'Chinese' hack nabbed single-sign-on source
When alleged Chinese hackers infiltrated Google's internal systems in December, they lifted source code for a password system that controls access to almost all of the company's web services, according to a report citing a person with direct knowledge of Google's investigation into the matter.
The New York Times reports that the December attack nabbed code for the system that controls single-sign-on for millions of users across myriad Google services, including Gmail and the company's online business applications. Originally codenamed Gaia - a nod to the Greek godess of the earth - it is now known simply as Single Sign-On.
According to The Times, the attack began when an instant message was sent to a Google employee in China who was running Microsoft's Messenger client. When the employee clicked on a weblink in the IM, attackers gained access to the employee's PC, and from there, they tapped machines used by "a critical group of software developers" at the company's Mountain View headquarters. Eventually, they also gained access to a software repository where source code for the Gaia system was stored.
Code was moved to machines housed by the Texas-based webhost Rackspace, The Times says, before it was transferred to some other, unknown destination.
At some point, according to The Times, the attackers gained access to an internal Google directory called Moma, which houses info on the "work activities" of company employees. This may have been used to locate specific individuals inside the company. The attackers "seemed to have precise intelligence" about the names of the Gaia software developers.
However, The Times says, the attackers "do not appear" to have lifted the passwords of individual Gmail users.
On January 12, Google told the world that Chinese hackers had stolen unspecified intellectual property from the company's internal system, and it said evidence indicated that "a primary motive" of the attacks was to gain access to the Gmail accounts of Chinese human rights activists. In light of the attack - and what it described as other, routine attacks on the Gmail accounts of such activists - Google said it had resolved to stop censoring search results in the country.
A little more than two months later, after talks with Chinese government, Google shut down its Chinese search engine, Google.cn, and redirected visitors to its Hong Kong-based engine, Google.com.hk, where it now provides uncensored search results in simplified Chinese.
According to The Times, Google continues to use the Gaia system, and the paper questions whether the attackers may use the course code to locate security weaknesses n the system itself. ®
By Cade Metz in San Francisco
Source: http://newscri.be/link/1077234
Tuesday 20 April 2010
The Yin And Yang Of China's Housing Bubble
For some, housing is out of reach; for others there's a windfall.
Wu Junkai
HONG KONG -- Five years ago Wu Junkai had just graduated from college and moved to Beijing. When the lease came up on the flat he shared with a roommate, he was the only one who wanted to stay. "I thought why not buy the flat once and for all," Wu said.
Even better: the apartment's value has skyrocketed amidst the real estate bubble in China.
"I paid 6,300 yuan ($923) per square meter at that time," said Wu of his 136 square-meter apartment near Beijing's East Fourth Ring. "Now it costs almost 22,000 yuan ($3,223)--I couldn't imagine it has soared so much."
But not everyone is so lucky. Ning Haixin graduated last year, when Chinese housing prices were shooting up. Though Ning works at a high-tech company and earns a handsome salary in the country's capital, he said he doesn't see buying a home in Beijing for the next five years.
Beijing's housing price is going crazy, and people are always talking about housing bubbles," said Ning. "Most of my friends are living in rented flats. I want to wait and see if this property boom will go bust."
Zhang Xin, CEO of Soho China and one of China's richest billionaires, warned a real estate bubble in a recent Forbes interview. (See: "China's Developer Lament") Zhang said developers are rushing to build and sell more property to speculators even though there is no apparent need for more buildings, and the bubble keeps growing.
Beijing along with 69 other large and medium-sized cities in mainland China have witnessed a sizzling property market--property prices climbed 11.7% in March to a 5-year high. Real estate investment in the first quarter rose 35.1% to 65.94 million yuan ($9.66 million), according to latest government data.
Beijing is trying to cool home prices without bursting the bubble. The State Council raised the minimum down-payment required to 50% from 40% for second home buyers and to 30% for first home buyers for apartments larger than 90 square meters. The country's cabinet is also mulling an individual housing consumption tax.
