Hong Kong domains are the most dangerous in the world; this little factoid from a recent McAfee report generated quite a bit of media coverage, and even made TIME magazine’s top stories list (here is McAfee’s press release on the subject). But all is not as it seems, and aspects of the report may have been out of date before the report was even published.

McAfee’s study seems to be based on a year’s worth of data, and last year was a particularly bad year for the Hong Kong domain, thanks to a gang of botnet spammers registering thousands of domains under the .hk country code top level domain (ccTLD; a generic top level domain is a gTLD).

These domains were most likely registered using stolen credit cards, and contained bogus information in the “whois” records (which show domain ownership). The contact email address for each domain was usually an email address at a random free webmail site like Yahoo, Hotmail, or some of the Outblaze clients.

This certainly turned out to be a gigantic reputation problem for the .hk ccTLD - far more scam domains were being registered under .hk than legitimate domains. Even worse, these scam domains were being hosted on botnets (large networks of infectedPCs, remotely controlled by criminal gangs).

The .hk domains started turning up in spam for porn, fake prescription medication, phishing (identity theft) and many other illegal schemes such as “money mule recruitment”, where people are conned into running an “export agency” and unwittingly become conduits for money laundering and receivers of goods bought with stolen credit cards.

A botnet is a very large, highly failure-tolerant and distributed network. It is also international in nature, so that a child pornography website hosted on an infected PC in Hong Kong could turn up the very next minute on an infected laptop in Brazil. With distributed peer-to-peer botnets the domain name used by a botnet is sometimes its single point of failure.

Registrars (which provide domain registration services) and Registries (which administer gTLDs and ccTLDs) are therefore crucial to any attempt to mitigate botnets.

HKDNR, the registry for the .hk ccTLD, was initially slow to react to this problem, prompting antivirus and antiphishing researchers like Gary Warner (now Director of Research in Computer Forensics & Cybercrime at the University of Alabama at Birmingham) to declare a “crisis situation” in a March 2007 email to a mailing list that discusses phishing. In the email he accused HKDNR of inaction and insufficient response to the concerns of the antispam community.

HKDNR and the Hong Kong CERT (HKCERT) were accused of responding to complaints with canned letters that promised to investigate, but appeared to take no action at all. The response letters encouraged complainants from outside Hong Kong to “report the matter to their local law enforcement agencies”.

By late 2007, the number of .hk domains registered by scam artists numbered in the tens of thousands. Action by various groups (independent technologists, antispam block list providers, CERT teams, law enforcement and regulatory agencies) then seemed to convince HKDNR of the need to take immediate drastic action against scam domains registered in the .hk ccTLD.

As the Postmaster and Head of Anti-spam Operations for Outblaze, I contributed to the effort by providing a feed of several thousand .hk domains from spam reported on our network of 40 million hosted email users.

The results were astounding. Over 10,000 scam domains were terminated in a matter of days. Long term measures were also put in place, such as

• Credit card fraud prevention, including Verified by Visa (most of these scam domains were registered using stolen credit cards)
• Due diligence measures to detect fake domain registration
• Closer cooperation of HKDNR with relevant authorities and agencies.

International cooperation is vital for two reasons:

1. as an early warning when scam artists attempt to set up shop again
2. as a way to share best practices with groups, associations, government regulators, and law enforcement agencies working on the prevention of spam and cybercrime.

In a matter of days, the huge concentration of scammer domains in the .hk ccTLD scattered, shifting to other countries and ccTLDs. Some moved to China (as the McAfee report indicates, a large number of scammer domains still exist in .cn space) and others went onto .biz, .info, and even ccTLDs like .ma (Morocco).

The botnet problem is clearly international, and registrars and registries around the world are vulnerable to what HKDNR suffered last year. While it might be stale news in that HKDNR has already dealt with this problem, it serves as a reminder that botnet criminals are still out there and still causing trouble. Spam and cybercrime are hitting record levels and that there is a need for constant awareness and joint efforts to mitigate the menace that botnets have evolved into over the last few years.

I have written a long and detailed paper on botnet mitigation for the International Telecommunications Union (ITU) as part of the ITU’s Botnet Mitigation Toolkit. It discusses the threat that botnets pose to the worldwide community of Internet users, and describes an interlinked set of policy, technology, and civil society approaches to the problem of botnets. Most of what I have written in this blog entry is already present in the ITU paper, so I will stop here and encourage people reading this to glance at the paper as well. It is 100 pages long so probably not bedtime reading, but I’d still appreciate your comments!

Suresh Ramasubramanian

Postmaster and Head of Anti-spam Operations

Outblaze

On 12 May 2008, Wenchuan County in the Chinese province of Sichuan experienced one of the most violent earthquakes in history. With an epicentre located 90 Km from Chengdu and registering a 7.9 on the moment magnitude scale (roughly equal to the old Richter scale), buildings swayed in Shanghai and Beijing and the tremors were felt as far away as Thailand and Pakistan, thousands of kilometres distant. Imagine what happened at the epicentre.

