Labour shortages are a real issue for a few years already in the Pearl River Delta, and now also the Yangtze River Delta. Factories are already moving inland, basically in search of labour which is cheaper and more available inland. Though transport costs are higher again of course.
Main causes: better incomes on the farms (less incentive to move 2000 km just for work), exhaustion of supply of young people (partly due to the one-child policy), a workforce that gets better educated (partly due to work experience, particularly for semi-skilled and skilled work).
China is a vast country, but last year for the PRD area alone they were talking about a shortage of about two million workers. And these shortages only seem to get worse.
On the one hand, you have the iPhone--built in China and it's an absolute miracle of modern technology.
Assembled in China, yes.
Parts: made in Taiwan, Korea, Japan, maybe the US even.
Development and design: done in the US by Apple - that includes the aesthetic design of the phone itself, the inner design of how everything fits together, and pretty much the complete software stack. And this part of the product is where by far the most money is made.
On the other hand, I don't know where to buy decent clothes. I bought a 12-pack of socks a couple weeks ago and three of them were mis-sewn. Every time my wife buys a 3-pack of underwear for the kid, she takes them out of the package, washes them, and 1 or 2 will come out of the washer--their first wash, having never been worn--with the waistline frayed.
Maybe you should not go for the cheapest-of-the-cheapest underwear, but pay a bit more for it. A little more money will buy you a lot more quality at that level.
Besides your remark reminds me of a quote of a Chinese-American, who lives most of the time in China. She was quoted as saying she would buy her made-in-China underwear in the US, not in China, as the export quality is so much better than what's sold on the local market.
though the last time it happened before that it was the industrial revolution, and moving everything from europe to north america).
Huh? Then what were all those factories doing in Europe in the late 19th, early 20th century? The industrial revolution started in the UK and spread quickly to both Europe and the US. it wasn't until the 60s and 70s that the textile industry really left Western Europe, for example.
Mind that at the time labour was cheap everywhere (nothing was industrialised yet), transportation was expensive and slow, and telecommunication was done by posting a letter. Or telegraph maybe. I forgot when the first long-distance (cross-continent, cross-ocean) lines were laid.
The world was much less connected, producing in USA for mass export to Europe killing off European industry at the time was simply practically impossible. Sure some trade was taking place. Mostly high-tech stuff, like steam engines, that not everyone could build themselves.
China's interests in Africa are natural resource related. As other posters said already.
Secondly, Africa has a simple reason that it does not develop well economically: no political stability. Say what you want about the Chinese government, at least it's a fairly stable, safe and thus predictable environment to work in, and that's all businesses need. You do not need your own private army to protect your business, like you do in many African countries. There are no people walking around the streets with an AK47 over the shoulder.
Africa, as it stands, has no proper infrastructure, no stable government, corruption issues that are far worse than China's, and so on. It's just not an easy environment for businesses. And yes I know I'm generalising here, there are countries in Africa that have a working government.
Incidently, this morning I just read about problems for textile factories. There is talk about a cut in the VAT rebate they can get from 15% to 11% on exports (they have to pay 16% VAT - so effectively their VAT goes up from 1% to 5%). A large number of factories has indicated they would probably close, as they lose competitiveness. Wages go up, the Yuan goes up, raw material prices are high. And that wages go up is not as much a result of improved productivity, it's more a result of labour shortages. There are currently huge labour shortages in China, especially the coastal regions. And that's what's driving up wages most.
Furthermore they mentioned the next destination is probably not Africa, but, surprisingly, Europe. At this moment production costs in Romania are already lower than in China. Add to that the obvious advantages of sitting closer to your market, I wouldn't be surprised if very soon more European producers will set up shop there.
Other Asian countries indeed seem more likely candidates, but with few exceptions infrastructure is a major issue. Indonesia for example only has a few short stretches of highway around their capital, making transport slow. They also don't have any main ports, and are limited to feeders and shipping via other ports such as Singapore. Vietnam is in slightly better shape, Bangladesh is a total mess.
And about moving up the ladder: you're absolutely right. The government wants it, but it's going to take a long time. Other than heavily government supported industry (you mention airliners already, don't forget railways: the US is shopping in China for high-speed rail technology already) there is not much happening as yet. It is still Taiwan that's doing development, design and marketing, Hong Kong that's doing finance and logistics, and China that's doing manufacturing. Not much new coming out of China yet, they're still in the "copy" stage, and a lot of quality that comes out is poor at best. It's very much time they move on to the "copy-and-improve" stage but I haven't seen this really happening yet.
Thanks. A rare bit of understandable information that doesn't raise more questions.
Reading discussions about bitcoin usually results in me being more confused as many repliers give contradicting information - contradicting other posters, or even themselves in the same post.
And that alone blocks me (and probably many other people) from having any interest to actually adopt it.
It doesn't matter if 2 computers know the private key. Once the private key is known to a hacker he can use the account in the same way that you can.
You contradict yourself here. If it doesn't matter that two computers know the private key, then it doesn't matter if a hacker knows it either, as a hacker is in my eyes equivalent to a second computer.
