Tag Archives: China

China Is Headed For Its First Domestic Bond Default — And Here’s Why That’s A Good Thing

china magnifying glass, surprise

Chinese solar company, Shanghai Chaori Solar Energy Science and Technology Company, announced that it can not pay interests in the amount of 89.8 million yuan (approx $14.6 million) on its 11 Chaori bond, that are due on March 7.

Instead, the company said it can only pay bondholders 4 million yuan.

The 11 Chaori bond was first issued in March 2012 with a coupon of 8.98%, with annual interest due on March 7 every year. But the solar company became another victim of China’s excess capacity problem.

The first signs of trouble began to emerge in January 2013 when the company nearly became the first domestic company to have a bond default.

At the time though Shanghai’s Fengxian district stepped in and asked Chaori’s banks to defer claims in the amount of 380 million. And to top it off there were reports that the Chairman had taken off with the company money.

The new announcement makes Chaori the first default of an onshore bond, Bank of America’s Ting Lu writes in a note to clients.

A silver-lining

But the bond default might actually be a good thing. “A normal economy needs defaults to better price bonds and other debt products,” writes Ting.

We have previously pointed out that this can actually help investors have more information to better price risk.

“If you talk to anyone in China, if you talk to them about the prospect of a financial crisis, the first thing out of their mouths will be that the government will never let that happen,” Patrick Chovanec at Silvercrest Asset Management told Business Insider in January. “And until you shake that belief you won’t have efficient allocation of resources.”

“At some point the financial system does have to turn the corner, where there’s real risk and there’s real pricing of risk,” Chovanec added.

Ting also say investors needn’t be anxious for other reasons.

“Defaults of some debt products are not on a similar scale to a collapse of a major financial institution. As we think corporate bonds and incoming trust loan defaults will not lead to a credit crunch, and we are reasonably confident with our 7.6% GDP growth forecast for this year.”

That being said, the news has caused corporate bonds to fall, and is “a negative for riskier debt products,” writes Ting.

With China’s corporate bond market sitting at 8.7 trillion yuan outstanding, up from 800 billion yuan at the end of 2007, Beijing needs to step up the game on its bankruptcy law.

Societe Generale’s Wei Yao has previously warned that as local governments struggle with their own financial needs and burdens they could let go of troubled corporates and that stress will emerge in bond markets and trust products.

As Beijing moves to curb local government debt, clean up its financial market, and push through reforms, Ting warns that we should expect bond and trust loan defaults to rise “significantly” this year.

Advertisements

2013 AIM winners for rebuilding April ‘13 quake site in China

Architects In Mission (AIM) recently revealed the winners of their 2013 “Post Earthquake Reconstruction” competition to rebuild Lushan County in Ya’an, Sichuan province, China, which was the epicenter of the deadly 6.6-magnitude earthquake on April 20, 2013. The province was also devastated by the major Sichuan earthquake in 2008.

With Snow Mountain village serving as this year’s competition base model, AIM had entrants develop the village’s master planning and new business models to stimulate local economic growth.

The following four teams were awarded as such:

  • Architecture Renovation Award: Tianxiang Zhang/ Hai Xie/ Xiaoxu Yan/ Lin Yang (Tianjin University)
  • Innovative Production Award: Pengwei Xing/ Wei Liu/Junhao Huang/ Yulong Li/ Puzhao Qiu/ Xiaotian Luo/ Chang Liu/ Wanyu Wu/ Jinhai Wu (South China University of Technology)
  • Scenic Village Planning Award: Zhe Peng/ Zhenru Zhou/ Zhang Qu (Tsinghua University)
  • Sustainable Development Award:  Xiaoxiao Dong (Tsinghua University) /Yu Jing (Huazhong University of Science and Technology)

Architecture Renovation Award: Tianxiang Zhang/ Hai Xie/ Xiaoxu Yan/ Lin Yang (Tianjin University)

Your USB cable, the spy: Inside the NSA’s catalog of surveillance magic

Latest batch of documents leaked shows NSA’s power to pwn.

A diagram of an NSA BIOS-based attack, brought to you by sneakernet.

The National Security Agency’s sophisticated hacking operations go way beyond using software vulnerabilities to gain access to targeted systems. The agency has a catalog of tools available that would make James Bond’s Q jealous, providing NSA analysts access to just about every potential source of data about a target.

In some cases, the NSA has modified the firmware of computers and network hardware—including systems shipped by Cisco, Dell, Hewlett-Packard, Huawei, and Juniper Networks—to give its operators both eyes and ears inside the offices the agency has targeted. In others, the NSA has crafted custom BIOS exploits that can survive even the reinstallation of operating systems. And in still others, the NSA has built and deployed its own USB cables at target locations—complete with spy hardware and radio transceiver packed inside.

Documents obtained by Der Spiegel reveal a fantastical collection of surveillance tools dating back to 2007 and 2008 that gave the NSA the power to collect all sorts of data over long periods of time without detection. The tools, ranging from back doors installed in computer network firmware and software to passively powered bugs installed within equipment, give the NSA a persistent ability to monitor some targets with little risk of detection. While the systems targeted by some of the “products” listed in the documents are over five years old and are likely to have been replaced in some cases, the methods and technologies used by all the exploit products could easily still be in use in some form in ongoing NSA surveillance operations.

