Category Archives: Malware

Probing Logical Disconnects in Google’s Chinese Standoff

At the outset, I want to say that what follows is largely conjectural. It’s difficult to know exactly what happened and continues to happen between Google and China’s authorities.

Still, it’s a fascinating drama and a good mystery, and I can’t help trying to untangle it. It’s a case where only the tip of the iceberg is visible, and one wonders about what’s unexposed.

If we make a chronological and logical examination of Google’s ongoing stalemate with China, though, we quickly discover that appearances are deceiving.

Let’s review: Before the alleged hacking incident, reputedly undertaken by parties with the express consent or official mandate of the Chinese authorities, Google operated a censored, filtered search engine within China. It might have chafed under the state-ordered constraints, but it acquiesced to China’s dictates.

Then, of course, Google and others were subject to the hacking episode. We still don’t know all the answers about what the hackers wanted, what they got, or why they did it. We might never know all the answers.

Evidence suggests that the hacks originated in China, and there’s a strong intimation that Chinese authorities sanctioned or commissioned the digital skullduggery.

What doesn’t make sense, though, is Google’s reaction.

Think it through: Prior to the hacking attacks, Google is content to abide by China’s censorship regime. Like nearly every other Western company that does business in China, Google heeded the decrees and regulations of Chinese authorities. Censorship, and Google’s opposition to it, wasn’t the issue. How did it suddenly become the issue after a hacking attack?

If Google were upset about the hacking, it could simply withdraw from China. It would be justified to do so. Why should a company subject itself to what it believes is state-sponsored espionage and possible theft of trade secrets and valuable intellectual property? If that’s what’s been happening, Google would be right to take its colored balls and go home.

But linking censorship to hacking and espionage, well, it makes no sense. There’s no causal connection, there’s no direct link. These are discrete issues, and they’ve been brought together arbitrarily, for reasons about which we can only wonder.

My supposition is that Google invoked the censorship card because the Chinese authorities are sensitive to the charge. Sure, China censors its Internet, and much else besides, but it doesn’t like foreigners highlighting the issue. China censors, but nobody from outside the country that does business there is supposed to draw attention to the fact.

Google did just that, hitting a raw nerve in the process. But if censorship isn’t the real issue, if Google was willing to play under those rules before and would probably play under them again, what’s really happening?

Clearly, Google is infuriated by the hacking. While it’s the market leader in web search practically worldwide, it’s a relatively remote second to Baidu in China. The fact is, the Chinese authorities favor an aggressively mercantilistic trade strategy and many Chinese people are staunchly nationalistic. This results in Chinese-vendor dominance in China’s home markets.

From Google’s perspective, it’s bad enough that it must fight a skewed battle, against an opponent benefiting from home-field advantage and government support. (Government support counts for a whole lot in China.) At the same time, Google must defend itself from incursions on its intellectual property and trade secrets. And at least some of the hacking was directed at Google intellectual property.

My assumptions is that harassment and industrial espionage probably pushed Google over the edge, leading to its censorship charges and to its threat to withdraw from China. Google concluded that there was no way it would ever assume the leadership position in the Chinese market. Worse, it concluded that, if it stayed, it would suffer losses of intellectual property that could bolster competitors in China (and then perhaps in other emerging markets).

Now, what’s being negotiated between China and Google? I think Google is demanding that hacking, spying, and plundering of IP come an abrupt and permanent halt. If China doesn’t agree, Google will withdraw from the country. The company might even publicize its full reasons for making the retreat.

Needless to say, such a setback wouldn’t be good for China. If Western technology companies don’t continue to set up shop in China, the country won’t be able to learn from them and to facilitate technology transfer that will result in China’s technological leadership.

Still, does China need to worry? No matter what indignities China visits upon Western corporations, the companies seem more than willing to submit to the impositions. In the near term, maybe the gambit pays off for these firms, but — if I’m right about what’s happening between Google and China — long-term gains are far from assured.

