going on? Do you want your computer doing that and letting people go in and out with out your knolege. Do you need people like China and Forgen goverments trying to connect to your computer and looking at what you are doing. Also what about microsoft who keeps records for what you are doing at it headquarters in redmand. Come on Miucrosoft wake up and let people have some choice of what goes on on the computer instade of controlling what can not be deleted on the computer and how healthy the computer is. When will you learn over their like the Linux people have and make software that works the first time out of the box and not have security issues.
We in this world have security software to keep us safe form what out selfs or from others who are trying to get in?

In short Microsoft needs to get with the program and fine tune security or get out of the game.

Links to the Article are below and the software will be here in MAY if you want to get it.

ARTICLE

Comments (1)