When Wu bought his apartment five years ago, his down-payment was just 20% of the price--far less than Ning would have to put down if he were to buy. And today, it takes 40 years for a middle-income family with an annual income of 100,000 to 150,000 yuan ($14,649 to $21,974) to pay off the loan on a 100 square-meter flat in Beijing, according to Wen Hongwei, project director at the Beijing branch of Guangdong Pearl River Investment.
Wen remains optimistic about the mainland property market. "There may be bubbles in the short term, but after this round of government adjustment, the market will resume a healthy growing momentum in the second half of this year," said Wen.
Sun Hung Kai Properties ( SUHJY.PK - news - people ), Hong Kong's biggest real estate developer by market value, saw its net profit soar 19.7 times to HK$14.3 billion ($1.84 billion) in the second half of last year. The company predicts the mainland China property market will rise in the long run given the central government's strong economic stimulus package and reluctance to raise interest rates, according to its latest financial report. Sun Hung Kai owns of 88.3 million square feet of land in mainland China. Its shares dropped 0.6% as of Tuesday noon.
"Though Beijing is taking action to cool the country's boiling property market, its aim is to keep the market in good stable shape rather than rein in its development as the property market contributes to 10-20% of the country's GDP," said Wen. "March has already seen the country's first trade deficit in the past 6 years. The central government certainly doesn't want to halt another wagon that drives its economic growth."
Jennifer Po-ying Cheung, 04.20.10, 03:45 AM EDT
Source: http://newscri.be/link/1077237
Chinese Pigs 'Direct Descendants' of First Domesticated Breeds
ScienceDaily (Apr. 20, 2010) — Modern-day Chinese pigs are directly descended from ancient pigs which were the first to be domesticated in the region 10,000 years ago, a new archaeological and genetic study has revealed.
An international team of researchers, led by Durham University (UK) and the China Agricultural University, in Beijing, say their findings suggest a difference between patterns of early domestication and movement of pigs in Europe and parts of East Asia.
The research, published April 19 in the Proceedings of the National Academy of Sciences USA, looked at the DNA sequences of more than 1,500 modern and 18 ancient pigs.
Lead author Dr Greger Larson, in the Department of Archaeology, at Durham University, said: "Previous studies of European domestic pigs demonstrated that the first pigs in Europe were imported from the Near East. Those first populations were then completely replaced by pigs descended from European wild boar.
"However, despite the occurrence of genetically distinct populations of wild boar throughout modern China, these populations have not been incorporated into domestic stocks.
"The earliest known Chinese domestic pigs have a direct connection with modern Chinese breeds, suggesting a long, unbroken history of pigs and people in this part of East Asia."
The finding is part of a wider research project into pig domestication and early human migration in East Asia.
The study also uncovered multiple centres of pig domestication and a complex picture of human migration across East Asia.
After pigs were incorporated into domestic stocks in Southeast Asia, the animals then migrated with people south and east to New Guinea, eventually reaching the remote Pacific, including Hawai'i, Tahiti, and Fiji, the researchers said.
The DNA analysis also found that wild boar were probably domesticated in many places including India and peninsular Southeast Asia several thousand years ago.
As current interpretations of archaeological records in these regions do not yet support these findings, the group has referred to them as "cryptic domestications."
They suggest that additional archaeological digs and new analytical techniques may help to resolve the problem.
Dr Larson added: "Our evidence suggests an intriguingly complex pattern of local domestication and regional turnover and calls for a reappraisal of the archaeological record across South and East Asia.
"We may even find additional centres of pig domestication when we take a closer look at the picture in that part of the world."
The research is part of an ongoing research project based at Durham University which aims to re-evaluate the archaeological evidence for pig domestication and husbandry and explore the role of animals in reconstructing ancient human migration, trade and exchange networks.
The DNA testing was carried out at the China Agricultural University and was analysed at Durham University and Uppsala University, Sweden.