At the time of writing the official death toll reported by Xinhua, the Chinese news agency, is well over 15,000 and rising. Thousands of people remain trapped in rubble - nearly 20,000 of them in Mianyang alone. Entire communities have been obliterated. As with other natural disasters, the initial cataclysmic event is only the beginning, and rescue workers must now fight against time and the elements in order to search for the missing, provide care and shelter for the injured, and stave off disease among the survivors.

Roads in Wenchuan County have been damaged, blocked, or destroyed, slowing relief efforts and in some cases preventing them entirely. Heavy rain and landslides also hamper the progress of rescuers. Thankfully, the danger from aftershocks is minimal, but it’s worth remembering that a previous earthquake of comparable energy in China, the 1976 Tangshan earthquake, caused the death of nearly a quarter of a million people (much more than that, depending on the statistics you use). Many of those victims were not killed during the earthquake, but instead died in the following days.

We can all help by donating to relief efforts, both as individuals and as companies. Remember, every little bit helps, especially when many tens of thousands of lives are at stake in the next few days. Outblaze donates to the Red Cross but all accredited relief agencies need your help now. Please donate and help to mitigate the effects of this natural disaster.

Some donation links

• Red Cross
• Red Cross Hong Kong donation page
• WorldVision
• China Digital Times provides information on donating directly to the Red Cross Society of China (the Red Cross China web site appears to be unavailable but you can donate using the information in the article)
• Give2Asia

Information

Red Cross Disaster Management updates

Information on how to donate was provided by Rebecca McKinnon, who has also set up a ‘chinaquake’ Pledge Fund - please join it.

The photograph in this post was found on the EastSouthWestNorth blog. These images provide an idea of the horror and suffering caused by this earthquake and are extremely disturbing.

Wikipedia page on the 2008 Sichuan Earthquake.

BBC tag for the latest news on China Earthquake.

Aaron Marcus is the founder, President and Principal Designer/Analyst of Aaron Marcus and Associates, Inc. (AM+A). He is well-respected in the Human-Computer Interaction (HCI) field and has been working in this field for more than 30 years. In the Nov/Dec 2007 issue of ACM/SIGCHI’s Interactions magazine, in his “Fast Forward” column titled “The Sun Rises in the East”, he stated that professional development in user-centered software practices in Asia is expanding rapidly, and the level and quality are rising quickly [1].

This year, the User Friendly conference was held in Beijing from Nov 23 to 25. The number of participants of User Friendly conferences increased from 50 to more than 700 participants in just four years! This is an evident sign of the field’s rapid expansion and confirms Aaron’s observation in his column.

I met Aaron Marcus at the User Friendly conference in Beijing, where we posed for a photo. He was curious about the “flower pin” on his suit and asked me the meaning of the Chinese word “嘉賓” (Guest) printed on the red ribbon.

Aaron gave a keynote at the conference. His workshop titled “Cross-Cultural User Experience Design for Mobile User Interfaces” covered one of his favourite research topics: the impact of cultural differences on user interface design. He introduced the five dimensions of culture identified by the cultural anthropologist Geert Hofstede (more details can be found in his book “Cultures and Organization: Software of the Mind” and website). Based on Hofstede’s framework, Aaron and his colleagues studied corporate websites in different countries and identified patterns of how the cultural dimensions affect the uses of metaphors, mental models, navigation, interaction, and appearance in the Web user interfaces. He mentioned that the common approach to software localization is limited to accommodating local language and data display formats such as date, time, and currency formats. However, localization is far beyond translation and needs to consider deeper cultural issues. Aaron also showed some innovative mobile user-interface design and explained how they addressed the cultural needs.

Cross-cultural user experience design is gaining more attention as many western software companies are swarming into potential markets like China and India. In the beginning of the workshop, Aaron showed us a 2005 article in Fortune magazine titled “Bill Gates as Anthropologist”. The article cited Microsoft’s Bill Gates as promoting anthropological study of its products. I think this may be an indicator global software companies have realized that recognizing the cultural differences is important to their businesses. Lada Gorlenko of IBM predicts we will see a significant part of UX design being offshored and carrying out by local professionals [2]. Maybe this is happening now. Many global companies such as Microsoft, Google, IBM, Autodesk have already set up local design teams in China.

References:

1. Marcus, A. “The Sun Rises in the East,” Interactions, ACM Publisher, Vol. 14, Issue 6, November/December 2007, pp.52-53.
2. Gorlenko, L. “Offshoring usability: The moment of truth: how much does culture matter to you?” Interactions, ACM Publisher, Vol 13, Issue 2, March/April 2006, pp. 29-31.

