Hong Kong domains are the most dangerous in the world; this little factoid from a recent McAfee report generated quite a bit of media coverage, and even made TIME magazine’s top stories list (here is McAfee’s press release on the subject). But all is not as it seems, and aspects of the report may have been out of date before the report was even published.

McAfee’s study seems to be based on a year’s worth of data, and last year was a particularly bad year for the Hong Kong domain, thanks to a gang of botnet spammers registering thousands of domains under the .hk country code top level domain (ccTLD; a generic top level domain is a gTLD).

These domains were most likely registered using stolen credit cards, and contained bogus information in the “whois” records (which show domain ownership). The contact email address for each domain was usually an email address at a random free webmail site like Yahoo, Hotmail, or some of the Outblaze clients.

This certainly turned out to be a gigantic reputation problem for the .hk ccTLD - far more scam domains were being registered under .hk than legitimate domains. Even worse, these scam domains were being hosted on botnets (large networks of infectedPCs, remotely controlled by criminal gangs).

The .hk domains started turning up in spam for porn, fake prescription medication, phishing (identity theft) and many other illegal schemes such as “money mule recruitment”, where people are conned into running an “export agency” and unwittingly become conduits for money laundering and receivers of goods bought with stolen credit cards.

A botnet is a very large, highly failure-tolerant and distributed network. It is also international in nature, so that a child pornography website hosted on an infected PC in Hong Kong could turn up the very next minute on an infected laptop in Brazil. With distributed peer-to-peer botnets the domain name used by a botnet is sometimes its single point of failure.

Registrars (which provide domain registration services) and Registries (which administer gTLDs and ccTLDs) are therefore crucial to any attempt to mitigate botnets.

HKDNR, the registry for the .hk ccTLD, was initially slow to react to this problem, prompting antivirus and antiphishing researchers like Gary Warner (now Director of Research in Computer Forensics & Cybercrime at the University of Alabama at Birmingham) to declare a “crisis situation” in a March 2007 email to a mailing list that discusses phishing. In the email he accused HKDNR of inaction and insufficient response to the concerns of the antispam community.

HKDNR and the Hong Kong CERT (HKCERT) were accused of responding to complaints with canned letters that promised to investigate, but appeared to take no action at all. The response letters encouraged complainants from outside Hong Kong to “report the matter to their local law enforcement agencies”.

By late 2007, the number of .hk domains registered by scam artists numbered in the tens of thousands. Action by various groups (independent technologists, antispam block list providers, CERT teams, law enforcement and regulatory agencies) then seemed to convince HKDNR of the need to take immediate drastic action against scam domains registered in the .hk ccTLD.

As the Postmaster and Head of Anti-spam Operations for Outblaze, I contributed to the effort by providing a feed of several thousand .hk domains from spam reported on our network of 40 million hosted email users.

The results were astounding. Over 10,000 scam domains were terminated in a matter of days. Long term measures were also put in place, such as

• Credit card fraud prevention, including Verified by Visa (most of these scam domains were registered using stolen credit cards)
• Due diligence measures to detect fake domain registration
• Closer cooperation of HKDNR with relevant authorities and agencies.

International cooperation is vital for two reasons:

1. as an early warning when scam artists attempt to set up shop again
2. as a way to share best practices with groups, associations, government regulators, and law enforcement agencies working on the prevention of spam and cybercrime.

In a matter of days, the huge concentration of scammer domains in the .hk ccTLD scattered, shifting to other countries and ccTLDs. Some moved to China (as the McAfee report indicates, a large number of scammer domains still exist in .cn space) and others went onto .biz, .info, and even ccTLDs like .ma (Morocco).

The botnet problem is clearly international, and registrars and registries around the world are vulnerable to what HKDNR suffered last year. While it might be stale news in that HKDNR has already dealt with this problem, it serves as a reminder that botnet criminals are still out there and still causing trouble. Spam and cybercrime are hitting record levels and that there is a need for constant awareness and joint efforts to mitigate the menace that botnets have evolved into over the last few years.

I have written a long and detailed paper on botnet mitigation for the International Telecommunications Union (ITU) as part of the ITU’s Botnet Mitigation Toolkit. It discusses the threat that botnets pose to the worldwide community of Internet users, and describes an interlinked set of policy, technology, and civil society approaches to the problem of botnets. Most of what I have written in this blog entry is already present in the ITU paper, so I will stop here and encourage people reading this to glance at the paper as well. It is 100 pages long so probably not bedtime reading, but I’d still appreciate your comments!

Suresh Ramasubramanian

Postmaster and Head of Anti-spam Operations

Outblaze

Hong Kong’s first ever BarCamp, held at Yahoo! Hong Kong offices on December 16, 2007, attracted about 100 participants and was hailed as a success. BarCamp is an informal, very loosely structured ‘user-generated’ conference event that began in Silicon Valley, spread around the world, and was recently imported to Hong Kong. The rules are simple if unconventional.

No previously organized panels or keynotes, and no invited guests - you’d think this would be a recipe for chaos, but quite the contrary (see links to feedback below). The first Hong Kong BarCamp was a team effort involving a dozen companies (including Outblaze), which you can view at the BarCamp Hong Kong wiki page.

This unconference was certainly well received in the Hong Kongblogosphere. You can read up on the event at the Web Wednesday entry, and see thoughts and reactions from organizers and attendees at Hong Kong Phooey, 852Signal, Digital Anthology (also this primer), RConversation, d.otted rhythm, and others. Victor of Hong Kong Phooey also runs a CNet blog in which he goes over the participation rules in more detail. I particularly recommend the RConversation entry for its write-up of the stimulating discussion on user rights and government interference - many interesting and thorny issues there. Presence among Chinese language blogs was also good, have a look at SideKick’s post and Drinkazine and Ben Lau.

Pictures available on Flickr. Outblaze was proud to be a sponsor, and was particularly happy with the event T-shirts (sponsored by Dookaz):

Social media presents a rather attractive business proposition: provide your users with social services and let them generate content, traffic, and exposure for you. Last week (November 26-30) in Singapore I was restating this case in Outblaze’s bid for the Asia Pacific Information & Communication Technology Alliance Awards, one of the best and most comprehensive technology award schemes in the region and known more briefly as the APICTA Awards (see this site for more information). Our entry in the competition was OutblazeVideo, a white label hosted social video platform for portals and media companies.

To make a long story short - this event lasted most of the week - Outblaze won the APICTA Award in the category Tools & Infrastructure Application. I was there solo, and between all the cocktail receptions, networking events, exhibits, presentations, judging sessions and the excitement of victory I completely forgot to take photographs. I do have a picture of me with the award kindly sent in by Janice AuYeung and Karman Li of the Hong Kong Computer society (Janice and Karman, also in the picture, did a great job coordinating the Hong Kong delegation activities):

APICTA is a network of 16 Asian and Australasian countries and economies whose common goal is to increase awareness of information & communication technologies, stimulate ICT innovation and creativity, promote economic and trade relations, facilitate technology transfer, etc. Their yearly awards are among the most coveted by all manner of IT firms in the Eastern hemisphere.

(more…)

On November 24 I attended the Creative Commons Workshop organized by University of Hong Kong’s Centre for Development and Resources for Students (CEDAR). The workshop provided a wealth of information on the increasingly popular Creative Commons licenses, which allow for sharing of work without the fears and concerns of infringing on copyright. You can see a Creative Commons license on our blog, just glance to the right and look down.

