Chinese censorware will expose every PC in the nation of malware, ID theft, botnetting

Discuss

26 Responses to “Chinese censorware will expose every PC in the nation of malware, ID theft, botnetting”

  1. Takuan says:

    do you suppose the web has already “woken up”? That we presently entertain something quasi-self aware that exhibits the will to reproduce and survive associated with living things as the “automatically route around damage” function of the web that was its intial raison d’etre? That an emerging meme-plex that vast can’t be seen by us for “forest and the trees”? That what we see evolving in China is not so much directed by human governmental will so much as the inevitable unfolding of a New Thing?
    …..nahhhhh!

  2. Anonymous says:

    Sounds like a great oppourtunity to sequester unused cpu cycles for doing good work, decoding disease genomes, mapping weather, looking for alien life… Any benificent hackers out there looking to donate all China’s idle computer time to the forces of good?

  3. Anonymous says:

    sorry,i have a fault.not 4710,00000,it is 4170,00000

  4. acb says:

    The botnetting may be more than an accidental consequence; what if Green Dam can be remotely activated to execute arbitrary code uploaded by its controllers, giving the People’s Liberation Army a botnet hundreds of millions of machines strong with no fear of it being detected or shut down? It could also be a pretty nifty supercomputer; a trivially small amount of CPU cycles from each of hundreds of millions of computers could do a lot of processing.

  5. Anonymous says:

    I wouldn’t be surprised if these flaws were here on purpose. I mean, the Chinese gov is pretty good at disguising its real intentions into clumsy naive acts. No one can be accused, but the road is wide open for those who could profit out of that.

  6. Mitch says:

    Ah, porn. Something right wing Christians, radical feminists and atheist communists can all agree on.

    If this is a Windows program does this mean that it
    is mandatory to use Windows in China?

  7. Anonymous says:

    As a Chinese,I think it is absurd.yes,the government pay 4710,00000RMB(about 600,00000 dollars) for it.

  8. angusm says:

    I think that Green Dam’s botnet-building features are a bug rather than a feature.

    First, if the PLA wanted a 100-million-machine botnet or supercomputer via GreenDam, they would build in a hard-to-spot backdoor, rather than something that can be leveraged (by anyone, not just the PLA) with a few trivial hacks.

    Second, a botnet located exclusively in one country isn’t useful. If the PLA fired up a Green Dam botnet and used it to launch an attack on insert-target-of-choice, it probably wouldn’t take much more than half an hour for the whole of China to find itself null-routed. Enjoy your national intranet, folks.

  9. z7q2 says:

    Interesting dilemma here. As a security researcher, do you make public these vulnerabilities so that the Chinese government can improve the software and more effectively suppress their people, or do you keep it to yourself in the hopes that the system is attacked and fails, and gives the Chinese government pause in trying something like that again?

    Probably means nothing in the long term, because only political change in China will make the desire to censor the people’s information access go away.

    Sidenote: perhaps this is an oppotunity to attack the system and turn it into a giant unfiltered VPN that will leap over the great firewall? White hats take note.

  10. FoetusNail says:

    Love the sickening overuse of the word “Green”. Everything green is good. Let’s be honest this a Red Dam with all the shoddy workmanship and holes of every other totalitarian dam or wall ever built.

    They all spring leaks and come tumbling down eventually. It is amazing that this simple fact of history alludes totalitarian pricks, or knowing this they continue to ignore history for their own short term gain.

    People are generally pathetic, both those in charge and those who work for them, meaning us.

  11. Anonymous says:

    Is it possible that the software maker deliberately coded this way to help social-issue-white-hat hackers to leverage the exploits to cripple China’s infrastructure or to bring down the Great Firewall? Think about it: you could compromise tens of thousands (if not hundreds of thousands) of PCs behind the Greate Firewall in a short period of time, and then redirect themt to take down party sites, censorware servers, and even the Great Firewall itself!

  12. rotundo says:

    You know, once you have a mandatory censorship software on your computer, it kinda doesn’t matter anymore if it’s also insecure…

  13. Daemon says:

    Quick, somebody invent a trojan that will infect the censor-ware equipped PCs and transform them into the world’s largets network of TOR routers, and automatically bypass the censorware.

  14. Anonymous says:

    PC makers should be moving the harddrive manufacturing and imaging to India, and then putting the harddrive in the machine when the shipment arrives at its destination.

  15. Anonymous says:

    Also, the mandatory bot-net software can be used against the Chinese government just as easily as it can be used as their weapon.

  16. DWittSF says:

    Weren’t the wily Chinese the ones who were supposedly able to hack silicon fab in order to root all Lenovo machines? Was that too much trouble or what?

  17. Fritz Bogott says:

    This is clearly a cunning act of sabotage by a renegade band of American ‘patriots’ designed to crush China’s ability to compete in any economic sphere more sophisticated than ironmongery.

    OR

    This is clearly a cunning act of reverse psychology by the PLA designed to encourage the hacker ethic in the entire population. It trades off a brief competitive handicap against the unstoppable long-term competitive advantage of 1.5B people who can fight their way to root no matter what.

  18. codeman38 says:

    Personally, this part bugs me as much as anything:

    Some of the blacklists appear to have been copied from American-made filtering software… We found evidence that a number of these blacklists have been taken from the American-made filtering program CyberSitter.

    Also, according to Wikipedia’s article on Green Dam, a clarification of something else I was wondering about from that analysis:

    Both Wolchok, Yao and Halderman’s report and a technical analysis released on Wikileaks indicated that software contains code libraries and a configuration file from the BSD-licensed computer vision library OpenCV. The software is said to have violated the BSD license by the Wikileaks document.

    Not that China is exactly known for respect of intellectual property anyway, but something just doesn’t seem right about having the Chinese government require the installation of license-violating software.

  19. Takuan says:

    hmmm. perhaps that is the idea.

  20. Anonymous says:

    A grand example of what happens when politicians try to control technology, they piss on their shoes every time as if it was a magnetic attraction.

  21. bobhughes says:

    I love the test page that crashes green dam-infected computers with the AAAAAAAA~A.html link. pretty complex hack right there.

    seriously, how can a national government release software with such hilariously poor planning & development? you’d think they hired some interns from north korea and told them they had 12 hours for the entire project.

    hmm… or maybe as software developers, they just couldn’t stomach the idea of making software designed to so brutally repress their countrymen’s (and their own) computing activity, so they submitted the worst possible program that the government would accept.

    i’m no fan of censorware, but I hope the owners of cyber-sitter sue the living shit out of the chinese government for code lifting.

  22. Takuan says:

    “G-dam” it shall be.

  23. Patrick Arcee says:

    Open letter to the hackers
    who changed my homepage be granny porn:

    I forgive you, and only ask that you make every PC homepage in China display the history of Tienanmen square.

  24. Anonymous says:

    As #1 pointed out – a billion zombie cluster could crack or DoS just about anything.

    Based on the NSA robin-hood style open competition the Chinese have some proficient crackers.

    Why post the obvious…

    The Chinese who choose to live in freedom must leave China – we received many Americans here over the past few years too.

    Do you run MacOSX or Windows? You were already rooted right out of the box.

  25. jerwin says:

    Wouldn’t it be interesting to use the green dam to breech the great firewall? Install green dam, get a few proxies installed with it.

Leave a Reply