Slashdot Mirror

← Back to Stories (view on slashdot.org)

China's Green Dam, No Longer Compulsory, May Have Lifted Code

Posted by timothy on from the when-the-levee-breaks dept.

LionMage writes "Much has been made previously of how China's Green Dam software must be installed on all new PCs in China, and of more recent revelations that the software may create exploitable security vulnerabilities or even provide the Chinese government with a ready-made botnet to use for potentially nefarious purposes. (One of those prior articles even discusses how Green Dam incorporates blacklists from CyberSitter.) Now the BBC is reporting that Solid Oak's CyberSitter software may have had more than just a compiled blacklist lifted from it. Solid Oak is claiming that actual pieces of their code somehow ended up in Green Dam. From PC Magazine's article: 'Solid Oak Software, the developer of CyberSitter, claims that the look and feel of the GUI used by Green Dam mimics the style of CyberSitter. But more damning, chief executive Brian Milburn said, was the fact that the Green Dam code uses DLLs identified with the CyberSitter name, and even makes calls back to Solid Oak's servers for updates.'" Relatedly, reader Spurious Logic writes that Green Dam won't be mandatory after all, according to an unnamed official with China's Ministry of Industry and Information Technology.

31 of 116 comments (clear)

  1. Really.. by Anonymous Coward · · Score: 4, Funny

    What do you expect from China? High quality originality?

  2. Damn it... by Tinctorius · · Score: 4, Funny

    now how am I going to build a cheap botnet?

    1. Re:Damn it... by abshack · · Score: 3, Informative

      Well, you could always hope that they make Opera 10 the default browser in China and exploit its webserver capabilities...

  3. Given the situation by Anonymous Coward · · Score: 4, Insightful

    If china PCs had been hammering my servers for updates to their plagiarized software, I'd have called the CIA to see what to slip in next update. Much more fun but oh so less publicity :/

    1. Re:Given the situation by uffe_nordholm · · Score: 4, Interesting

      It could have been hilarious to see the mess of acusations and finger-pointing if Solid Oak had slipped something really nasty into an "only for you, my special Chinese friend" update.

      Or maybe Solid Oak could have done some good with an update: see to it that all traffic in and out of the computers is heavily encrypted, and has to pass through one of several servers outside of China in order to be decrypted and sent on it way. That way they could have helped bring free speech to the Chinese.

    2. Re:Given the situation by CodeBuster · · Score: 5, Interesting

      This has been done before. During the Cold War, in order to disrupt the Soviet economy and serve them some comeuppance for their industrial espionage activities, the CIA, in partnership with American Technology companies ensured that hardware and software with carefully arranged "flaws" found its way into Soviet hands. In one particular instance a "flawed" natural gas pipeline software and associated hardware went "haywire" (i.e. it ran the ultra-high pressure test) after a planned period of normal operation. The result was the largest non-nuclear man-made explosion ever seen from space (the satellites designed to detect plumes from ICBM launches detected a tremendous flash from the area near Vladivostok where the pipeline in question was located). This article covers some of the details excerpted from the book At the Abyss: An Insider's History of the Cold War as recalled by Thomas C. Reed, a former Air Force secretary who was serving in the National Security Council at the time.

    3. Re:Given the situation by RenHoek · · Score: 3, Funny

      The only poetically correct thing to do is to send porn via the updates. :)

    4. Re:Given the situation by CraftyJack · · Score: 3, Informative

      Here's the link. It gets mentioned just about every time that electronic espionage crops up. At this point, everyone that reads /. has seen this about three times over.

      Interesting, maybe. No longer informative.

  4. even makes calls back to Solid Oak's servers by goombah99 · · Score: 2, Interesting

    "even makes calls back to Solid Oak's servers for updates.'

    er... problem solved? Sell the bot net to raise money. A botnet the size of china would be pretty valuable. You could even use it for good--- turn it into a rosetta at home client!

    --
    Some drink at the fountain of knowledge. Others just gargle.
  5. *sigh* by jbacon · · Score: 4, Interesting

    Oh China, you never change...

    But oh man, it would have been so hilarious to see what happened to Solid Oak's update servers when the ENTIRE NATION of China hit them at once! I predict flames.

