Category Archives: cases

Barack Obama, Cowboy – BusinessInsider.com

Posted on May 8, 2011 by andrew| Leave a comment

from Business Insider by Spencer Critchley

Along comes Barack Obama. No military experience. Never even pretended to be a duck hunter. And yet he shows the kind of quiet strength that doesn’t need to prove itself, except in the act of doing what needs to be done.

As the successful mission against Osama Bin Laden makes clear, the media narrative of Obama as weak on national security just betrays an institutional preference for stories first, evidence later.

An exchange from CNN’s “Reliable Sources” today:

Howard Kurtz, host: Will this change the media perception of Barack Obama from what it had been, a kind of a overly cautious, consensus-seeking law professor?

Dana Milbank of the Washington Post: If his poll numbers hold up, the media follow the polls…

Kurtz: That is very depressing.

Milbank: It is very depressing, and very true.

The Bin Laden mission also shows that when a story is about strong leadership, the media seems to have forgotten what that looks like.

Americans’ most enduring symbol of strength is the cowboy, whose image still lies just below the surface of our political coverage. It was formed from a mix of novels, movies, TV and reality, all influencing each other. It evolved onto an ethos, “the cowboy way”, which was so powerfully resonant that, for much of the 20th Century, no one had to explain what it meant.

Apparently that’s no longer the case, because somehow the media have now got it exactly backwards. Fear-mongering, chest-thumping blowhards are accepted at face value as showing “toughness”. Meanwhile the strong, silent type, who gets the tough jobs done, is seen as somehow weak.

Admittedly, few reporters these days have the opportunity of checking their assumptions with actual cowboys. But they do have Google, and if you Google “the cowboy way”, you’ll find lots of ready references. Here are a few thoughts from a book called Cowboy Ethics, by (fittingly enough) ex-Wall Streeter Jim Owen:

Do what has to be done.
Be tough, but fair.
When you make a promise, keep it.
Talk less and say more.
Remind you of anyone?

The media’s confusion about strong leadership seems in no small part related to a more general confusion about manliness. It used to be that almost all leaders were men, and they were expected to have proven their physical courage, usually in wartime. Now we’re learning that strong leaders can come from all kinds of backgrounds, and we’re re-examining what leadership and courage are really made of.

And yet political coverage is still full of all this “tough guy” stuff, badly misapplied, often by men who sure don’t look like they’ve been in a fight lately. To anyone who’s ever met the real thing, the play-actors dressing up as cowboys in recent years have obviously been all hat and no horse. And yet they’ve gotten away with it, largely unchallenged by reporters who apparently didn’t notice a problem.

Meanwhile along comes Barack Obama. No military experience. Never even pretended to be a duck hunter. And yet he shows the kind of quiet strength that doesn’t need to prove itself, except in the act of doing what needs to be done. No gloating or boasting (think of that silent visit to Ground Zero). Just taking responsibility, while giving the credit to those who risked the most.

In other words, the cowboy way. Funny how truly modern that turned out to be.

→ Leave a comment

Posted in cases

Are there criminals hiding in the cloud? – BBC.co.uk

Posted on May 8, 2011 by andrew| Leave a comment

By Alex Hudson BBC Click

Following the exposure of the Sony PlayStation 3 security flaws – and with so much of our data stored online – are we making it too easy for criminals to get hold of our information?

When over 100 million people’s details were garnered illegally from Sony recently, users were up in arms about their prized information being leaked.
But, according to one study, over two thirds of companies are planning to store at least some of their data in “the cloud” – a term used to describe putting data online rather than on a hard-drive.

With more businesses using the cloud, this sort of leak could become a more regular occurrence.

“While the potential of cloud computing is rapidly being revealed, so too are its vulnerabilities,” Brendan O’Connor, the Australian minister for Home Affairs, told the International Association of Privacy Professionals.

THE SONY CRISIS

Graham Cluley, security consultant

“People need to be more careful with their passwords and make sure that they have different passwords for different online accounts.

“People should also consider lying about some of their details. I have given Facebook a phoney date of birth for instance.”

Sony crisis: The expert panel

And, he believes, criminals “can hide data in clouds” if they are clever about it.
“Rogue cloud service providers based in countries with lax cybercrime laws can provide confidential hosting and data storage services,” he said.

“[This] facilitates the storage and distribution of criminal data, avoiding detection by law enforcement agencies.”

An easy parallel to draw is with the way Swiss bank accounts were rumoured to operate in the past.