And then the miner who solves the next puzzle is the tie-breaker. No miner will have two conflicting transactions. Each miner would reject the 2nd conflicting transaction, and, although different miners may consider different transactions as the "first" one, there will likely be one transaction that is highly favored over the other, and that's the one that is likely to be honored.
This sounds contradictory.
One miner endorses one transaction, another miner endorses another: doesn't sound like resolving the problem.
And you mention about seconds to propagate through the network - as long as bitcoin's network remains as small and insignificant as it is now, that may work. But if it were to replace the transaction volume now done on credit cards then having to propagate every single transaction to every single node in the entire network would well DDOS the Internet? Doesn't sound like it scales well.
It's the same concept as if you have $100 in your checking account, and you mail two $100 checks to two different people. Who wins? Most likely (but not always) the one who receives your check first. Most likely (but not always) the one who cashes it first. And the bank will make an arbitrary decision if they both come in at approximately the same time.
Absolutely not the same as bitcoin doesn't have a central authority. That's the whole point of bitcoin, and that's where I see all this kind of problems arise. No-one to make the call which of the transactions stands, and which one not. It also seems to work exclusively on-line, yet another restriction.
Bitcoin is something that is very hard to understand how it works, and there are contradictions already in the replies I get to my questions. That says enough to me. What people don't understand, they don't use. Bank notes are easy to understand: you hand them out, they change ownership.
Digital stuff not so much. You can always make copies, and the original doesn't disappear. When you give say an mp3 music file to someone, you actually give a copy, unlike a physical CD. You still retain the copy. You can e-mail a document to someone, you still have your own copy. Etc.
Now bitcoin comes around, something digital that works like something physical as in you can give a bitcoin away and then it's really gone. That's contradictory in a way, and this kind of issues will really hold back the use of bitcoins. Oh and then the silly thing of having an absolute limit... that means guaranteed deflation... so better hold on those bitcoins, don't spend them, because tomorrow they're worth more. Not good for an economy.
Joking aside, please correct me if I'm wrong below, but this is my understanding of some of the principles behind bitcoins. I have tried to read the faq and the wikipedia page but I'm not expert enough on cryptography and so to actually understand much of what they're talking about. Yet I'm interested in the idea of having a digital currency around, which is what bitcoin could be.
There are now apparently two copies of a whole lot of bitcoins around (one on the victim's computer, one on the thief's computer). Stealing in computer terms after all means "making an unauthorised copy". The original data is normally still there, no reason to believe that's different here.
Now what if the original owner would spend them all, before the thief gets to? For example by swapping them for a same number of bitcoins with another user? Then the coins get "spent" before the thief gets to. And the copy the thief has, would according to bitcoin techniques preventing the double spending of a same coin be rendered useless. The thief could of course do the same as well, taking full ownership of the coins. And as transactions are untraceable (according to bitcoin's design) doing so would allow the thief to safely launder the loot.
When a bitcoin is spent, it gets a cryptographic hash added to it that is related to the sender and the recipient. And thanks to those hashes one way or another the recipient can tell that the sender is genuine and hasn't spent the coin already, and thus accept it.
Now this prevention technique as I understand has to trickle down the whole bitcoin network - nodes have to tell each other that a coin has been spent, and which hashes have been added (how they deal with the necessarily enormous amount of data involved - especially if bitcoin would be really successful and used a lot - is beyond me. Because one way or another when a coin is presented to a recipient, the recipient must know the latest transactions of that coin before they can accept it, and to not have to wait for hours to search a decentralised network where many nodes may be offline at any moment they must have that information stored locally. On top of that, bitcoins themselves grow with every transaction they go through as yet another hash is added). That leaves time for the thief to do exactly the same: exchange for an equivalent number of bitcoin with another user. Such an exchange can presumably done really fast as all it requires is some hashing, and hash functions are fast. The network's "memory" however takes longer to build up, as nodes have to inform each other, and that simply takes time.
So now the fun starts. There are now two sets of the same bitcoin around, but with different transaction signatures, as they have been used twice from different origins. And there is no central authority (as per bitcoin's design) to keep track of it all.
So: how to tell which one is the genuine one? And which one is the stolen one?
What about if the same wallet is given to another user, and the same trick is done as described above is done? How to decide which of the two competing copies is the real one?
I would say by the time they switched to web-based online banking (I'm e-banking from since before the www was available for home users) that by then they had some basic experience already.
And also I would expect that they have gone through various implementations of their web site, if only to add extra functions and features. Encryption has advanced, for example. Https has been added. Keys have increased in size. Etc. Not keeping up with industry practice is no more than total incompetence. Banks, particularly the big ones, surely have the means to pay for the experts that know what they're doing and that can put this together securely.
Being the first to have offered e-banking is not mitigating nor an excuse, at all.
Facebook probably secretly loves all those dummy/fake/unused/abandoned accounts. It increases the numbers. If say half the accounts is not used for whatever reason (a number that wouldn't surprise me), they would suddenly look a lot smaller. Still big, but not that big. And it'd have an impact on the company's market value.