    1. Re:*sigh* by Garbad+Ropedink · · Score: 5, Funny

      The correct terminology is the 'Linksys Eruptous'. It's a terrible scenario where a server is so overwhelmed with traffic it tries to leap out the server room and escape the building. They have a bad case of that over at Twitter. They actually have people on staff who're just on standby with nets and scooters.

      --
      And that was the last Terry Fox run I ever participated in.
  6. Obvious DLL update... by Anonymous Coward · · Score: 3, Insightful

    Now if they can just figure out a way to get those DLLs to display "The Chinese Government is Oppressing you. Remember the valiant souls who gave their lives trying to earn your freedom at Tienanmen Square!" on all the computer screens in China...

  7. Sounds like Cybersitter contributed by ekimminau · · Score: 5, Interesting
    We have 1 of three possible scenarios:
    1) The Green Dam developers have fully reverse engineered Cybersitter to the point they can reuse pre-compiled binaries and snippets of code required to call them.
    2) Cybersitter's development network has been thoroughly compromized to the point that the Chinese Green Dam developers have fully plagurized another companies proprietary code.
    3) Cybersitter has contributed to the development of the Chinese Green Dam and was therefore paid for their effort.
    1 is certainly possible. 2 is truly frightening on a number of levels. 3 is just wrong and may be a violation of federal law. As they are a US company, contributing code to the development of a Chinese firewall product could be subject to the same verbiage as a US firewall, i.e something similar to:

    Under U.S. law, the Software may not be downloaded or otherwise exported, reexported, or transferred to restricted countries, restricted end-users, or for restricted end-uses. The U.S. currently has embargo restrictions against Cuba, Iran, Iraq, Libya, North Korea, Sudan, and Syria. The lists of restricted end-users are maintained on the U.S. Commerce Department's Denied Persons List, the Commerce Department's Entity List, the Commerce Department's List of Unverified Persons, and the U.S. Treasury Department's List of Specially Designated Nationals and Blocked Persons. In addition, the Software may not be downloaded or otherwise exported, reexported, or transferred to an end-user engaged in activities related to weapons of mass destruction.

    and/or:

    The Software available to download from this Site is commercial computer software as that term is described in 48 C.F.R. 252.227-7014(a)(1). If acquired by or on behalf of a civilian agency, the U.S. Government acquires this commercial computer software and/or commercial computer software documentation subject to the terms of this Agreement as specified in 48 C.F.R. 12.212 (Computer Software) and 12.211 (Technical Data) of the Federal Acquisition Regulations ("FAR") and its successors. If acquired by or on behalf of any agency within the Department of Defense ("DOD"), the U.S. Government acquires this commercial computer software and/or commercial computer software documentation subject to the terms of this Agreement as specified in 48 C.F.R. 227.7202-3 of the DOD FAR Supplement ("DFAR") and its successors.

    (Completely and totally plagarized from the ZoneAlarm legal page, http://www.zonealarm.com/security/en-us/legal.htm )

    --
    Armaments, 2-9-21 And Saint Attila raised the hand grenade up on high, saying, 'O Lord, bless this Thy hand grenade' N
    1. Re:Sounds like Cybersitter contributed by afabbro · · Score: 4, Insightful

      We have 1 of three possible scenarios: 1) The Green Dam developers have fully reverse engineered Cybersitter to the point they can reuse pre-compiled binaries and snippets of code required to call them. 2) Cybersitter's development network has been thoroughly compromized to the point that the Chinese Green Dam developers have fully plagurized another companies proprietary code. 3) Cybersitter has contributed to the development of the Chinese Green Dam and was therefore paid for their effort.

      I think the most likely scenario is that someone walked out of Cybersitter, Inc. with a thumb drive full of code. I guess you could call that (2), but I think it's more likely that a contractor (or even offshore development team) pinched the code via copy than a team of black hats in Hunan broke into Cybersitter's servers.

      By the way, you might find google's toolbar, which spellchecks, helpful before you compromize and plagurize more posts ;-)

      --
      Advice: on VPS providers
    2. Re:Sounds like Cybersitter contributed by Anonymous Coward · · Score: 2, Insightful

      It looks more that they took the dll's from a commercial version of Cybersitter and did some limited reverse engineering to get hands on some function calls. I guess they want to save the effort for keeping a pron blacklist up-to-date.

      It's not so hard and rather dumb than using devilish haxzor skillz to fully reverse engineer Cybersitter.

