China to Patch Flaws in Green Dam Censorware

News
By published

The Chinese government has ordered designers of the Green Dam censoring software to patch vulnerabilities that could allow hackers to take control of users’ computers.

In a detailed analysis last week, Scott Wolchok, Randy Yao, and J. Alex Halderman from the Computer Science and Engineering Division at the University of Michigan claimed to have found two major security vulnerabilities after only one day of testing the Green Dam software.

According to the report, the first vulnerability is an error in the way the software processes web sites it monitors, which the second is a bug in the way the software installs blacklist updates. However, both allow remote parties to execute arbitrary code and take control of the computer.

Speaking to the English language publication, China Daily, Zhang Chemin, general manager of Jinhui Computer System Engineering admitted that there were flaws, "just like any other software of this type" but went on to say that the company specializes in “producing internet filtering software rather than security.”

Zhang told CD that the government had asked the company to rush release security patches to fix the problems. "The Ministry of Industry and Information Technology told us to make the software safer as soon as a series of security vulnerabilities were found." Adding that programmers were working non-stop to develop fixes.

China has ordered that starting July 1, all computers must ship with the Green Dam software pre-installed on their computers. According to the Chinese government, the software is supposed to filter out pornographic content, however, recent analysis shows it also filters out political phrases too.

TOPICS
More about security software

Florida experiences a huge 1,150% surge in VPN use as Pornhub blocks access in response to age-verification law

BadRAM attack breaches AMD secure VMs using a Raspberry Pi Pico, DDR socket, and a 9V battery

Chinese chipmaker readies 128-core, 512-thread CPU with AVX-512 and 16-channel DDR5-5600 support
See more latest
21 Comments Comment from the forums
  • starryman
    And what do they plan on doing with SPAM? We can't even filter out male enlargement and nigerian scams.
    Reply
  • tenor77
    Individual thoughts were still getting through!

    Resistance is futile
    Reply
  • tayb
    I went to public school. Internet filters don't work. It doesn't even require "hacking" or anything of the sort. They just don't catch everything. If I wanted to look at porn I could do it with just a little effort.
    Reply
  • Pei-chen
    Don't really know why this is still headline news but I see this vulnerability as no different than the vulnerability in EA download manager, Apple updates, Adobe update manager, etc.
    Reply
  • jerther
    China has ordered that starting July 1, all computers must ship with the Green Dam software pre-installed on their computers.

    I just thought about something... Will users be able to uninstall it? :)
    Reply
  • tenor77
    JertherI just thought about something... Will users be able to uninstall it?
    If they took a lesson from EA then the answer would be "No"
    Reply
  • B-Unit
    Pei-chenDon't really know why this is still headline news but I see this vulnerability as no different than the vulnerability in EA download manager, Apple updates, Adobe update manager, etc.Except that no government requires EA download manager, Apple updates, or Adobe updates to be installed on every PC sold.
    Reply
  • mavroxur
    "However, both allow remote parties to execute arbitrary code and take control of the computer."


    Ah, so the software is working exactly as the government designed it to I see....

    Reply
  • grieve
    FAIL
    Reply
  • Hanin33
    so, what ever happened to the idea that people could do whatever they wished to in their part of the world? sure it doesn't meet up to the 'standards' of the moment elsewhere... but has anyone stopped to think that that's just fine with the people this directly concerns? maybe our way of life isn't how they wish to lead theirs? are we not just projecting wot we interpret the way 'it should be' with the way we want them to live? i don't agree that a government should be allowed that much control over their constituents lives... but i also do not live in china and would move if that were the case here in the USA. i'm just saying.. *shrugs*
    Reply
Most Popular
Hygon CPU
Chinese chipmaker readies 128-core, 512-thread CPU with AVX-512 and 16-channel DDR5-5600 support
Cadence Millenium M2000 Supercomputer
Cadence releases new AI supercomputer — uses Nvidia RTX Pro 6000 GPUs to improve simulation run time
Amedac
Former SK hynix employee transferred advanced chip packaging technologies to Huawei
GPU
Startup trains AI models with gaming GPU setup under $100K
Gigabyte RTX 5060/Ti lineup
RTX 5060 reviews are reportedly in jeopardy — Nvidia allegedly withholding pre-release drivers from reviewers
Huawei
HarmonyOS replacing Windows on Huawei laptops — delivers connectivity across the ecosystem
Nvidia Hopper H100 GPU and DGX systems
Nvidia celebrates dumping of Biden-era AI chip export rules — simpler new policy promised
Talking to your pet
Baidu developing AI-driven animal to human translator – Dr Doolittle plans revealed in patent application
Alienware 16 and 16X Aurora laptops
Alienware's new Aurora laptops are for gamers who crave some design subtlety
Intel Arc Pro A60
Intel teases Arc Battlemage professional GPUs for Computex — Variants with 24GB of VRAM alleged