Most of those forums require you to log in to be allowed to post. They generally do not give access to more personal information about users than what they give to a general visitor.
Facebook gives you access to more information about total strangers when you log in, compared to a visitor who is not logged in at all. That's the big difference. If Facebook would present the exact same information to a general visitor as to a logged in visitor without any connection to you, this whole article would have been moot.
Good to hear I'm not the only person with a smartphone (Android based; not iPhone) without a data account!
Open/public WiFi hotspots are everywhere: open personal hot spots, government run buildings and parks have government WiFi, even some buses come with free WiFi now. Out in the country parks not of course but when I'm there I'm not working, so no need for e-mail.
The only moment I miss network is when I'm in an unfamiliar area and want to look up bus routes. Then I still have to walk to the nearest main road and look at the bus stops.
I have downloaded both Google Map and OpenCycleMap copies of the complete territory, so that part is covered as well. No need for data connection to tell me where I am or how to get where I want to go.
And no network connection is the best ad blocker possible:)
I'm having a 15-year flashback reading this story. At the time no smart phones of course. But in The Netherlands the situation was roughly like it's in the US still. You buy a phone, heavily subsidised, with contract from carrier, and find the phone simlocked to that carrier. The subsidy actually went through the reseller: the shop sold a contract, and would get a kickback from the phone company, which in turn was used to sell a discounted phone.
Within a few years web-shops started to operate selling contracts without the phone, and then paying back the subsidy as lump sum to the customer. With many people by then already owning a phone they didn't see the need of needing a new one, and would rather get cash back. They were quite successful.
Maybe this opens the door for such resellers in the US? To be able to sell contracts with the subsidy but without the phone? I bet there are plenty of people that don't even want a new phone, when their old one works fine. And there are people that want the latest and greatest phone every six months, yet have an existing contract already. Nothing stopping them from buying a new one, optionally reselling the not-so-new one second hand, and putting their sim into their new phone.
And with so many people out of work... who can object against opening up a market, allowing many jobs to be created in the process?!
They're really hard to come by (first of all you need to own a car - most people here don't, secondly you have to get a cross-border permit - just a small fraction of car owners have such a permit), and then I've no idea on the implications of "losing" the device. So I'm afraid it won't be that easy - and this will also explain to you why it took four years before someone comes with a theory like this. Not many people will destroy a device that's so hard to come by.
If true, this could set off a shitstorm you can't imagine. That is a major risk for Beijing - too big a risk I'd wager for them to take. They lost their first Chief Executive ("governor") of Hong Kong to public pressure: an estimated 700,000 people - 10% of the total population of Hong Kong - took to the streets in a single protest against him. That shook them badly. The current CE is not faring better - avoiding mass protests, but popularity is even lower. He's still there only because Beijing can't afford to have him resign early too, that'd be two out of two, and would make them look really bad when it comes to appointing CEs, and would very much support the call for greater democracy, especially for the CE election.
So besides the technical aspects, this is simply yet another reason why I'm skeptical about it. But if true... now that would be fun.
Please put of your tinfoil hat and stop ignoring what I'm actually writing.
First of all, I am a Hong Kong permanent resident. And still live there.
Secondly: what is really in that blue shrink wrap? May be batteries indeed. I can't see: it's shrink wrapped.
Now let's look at the numbers that I "can not add up" and you don't even bother to look at. So let's say that blue thing is a battery. My half-year old phone can pack 5.6 Wh in it's battery, it looks like my battery is roughly half the size of that blue package. Let's say this device has twice that power: 10.6 Wh. It's automatically transmitting all conversations for a year, without running out of battery. Say it has to handle 2 hours of conversation a day, that makes 730 hours of active broadcasting a year. The battery has to handle that. This allows for 14.5 mW of allowed power consumption when actively broadcasting - and nothing left for anything else (like standby, or audio encoding). And people that use their vehicle more than two hours a day (e.g. smugglers) have even less power to broadcast their conversations. I don't know much about broadcasting, but I do know that on 14.5 mW you're no way going to get far. Even if you again double the battery size, it's not going to work well. Broadcast simply needs a certain amount of power, and that's a lot of power when you're talking about small battery powered stuff, no matter how you look at it. Audio signals are nothing compared to radio signals when it comes to power needs.
In comparison, mobile phones - also using the GHz range - use 500-1000 mW of transmit power. WiFi is in the same power range - and doing just a couple hundred meters or so, with ideal line of sight. So even if this is a battery and it is a transmitter, you may broadcast over meters. Which incidentally is just what you need for a toll pass to work.
Then who was talking about listening on transistor radios? Not me. I said scanners - you know those devices that can, amongst others, pick up emergency radio bands, aircraft radio, mobile phone signals, etc. Those receivers are available in basically any range you want.
Active broadcasting a signal takes a lot of power. A typical mobile phone can last maybe 10-12 hours on a charge, when talking. Up to two weeks standby. For these devices well let's be generous, make it double the time, that's 24 hours of broadcasting signals. The rest of the year: no battery. And I didn't see a battery on the photos.
