Drew Wilson
June 12th, 2009, 02:42 AM
Today Scott Wolchok, Randy Yao, and Alex Halderman at the University of Michigan released a report analyzing Green Dam, the censorware program that the Chinese government just ordered installed on all new computers in China. The researchers found that Green Dam creates very serious security vulnerabilities on users' computers.
[...]
The researchers have released a demonstration attack which will crash the browser of any Green Dam user. Another attack, for which they have not released a demonstration, allows any web page to seize control of any Green Dam user's computer.
This is a serious blow to the Chinese government's mandatory censorware plan. Green Dam's insecurity is a show-stopper -- no responsible PC maker will want to preinstall such dangerous software. The software can be fixed, but it will take a while to test the fix, and there is no guarantee that the next version won't have other flaws, especially in light of the blatant errors in the current version.
More... (http://freedom-to-tinker.com/blog/felten/chinas-new-mandatory-censorware-creates-big-security-flaws)
This story is getting scarier by the day. :shocked:
[...]
The researchers have released a demonstration attack which will crash the browser of any Green Dam user. Another attack, for which they have not released a demonstration, allows any web page to seize control of any Green Dam user's computer.
This is a serious blow to the Chinese government's mandatory censorware plan. Green Dam's insecurity is a show-stopper -- no responsible PC maker will want to preinstall such dangerous software. The software can be fixed, but it will take a while to test the fix, and there is no guarantee that the next version won't have other flaws, especially in light of the blatant errors in the current version.
More... (http://freedom-to-tinker.com/blog/felten/chinas-new-mandatory-censorware-creates-big-security-flaws)
This story is getting scarier by the day. :shocked: