Green Dam, the mandatory censorware that will be installed on all Chinese PCs as of July 1, is remarkably insecure. J Alex Halderman from Freedom to Tinker and his colleagues Scott Wolchok and Randy Yao have released a paper, based on a mere 12 hours testing, detailing attacks that can be used to "steal private data, send spam, or enlist the computer in a botnet" and " install malicious code during the update process." They've released sample code demonstrating their findings.
The Chinese government has mandated that all PCs sold in the country must soon include a censorship program called Green Dam. This software monitors web sites visited and other activity on the computer and blocks adult content as well as politically sensitive material. We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process. We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg. Green Dam makes frequent use of unsafe and outdated programming practices that likely introduce numerous other vulnerabilities. Correcting these problems will require extensive changes to the software and careful retesting. In the meantime, we recommend that users protect themselves by uninstalling Green Dam immediately.
U.S. officials are investigating online security attacks that targeted reporters at The New York Times in Moscow. A U.S. official said Tuesday that the Times was among various U.S. news organizations targeted. CNN was first to report the story, and the Times has since confirmed and corrected some details.
Amid continued weak polling, millionaire presidential candidate Donald Trump has canceled forthcoming rallies and events in Colorado, Nevada and Oregon. He’ll still be attending fundraisers, reports Eliza Collins. Trump was originally scheduled to make a speech on immigration in Denver on Thursday, but according to The Denver Post the speech has been postponed. The campaign […]
Dan Bongino is a former secret serviceman running for office in Florida. In a tweet, he suggested that coverage of his backers in Naples Daily News was “propaganda.” .@ArekSarkissian @ndn also,my campaign is full of passionate small donors who despise papers like the @ndn & the propagandists working there— Dan Bongino (@dbongino) August 21, 2016 […]
To be a Pokémon master, you’ll need a phone that won’t constantly die on you. Because nothing is worse than seeing the screen go black right as you’ve finally found the Charizard of your dreams.That’s why we’re so excited about the LinearFlux PokeCharger Portable Battery ($39.99). With its 3.0 Amp HyperCharging technology, this slim battery will […]
The tech industry is constantly innovating, and in order to stay competitive, you’ll need to keep up. The Programming Into the Future Bundle was created to teach you the skills employers are looking for at this very moment, including in-demand coding languages like Google Go.The bundle of courses includes instruction on a range of innovative tools that advanced coders […]
If you’re running low on MacBook storage, your options are pretty limited. External hard drives mean toting around another piece of bulky equipment, and you probably don’t want a USB stick constantly protruding from your laptop.That’s why the Nifty MiniDrive for MacBooks is such a desirable alternative, and one of our top tech finds this year. You can add […]