While bank customers were offered the utmost of discretion with their financial transactions, that same courtesy could now be offered to those wishing to de-encrypt sensitive data.

Stealing secrets

To safeguard information, details are regularly encrypted to a high level, meaning that – until very recently – supercomputers were required to get any details in a useable form.

But now the internet itself is offering criminals the chance to super-charge their processing power to make decryption quicker, cheaper and easier than ever before.
William Beer, director of Price Waterhouse Cooper’s security division, says “even if credit card details are encrypted, there is software that may be able to decrypt it given enough processing power” once it has been stolen from the cloud itself.

PM David Cameron says cyber-crime is a top priority for national security
“Encryption is often seen as a silver bullet. We need to be very careful because there are many different types of encryption. It can introduce an air of complacency into organisations and what we’re starting to see are criminals actually looking to the cloud.

“It can provide massive amounts of processing power and [this] can actually de-encrypt some of the data. The irony of it is that they are using stolen credit cards to buy that processing power from the cloud providers.”

And this type of activity has actually been tested by German security researcher Thomas Roth.

He used a “brute force” technique that could previously only be possible with super-computers to break into encrypted WiFi networks.

The technique allows 400,000 different passwords to the encryption to be tested per second, quite literally knocking at the door until it caves in. No specialist hacking techniques need to be used.

This was done using a cloud computing service costing just a few dollars per hour.

Even if you have supercomputers, if your encryption is strong enough, it would still take years to break those passwords

Mark Bowerman, Financial Fraud Action UK Roth used Amazon’s Elastic Cloud Computing (EC2) system, which allows users to rent increased computing power by the hour or for as long as is needed – thus the name elastic.
Amazon says it continually works to make sure the services aren’t used for illegal activity and takes all claims of misuse of services very seriously and investigates each one.

While Roth was not doing this for illicit means – and could be done with any cloud system – the idea could be used, in principle at least, for the purpose of de-encrypting credit card details.

He is already experimenting with speeds that could allow one million passwords a second to be tried.

Hacking ‘master key’
What many see as most scary about this idea is that because the criminals using the cloud are using false information, they are very difficult to trace.

That said, there are data standards in relation to private information kept by companies which are particularly strict when financial details are held.
“You’ve got to meet the data security standard – it is the absolute minimum requirement,” says Mark Bowerman, a spokesman for Financial Fraud Action UK.

Credit card information is heavily encrypted when held online
“Beyond that, there are reputational issues to consider. If you are hacked and data is stolen, then it will be a serious concern both reputationally and financially as well.”
So what can be done to protect information yourself?

“Unfortunately, people have the habit of reusing their passwords for multiple different services,” says Rik Ferguson, of digital security company Trend Micro.
“Many people will have to consider that these criminals have both their email address and their common password.

“Once you own someone’s email account, that’s really the master key to everything because you can go through the password reset process of [a number of services] and of course, they come back to that email account. It’s the key to your online life.”
But, says Bowerman, if both you and the companies you trust with your data are careful with it, serious breaches are still very unlikely.

“Even if you have supercomputers, the computing power of hundreds of thousands of computers linked together, if your encryption is strong enough, it would still take years and years to break those passwords,” he says.
“It boils down to how good your encryption is.”

→ Leave a comment

Posted in Assignments, cases, Cloud

Data security a job for corporations, consumers – SFgate.com

Posted on May 8, 2011 by andrew| Leave a comment

James Temple Saturday, May 7, 2011

Sony and Epsilon have done their level best to destroy the public’s already shaky confidence in corporate handling of consumer data.

In the last few weeks, Sony revealed that several orchestrated attacks on its services may have compromised the personal information for some 100 million user accounts, making it one of the largest known data breaches ever.

That closely followed the news that hackers snatched the names and e-mail addresses for millions of customers of major brands like Target, Best Buy and L.L. Bean, by cracking into the databases of online marketing company Epsilon.

The nature of these attacks bode particularly poorly for consumer confidence, because there’s nothing customers could have done to avoid being victimized, short of not signing up for the services of legitimate, well-known brands.

That underscores an unsettling and little spoken truth about online data: Companies can and certainly should get better at protecting personal information, but any firm that says it will completely safeguard such data is making a promise it can’t keep. Security is an arms race, and the good guys aren’t always in the lead.

“As a defender, you have to secure everything, and the attacker only needs to find one way in,” said Ulf Lindqvist, a program director of SRI International.

