The Great Green Dam(n) Climbdown

Chinese officials have, this week been forced to make an embarrassing climbdown over newly minted regulations forcing computer manufacturers and retailers to ship new machines with the a controversial censorship software package. One which raised hackles across the board, including those of human rights organizations, anti-censorship groups and IT security professionals.

According to the Mainland officials companies it will no longer be mandatory for new computers to ship with Green Dam Youth Escort. A software package billed as being a tool to protect children from pornography, but which was later revealed as a state censorship tool capable of denying computer users access to millions of websites containing material that disputes, or disproves, the official state long on history, society and culture.

Climbdown?

Beijing's climb down came on 14 August 2009, when Li Yizhong, the Mainland minister of Industry and Information Technology announced that companies and retailers would no longer be forced to include the software with computers sold for home or business use.


Partial Climbdown?

However, Li's announcement was not a full climb down, as china watchers had hoped it migt be. Instead, computers in schools, internet cafes, and other facilities where public internet access is offered will still be required to install the software on their existing computers.


Green Dam?

绿坝·花季护航 (Green Dam Youth Escort) sometimes referred to as Green Dam(n) or 滤霸 (Filtering Bully) , was unveiled BY Beijing in June 2009. Officially it was a child protection package (often referred to as a nanny filter, or a net nanny) designed by 郑州金惠计算机系统工程有限公司  (Zhengzhou Jinhui Computer System Engineering Ltd) and 郑州金惠计算机系统工程有限公司 (Beijing Dazheng Linguistic Technology Academy Ltd ) to filter out pornographic content on the internet. In order to allow safe browsing by children.

The software was to be installed on all new computers sold in China, and on all existing computers in schools, internet cafes, and other public places. Where it was to restrict access to yellow websites  through three techniques

1) Preventing users from accessing website containing key terms associated with pornography or form entering such terms into select software applications.
2) Using a combination of skin tone recognition and facial recognition to prevent users from viewing images containing nudity
3) Running a blacklist that prevents users from accessing URLs known to contain pornography

Criticism?

Since it's inception Green Dam has been roundly criticized by multiple groups, and from multiple angles. With those involved being as disparate as human rights activists and copyright lawyers.

Censorship?

The first barrage of criticism against green Dam came from human rights interests, with various groups voicing that Green Dam was a political censorship package masquerading as an anti pornography package.

Indeed, scrutiny of Green Dam revealed that while it contained a list of list of approximately 2,700 keywords blocked keywords relating to pornography it also to contain a further much larger list (6,500 blocked keywords) that refer to blacklisted political and social topics, such as the 1989 Tiananmen Square Massacre, and the outlawed FLG spiritual movement.


Some reports also indicate that Green Dam was also found to contain code that prevented the host computer form running “Freegate” a popular censorship avoidance tool.

Security Risk?

In addition to concerns over the human rights implications of Green Dam concerns were also raised several bugs in the software that could leave Green Dam users vulnerable to hackers.

According to US academics Green Dam opens up an unguarded back door into the host computer every time it updates its black and blocking lists. A back door that a malicious third party could use to insert their own code onto the host computer.

According to the same sources, this task is made simpler by the fact that Green Dam uses unencrypted data streams, making it much easier for the third party to impersonate a Green Dam update server and to sneak malicious code on to the host computer.

Similar concerns have been raised over the use of poor coding for routines that manage internet address filtering. Poor coding could allow malicious third parties to execute their own code on a host computer by pushing data onto a host computer that creates a "buffer overrun": In layman's terms, sending data that it longer than the software was expecting, causing it to spill out of the end of areas of a computers memory that is being safely controlled and into an area where it can do damage.

Both exploits could be used by a malicious third part to steal information such as passwords and banking details from a host computer, or to install software that could be used to remote control the host computer. Forcing it to, for example, send out spam emails, to attack other computers using viruses, or to report back on whatever it is that the host is doing.

Legal concerns?

According to researchers based in the University of Michigan, Green Dam's internet address filtering capabilities are largely based on code/content illegally recycled from US base company Solid Oak Software Inc. The researchers state that the code/content originates from Solid Oak's own internet censorship software package: "CyberSitter".

Solid Oak's own researchers came to an identical conclusion, and stated that there is no indication that the codes inclusion was anything other than a deliberate theft is intellectual property.


Researches additionally found that Green Dam used software originally developed by Intel to recognize faces in images.  Although the code has been publicly released through the 'Open Source' movement, initial versions of Green Dam did not  comply with all of the Open Source usage requirements, and so was is using the code illegally.

Later versions of Green Dam include additional documentation aimed at Open source compliance, though it is not yet clear if this was sufficient.

On a legal front, Solid Oak immediately sent out a number of cessation orders to US based PC manufacturers that distribute in China, instructing them not to distribute Green Dam with their hardware.

According to the BBC, a Solid Oak also intends to file a complaint with the FBI.


This put foreign manufacturers in an the awkward position of having to choose between violating Mainland law by refusing to ship the software with their Mainland PCs, potentially violating US law by including it, or suspending PC sales in China. All of which could have a serious effect on the company in terms of reputation and market share.

Fit for Purpose?

In addition to concerns from those opposed to the software on moral or legal grounds the software was also criticized by those who questioned whether it was fit for its officially stated purpose. Essential, whether it could effectively prevent Mainland children from accessing yellow content on the internet.

In particular, concerns were raised over Green Dam's ability to filter out pornographic images. With researchers quickly discovering that the software was over sensitive in some areas, but were distinctly lacking in others.

For example, Green Dam routinely censored images of pigs because their skin tones are similar to those of foreigners, and of popular cartoon characters with skin tones similar to Chinese people, yet failed to recognize the darker skin tones of black people. Meaning that Chinese children would be unable to access many websites covering farming, but could view images of  naked African-American woman performing sex acts.

tags: china  censorship  pornography  pervert  perversion  human rights  

links: digg this    del.icio.us    technorati    reddit