The research was funded by the National Basic Research Programme of China and the National Key Technology R&D Programme of China.
Adapted from materials provided by Durham University, via EurekAlert!, a service of AAAS.
Source: http://newscri.be/link/1077253
An international team of researchers, led by Durham University (UK) and the China Agricultural University, in Beijing, say their findings suggest a difference between patterns of early domestication and movement of pigs in Europe and parts of East Asia.
The research, published April 19 in the Proceedings of the National Academy of Sciences USA, looked at the DNA sequences of more than 1,500 modern and 18 ancient pigs.
Lead author Dr Greger Larson, in the Department of Archaeology, at Durham University, said: "Previous studies of European domestic pigs demonstrated that the first pigs in Europe were imported from the Near East. Those first populations were then completely replaced by pigs descended from European wild boar.
"However, despite the occurrence of genetically distinct populations of wild boar throughout modern China, these populations have not been incorporated into domestic stocks.
"The earliest known Chinese domestic pigs have a direct connection with modern Chinese breeds, suggesting a long, unbroken history of pigs and people in this part of East Asia."
The finding is part of a wider research project into pig domestication and early human migration in East Asia.
The study also uncovered multiple centres of pig domestication and a complex picture of human migration across East Asia.
After pigs were incorporated into domestic stocks in Southeast Asia, the animals then migrated with people south and east to New Guinea, eventually reaching the remote Pacific, including Hawai'i, Tahiti, and Fiji, the researchers said.
The DNA analysis also found that wild boar were probably domesticated in many places including India and peninsular Southeast Asia several thousand years ago.
As current interpretations of archaeological records in these regions do not yet support these findings, the group has referred to them as "cryptic domestications."
They suggest that additional archaeological digs and new analytical techniques may help to resolve the problem.
Dr Larson added: "Our evidence suggests an intriguingly complex pattern of local domestication and regional turnover and calls for a reappraisal of the archaeological record across South and East Asia.
"We may even find additional centres of pig domestication when we take a closer look at the picture in that part of the world."
The research is part of an ongoing research project based at Durham University which aims to re-evaluate the archaeological evidence for pig domestication and husbandry and explore the role of animals in reconstructing ancient human migration, trade and exchange networks.
The DNA testing was carried out at the China Agricultural University and was analysed at Durham University and Uppsala University, Sweden.
The research was funded by the National Basic Research Programme of China and the National Key Technology R&D Programme of China.
Adapted from materials provided by Durham University, via EurekAlert!, a service of AAAS.
Source: http://newscri.be/link/1077253
Monday 19 April 2010
Microsoft stealth launches 'historic' programming language
What hope is there for F#, the new language that Microsoft has sneaked into Visual Studio 2010, launched this month?
"I think it's an amazing moment," says its principal designer, Microsoft researcher Don Syme, an Australian now based in Cambridge. "It represents part of the history of programming language design and development here in the UK."
Perhaps it does. But you would not know it from most of Microsoft's marketing effort for the new Visual Studio. F# tends to get lost in the fuss about other new features. I downloaded Microsoft's Why upgrade to Visual Studio 2010? white paper and not only is F# missing from the "Top ten reasons to buy" - it's not actually mentioned at all.
That is a shame. F# is a functional programming language, and there are good reasons why functional programming deserves wider use, such as its suitability for the concurrent programming required for optimal performance on today's multi-core systems.
F# is also succinct. During a talk at the recent QCon London programming conference, Syme showed a series of slides, headed Pleasure and Pain, showing how F# code can be shorter and more expressive than its C# equivalent, sometimes to the extreme.
Following his QCon talk, I spoke to Syme about the new language. How did F# begin?
"I've been doing functional programming since 1992. I had been using the ML family of languages, including standard ML and OCaml, and wanted to see that paradigm being strong on the .NET platform. We started F# as a research project. We could experiment with the functional paradigm in practice, and understand where it was most beneficial and how it would fit in."