It’s all enough to make the average person want to yank out his or her Internet connection and toss that iPhone into the bay. But our fear of and response to online data breaches should only be proportional to the actual risks, and that entails taking a clear-eyed look at what those really are.

raud statistics

The relative novelty of large-scale online and smart-phone attacks means they’re the ones consumers are most likely to read about, but that doesn’t mean they’re the threats the average person is most likely to face. And when you’re worried about the wrong things, you make the wrong choices about how to protect yourself.

To put things into perspective, let’s consider some numbers.

A U.S. Government Accountability Office review of the 24 biggest data breaches reported in the media from January 2000 through June 2005 only turned up evidence of resulting fraud in four of those cases.

In fact, if you’re looking to become a victim of identity theft, a hacker digging up your online data appears to be one of the least effective routes.

The more direct way? Associate with jerks.

Most of the roughly 9 million annual victims of this crime don’t know how their information was accessed. Among those that do, the far biggest group, 16 percent, blamed a person they knew, according to the Federal Trade Commission’s latest survey, from 2006.

Hacking and a common type of online attack known as a phishing scheme occupy the smallest slices of the pie, at 1 percent each, well below a lost wallet.

Also worth remembering: The median value obtained by identity thieves was $500 and the majority of victims, 59 percent, incurred no out-of-pocket expenses. That’s because credit card companies are legally required to swallow these fraudulent charges.

Added up, it means the likely consumer financial impact from these latest high-profile attacks is “probably none,” said Bruce Schneier, a security expert and author.

Which isn’t to say there’s no impact at all. If hackers sell or use any snatched credit card and bank account numbers, then consumers are facing some tedious work.

It typically takes months to straighten this out with law enforcement, credit companies and rating agencies, said Jay Foley, executive director of the Identity Theft Resource Center. It might not be a strain on the wallet – but it’s certainly a pain in the general vicinity.

Foley also, by the way, suspects that online identity theft represents a bigger portion of the problem than is reflected in the FTC stats.

But whether the personal information is in our trash, wallets or smart phones, the critical thing is to take pre-emptive action to protect it, he and others said. In other words, we shouldn’t throw up our hands and submit to the mercy of some shadowy crooks. Because the threats we’re most likely to face are thwarted by some simple steps.

rotect phone, data

For instance, it’s a good idea to add security software to your smart phones – and it’s basically foolhardy not to password-protect the device. Far more likely than a remote hacking, is the possibility of the phone falling out of your pocket.

One in three people in the United States have lost or had their mobile phones stolen, by some estimates. These devices are troves of personal information, with e-mails, banking apps, calendars, notes and more. Yet today less than half of owners bother to set up passwords.

Other commonsense steps: Take your Social Security card, and anything else with the number, out of your wallet. Install passwords and security software on all your devices. Keep your operating systems and applications up to date. Don’t click on e-mails or links from people you don’t know. And in both the real world and online, think twice before giving out sensitive personal information.

But none of this should let businesses off the hook either.

As Lindqvist’s bumper sticker reads, “security is not easy.” But he believes that businesses on the whole can do far better. Too often, companies are much more focused on rapidly rolling out new features than on adequately locking down security, he said.

The short-term negative publicity surrounding major breaches does little to improve corporate behavior, Schneier said. The only things that can really compel change are new laws – or if consumers hit companies where it hurts by refusing to patronize those that fail to safeguard their information.

orporate policies

But it’s not just about building stronger safes or higher fences. In this information economy, Corporate America’s default policy is to gather as much data as possible and cling to it.

That turns them into bright red bull’s-eyes for hackers, for much the same reasons that thieves target banks: It’s where the information is.

Consumers should put up more of a fight before handing theirs over, and companies need to think harder about what data they actually need for their business or technology to work, said Kevin Mahaffey, chief technology officer at Lookout Mobile Security.

“Companies are starting to recognize that it’s akin to nuclear waste,” he said. “If you gather too much, it can be a huge liability.”

E-mail James Temple at jtemple@sfchronicle.com.

http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/05/07/BUHP1JCGMP.DTL

→ Leave a comment

Posted in Assignments, cases

Play by Play: Sony’s Struggles on Breach – WSJ.com

Posted on May 8, 2011 by andrew| Leave a comment

By IAN SHERR And NICK WINGFIELD

<< h/t to Gsimmons for flagging this article >>

On a Tuesday afternoon last month, engineers working for Sony Corp. were baffled when several servers running the company’s PlayStation Network suddenly turned themselves off and then back on.