In China, the odds favor the house. Given the current dynamics, it’s difficult to see how the situation will change.


McAfee Commits to China, Establishes Wholly Owned Subsidiary

As I’ve discussed previously in venerable forum, security-software vendors face unique challenges in trying to crack the potentially lucrative Chinese market.

Notwithstanding those challenges, security-software market leaders such as Symantec, McAfee, and Trend have every intention of pursuing opportunities in China. To do so, they must find the right mix of product offerings (including localization), positioning, pricing, and channel partners.

To succeed in China, though, vendors must commit to China. Responding to that imperative, McAfee said yesterday that it would establish a new wholly owned subsidiary in China.

In Beijing to make the announcement, Dave DeWalt, McAfee’s president and CEO, issued the following statement:

“China offers compelling opportunities for McAfee. China has great potential as a center for manufacturing, research and development for McAfee and is also a significant burgeoning market for our products. McAfee has continuously strengthened its presence in China over the last decade and we are planning to expand our investment in the near term to take full advantage of the opportunities China presents.”

McAfee estimates that its potential addressable market in China will grow from about $390 million in 2009 to $1.09 billion in 2013.

In a press release accompanying the announcement of its new Chinese subsidiary, McAfee explained that its Chinese expansion also would include the following:

• A new call center planned to open in Beijing in February 2010 to service the mid-market segment, particularly in smaller cities across China.

• Additional headcount in functions including sales, sales engineering, marketing, support and research and development (R&D), including a planned doubling of the field sales organization in 2010.

• Recently signed reseller partnerships with both Neusoft and CS&S (China National Software and Services) who have become premier partners for McAfee products in China.

• A partnership with Lenovo to market McAfee VirusScan products through Lenovo retail outlets across China, opening up a significant retail channel for McAfee and contributing to our position as the world’s largest dedicated security technology company. McAfee products ship on more than 50% of the PCs shipped by the top 10 PC OEMs.

• A partnership with Dell to offer China consumers 15 month subscriptions on all their retail and direct systems with a Microsoft Windows preinstalled.

McAfee also plans to strengthen existing partnerships in the Chinese market and to establish new ones. Prior to the announcement, McAfee operations in China included sales, manufacturing of the McAfee Unified Threat Management Firewall, and an R&D team focused on mobile security, localization, and security research.

The cornerstone of this move, though, is the establishment of the wholly owned subsidiary. As DeWalt explained to PCWorld, McAfee’s formation of the subsidiary will give the company greater flexibility and more options relating to its China-based manufacturing and to the regulatory approval of its products.

Those considerations are significant. In China, McAfee not only competes against its traditional rivals, such as the aforementioned Symantec and Trend, but also against domestic Chinese software companies that have benefited from home-field advantage in more ways than one.

Sound and Fury in “Black Screen of Death” Saga

I still don’t know what to make of the “Black Screen of Death.” It was initially thought to have affected millions of WIndows users, but now appears to have a stricken a smaller number, perhaps tens of thousands.

What we do know is that a problem struck a relatively small number of Windows users, including those with Windows 7, and that, for those users, the problem ranged from being an inconvenience to something more serious. Beyond that, we’re still looking for answers.

Prevx, the security-software company that originally identified the affliction, suspected that a recent Windows security update was to blame for the problem, which apparently causes desktop icons and the start menu to disappear from computers, leaving a black screen behind.

Microsoft has countered that malware, and not a security update, was the likely cause of the problem. Prevx has apologized to Microsoft for rushing to judgment with its initial diagnosis, which proved errant, but it also has defended itself from criticisms that it overstated the severity of the glitch.

All in all, recriminations are flying, and lessons should be learned, as PC World’s Tony Bradley notes.

On the Internet, though, everybody wants the scoop, the edge, the time advantage that accrues from identifying or getting to something — a story, a development, or actionable information — ahead of everybody else.

That pressure will ensure that we’ll all struggle — vendors, writers, and readers alike — to sort the wheat from the chaff as we thresh real-time information.