As I said, and what you handily ignored: no visible power source on any of the photos. An external power source is a necessity for this kind of broadcast if it has to last a whole year - broadcasting over any significant distance takes a lot of power. The devices are small, batteries if any are in place necessarily are small too.
Next is the practical problem of receiving the individual signals. You would likely need a different frequency for each one, or active frequency scanning by the device to find a free channel, as otherwise they start interfering with each other. There are a few thousand out there. And how come no-one has ever detected such a signal, if it exists, over the last four years? There are plenty of radio amateurs in this world, scanning all bandwidths allocated or not, to see if there are any interesting signals to be heard.
And about receivers on this side of the border: it's possible. However that's not the claim made in the article, which claims that the receiver is in Shenzhen and that they can listen over a 20-km range into Hong Kong. That's the fact I'm disputing here. I'd be very interested how ANYONE could have a reliable direct radio communication with Shenzhen from the roads in Sha Tin, or worse: Tsuen Wan. The latter has Tai Mo Shan in the way.
Mind you I'm not saying it can not be done, at all. I'm just saying that it absolutely can not be done (for several independent reasons) the way it's presented in the article.
The thing with those devices is that of course they automatically log when-ever you pass a toll gate. So there is a record of the movements of that device (and in effect an individual vehicle). I wouldn't be surprised if law enforcement uses it to track smugglers (they typically cross the border multiple times a day).
Why would a general staffer have any more access to that server than to the directory (and subdirs of it) where their part of the web site is stored?
Most of the things you list are probably public indeed; the base Apache config is NOT. Even a guest account should not have access to that kind of information. And what would guest accounts do on a production server to begin with? Too easy a starting point to explore what's exactly on that computer, and work from there.
The server was hacked, if that key was stored on the same server it's not guaranteed safe any more. Better safe than sorry: revoke the current key, get a new one. It's a basic security measure when recovering from a breach.
It is taped to the windshield. It does not seem to have any (external) power supply. How could such a device be able to transmit a serious quantity of data, over a distance of 20 km, with mountains in between? Hong Kong may be small but it's hilly, with peaks of almost 1000m tall. From most parts of this 20km radius there is no line of sight to Shenzhen - all mountains in the way, except for the north-western part of Hong Kong which is mostly protected wetland. Such transmission if at all possible takes a significant amount of power, a battery that fit in there would run out in hours or less. On these points alone I'd call this story total nonsense.
They have been installed since 1997 - that means most are in place for some four years now. The only way to keep it working is if it's a passive device, using external radio sources as their power source, as is typical for devices used for automatic toll payment and similar purposes.
That cracking porn sites is very easy, I'll take your word for it.
The main reason though for porn sites to have logins, would be that this are paid logins (a visit to pron.com has a link for free registration; I couldn't find the benefits of registration though during that quick visit; and clicking on a link that says "Premium" sent me to a site called porn.com). Paid logins generally mean that the web site is accepting credit card payments, that's the most common form of payment on the Internet. And Paypal maybe. Anyway aren't there all kinds of requirements by credit card companies on protection of credit card data, that a site has to fulfill before they can accept credit card payments? Which includes some basic security that prevents credit card details to be out in the open?
This saga starts me thinking again about my own on-line privacy and security.
The problem is indeed the e-mail addresses. You could generate random ones for each website, which is a bit of a hassle especially if you're not sure whether you want to seriously use the site.
Just pondering a bit I'm thinking of a quite effective scheme that should do the job, without too much hassle from the user's side.
For each web site create a unique password, and unless it's some social networking site where you want your identity known and where your login name matters in that respect, create a unique user name as well.
Registered e-mail address (especially for those sites where you don't care much about): username@mailinator.com where username is the (random) name you chose when signing up. Now your password manager can store username and password for you, and you simply know which e-mail you use for the password recovery if necessary. This is security-by-obscurity as anyone who knows your login name (which is very hard to guess), and knows you use the same at mailinator.com for password recovery, could steal your account on that web site. So this is great for those random forums that all require you to register first, not for anything that involves your credit card.
Sites you care about: create username@gmail.com with your random name, and use this as registered e-mail address. Use another random password for this gmail.com address, and for convenience have it redirect to an e-mail account that you do check. Your main personal account, or another gmail account created just to collect those mails. This is as secure as it can be - from your side at least, the rest is fully up to the web site itself. No-one can recover your password other than you, and identities on several sites can not be linked directly (unless it starts to involve extra information like credit card details - but sites that process credit cards should have pretty decent overall security to begin with - which generally should include paid-for porn sites, for that matter).
Let's see if someone has already built a Firefox plugin to make this process more automated.
Labour shortages are a real issue for a few years already in the Pearl River Delta, and now also the Yangtze River Delta. Factories are already moving inland, basically in search of labour which is cheaper and more available inland. Though transport costs are higher again of course.