Sony CEO Howard Stringer apologized to customers for a massive data breach of the company’s online game networks, in the first public comments from Sony’s top executive on the outage. Plus: is another hack attack imminent? We discuss with Dan Gallagher and Arik Hesseldahl

Analysts See Billion-Dollar Repair Bill
Sony CEO Apologizes for Data Breach
Letter from Sony CEO on Data Breach
Sony: Hacker Left Taunting Message

At the time, the unexpected rebooting seemed like an odd malfunction. The next day, however, the engineers found the first evidence that an intruder had penetrated Sony’s systems, prompting the Japanese company to take what it calls “the almost unprecedented step” of shutting down the popular online gaming network.

Sony Chief Executive Howard Stringer issued a public apology this week for what the company later disclosed was a data breach that compromised more than 100 million user accounts on three public networks, and a delay in informing users of the theft. Sony says the loss included users’ names, birthdates and passwords. It also hasn’t ruled out the loss of credit card numbers associated with the Sony PlayStation network.

Some analysts believe the incident, which has drawn the attention of authorities around the world, will cost the company more than $1 billion for measures that include new security and a $1 million insurance policy for any victims of identity theft. The company hasn’t provided its own estimate of the cost. It also hasn’t resumed operating the network, but has said it is in final testing and is expected to do so within days.

“Taken as a whole, the number of customers affected, the PR impact and now the legislative inquiries,” this ranks “at the top” of data breaches to date, said Cynthia Larose, an attorney specializing in privacy matters with Mintz Levin in Boston.

PlayStation Network, which is accessed by owners of Sony game consoles, uses 130 server systems, 50 software programs and has 77 million user accounts, according to a letter that Kazuo Hirai, president and group chief executive of Sony Computer Entertainment Inc., sent Wednesday to a U.S. congressional committee. That letter, and a similar account included in a letter Friday to Sen. Richard Blumenthal (D., Conn.) provide the most detailed accounts of the incident.

Sony’s troubles began in January, after it sued a 21-year-old software wiz named George Hotz for posting software that let gamers reconfigure the company’s popular PlayStation 3 console. The suit enraged a loose community of vigilante technologists that calls itself “Anonymous,” which in early April made an oblique threat against the company. Sony’s PlayStation Network began suffering intermittent outages, which the company later linked to a denial-of-service attack—a common maneuver that attempts to overwhelm a target’s servers with a flood of data traffic. A week later, Sony said it settled with Mr. Hotz, but the denial-of-service attacks continued.

Sony said in the letters that its difficulties in discovering the intrusion that occurred later that month may have been exacerbated by its security teams working very hard to defend against the denial-of-service attacks. It acknowledged, however, that it may never know whether people who participated in the denial-of-service attack were conspirators in the data breach.

Though Anonymous has denied being involved in the data breach, senior Sony executives believe a person or people affiliated with the group are responsible for the data theft, according to someone familiar with their thinking.

On April 19, according to the letters, engineers noticed servers rebooting themselves when they weren’t scheduled to do so. They began combing through logs generated by the machines to find the problem. The network team concluded that “unplanned and unusual activity was taking place on the network,” and took four servers offline, working into the evening investigating the machines. The next day, the company mobilized a larger team to study the four machines, an effort that later led to evidence six more machines were possibly compromised, according to the letters. That afternoon, the network team discovered evidence of an intrusion and that data of some kind had been transferred off the PlayStation Network servers without authorization.

Unable to determine what type of data had been transferred, the team opted to shut the network down. Sony posted a three-sentence notice April 20 on its PlayStation website that said nothing about the data breach. That afternoon, the company retained a security consulting firm and began a two-day process of copying the contents of the servers so they could be analyzed. It later retained a second and ultimately a third outside firm, beefing up manpower as part of the painstaking analysis. The Federal Bureau of Investigation was notified of the intrusion on April 22, with a meeting set up to provide details five days later.

“We’re aware certain functions of the PlayStation Network are down,” wrote Patrick Seybold, a Sony spokesman. “We will report back here as soon as we can.”

By the evening of April 23, according to the letters, the company and its consultants were able to confirm that intruders had used “very sophisticated and aggressive techniques” to obtain unauthorized access to its servers. The intruders hid their presence from system administrators, obtained privileges to access restricted parts of Sony’s systems and deleted log files to hide their activity, Sony says. It took until April 25 to confirm the scope of the data believed to have been taken from its systems, Sony wrote in the letters. The next day, Sony told its customers their personal data had been stolen, urging users to change passwords and check their credit card accounts for fraudulent behavior. It later offered free time on the system and identity theft monitoring services as compensation in the U.S.