So how does F# differ from, say, OCaml?
According to Syme: "The core language of F# is heavily inspired by OCaml. If you look back at the ML languages, the core of these languages has been surprisingly stable, from the early seventies. It's a question of what you do around that. One of the major questions is about object-oriented programming. Another question is what you would historically have called module system design. F# differs on those design decisions from other ML languages because the aim is to build a language which integrates into the .NET component development model. That means we do embrace .NET object-oriented programming.
F# can be remarkably concise compared to C#
Speaking to Syme, Microsoft's main motive for including F# in Visual Studio becomes clear. Functional programming is popular in the financial community, where it is used for quantitative analysis. Finance is an important market.
"We find F# is very attractive to financial analysts and quantitative experts," says Syme, the reason being that it excels in data, parallel and algorithmic programming. "F# is attractive in places where the object oriented paradigm isn't a good fit for the kind of work that's being done," he says.
If F# is mainly intended for a specific programming niche, that would explain why Microsoft is not putting much energy behind promoting it. That said, it deserves more attention because of its suitability for the concurrent programming that has become necessary in order to take advantage of today's multi-core systems.
The Hejlsberg factor
Perhaps surprisingly, C# designer Anders Hejlsberg is an F# enthusiast, though he also plans to introduce functional features into C#. In a recent talk on programming futures, Hejlsberg said a functional programming language is easier to parallelize."I'm not running around modifying the state, and it doesn't matter how many threads there are because the state is safe to observe, and if two functions are independent they can be executed sequentially or in parallel and it doesn't matter ... [F#] is the first time we've seen integration of a functional programming language with an industrial-strength framework and toolset," he said.
Syme also is convinced that F# has a future that goes beyond financial analysis. He sees it as ideal for web programming, thanks to its use of lightweight "agents" that sit waiting to react to an event such as a network communication.
"We have a huge opportunity with F# to see the functional programming paradigm break out of the data-oriented kind of work, through to the modern world of web programming," he says.
The question: how to get that message through to Microsoft's marketing department? ®
Source: http://newscri.be/link/1076015
Newscribe : get free news in real time
At last, a case to expose misdeeds?
Last Friday, US authorities charged the biggest investment bank with fraud in a sub-prime mortgage security scheme that led investors to a billion-dollar loss.
NEW and potentially devastating evidence of financial manipulation by Wall Street firms has emerged, just as the United States Senate is preparing to consider a Bill this week to tighten the regulation of financial institutions.
Last Friday, the biggest US investment bank, Goldman Sachs, was charged by the US Securities and Exchange Commission (SEC) with committing fraud that led to investors losing over US$1bil (RM3.2bil).
The case involves the sale to investors in 2007 of securities linked to sub-prime house mortgages – the kind of financial products that triggered the global financial crisis.
In a 22-page lawsuit, the SEC charged Goldman Sachs and its Vice President Fabrice Tourre with failing to disclose that the hedge fund Paulson & Co had a major role in working with the bank to create a security backed by sub-prime mortgages, while Paulson at the same time took a “short position” on the same mortgages to bet that their value would go down.
The security, named Abacus 2007-AC1 and known technically as a collateralised debt obligation (CDO), was created and sold by Goldman Sachs in 2007 just before the start of the financial crisis.
Abacus did very badly for those who invested in it. Within nine months of its sale, 99% of the set of mortgages in the security had been downgraded. Investors lost more than US$1bil while Paulson, which made a bet against the mortgages, profited by also US$1bil.
A major loser is the Royal Bank of Scotland (now largely owned by the UK government). It had to pay US$841mil (RM2.7bil) to Goldman (which passed most of it to Paulson) in August 2008 because it had taken over Dutch bank ABN Amro which in turn had taken on the credit risk or insurance over a significant tranche of the security that turned sour. A German bank, IKB, lost US$150mil (RM479mil).