Main causes: better incomes on the farms (less incentive to move 2000 km just for work), exhaustion of supply of young people (partly due to the one-child policy), a workforce that gets better educated (partly due to work experience, particularly for semi-skilled and skilled work).
China is a vast country, but last year for the PRD area alone they were talking about a shortage of about two million workers. And these shortages only seem to get worse.
On the one hand, you have the iPhone--built in China and it's an absolute miracle of modern technology.
Assembled in China, yes.
Parts: made in Taiwan, Korea, Japan, maybe the US even.
Development and design: done in the US by Apple - that includes the aesthetic design of the phone itself, the inner design of how everything fits together, and pretty much the complete software stack. And this part of the product is where by far the most money is made.
On the other hand, I don't know where to buy decent clothes. I bought a 12-pack of socks a couple weeks ago and three of them were mis-sewn. Every time my wife buys a 3-pack of underwear for the kid, she takes them out of the package, washes them, and 1 or 2 will come out of the washer--their first wash, having never been worn--with the waistline frayed.
Maybe you should not go for the cheapest-of-the-cheapest underwear, but pay a bit more for it. A little more money will buy you a lot more quality at that level.
Besides your remark reminds me of a quote of a Chinese-American, who lives most of the time in China. She was quoted as saying she would buy her made-in-China underwear in the US, not in China, as the export quality is so much better than what's sold on the local market.
though the last time it happened before that it was the industrial revolution, and moving everything from europe to north america).
Huh? Then what were all those factories doing in Europe in the late 19th, early 20th century? The industrial revolution started in the UK and spread quickly to both Europe and the US. it wasn't until the 60s and 70s that the textile industry really left Western Europe, for example.
Mind that at the time labour was cheap everywhere (nothing was industrialised yet), transportation was expensive and slow, and telecommunication was done by posting a letter. Or telegraph maybe. I forgot when the first long-distance (cross-continent, cross-ocean) lines were laid.
The world was much less connected, producing in USA for mass export to Europe killing off European industry at the time was simply practically impossible. Sure some trade was taking place. Mostly high-tech stuff, like steam engines, that not everyone could build themselves.
China's interests in Africa are natural resource related. As other posters said already.
Secondly, Africa has a simple reason that it does not develop well economically: no political stability. Say what you want about the Chinese government, at least it's a fairly stable, safe and thus predictable environment to work in, and that's all businesses need. You do not need your own private army to protect your business, like you do in many African countries. There are no people walking around the streets with an AK47 over the shoulder.
Africa, as it stands, has no proper infrastructure, no stable government, corruption issues that are far worse than China's, and so on. It's just not an easy environment for businesses. And yes I know I'm generalising here, there are countries in Africa that have a working government.
Incidently, this morning I just read about problems for textile factories. There is talk about a cut in the VAT rebate they can get from 15% to 11% on exports (they have to pay 16% VAT - so effectively their VAT goes up from 1% to 5%). A large number of factories has indicated they would probably close, as they lose competitiveness. Wages go up, the Yuan goes up, raw material prices are high. And that wages go up is not as much a result of improved productivity, it's more a result of labour shortages. There are currently huge labour shortages in China, especially the coastal regions. And that's what's driving up wages most.
Furthermore they mentioned the next destination is probably not Africa, but, surprisingly, Europe. At this moment production costs in Romania are already lower than in China. Add to that the obvious advantages of sitting closer to your market, I wouldn't be surprised if very soon more European producers will set up shop there.
Other Asian countries indeed seem more likely candidates, but with few exceptions infrastructure is a major issue. Indonesia for example only has a few short stretches of highway around their capital, making transport slow. They also don't have any main ports, and are limited to feeders and shipping via other ports such as Singapore. Vietnam is in slightly better shape, Bangladesh is a total mess.
And about moving up the ladder: you're absolutely right. The government wants it, but it's going to take a long time. Other than heavily government supported industry (you mention airliners already, don't forget railways: the US is shopping in China for high-speed rail technology already) there is not much happening as yet. It is still Taiwan that's doing development, design and marketing, Hong Kong that's doing finance and logistics, and China that's doing manufacturing. Not much new coming out of China yet, they're still in the "copy" stage, and a lot of quality that comes out is poor at best. It's very much time they move on to the "copy-and-improve" stage but I haven't seen this really happening yet.
Thanks. A rare bit of understandable information that doesn't raise more questions.
Reading discussions about bitcoin usually results in me being more confused as many repliers give contradicting information - contradicting other posters, or even themselves in the same post.
And that alone blocks me (and probably many other people) from having any interest to actually adopt it.
It doesn't matter if 2 computers know the private key. Once the private key is known to a hacker he can use the account in the same way that you can.
You contradict yourself here. If it doesn't matter that two computers know the private key, then it doesn't matter if a hacker knows it either, as a hacker is in my eyes equivalent to a second computer.
And then the miner who solves the next puzzle is the tie-breaker. No miner will have two conflicting transactions. Each miner would reject the 2nd conflicting transaction, and, although different miners may consider different transactions as the "first" one, there will likely be one transaction that is highly favored over the other, and that's the one that is likely to be honored.