The company says it didn’t learn until May 1 of another likely theft at Sony Online Entertainment—another network serving games for PC users—involving nearly 25 million user accounts. That second discovery was made only after the Sony unit rechecked its machines—which earlier showed no evidence of the theft—using information developed by security experts working for Sony, according to the letter sent to Mr. Blumenthal.

“I wish we could have gotten the answers we needed sooner, but forensic analysis is a complex, time-consuming process,” Mr. Stringer said in his statement Thursday.

Sony has provided few specifics about the attackers’ techniques, citing worries that the information could be used to penetrate other similar systems. During a press conference last weekend, however, Sony senior vice president Shinji Hasejima indicated that the intruders exploited a vulnerability in a program called an application server—a flaw not known to Sony—to breach the company’s firewall defensive mechanisms.

The attack “came in as a normal transaction, which could not be detected by the firewall and went out as an ordinary transaction,” Mr. Hasejima said. “It was a very skillful approach.”

Though they deleted most traces of their activity, according to the Sony letter, the attackers did leave a file called Anonymous that included the digital posse’s tagline, “We are Legion.”

In a press release on May 4, Anonymous reiterated that it had not orchestrated the data theft. “Whoever broke into Sony’s servers to steal the credit card info and left a document blaming Anonymous clearly wanted Anonymous to be blamed for the most significant digital theft in history,” the group said. “No one who is actually associated with our movement would do something that would prompt a massive law enforcement response.”

Read more: http://online.wsj.com/article_email/SB10001424052748704810504576307322759299038-lMyQjAxMTAxMDAwNjEwNDYyWj.html#ixzz1LjNFxpZx

→ Leave a comment

Posted in Assignments, cases, Group

UPDATE 4-Sony says 25 mln more users at risk in second data hack – Reuters

Posted on May 3, 2011 by andrew| Leave a comment

http://www.reuters.com/article/2011/05/03/sony-idUSN0224988320110503

* Sony says personal information hacked on PC games system

* Says personal information of 24.6 mln users stolen

* Says debit card records for 10,700 users in Europe taken

* Facebook games also suspended

* Japan mkts shut, shares down 4 pct since revealing breach

(Recasts, adds TOKYO dateline, Sony comment from Tokyo)

By Isabel Reynolds and Liana B. Baker

TOKYO/NEW YORK, May 3 (Reuters) – Sony’s Internet security crisis deepened on Monday with the company revealing hackers had stolen data of another 25 million users of its PC games system in a second massive breach for the consumer electronics giant.

Sony’s latest revelation comes just a day after Sony No. 2 Kazuo Hirai announced measures had been put in place to avert another cyberattack like that which hit its PlayStation Network, hoping to repair its tarnished image and reassure customers who might be pondering a shift to Microsoft’s Xbox.

The attack that Sony disclosed on Monday took place a day before a massive break-in of a separate video game network that led to the theft of 77 million users accounts. Sony revealed the initial attack last week.

The Japanese electronics company said it discovered the break-in of its Sony Online Entertainment PC games network on May 2. The breach also led to the theft of 10,700 direct debit records from customers in Austria, Germany, the Netherlands and Spain and 12,700 non-U.S. credit or debit card numbers, it said.

The PlayStation network lets video game console owners download games and play against friends. The Sony Online Entertainment network, the victim of the latest break-in, hosts games played over the Internet on PCs.

Sony said late on Monday that the names, addresses, emails, birth dates phone numbers and other information from 24.6 million PC games customers was stolen from its servers as well as an “outdated database” from 2007.

A spokesman for the online games unit based in San Diego said the service was taken down at 1:30 am Pacific time on Monday.

Sony spokeswoman Sue Tanaka, asked about the risk other data could be at risk, listed the precautions that the company has taken such as firewalls,

“They are hackers. We don’t know where they’re going to attack next,” Tokyo-based Tanaka said.

The PlayStation Network incident has sparked legal action and investigations by authorities in North America and Europe, home to almost 90 percent of the users of the network, which enables gamers to download software and compete with other members.

On Monday, Sony declined to testify in person in front of a U.S. congressional hearing, but agreed to respond to questions on how consumer private data is protected by businesses in a letter on Tuesday, said a spokesman for Rep. Mary Bono Mack, a Republican Congresswoman from California, who is leading the hearing.

SONY FACEBOOK GAMES DOWN

The incident that Sony disclosed on Monday also forced it to suspend its Sony Online Entertainment games on Facebook.

Sony posted a message on Facebook saying it had to take down the games during the night.

A Sony spokesman said the Facebook games make money from microtransactions and the sale of virtual goods like costumes and weapons.

It was not immediately clear if the data theft included data from players of Sony games including “PoxNora,” “Dungeon Overlord,” “Wildlife Refuge” on Facebook.

Facebook could not immediately be reached for comment.

Sony Online Entertainment is a division of Sony Corp , the global electronics company that operates online games such as “EverQuest” and is separate from the PlayStation video game console division.

The servers for both the Online Entertainment unit and the PlayStation Network are based in San Deigo but are completely separate, said Sony’s Tanaka.

Sony denied on its official PlayStation blog on Monday that hackers had tried to sell it a list of millions of credit card numbers.

The news comes less than a week after Sony alerted customers that a hacker broke into Sony’s PlayStation video game network and stole names, addresses, passwords and possibly credit card numbers of its 77 million customers.

Sony alerted customers a week after discovering the break-in.

Sony executives apologized on Sunday and said it would gradually restart the PlayStation Network with increased security and would offer some free content to users. [ID:nL3E7G101C] (Additional reporting by Edwin Chan in Los Angeles and Alexei Oreskovic in San Francisco; Editing by Andre Grenon, Richard Chang and Lincoln Feast)

→ Leave a comment

Posted in Assignments, cases, On the Final, PR, Social Media

Facebook, China PR And Defining “Too Much Free Speech”? – DigiCha.com

Posted on April 29, 2011 by andrew| Leave a comment

April 20 2011 by in Baidu, Censorship, Facebook, Internet, Regulation, SNS

Facebook needs a comprehensive PR strategy to manage (some might say damage control) how users and governments around the world will view an entry into China. The company does not appear to have one, as evidenced by comments to the Wall Street Journal in Facebook Seeking Friends in Beltway:

Meanwhile, Facebook is talking with potential Chinese partners about entering the huge China market, where the government has been cracking down on dissidents. That crackdown has come in response to the uprisings shaking authoritarian Middle Eastern regimes, movements that have used U.S.-based social-media sites like Facebook and Twitter as organizing tools.

“Maybe we will block content in some countries, but not others,” Adam Conner, a Facebook lobbyist, told the Journal. “We are occasionally held in uncomfortable positions because now we’re allowing too much, maybe, free speech in countries that haven’t experienced it before,” he said.

“Right now we’re studying and learning about China but have made no decisions about if, or how, we will approach it,” said Debbie Frost, Facebook’s director of international communications.

Facebook’s plans may not sit well with congressional leaders already incensed with the company for sidestepping congressional inquiries on its China plans. Last spring, Sen. Dick Durbin, the Illinois Democrat who heads the Senate Judiciary Committee’s panel on human rights, rebuked Facebook for refusing to appear at a Capitol Hill hearing on “global Internet freedom.”…

Steering clear of association with human-rights issues could help Facebook woo officials in China, where the government is sensitive to the Internet’s potential for fomenting dissent. But it would also attract criticism. “Blocking content in some countries—but not others—would deeply damage Facebook’s brand and raise troubling questions about its commitment to human rights and Internet freedom,” said Sen. Tom Coburn of Oklahoma, the top-ranking Republican on the Senate’s human- rights panel.

Regardless of how the company spins a China deal if it happens, Facebook can expect a political storm in Congress and potentially a user backlash. Given the maturity and competitiveness of the Chinese SNS market and the current political environment, is it really in shareholders interests for Facebook to damage the firm’s reputation and brand for also-ran status in China?

It is telling that Facebook employees think in some countries Facebook may allow too much free speech. If Adam Conner or other Facebook employees read this, could you please let us know to which countries you are referring?

[UPDATE: The Guardian has more on this story, including quotes from me, here.]

Related posts:
China’s Internet: The Invisible Birdcage
Detailed AllThingsD Report Claims Facebook Partnering With Baidu To Enter China
The Rise of China’s Cybercrats
Sinica Podcast: Does China Have A Second Internet Bubble?
Sinica Podcast: Beijing’s Ambivalent Relationship with the Internet and Zhang Wuben’s Mung Beans
Tags: Baidu, Cen

→ Leave a comment

Posted in cases, China, PR, Social Media, Social networking

Apple’s Location Tracking Is An Outrage — Where’s The Apology? – BusinessInsider.com

Posted on April 25, 2011 by andrew| Leave a comment

Your iPhone has been secretly tracking and storing everywhere you go.
http://www.businessinsider.com/apples-location-tracking-apology-2011-4

Read that again.

Your iPhone has been secretly tracking and storing everywhere you go.

That’s right. Apple built this feature into your iPhone without telling you. By doing so, Apple made it possible for anyone who gets ahold of your iPhone or Mac (or any other device synced with either) to figure out exactly where you were when–including police, the government, anyone who sues you, private investigators, and anyone who steals your iPhone.

That is outrageous.

If any other company had done this, America’s privacy zealots would be demanding the CEO’s resignation. There would be threats. There would be lawsuits. There would, at the very least, be incessant demands for the company to acknowledge the behavior, explain it, and apologize for it.

And yet, because the company is Apple, there have been none of those things.

Instead, Apple fans like have suggested that the secret feature is a “bug.” And there have been mainstream media stories suggesting that it must be some kind of “mistake.”]

And there has been no acknowledgment or apology from the company. (On the contrary, Steve Jobs just went on the offensive, ignoring the storage issue and blasting Google).

Privacy expert Marc Rotenberg, the Executive Director of the Electronic Privacy Information Center in Washington DC, says Apple’s silence on this issue is startling. He suspects the company is debating whether and how to fix the problem, rather than just acknowledging and apologizing for it. (To date, Apple hasn’t even acknowledged it.)

In the accompanying video, Rotenberg also explains exactly what Apple’s location-tracking does, why it’s a concern, and how it is different from what Google and other companies do.

See Also: IT’S OFFICIAL: Apple Has Brainwashed The Entire Country

<a href=”http://www.businessinsider.com/apples-location-tracking-apology-2011-4#ixzz1KaAKa9Wz”>Read more: http://www.businessinsider.com/apples-location-t tracking-apology-2011-4#ixzz1KaAKa9Wz</a>

Your iPhone has been secretly tracking and storing everywhere you go.  <a href=”http://www.businessinsider.com/apples-location-tracking-apology-2011-4″>http://www.businessinsider.com/apples-location-tracking-apology-2011-4</a>

→ Leave a comment

Posted in cases, IR, PR

Corporate targets – control the message, not the outcome

Posted on March 24, 2011 by andrew| Leave a comment

Some people are still having trouble understanding WHY we are communicating. Why are private companies being asked to comment on media blunders and macro trends?

Remember what we said at the beginning — the orgcom function can be a competitive advantage or a strategic vulnerability. When people are talking, discussing, debating or engaged in full-on combat, the ones with the sharpest message win the arms race. So whether it’s a bank responding to talking head’s gaffe or commenting on macroeconomic trends, it’s important to be timely, calculated and strategic with your public message. You are managing a wide range of stakeholders — many of whom don’t like each other. There are people out there who want you to drop your guard — appear callous, irresponsible, uncaring or incompetent. Your job in orgcom is to be the first line of defense — you may not defeat your competition with a press release, but you can control the agenda and stake out a favorable position early.

There’s also the issue of free publicity and brand promotion. When the spotlight is on you then being correct isn’t enough — you have to persuade people to trust and like you. Apple may not have asked to be used as an example in Reserve VC Dudley’s “less is more” inflation lecture, but they could have used the opportunity to reconnect with their target audience. Apple has a reputation of being a low-philanthropy organization whose culture has been drifting more “Empire” than “Rebel Alliance” recently. The group that presented on Monday had more to say about the issue than Apple, whose PR machine continues to roll out iPad2 promos without missing a beat. http://www.apple.com/pr/ We’ll be looking at the downside of this strategy — and at some orgs that get it right.

Banks, insurers, media, transport – just about all big business is dependent on favorable regulation, interpretation and enforcement performed by various governments. There are times when corporate orgcom efforts are to de-mobilize, obfuscate or create bias. This can involve undercutting your competitors support in the bureaucracy or the public. Orgcom can also be used to frame a particular environmental or trend to its own advantage:

→ Leave a comment

Posted in cases, IR, On the Final, PR

Kudlow & Dudley: Speaking Their Minds? – Huffington Post

Posted on March 17, 2011 by andrew| Leave a comment

Chez PazienzaEditor of Deus Ex Malcontent, Author
Posted: March 14, 2011 04:24 PM

I’m not one of those people who jumps all over someone for making an imprudent comment, particularly not when that comment amounts to nothing more than a slip of the tongue.

