Green Dam, the mandatory censorware that will be installed on all Chinese PCs as of July 1, is remarkably insecure. J Alex Halderman from Freedom to Tinker and his colleagues Scott Wolchok and Randy Yao have released a paper, based on a mere 12 hours testing, detailing attacks that can be used to "steal private data, send spam, or enlist the computer in a botnet" and " install malicious code during the update process." They've released sample code demonstrating their findings.
The Chinese government has mandated that all PCs sold in the country must soon include a censorship program called Green Dam. This software monitors web sites visited and other activity on the computer and blocks adult content as well as politically sensitive material. We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process. We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg. Green Dam makes frequent use of unsafe and outdated programming practices that likely introduce numerous other vulnerabilities. Correcting these problems will require extensive changes to the software and careful retesting. In the meantime, we recommend that users protect themselves by uninstalling Green Dam immediately.
The New York Times’ presidential forecast has millionaire Republican Donald Trump at his lowest ebb of the campaign, with only an 8 percent chance of winning the Nov. 8 general election. A victory by Mr. Trump remains possible: Mrs. Clinton’s chance of losing is about the same as the probability that an N.F.L. kicker misses […]
The Ecuadoran Embassy in London has confirmed Wikileaks’ accusation that it terminated Julian Assange’s access to its wifi network because it disapproved of Assange and Wikileaks’ “intervention in the affairs of other states” by publishing material pertaining to the impending US election.
This video released today from the social media campaign “Humanity for Hilary” features Meryl Streep, Amy Schumer, Lena Dunham, Whoopi Goldberg, Maggie Gyllenhaal, and other women who share their own experience of surviving sexual assault. It’s a powerful response to recent events surrounding the Republican nominee for president, Donald Trump.
The Atmos R2 may be bigger than the brand’s previously-released vapes, but we argue that in this case it’s definitely a good thing. A bigger heating chamber means more room for packing it full. And the bigger battery means longer, more fulfilling vape sessions. In fact, you can use the Atmos R2 for up to about 25 […]
These days, there is huge demand for ethical hackers. Companies pay these professionals to identify and remedy security holes in their networks before malicious hackers find and exploit them. What’s great about this is that if you love hacking or think you may love hacking, you can do it for a living and not as […]
The Boing Boing Store features tons of headphones with a range of functionality, quality levels, and prices. Today we’re featuring 2 of the best additions, fresh to the Store this week.The first set of bluetooth headphones are great for working out or everyday listening, while the wired second set will be really attractive to anyone who […]