This sounds contradictory.
One miner endorses one transaction, another miner endorses another: doesn't sound like resolving the problem.
And you mention about seconds to propagate through the network - as long as bitcoin's network remains as small and insignificant as it is now, that may work. But if it were to replace the transaction volume now done on credit cards then having to propagate every single transaction to every single node in the entire network would well DDOS the Internet? Doesn't sound like it scales well.
It's the same concept as if you have $100 in your checking account, and you mail two $100 checks to two different people. Who wins? Most likely (but not always) the one who receives your check first. Most likely (but not always) the one who cashes it first. And the bank will make an arbitrary decision if they both come in at approximately the same time.
Absolutely not the same as bitcoin doesn't have a central authority. That's the whole point of bitcoin, and that's where I see all this kind of problems arise. No-one to make the call which of the transactions stands, and which one not. It also seems to work exclusively on-line, yet another restriction.
Bitcoin is something that is very hard to understand how it works, and there are contradictions already in the replies I get to my questions. That says enough to me. What people don't understand, they don't use. Bank notes are easy to understand: you hand them out, they change ownership.
Digital stuff not so much. You can always make copies, and the original doesn't disappear. When you give say an mp3 music file to someone, you actually give a copy, unlike a physical CD. You still retain the copy. You can e-mail a document to someone, you still have your own copy. Etc.
Now bitcoin comes around, something digital that works like something physical as in you can give a bitcoin away and then it's really gone. That's contradictory in a way, and this kind of issues will really hold back the use of bitcoins. Oh and then the silly thing of having an absolute limit... that means guaranteed deflation... so better hold on those bitcoins, don't spend them, because tomorrow they're worth more. Not good for an economy.
And doesn't keep a backup of the wallet?
Joking aside, please correct me if I'm wrong below, but this is my understanding of some of the principles behind bitcoins. I have tried to read the faq and the wikipedia page but I'm not expert enough on cryptography and so to actually understand much of what they're talking about. Yet I'm interested in the idea of having a digital currency around, which is what bitcoin could be.
There are now apparently two copies of a whole lot of bitcoins around (one on the victim's computer, one on the thief's computer). Stealing in computer terms after all means "making an unauthorised copy". The original data is normally still there, no reason to believe that's different here.
Now what if the original owner would spend them all, before the thief gets to? For example by swapping them for a same number of bitcoins with another user? Then the coins get "spent" before the thief gets to. And the copy the thief has, would according to bitcoin techniques preventing the double spending of a same coin be rendered useless. The thief could of course do the same as well, taking full ownership of the coins. And as transactions are untraceable (according to bitcoin's design) doing so would allow the thief to safely launder the loot.
When a bitcoin is spent, it gets a cryptographic hash added to it that is related to the sender and the recipient. And thanks to those hashes one way or another the recipient can tell that the sender is genuine and hasn't spent the coin already, and thus accept it.
Now this prevention technique as I understand has to trickle down the whole bitcoin network - nodes have to tell each other that a coin has been spent, and which hashes have been added (how they deal with the necessarily enormous amount of data involved - especially if bitcoin would be really successful and used a lot - is beyond me. Because one way or another when a coin is presented to a recipient, the recipient must know the latest transactions of that coin before they can accept it, and to not have to wait for hours to search a decentralised network where many nodes may be offline at any moment they must have that information stored locally. On top of that, bitcoins themselves grow with every transaction they go through as yet another hash is added). That leaves time for the thief to do exactly the same: exchange for an equivalent number of bitcoin with another user. Such an exchange can presumably done really fast as all it requires is some hashing, and hash functions are fast. The network's "memory" however takes longer to build up, as nodes have to inform each other, and that simply takes time.
So now the fun starts. There are now two sets of the same bitcoin around, but with different transaction signatures, as they have been used twice from different origins. And there is no central authority (as per bitcoin's design) to keep track of it all.
So: how to tell which one is the genuine one? And which one is the stolen one?
What about if the same wallet is given to another user, and the same trick is done as described above is done? How to decide which of the two competing copies is the real one?
I would say by the time they switched to web-based online banking (I'm e-banking from since before the www was available for home users) that by then they had some basic experience already.
And also I would expect that they have gone through various implementations of their web site, if only to add extra functions and features. Encryption has advanced, for example. Https has been added. Keys have increased in size. Etc. Not keeping up with industry practice is no more than total incompetence. Banks, particularly the big ones, surely have the means to pay for the experts that know what they're doing and that can put this together securely.
Being the first to have offered e-banking is not mitigating nor an excuse, at all.
What about not Google, but Bing? And what about not Facebook, but any other site where you need to login to see content like a bank?
What bank are you using that allows you to see personal information of OTHER account holders (not yourself) after you log in?
Facebook probably secretly loves all those dummy/fake/unused/abandoned accounts. It increases the numbers. If say half the accounts is not used for whatever reason (a number that wouldn't surprise me), they would suddenly look a lot smaller. Still big, but not that big. And it'd have an impact on the company's market value.