Thanks in part to our panoptic media culture, which includes the 24/7 cable news cycle, we’ve become far too eager to play the gotcha game anytime somebody says something mildly stupid, typically assigning more value to it than necessary. That said, there have been two examples over just the past few days of guys whose careers depend on America’s ongoing and abusive love affair with Wall Street saying something unbelievably tone deaf. We’re not talking about innocent indiscretions, but rather comments that would seem to hint at a deeply intransigent, and deeply flawed, view of the world.

Chances are by now you’ve seen or heard Larry Kudlow’s startlingly insensitive response to the fact that the global markets didn’t immediately reel in the wake of the devastating earthquake and tsunami in Japan. On CNBC, where Kudlow’s a host, he expressed relief that the disaster’s impact was merely on people rather than, you know, stocks. “The human toll here looks to be much worse than the economic toll, and we can be grateful for that.” To his credit, he immediately attempted to clarify his position and pull the size-10 Edward Green out of his mouth, and he later went on to tweet that he didn’t mean to imply that the potential economic fallout from this tragedy is more important than the deaths of thousands.

An argument can be made that what we witnessed from Kudlow is a Freudian slip, and that because he tends to always side with the amorphous giant pool of cash that’s floated around the globe like some kind of alien god — while those who worship it sacrificed the rest of us in its holy name — he’s of course more likely to believe that numbers on an exchange board matter most. Guys like Kudlow, I have to assume, really do think that an economic disaster is the worst kind of catastrophe there is — hence why they pulled the panic switch so quickly and insanely when it looked like their pursuit of their god’s favor had f***ed them, and us, into a corner and only an immediate rescue mission from the government could prevent a cataclysm. But at that moment, I do think that Kudlow simply misspoke — at least insofar as what he was trying to say. Because Kudlow may be reptilian, but he isn’t stupid: He knows he can’t say that kind of thing on the air and not get hammered for it. He has to at least appear as if he gives a crap. As for his two co-hosts, though — neither of whom seemed the least bit fazed by Kudlow’s cruel retort — their silence actually speaks volumes about the kind of group-think festering among the Wall Street set and its drooling sycophants in the business media.

Right about the time Kudlow was blowing it on national television, New York Fed President William Dudley was doing his part to drive home the point that the titans of global finance are completely out of touch with the other 99% of us. During a discussion in Queens, a working-class neighborhood if ever there was one, rightfully pissed-off average people pelted Dudley with questions about the ways in which the detestably prevalent practice of commodities speculation had driven up the prices of all sorts of things that actually have a real-world impact on people: food, gas, electricity, etc. Dudley’s response was that there’s a flip-side to this kind of inflation and that it needs to be looked at in a broader context — that while some prices are rising, others are holding steady or even declining.

One example, according to Dudley: “Today you can buy an iPad 2 that costs the same as an iPad 1 that is twice as powerful.”

The reply from one not-at-all-assuaged audience member: “I can’t eat an iPad.”

Dudley’s comment, once again, really does provide a nice little window into the way these clowns think: everything flows, Randian-style, from the top down; luxuries are as important as necessities, if not more important than; keep the producers fat and happy and everybody benefits. The problem is that this model has been disproved again and again over the past several years. There’s nothing the least bit wrong with working hard and earning a lot of money, with putting your earnings into the stock market, and with living well if you’re raking it in. I’m not saying that anyone should have to apologize for that in the least. Unfortunately, the game has been rigged and for the first time in modern America’s history it’s almost as if a caste system has resulted; the top one-percent not only controls the wealth, it hoards and perpetuates it for itself while the rest of us are expected to shut up and suck it. The American dream can become a reality for anyone only if there’s at least a minor amount of fair-play involved — and that’s simply a damn-near comical conceit these days.

Comments like these could just be harmless gaffes, but I’m not so sure. We’ve heard far too much of this kind of Antoinette-esque thinking lately to just brush it off.

→ Leave a comment

Posted in cases, PR, Social Media

The Notorious B. I. Du. – Businessweek.com

Posted on March 1, 2011 by andrew| Leave a comment

http://www.businessweek.com/ap/financialnews/D9LM6GR02.htm

US says China’s Baidu, Taobao markets for piracy

BEIJING

The U.S. government has labeled China’s top search engine, Baidu, and a leading e-commerce outlet “notorious markets” linked to sales of pirated and fake goods.

http://www.businessweek.com/ap/financialnews/D9LM6GR02.htm

→ Leave a comment

Posted in cases, China

Tagged , , ,