This event was highly informative and I hope Creative Commons becomes the preferred system for the participatory Web community. CC strikes a balance between copyright and public domain, it is a license that helps to preserve copyright on your work while also inviting certain uses of that work - something that is much more difficult to do with a traditional copyright. CC is ideal for the blogosphere and beyond. I am thus very happy to provide the following videos and podcasts for those who were not able to attend the event. (more…)

Yet one more interview from my visit to the 3rd Chinese Blogger Conference in Beijing November 3-4, 2007. BlogBus launched in late 2002 and was one of the first blog service providers (BSP) in China. BlogBus offers free blog hosting and charges premium service fees of less than $15 a year. According to the Baidu Blog Development Report China has 52,300,000 blogs and 1460 BSPs. BlogBus is one of the top 20 BSPs in China. The interesting thing is that the company is only a couple dozen people, but competes against organizations with hundreds of employees.
(more…)

It’s time for another Chinese Blogger Conference update. I met Ms Ying Xue in Beijing at the 3rd Chinese Blogger conference. Tangos Chan (see his interview) introduced us and told me that I absolutely must interview her.

Ying Xue is an investment analyst who provides research and analysis to overseas Venture Capital firms. She is one of the volunteers behind CnBloggerCon, and since she speaks fluent English Isaac Mao (see his interview) asked her to provide simultaneous interpretation for the foreign media who didn’t speak Mandarin.

Hong Kong has had more and more IT startups these past few years, but obviously compared with China the scale is completely different. China has a very highly active and diverse community of IT startups (see “China Web2.0 Review” by Tangos Chan), and because of the huge market size (and other factors), they obtain VC funding much more easily than Hong Kong’s IT startups. So I was really interested to know what Ying Xue thinks of the situation.

Ying said she is not representing her company, but just sharing her own personal thoughts with us - thanks Ying!

cnbloggercon, outblaze, cbc2007

It’s a marketing term.

That was the reply of Outblaze founder and CEO Yat Siu when asked what he thought of “Web 2.0″, a term that is over-used, over-hyped, and often associated with obscure companies. The idea behind Web 2.0 - interlinked platforms, social software, and online services that encourage user contribution - is one of the most powerful, promising, and appealing aspects of the evolving Internet, but surely we must retain some perspective. Let us not forget the late ’90s bubble heyday of the prefix “e-”.

Yat was being interviewed at the sixth Web Wednesday, held at Lotus on Pottinger Street in Hong Kong on Wednesday November 7, 2007, for an audience of 130 or so hailing from diverse technology and marketing backgrounds.

The podcast of the interview will be available shortly on the Web Wednesday web site. We’ll update with a direct link as soon as possible.

More material from the 3rd Chinese Blogger Conference that I attended last week-end! Today we have Tangos Chan, I know him from his Chinese blog 未完成 - Incomplete, and first met him at the 1st Chinese Blogger Conference, in Shanghai.

Tangos also has an English blog called China Web 2.0 Review, which tracks web 2.0 development, and reviews and profiles web2.0 applications, businesses and services in China. He wants foreigners to pay more attention to new IT start ups, and not just at the famous portal sites.

Besides English (as you see in the interview) and Mandarin, Tangos also speak Cantonese which made me feel more at home. He took good care of me at the Blogger Conference, helping me to find more people to interview. Tangos, thank you very much!

Next up we have Jeremy Goldkorn, founder and editor of Danwei.org, a hugely popular site that covers Chinese media, marketing, advertising and urban life. Jeremy has been in Beijing for 12 years, and speaks fluent Mandarin. He just wrote a blog post called ” Chinese Blogger Conference 2007 - some thoughts. Here is the video interview with Jeremy Goldkorn:

cnbloggercon, outblaze, cbc2007, denwei

Outblaze is proud to be a major sponsor of the 3rd annual Chinese Blogger Conference, which was held in Beijing on November 3-4 2007.

Fon Hong Kong and Outblaze’s new service Blogarate are major sponsors.

(more…)

You may remember Forrester Research senior analyst Jeremiah Owyang’s visit to Hong Kong last month and particularly his photographs and commentaries on the ultra spicy Szechuan dinner he enjoyed his first night here. At the time Jeremiah interviewed Outblaze CEO Yat Siu on the state of the Web industry in Hong Kong and the video is now available - go to Jeremiah’s video post to watch it (or click the screenshot below).

Jeremiah is clearly a fan of the Cyberport, the high-tech facility where Outblaze has its headquarters. Take a look at his write-up and photographs.