    3. Re:Sounds like Cybersitter contributed by RenHoek · · Score: 3, Interesting

      Or they're just using DLL's.. I mean you can just call the functions inside them without too much trouble..

      And even if you _do_ do some reverse engineering.. You don't have to fully reverse everything to get stuff to work.. I mean as long as you get a chuck of opcodes and you know where the entry point is and what parameters you have to push into them, then you can run code without doing much reverse engineering at all.

  8. From the Shanzhai angle, it's hilarous by GeoVizer · · Score: 5, Interesting

    Here's the best write-up I've seen on the absurdities of Green Dam Youth Escort. http://people.oii.ox.ac.uk/hanteng/2009/06/12/shanzhai-nature-inside-the-green-dam-youth-escort-software/ The adoption of this software has the following absurdities: 1. It simultaneously embodies paranoid totalitarianism (surveillance and internet access controls) and extreme incompetence (this opens a huge security hole everywhere it is installed, the folks at the NSA must be grinning). 2. It embodies an ethos both puritanical (blocking porn) and piratical (taking commercial and BSD software without attribution). Plus more I'm sure. It's my new favorite software.

  9. None of this should be surprising by Anonymous Coward · · Score: 2, Informative

    China is in a cold war and is doing everything possible to control their population, while trying to destroy the west. And yes, the chinese gov has NO issues with stealing from the west.

    1. Re:None of this should be surprising by Icegryphon · · Score: 3, Insightful

      If you where them wouldn't you do the same?
      They are on a war footing, apparently we keep fooling ourselves into thinking everyone wants to play nice.
      We also fool ourselves that they need us. Well news for those reading, They don't.
      There is a reason they laughted at Geithner

  10. What a waste by theinvisibleguy · · Score: 5, Insightful

    A recent slashdot posting talked about how China had some of the best programmers in the world, you'd think they would be able to program something better than cybersitter let alone just copy some code.

    1. Re:What a waste by gzipped_tar · · Score: 2, Insightful

      Best programmers want the best pay. Stealing may be cheaper.

      --
      Colorless green Cthulhu waits dreaming furiously.
  11. ChiCom Intelligence strikes again by Hasai · · Score: 2, Insightful

    Reminds me of when the KGB used to spend a huge chunk of their resources stealing American technology, then slavishly copying it to the tiniest detail, right down to the manufacturers' logos on the dies.

    There's something about Communism that eats home-grown innovation alive. . . .

    --

    Regards;

    Hasai

    1. Re:ChiCom Intelligence strikes again by Spy+Handler · · Score: 2, Interesting

      There was a History channel program about how the Soviets copied the B-29 Superfortress. In late 1944, three American B-29s made emergency landing in the USSR after a bombing run over Japan. Stalin ordered his defense people to copy them *exactly*.

      Even though the Russians had some pretty decent aircraft designers who understood aircraft systems well, nobody wanted to offend Stalin and risk getting sent to the goulags... so they copied EVERYTHING, including the repair marks made on the side panel on one of the original American B-29!

    2. Re:ChiCom Intelligence strikes again by macbeth66 · · Score: 2

      ...something...

      Since when is China a communist state? It is a brutal, oligarchical dictatorship. There is NOTHING about China that is communist. Actually, there has never been a communist state anywhere at anytime. China is a slave state.

  12. I'm a Chinese and even I'm gobsmacked by francium+de+neobie · · Score: 2, Interesting

    I'm not really surprised by the censorship and monitoring things as they've been doing that all the time... but...

    That piece of software, coming out from the central government itself - it's run by former engineers you know, is so stupid! If people can fly by being stupid then we don't need rockets! We just strap our astronauts to this guy, who is executing the plan, and everyone will get a ride to the moon for free! I can imagine false positives and false negatives aren't really big problems from the government's viewpoint. But... the censoring list is not encrypted?! Are you stupid? So basically you're telling everyone in China what sort of topics the government is afraid of and thus... get them to look for those things? pr0n isn't really a big problem actually but a kid having an unencrypted list of pr0n sites is still disturbing. Now kids in China don't need to look for pr0n from Baidu anymore, they just get the government-approved pr0n site list from this Green Dam CD and surf away!