The SEC’s enforcement officer Robert Khuzami described the fraud as follows: “Goldman wrongly permitted a client that was betting against the mortgage market to heavily influence which mortgage securities to include in an investment portfolio. The product was new and complex but the deception and conflicts are old and simple.”
The SEC accused Goldman of making statements and omissions when constructing a CDO, and failing to disclose that Paulson was involved in creating the CDO (including selecting the mortgages that went into its portfolio), that it was shorting.
Instead, Goldman informed investors that an independent firm, ACA Management, had selected the CDO portfolio, said the SEC.
It also alleged that Goldman Vice-President Tourre misled ACA Management to believe that Paulson had invested US$200mil (RM639mil) in the equity of the Abacus CDO and had thus taken a “long” position and “accordingly that Paulson’s interests in the collateral section process were aligned with ACA’s when in reality Paulson’s interests were sharply conflicting”.
s arranged a transaction at Paulson’s request in which Paulson heavily influenced the selection of the portfolio to suit its economic interests, but failed to disclose to investors, as part of the description of the portfolio selection process contained in the marketing materials used to promote the transaction, Paulson’s role in the portfolio selection process or its adverse economic interests.”
The SEC court document quoted an email to a friend from Tourre, who had coordinated the Abacus product, as saying that “with more and more leverage in the system, the whole building is about to collapse” and the only potential survivor is the fabulous Fab (himself), “standing in the middle of all these complex, highly leveraged, exotic trades he created without necessarily understanding the implications of all these monstrosities”.
This email has come back to haunt Goldman and Tourre and is destined to become one of the most cited quotations when the history of the financial crisis is written, as both a confession and a correct prophecy by a major player who helped to engender the crisis.
According to a Business Week article, the SEC’s accusations may fuel critics’ claims that Goldman put its own interests ahead of clients’ and profited from practices that led to the financial crisis.
It also quotes Christopher Whalen, an analyst at US-based Institutional Risk Analytics, as saying: “This litigation exposes the cynical, savage culture of Wall Street that allows a dealer to commit fraud on one customer to benefit another.”
Meanwhile, Goldman Sachs has denied the charges. It said it provided “extensive disclosure” to IKB and ACA about the risk of the underlying mortgage securities, and that ACA selected the portfolio. It also denied it told ACA that Paulson was going to be an investor in the CDO.
Paulson also said that it did not “sponsor or initiate” the Abacus programme and that ACA had sole authority over the selection of all collateral in the CDO.
The SEC case against Goldman will be important for exposing the mechanics of the financial institutions and instruments, speculation and manipulation that lay at the heart of the financial crisis. There is an expectation that this is only the first case and that more cases involving other banks may follow.
But as Financial Times columinist Gillian Tett points out, the subprime and CDO markets were so opaque it was often very unclear what was legal or not, and bankers were adept at “innovating” to get around the law.
In other words, what may be grossly unethical may actually not be illegal. It remains to be seen whether the SEC will succeed in this case or other cases.
Thus, given the weaknesses in the law, it is all the more important that the US Senate and administration devise and adopt new laws that reform the present extremely weak regulation of the financial markets and their instruments.
NEW and potentially devastating evidence of financial manipulation by Wall Street firms has emerged, just as the United States Senate is preparing to consider a Bill this week to tighten the regulation of financial institutions.
Last Friday, the biggest US investment bank, Goldman Sachs, was charged by the US Securities and Exchange Commission (SEC) with committing fraud that led to investors losing over US$1bil (RM3.2bil).
The case involves the sale to investors in 2007 of securities linked to sub-prime house mortgages – the kind of financial products that triggered the global financial crisis.
In a 22-page lawsuit, the SEC charged Goldman Sachs and its Vice President Fabrice Tourre with failing to disclose that the hedge fund Paulson & Co had a major role in working with the bank to create a security backed by sub-prime mortgages, while Paulson at the same time took a “short position” on the same mortgages to bet that their value would go down.