Yet one more interview from my visit to the 3rd Chinese Blogger Conference in Beijing November 3-4, 2007. BlogBus launched in late 2002 and was one of the first blog service providers (BSP) in China. BlogBus offers free blog hosting and charges premium service fees of less than $15 a year. According to the Baidu Blog Development Report China has 52,300,000 blogs and 1460 BSPs. BlogBus is one of the top 20 BSPs in China. The interesting thing is that the company is only a couple dozen people, but competes against organizations with hundreds of employees.
(more…)

It’s time for another Chinese Blogger Conference update. I met Ms Ying Xue in Beijing at the 3rd Chinese Blogger conference. Tangos Chan (see his interview) introduced us and told me that I absolutely must interview her.

Ying Xue is an investment analyst who provides research and analysis to overseas Venture Capital firms. She is one of the volunteers behind CnBloggerCon, and since she speaks fluent English Isaac Mao (see his interview) asked her to provide simultaneous interpretation for the foreign media who didn’t speak Mandarin.

Hong Kong has had more and more IT startups these past few years, but obviously compared with China the scale is completely different. China has a very highly active and diverse community of IT startups (see “China Web2.0 Review” by Tangos Chan), and because of the huge market size (and other factors), they obtain VC funding much more easily than Hong Kong’s IT startups. So I was really interested to know what Ying Xue thinks of the situation.

Ying said she is not representing her company, but just sharing her own personal thoughts with us - thanks Ying!

cnbloggercon, outblaze, cbc2007

Bo Yang earned his B.Sc. from Tsinghua University, and a Ph.D in physics from University of California. He Joined IBM (San Jose) in 1998 as an advisory scientist. From 2000 to 2004 he was the CTO and a co-founder of egistics Corporation in Beijing, a startup in supply chain management solutions. In late 2004 he started working on douban.com and in 2005 founded Douban Inc.

Bo Yang was guest speaker at the 3rd Chinese Blogger Conference, speaking on the subject of Music 2.0: Conflicts and Value. His company, Douban, launched in 2005 and compiles user-generated reviews and recommendations of books, movies, and music.

I am one of the earliest users of Douban, having formed a group called “Hong Kong Book Worms” in 2005, just after the launch. I wrote several blog posts about Douban, which brought hundreds of Hong Kong bloggers to Douban’s membership, and they generated thousands of books reviews. That impressed Bo Yang quite a bit.

Douban.com has an English version which operates in partnership with Amazon.Com for sales and data use.

To learn more about Douban and its founder, check out Bo Yang’s interview at the 3rd Chinese Blogger Conference:

cnbloggercon, outblaze, cbc2007, douban

More material from the 3rd Chinese Blogger Conference that I attended last week-end! Today we have Tangos Chan, I know him from his Chinese blog 未完成 - Incomplete, and first met him at the 1st Chinese Blogger Conference, in Shanghai.

Tangos also has an English blog called China Web 2.0 Review, which tracks web 2.0 development, and reviews and profiles web2.0 applications, businesses and services in China. He wants foreigners to pay more attention to new IT start ups, and not just at the famous portal sites.

Besides English (as you see in the interview) and Mandarin, Tangos also speak Cantonese which made me feel more at home. He took good care of me at the Blogger Conference, helping me to find more people to interview. Tangos, thank you very much!

Next up we have Jeremy Goldkorn, founder and editor of Danwei.org, a hugely popular site that covers Chinese media, marketing, advertising and urban life. Jeremy has been in Beijing for 12 years, and speaks fluent Mandarin. He just wrote a blog post called ” Chinese Blogger Conference 2007 - some thoughts. Here is the video interview with Jeremy Goldkorn:

cnbloggercon, outblaze, cbc2007, denwei

From the wikipedia entry:

Isaac Mao is one of the pioneers of blogs in the People’s Republic of China. He is co-founder of CNBlog.org and a researcher in social learning…
As one of the earliest bloggers in the Chinese community, Isaac is not only co-founder of CNBlog.org which is the earliest evangelizing site in China on grassroots publishing, but also the co-organizer of Chinese Blogger Conference (2005 in Shanghai, 2006 in Hangzhou).

Isaac Mao is the co-organizer of the 3rd Chinese Blogger Conference in Beijing that I attended this past week-end on November 3-4. I was lucky enough to be able to do a video interview of him.

I have known Isaac Mao for over 3 years. When I started blogging, I found CNBlog.org and meet a lot of Chinese bloggers there, including Isaac, and I began to learn more about China’s issues through blogging, in addition to newspapers and magazines and similar media.

In the interview Isaac introduces the concept of CnBloggerCon; this is a good chance to understand why Isaac and other volunteers worked so hard to form and maintain the conference the last 3 years. I admire them very much for it.

Note: people referred tongue-in-cheek to Isaac Mao, as “Chairman Mao.” (via Rebecca McKinnon), so I named this post “The interview with Chairman Mao”.

cnbloggercon, outblaze, isaac mao