    Now foreign countries have found their code being by from this software... WTF? Where are the checks and balancing in place to make sure such obvious things would not happen? By obvious I mean whenever you contracted someone to write software in China, you should expect potential IP problems from their code because everyone copies code there! So you have this piece of software that you KNOW will surely be scrutinized closely by foreigners, and you also know there's a significant probability that your contractor would just nick the code from someone else... Then it doesn't take a rocket scientist to figure out you need to put some checks in place to prevent a potential foreign relation disaster, right?

    Man, this is so stupid. Whoever responsible for implementing this plan must be smoking something good.

    1. Re:I'm a Chinese and even I'm gobsmacked by RenHoek · · Score: 2, Insightful

      I don't think the Chinese government cares at all about "checks and balances".. The whole Chinese culture is about getting the cheapest product possible.

      Remember the flash games for the Olympics website that were re-skinned ripoffs?

      Remember the babies that died from the milk that had a whitening substance in it so they could water it down?

      This is the countrie that sells fake eggs. It's like a sausage.. This is the country that sells cardboard with fat and food coloring as hotdogs.

      For a 'communist' nation they're pretty hardcore capitalistic.

  13. Fantastic!!! by Big+Hairy+Ian · · Score: 2, Insightful

    Now all they need to do is write the code to take down the "Great Fire Wall of China" and put it on auto update

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

  14. The most likely scenario... by Ritz_Just_Ritz · · Score: 3, Insightful

    CCP member and government official "Mister Wang" finds out about a party directive to more directly control internet surfing in one of the "secret" directives often issued by the government to the MII. So he calls his nephew, "Mister Lee," and tells him that if he has a software package that can meet the following requirements (secret list supplied), he will fast track approval for the software and split the revenue (silently, of course...through a foreign bank account). Because after some initial "trial period" the computer companies will be forced to purchase this software. Instant revenue stream. ka-ching (which means "fucking pay me, you laowai clod" in Mandarin)

    Unfortunately, Mister Lee has no such software. So he hires some Chinese black hats to grab the code from something resembling the requirements from a foreign company. The foreign company will have zero recourse since Mister Wang is "connected" and the Chinese government tends to wink at this behavior anyway. Since Mister Wang is steamrolling the software through the government's maze of approvals, nobody even bothers to QC the code prior to mandating its use.

    With the exception of the surnames, I'm reasonably sure that's EXACTLY how this clusterfuck was perpetrated.

    All your code are belong to us. Set us up the firewall....

    1. Re:The most likely scenario... by Dielectric · · Score: 2, Interesting

      Holy carp, there's some insight! I'm in the middle of some dealings with Chinese manufacturing, and your assessment is maddeningly accurate. It's like engineered corruption all the way through.

  15. In China, "copyright" means right to copy. by cenc · · Score: 3, Interesting

    In China, "copyright" means right to copy.

    It has been in the culture for thousands of years, and no one thinks it is wrong. For example, for thousands of years honoring the greatest artist and scholars meant training to copy their work exactly. Chinese just don't get the whole western copyright thing. Especially in a communist / socialist country where all property is officially property of the State. They might be right.

    I worked at Chinese University. We had a guy that we called "Mr. Copy". He worked in the English department during the day making photo copies of exams and materials for teachers, audio tapes, whatever. At night he would setup his table in the main plaza and sell the latest pirated DVD movies for less than a $1, including all the screeners that had not been released in the States yet. There where hundreds if not thousands (e.g. 8-10 at the base of my apartment building alone) of these guys just around the one University I was at.

    --
    Living in Chile
  16. Didn't they capitulate on this already? by yuna49 · · Score: 2, Interesting

    When the Chinese government announced that shipping a CD with the Green Dam software constituted compliance with the July 1st directive, that told me the government was implicitly agreeing that the software wouldn't be compulsory. I suspect we have to thank the PC manufacturers for this turn of events. It's a lot easier to throw a disk into the box. Parents might install Green Dam out of concern for their kids' browsing, but I can't imagine anyone who might be politically relevant would do so, especially if it's not illegal to operate a computer without it.

    On the subject of infringement, what happens if it is demonstrable that Green Dam contains code stolen from Solid Oak? Can an American manufacturer, say Dell, continue to ship this product in China knowing that it infringes on the product of another American firm? Obviously Dell couldn't be sued in China, but could it be sued in the US?