Most of those forums require you to log in to be allowed to post. They generally do not give access to more personal information about users than what they give to a general visitor.
Facebook gives you access to more information about total strangers when you log in, compared to a visitor who is not logged in at all. That's the big difference. If Facebook would present the exact same information to a general visitor as to a logged in visitor without any connection to you, this whole article would have been moot.
Good to hear I'm not the only person with a smartphone (Android based; not iPhone) without a data account!
Open/public WiFi hotspots are everywhere: open personal hot spots, government run buildings and parks have government WiFi, even some buses come with free WiFi now. Out in the country parks not of course but when I'm there I'm not working, so no need for e-mail.
The only moment I miss network is when I'm in an unfamiliar area and want to look up bus routes. Then I still have to walk to the nearest main road and look at the bus stops.
I have downloaded both Google Map and OpenCycleMap copies of the complete territory, so that part is covered as well. No need for data connection to tell me where I am or how to get where I want to go.
And no network connection is the best ad blocker possible :)
I'm having a 15-year flashback reading this story. At the time no smart phones of course. But in The Netherlands the situation was roughly like it's in the US still. You buy a phone, heavily subsidised, with contract from carrier, and find the phone simlocked to that carrier. The subsidy actually went through the reseller: the shop sold a contract, and would get a kickback from the phone company, which in turn was used to sell a discounted phone.
Within a few years web-shops started to operate selling contracts without the phone, and then paying back the subsidy as lump sum to the customer. With many people by then already owning a phone they didn't see the need of needing a new one, and would rather get cash back. They were quite successful.
Maybe this opens the door for such resellers in the US? To be able to sell contracts with the subsidy but without the phone? I bet there are plenty of people that don't even want a new phone, when their old one works fine. And there are people that want the latest and greatest phone every six months, yet have an existing contract already. Nothing stopping them from buying a new one, optionally reselling the not-so-new one second hand, and putting their sim into their new phone.
And with so many people out of work... who can object against opening up a market, allowing many jobs to be created in the process?!
They're really hard to come by (first of all you need to own a car - most people here don't, secondly you have to get a cross-border permit - just a small fraction of car owners have such a permit), and then I've no idea on the implications of "losing" the device. So I'm afraid it won't be that easy - and this will also explain to you why it took four years before someone comes with a theory like this. Not many people will destroy a device that's so hard to come by.
If true, this could set off a shitstorm you can't imagine. That is a major risk for Beijing - too big a risk I'd wager for them to take. They lost their first Chief Executive ("governor") of Hong Kong to public pressure: an estimated 700,000 people - 10% of the total population of Hong Kong - took to the streets in a single protest against him. That shook them badly. The current CE is not faring better - avoiding mass protests, but popularity is even lower. He's still there only because Beijing can't afford to have him resign early too, that'd be two out of two, and would make them look really bad when it comes to appointing CEs, and would very much support the call for greater democracy, especially for the CE election.
So besides the technical aspects, this is simply yet another reason why I'm skeptical about it. But if true... now that would be fun.
Please put of your tinfoil hat and stop ignoring what I'm actually writing.
First of all, I am a Hong Kong permanent resident. And still live there.
Secondly: what is really in that blue shrink wrap? May be batteries indeed. I can't see: it's shrink wrapped.
Now let's look at the numbers that I "can not add up" and you don't even bother to look at. So let's say that blue thing is a battery. My half-year old phone can pack 5.6 Wh in it's battery, it looks like my battery is roughly half the size of that blue package. Let's say this device has twice that power: 10.6 Wh. It's automatically transmitting all conversations for a year, without running out of battery. Say it has to handle 2 hours of conversation a day, that makes 730 hours of active broadcasting a year. The battery has to handle that. This allows for 14.5 mW of allowed power consumption when actively broadcasting - and nothing left for anything else (like standby, or audio encoding). And people that use their vehicle more than two hours a day (e.g. smugglers) have even less power to broadcast their conversations. I don't know much about broadcasting, but I do know that on 14.5 mW you're no way going to get far. Even if you again double the battery size, it's not going to work well. Broadcast simply needs a certain amount of power, and that's a lot of power when you're talking about small battery powered stuff, no matter how you look at it. Audio signals are nothing compared to radio signals when it comes to power needs.
In comparison, mobile phones - also using the GHz range - use 500-1000 mW of transmit power. WiFi is in the same power range - and doing just a couple hundred meters or so, with ideal line of sight. So even if this is a battery and it is a transmitter, you may broadcast over meters. Which incidentally is just what you need for a toll pass to work.
Then who was talking about listening on transistor radios? Not me. I said scanners - you know those devices that can, amongst others, pick up emergency radio bands, aircraft radio, mobile phone signals, etc. Those receivers are available in basically any range you want.
Active broadcasting a signal takes a lot of power. A typical mobile phone can last maybe 10-12 hours on a charge, when talking. Up to two weeks standby. For these devices well let's be generous, make it double the time, that's 24 hours of broadcasting signals. The rest of the year: no battery. And I didn't see a battery on the photos.
