A team of computer scientists at the University of Michigan have released this report about the Chinese government-mandated censorware, Green Dam. Here is the summary:
We have discovered remotely-exploitable vulnerabilities in Green Dam, the censorship software reportedly mandated by the Chinese government. Any web site a Green Dam user visits can take control of the PC.
According to press reports, China will soon require all PCs sold in the country to include Green Dam. This software monitors web sites visited and other activity on the computer and blocks adult content as well as politically sensitive material.
We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process.
We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg. Green Dam makes frequent use of unsafe and outdated programming practices that likely introduce numerous other vulnerabilities. Correcting these problems will require extensive changes to the software and careful retesting. In the meantime, we recommend that users protect themselves by uninstalling Green Dam immediately.
Read the rest of it here.
In June 2009, state-run Chinese media announced that the installation of the Green Dam Youth Escort would not be compulsory but an optional package.According to recent news reports , the Chinese government has mandated that, beginning July 1, every PC sold in China must include a censorship program called Green Dam.Now what can one say?Actually i was working on a project related to
Posted by: nomzz | June 24, 2009 at 01:48 AM