Asia In Brief Indian tech services giant Infosys has revealed the nation's Securities and Exchange Board (SEBI) rejected its claims of being unable to file regulatory paperwork on time due to COVID-19 lockdowns.

Infosys last week revealed, in a filing [PDF], that SEBI had noted it missed some deadlines to lodge information required under regulations covering the prevention of insider trading.

The services giant told SEBI it was late because large numbers of its staff were working from home, which made it "logistically difficult to coordinate and maintain these records."

SEBI did not accept that excuse, arguing that Infosys neglected to periodically consider its obligations.

Infosys's letter states that its failure to file on time was "viewed seriously by SEBI" and that its company secretary has been "warned, and henceforth advised to be careful" with the relevant filings.

The services outfit took pride in maintaining continuity of service for its clients during the pandemic, even as most of its customer-facing staff moved to working from home. Attempts to hold its back office operations to a lower standard are therefore at odds with its professed values and achievements. - Simon Sharwood

Tencent keyboard leaked personal info

Chinese web giant Tencent's Sogou Keyboard app has been found to have significant security flaws.

Keyboard apps are big in China because, as explained by Canadian digital policy outfit Citizen Lab, "Chinese has tens of thousands of characters used in varying frequencies, far too many to fit on a single keyboard."

A variety of different input methods have therefore been developed to ease the task of typing in Chinese, the most popular of which is called Pinyin.

Sogou Keyboard offers Pinyin input and, according to Citizen Lab, has more than 450 million active monthly users and is the most popular such app in China.

The Lab also asserts that until recently it was very leaky.

"Analyzing the Windows, Android, and iOS versions of the software, we discovered troubling vulnerabilities in Sogou Input Method's custom-designed 'EncryptWall' encryption system and in how it encrypts sensitive data," the Lab wrote last week, adding that it found "network transmissions containing sensitive data such as those containing users' keystrokes are decipherable by a network eavesdropper, revealing what users are typing as they type."

Tencent appears to have addressed the flaws and Citizen Lab's post advises upgrading to the latest version of the app.

The post also details Citizen Lab's disclosure to Tencent, which appears not to have rushed to address the flaw. Citizen Lab also points out that its work focused solely on the encryption issues, rather than representing a comprehensive security audit of Sogou Keyboard.

- Simon Sharwood

China to make mobile apps register with local bureau

China's Ministry of Industry and Information Technology (MIIT) has dictated that all Chinese mobile app providers will be required to file business details with proper government entities by March of 2024.

Apps published after the issuance of this notice must complete the filing before commencing business, said MIIT.

But it's not just apps that have to register. Those engaged in internet information services through apps - including news, publishing, education, film and television and religion - should also submit relevant documents, said the Ministry.

Failing to file could make life very difficult for software publishers, as a guide on how to file the required paperwork states "Network access service providers shall not provide services for unregistered apps."

The rules are guided by efforts within Beijing to crack down on telecom and network fraud while safeguarding network security and public interests, said MIIT. The move obviously also affords Beijing a higher level of control over mobile apps.

The registration requirements mean that app developers whose work is available in Chinese app stores will need a local address - a requirement offshore developers have not previously faced.

TwitX out of favor in Japan, Australia

Australian state-funded broadcaster ABC is shuttering all but four of its Twitter/X (TwitX) accounts, and Japan's municipalities have stopped posting natural disaster information on the social network.

ABC cited "multiple reasons" for the decision, among them small audiences on the network compared to those available on YouTube, Facebook, Instagram and TikTok.

"We also found that closing individual program accounts helps limit the exposure of team members to the toxic interactions that unfortunately are becoming more prevalent on X. Concerningly, X has reduced its trust and safety teams," said ABC management. "Additionally, it is introducing charges which make the platform increasingly costly to use." The accounts @abcnews, @abcsport, @abcchinese and @abcaustralia will remain, but all other accounts will be discontinued.

Elon Musk's response has been very mature: he's accepted the outcome of his actions and promised to clean up the toxic environment. Kidding. He predictably tweeted "Well of course they prefer censorship-friendly social media. The Australian public does not."

As reported by local media, prefectures in Japan are also withdrawing from use of the app.

Where it was once a regular procedure to send real-time updates regarding weather events on Twitter, the prefectures are now turning to Line and alert system L-Alert. "The problem was not on our side, but rather, the information could no longer be sent due to restrictions imposed by X, formerly Twitter, due to changes in their specifications," reportedly said Masanori Tokimatsu, the head of information and communication at Kumamoto Prefecture's disaster prevention system.

The system is one of many in Japan that have reduced or stopped using the Musk-owned app for weather related updates. TwitX policies have changed to restrict accounts to 1500 tweets a month or 50 tweets per 24 hours.

That disaster prevention system last tweeted in July, sharing a link to its website for future updates.

India's Personal Data Protection Bill passes

India's Digital Personal Data Protection Bill made it through the country's parliament, known as Lok Sabha, last week. The long awaited bill was tabled on August 2. "Digital India gets a legal framework for user protection. Congratulations to all 140 crore Indians. The Parliament has passed the Digital Personal Data Protection Bill 2023, celebrated telecom minister Ashwini Vaishnaw. Long-time critic and digital rights freedom org Internet Freedom Foundation (IFF) called it "disappointing" that the bill took nearly six years to make and passed with only two hours of surface-level deliberation.

India reportedly bans Chinese-made drone parts

India has reportedly banned Chinese components from its military drones over security concerns. Bidders to drone-related military tenders in February and March of 2023 were allegedly told to avoid equipment and subcomponents from "countries sharing land borders with India will not be acceptable for security reasons," and one tender said subsystems from those countries had "security loopholes" that compromised data.

In other news …

We reported last week that the head of the United States Cyber Command reckons China's capabilities in cyber spying are not yet comparable to those of the US, but that's no reason to become complacent.

As if to demonstrate that lack of complacency, the Biden administration placed heavy restrictions on investment in technology that might, one day, find itself used by the Chinese military.

But China isn't complacent either, and web giants Baidu and Tencent have been buying all the GPUs they can get to improve their AI strengths.

As for home-grown Chinese tech, a set of published benchmarks show that Loongson is less than half a decade behind Intel.

Speaking of Alibaba, the cloud giant found the very definition of a silver lining, reporting that a dip in cloud demand had improved its profitability.

Also in China, Beijing has floated rules regarding the use of facial recognition tech that seem at odds with the way it's been using it.

Early enthusiasm for a room-temperature superconductor reported by Korean scientists has waned somewhat after numerous teams have failed to replicate the results.

Meanwhile to the North, it appears that Kim Jong-Un has had cyber crims snooping on putative ally Russia and its missile tech for some time. With friends like these, eh Vladimir?

Not all cyber baddies are as successful though, with INTERPOL having slapped the cuffs on the leaders of a phishing-as-a-service gang in Indonesia and Japan.

And India's push to become more self-reliant when it comes to technology continues, with a competition announced to develop a native web browser. ®

https://www.theregister.com//2023/08/14/asia_tech_news_roundup/