As I said, and what you handily ignored: no visible power source on any of the photos. An external power source is a necessity for this kind of broadcast if it has to last a whole year - broadcasting over any significant distance takes a lot of power. The devices are small, batteries if any are in place necessarily are small too.
Next is the practical problem of receiving the individual signals. You would likely need a different frequency for each one, or active frequency scanning by the device to find a free channel, as otherwise they start interfering with each other. There are a few thousand out there. And how come no-one has ever detected such a signal, if it exists, over the last four years? There are plenty of radio amateurs in this world, scanning all bandwidths allocated or not, to see if there are any interesting signals to be heard.
And about receivers on this side of the border: it's possible. However that's not the claim made in the article, which claims that the receiver is in Shenzhen and that they can listen over a 20-km range into Hong Kong. That's the fact I'm disputing here. I'd be very interested how ANYONE could have a reliable direct radio communication with Shenzhen from the roads in Sha Tin, or worse: Tsuen Wan. The latter has Tai Mo Shan in the way.
Mind you I'm not saying it can not be done, at all. I'm just saying that it absolutely can not be done (for several independent reasons) the way it's presented in the article.
The thing with those devices is that of course they automatically log when-ever you pass a toll gate. So there is a record of the movements of that device (and in effect an individual vehicle). I wouldn't be surprised if law enforcement uses it to track smugglers (they typically cross the border multiple times a day).
Why would a general staffer have any more access to that server than to the directory (and subdirs of it) where their part of the web site is stored?
Most of the things you list are probably public indeed; the base Apache config is NOT. Even a guest account should not have access to that kind of information. And what would guest accounts do on a production server to begin with? Too easy a starting point to explore what's exactly on that computer, and work from there.
The server was hacked, if that key was stored on the same server it's not guaranteed safe any more. Better safe than sorry: revoke the current key, get a new one. It's a basic security measure when recovering from a breach.
It is taped to the windshield. It does not seem to have any (external) power supply. How could such a device be able to transmit a serious quantity of data, over a distance of 20 km, with mountains in between? Hong Kong may be small but it's hilly, with peaks of almost 1000m tall. From most parts of this 20km radius there is no line of sight to Shenzhen - all mountains in the way, except for the north-western part of Hong Kong which is mostly protected wetland. Such transmission if at all possible takes a significant amount of power, a battery that fit in there would run out in hours or less. On these points alone I'd call this story total nonsense.
They have been installed since 1997 - that means most are in place for some four years now. The only way to keep it working is if it's a passive device, using external radio sources as their power source, as is typical for devices used for automatic toll payment and similar purposes.
And by the way, Apple Daily is a tabloid.
You're from Hong Kong?
Me too but not a driver, let alone cross-border. I had never heard of these devices.
Could you share with us the daily use of these devices? That is, the stated purpose?
That cracking porn sites is very easy, I'll take your word for it.
The main reason though for porn sites to have logins, would be that this are paid logins (a visit to pron.com has a link for free registration; I couldn't find the benefits of registration though during that quick visit; and clicking on a link that says "Premium" sent me to a site called porn.com). Paid logins generally mean that the web site is accepting credit card payments, that's the most common form of payment on the Internet. And Paypal maybe. Anyway aren't there all kinds of requirements by credit card companies on protection of credit card data, that a site has to fulfill before they can accept credit card payments? Which includes some basic security that prevents credit card details to be out in the open?
This saga starts me thinking again about my own on-line privacy and security.
The problem is indeed the e-mail addresses. You could generate random ones for each website, which is a bit of a hassle especially if you're not sure whether you want to seriously use the site.
Just pondering a bit I'm thinking of a quite effective scheme that should do the job, without too much hassle from the user's side.
For each web site create a unique password, and unless it's some social networking site where you want your identity known and where your login name matters in that respect, create a unique user name as well.
Registered e-mail address (especially for those sites where you don't care much about): username@mailinator.com where username is the (random) name you chose when signing up. Now your password manager can store username and password for you, and you simply know which e-mail you use for the password recovery if necessary. This is security-by-obscurity as anyone who knows your login name (which is very hard to guess), and knows you use the same at mailinator.com for password recovery, could steal your account on that web site. So this is great for those random forums that all require you to register first, not for anything that involves your credit card.
Sites you care about: create username@gmail.com with your random name, and use this as registered e-mail address. Use another random password for this gmail.com address, and for convenience have it redirect to an e-mail account that you do check. Your main personal account, or another gmail account created just to collect those mails. This is as secure as it can be - from your side at least, the rest is fully up to the web site itself. No-one can recover your password other than you, and identities on several sites can not be linked directly (unless it starts to involve extra information like credit card details - but sites that process credit cards should have pretty decent overall security to begin with - which generally should include paid-for porn sites, for that matter).
Let's see if someone has already built a Firefox plugin to make this process more automated.
surely you arent suggesting that getting pron.com was a cheap acquisition. though in the words of Wikipedia, "[citation needed]"
If they were the first to ever register that domain - then yes it'd have been a really cheap acquisition.