The security, named Abacus 2007-AC1 and known technically as a collateralised debt obligation (CDO), was created and sold by Goldman Sachs in 2007 just before the start of the financial crisis.
Abacus did very badly for those who invested in it. Within nine months of its sale, 99% of the set of mortgages in the security had been downgraded. Investors lost more than US$1bil while Paulson, which made a bet against the mortgages, profited by also US$1bil.
A major loser is the Royal Bank of Scotland (now largely owned by the UK government). It had to pay US$841mil (RM2.7bil) to Goldman (which passed most of it to Paulson) in August 2008 because it had taken over Dutch bank ABN Amro which in turn had taken on the credit risk or insurance over a significant tranche of the security that turned sour. A German bank, IKB, lost US$150mil (RM479mil).
The SEC’s enforcement officer Robert Khuzami described the fraud as follows: “Goldman wrongly permitted a client that was betting against the mortgage market to heavily influence which mortgage securities to include in an investment portfolio. The product was new and complex but the deception and conflicts are old and simple.”
The SEC accused Goldman of making statements and omissions when constructing a CDO, and failing to disclose that Paulson was involved in creating the CDO (including selecting the mortgages that went into its portfolio), that it was shorting.
Instead, Goldman informed investors that an independent firm, ACA Management, had selected the CDO portfolio, said the SEC.
It also alleged that Goldman Vice-President Tourre misled ACA Management to believe that Paulson had invested US$200mil (RM639mil) in the equity of the Abacus CDO and had thus taken a “long” position and “accordingly that Paulson’s interests in the collateral section process were aligned with ACA’s when in reality Paulson’s interests were sharply conflicting”.
s arranged a transaction at Paulson’s request in which Paulson heavily influenced the selection of the portfolio to suit its economic interests, but failed to disclose to investors, as part of the description of the portfolio selection process contained in the marketing materials used to promote the transaction, Paulson’s role in the portfolio selection process or its adverse economic interests.”
The SEC court document quoted an email to a friend from Tourre, who had coordinated the Abacus product, as saying that “with more and more leverage in the system, the whole building is about to collapse” and the only potential survivor is the fabulous Fab (himself), “standing in the middle of all these complex, highly leveraged, exotic trades he created without necessarily understanding the implications of all these monstrosities”.
This email has come back to haunt Goldman and Tourre and is destined to become one of the most cited quotations when the history of the financial crisis is written, as both a confession and a correct prophecy by a major player who helped to engender the crisis.
According to a Business Week article, the SEC’s accusations may fuel critics’ claims that Goldman put its own interests ahead of clients’ and profited from practices that led to the financial crisis.
It also quotes Christopher Whalen, an analyst at US-based Institutional Risk Analytics, as saying: “This litigation exposes the cynical, savage culture of Wall Street that allows a dealer to commit fraud on one customer to benefit another.”
Meanwhile, Goldman Sachs has denied the charges. It said it provided “extensive disclosure” to IKB and ACA about the risk of the underlying mortgage securities, and that ACA selected the portfolio. It also denied it told ACA that Paulson was going to be an investor in the CDO.
Paulson also said that it did not “sponsor or initiate” the Abacus programme and that ACA had sole authority over the selection of all collateral in the CDO.
The SEC case against Goldman will be important for exposing the mechanics of the financial institutions and instruments, speculation and manipulation that lay at the heart of the financial crisis. There is an expectation that this is only the first case and that more cases involving other banks may follow.
But as Financial Times columinist Gillian Tett points out, the subprime and CDO markets were so opaque it was often very unclear what was legal or not, and bankers were adept at “innovating” to get around the law.
In other words, what may be grossly unethical may actually not be illegal. It remains to be seen whether the SEC will succeed in this case or other cases.
Thus, given the weaknesses in the law, it is all the more important that the US Senate and administration devise and adopt new laws that reform the present extremely weak regulation of the financial markets and their instruments.
Global Trends by MARTIN KHOR
Subscribe to:
Posts (Atom)