Special delivery

There’s no indication from the documents that the manufacturers played any role in the development or delivery of the backdoors (something that manufacturers are now loudly telling their customers, too). The documents, which appear to be pages from a catalog of capabilities provided by the NSA’s ANT division for the NSA’s Tailored Access Operations (TAO) division, show that many of the tools on offer are ordinary Windows exploits designed to use parts of the operating system to “phone home” to the NSA with data; like most malware, these packages can be dropped in place remotely and are probably the least interesting of the new revelations.

Hardware- and firmware-based backdoors, by contrast, require laying hands on the actual target systems. In some cases, the NSA’s operators install backdoor hardware and firmware directly onto the systems by “interdiction”—the systems are diverted during shipping to “load stations” where the surveillance components are installed. (This interception may have been accomplished with the cooperation of shipping companies or other government agencies; details of the process remain murky.) In other cases, the NSA uses an insider with a USB device or remote access tools deployed by other means to gain access to computer systems, allowing the NSA to “reflash” their low-level BIOS firmware.

Either way, the altering of systems’ firmware or hardware gives the NSA the ability to install backdoors that can survive a total operating system wipe and re-installation. One BIOS attack, called SWAP, was developed by the NSA to attack a number of types of computers and operating systems by loading surveillance and control software at boot-up. SWAP uses the Host Protected Area on a computer’s hard drive to store the payload and installs it before the operating system boots.

More specialized BIOS attacks were developed to take advantage of motherboard-based System Management Mode (SMM) capabilities on Dell and Hewlett-Packard servers. Dell PowerEdge servers were targeted with an implant called DEITYBOUNCE, while HP Proliant 360DL G5 servers were targeted with one called IRONCHEF. Both allowed NSA operators to gain remote control of systems in SMM mode—giving the agency firmware-level control over infected servers and the ability to do things like run “rootkits” on the server operating system.

The ANT “product” listing for IRONCHEF, the BIOS attack on HP servers, showing an example attack scenario where remote operators use a covert wireless network to take control of servers.

 

Network hardware is also a target for the NSA’s BIOS attacks. For example, one collection of BIOS hacks called the “MONTANA” family  (SCHOOLMONTANA, SIERRAMONTANA, and STUCCOMONTANA), was designed to target Juniper Networks routers using the JUNOS operating system—a FreeBSD derivative. Once installed, the hacked BIOS actually modifies the operating system kernel in memory when the router is booted, giving an NSA remote operations center full command and control over the router and allowing for selected network traffic to be sent back to the operations center over an external network connection. Even physically replacing the CompactFlash memory card the router boots from wouldn’t get rid of this back door.

Juniper routers weren’t the only targets of these sorts of BIOS “implants,” either—firewalls and routers from Cisco and Huawei were also on the 2007 menu for firmware and software exploits. Such router exploits didn’t even require interception of the hardware but could in many cases be remotely installed by way of another hack.

For systems where a BIOS hack is impractical, the NSA has other tools to install a persistent backdoor. One, called GINSU, uses a PCI bus device installed on the computer. An implant called BULLDOZER creates a stealth wireless bridge, providing radio-based remote control of the backdoor to TAO operators. If the rootkit on the system (called KONGUR) is removed by a system re-installation, the GINSU backdoor can re-install the software on the next boot-up.

Enlarge / GINSU allows the NSA to slice and dice computers’ hard drives and control them remotely over a covert radio connection.

 

Reach out and touch someone

An implanted wireless device is the NSA’s go-to approach for dealing with “air-gapped” networks—networks that don’t have an Internet connection for security reasons. There are a number of other implanted devices that the NSA has in its TAO arsenal, including USB and Ethernet implants that can transmit short-range radio signals and more robust implanted hardware for longer-range transmissions. These radio links create a shadow Internet that allows the NSA to move data out of an adversary’s network and into its TURMOIL and X-KEYSCORE collection system.

The COTTONMOUTH series of implants are USB devices that provide a covert wireless bridge into a target network. They can be integrated into any USB plug, so check your mouse.

 

For networks that the NSA can’t get to physically, there’s NIGHTSTAND, a self-contained Wi-Fi hacking system that can break into networks up to eight miles away, in optimum conditions. NIGHTSTAND hijacks the target network and uses packet injection attacks to install exploits on the target network’s computers. Combined with a Windows exploit called SOMBERKNAVE, which uses a computer’s Wi-Fi adapter to “phone home” with data, it could be used to collect data from target computers even when they’re not intentionally connected to a network.

Enlarge / According to the ANT catalog, the NIGHTSTAND Wi-FI exploit system’s attack is “undetectable by the user.”

 

But why stop at network data? The NSA also uses some fairly exotic tools to grab computer video, keyboard strokes, and even audio from inside more difficult-to-reach places by using passive electronic devices that are actually powered by radar. These devices, charged by a specially tuned continuous wave radio signal sent from a portable radar unit (operating at as little as 2W up to as much as 1kW of power in the 1-2GHz range), send back a data stream as a reflected signal, allowing the NSA’s operators to tune in and view what’s happening on a computer screen or even listen to what’s being said in the room as they paint the target with radio frequency energy—as well as giving a relative rough location of devices within a building for the purposes of tracking or targeting.

Hacking smartphones

The 2007 NSA wish book for analysts also includes a number of software tools that allow data to be stolen from a variety of smartphones and dumb cell phones. One software hack, called DROPOUTJEEP, is a software implant for Apple iOS devices that allows the NSA to remotely control and monitor nearly all the features of an iPhone, including geolocation, text messages, and the microphone and camera. (Researcher and developer Jake Appelbaum, who helped write the Spiegelarticle revealing the documents, said separately this week that the NSA claims DROPOUTJEEP installations are always successful.) Another package, called TOTEGHOSTLY, does the same for phones based on the Windows Mobile embedded operating system.

Both the DROPOUTJEEP and TOTEGHOSTLY releases mentioned in the 2007 product listing required “close access methods” for installation—in other words, a human being getting up close and personal with the phone to install it. “A remote installation capacity will be pursued for a future release,” the document states. But another tool, called MONKEYCALENDAR, allowed the NSA to remotely install location-tracking software onto any GSM phone by way of a software implant for SIM cards.

But these aren’t the only way the NSA can get to cell phone data. Also in the bag of tricks are a number of wireless monitoring devices, as well as “networks in a box” and other gear that can pose as cell towers and networks—intercepting devices as they enter an area and grabbing up their voice, data, and SMS traffic. A “tripwire” program called CANDYGRAM can send out alerts whenever a cell phone hits a specified cell tower.

Old tricks, new tricks

It’s important to note that the exploits in the documents are largely over five years old, so they don’t necessarily give a complete picture of what the NSA is capable of today. That doesn’t mean that these techniques are no longer in circulation—given the stubbornness of Windows XP, many of the exploits developed for older Windows platforms may have years left in them, and some of the adversaries the NSA is trying to monitor don’t have Fortune 500 hardware refresh rates.

A frequent defense of what the NSA does with its bag of tricks is that in many ways it is no different from what other countries (including China, Russia, and France) try to do to the United States and other countries via their intelligence organizations. These documents show the key way the NSA is different—its vast technical resources and ability to essentially put itself into the supply chain for technology flowing to the rest of the world. US officials have long suspected China of doing the same thing with hardware from companies such as Huawei and ZTE, but these documents essentially spell out that “interdiction” is part of the US intelligence strategy, too.

The exposure of the techniques and capabilities of the NSA creates another problem for the agency, in that it provides those hard-to-get-at organizations the TAO was created to go after with an idea of how the NSA has targeted and will target them. It also creates a problem for companies like Cisco and Juniper, who now face the same sort of scrutiny the US and others put Huawei under for its connections to the Chinese military. Even if Dell, HP, Cisco, and Juniper had no hand in creating the backdoors for their products, the documents will undoubtedly be used against them the next time they try to sell hardware to a foreign government.

Advertisements
Eclipsed Words

Aspire to inspire others & the universe will take note

World4Justice : NOW! Lobby Forum.

Family Law and Child Welfare Reform.

Rabia Rambles

Ramblings About Beauty, Lifestyle & Everything In Between!

Perfect Place For Men's Wear And Accessories

casual blazer, summer blazers for men, blazers for men, online shopping of blazer, men blazers, messenger bag india, messenger bags for men india, bag for men, bags online india, backpacks for men, backpacks online, backpack bags, backpack online, duffle bags online, duffle bags for men

InsureZero Blog

All you need to know about Insurance

glorioushimalayatrekking

This WordPress.com site is the cat’s pajamas

Passionate About Music

This site was originally created as a protest that One Direction was not scheduled to come to Alberta on the WWAtour, and then as a record of the WWATour & OTRA Tour. I will occasional stray and post about other topics. I like to re-blog other fans posts about 1D :-)

Orion Bright Star

" Love is the vibration of all Healing "

SafeNEPAL

Environmental Health & Safety, NEPAL

Sketches from Berlin

Berlin Stories, Poetry & etc. by M.P. Powers

My Daily Journal.........

Everything from my world to yours'......:)

The Perks of being Different

Just sharing some experiences :)

Exclusivito

Confessions of a book-traveller

Спектакли онлайн

Спектакли онлайн — блог Алексея Марковича, где автор выкладывает фото и видео спектаклей, поставленные по его произведениям. Алексей Маркович, 39 лет. Писатель, сценарист, переводчик, режиссёр театра SCI-FI THEATER (Орегон, США). Алексей проводит творческие вечера, на которых читает свои рассказы.

https://malimachhindra11.wordpress

मुखपृष्ठ मच्छिंद्र माळी

STORY OF STREET

WHERE EVERY CHARACTER IS A GEM AND EVERY MOVE IS A DREAM

Advertisements
%d bloggers like this: