Slashdot Mirror

← Back to Stories (view on slashdot.org)

China's Green Dam, No Longer Compulsory, May Have Lifted Code

Posted by timothy on from the when-the-levee-breaks dept.

LionMage writes "Much has been made previously of how China's Green Dam software must be installed on all new PCs in China, and of more recent revelations that the software may create exploitable security vulnerabilities or even provide the Chinese government with a ready-made botnet to use for potentially nefarious purposes. (One of those prior articles even discusses how Green Dam incorporates blacklists from CyberSitter.) Now the BBC is reporting that Solid Oak's CyberSitter software may have had more than just a compiled blacklist lifted from it. Solid Oak is claiming that actual pieces of their code somehow ended up in Green Dam. From PC Magazine's article: 'Solid Oak Software, the developer of CyberSitter, claims that the look and feel of the GUI used by Green Dam mimics the style of CyberSitter. But more damning, chief executive Brian Milburn said, was the fact that the Green Dam code uses DLLs identified with the CyberSitter name, and even makes calls back to Solid Oak's servers for updates.'" Relatedly, reader Spurious Logic writes that Green Dam won't be mandatory after all, according to an unnamed official with China's Ministry of Industry and Information Technology.

19 of 116 comments (clear)

  1. Really.. by Anonymous Coward · · Score: 4, Funny

    What do you expect from China? High quality originality?

  2. Damn it... by Tinctorius · · Score: 4, Funny

    now how am I going to build a cheap botnet?

    1. Re:Damn it... by abshack · · Score: 3, Informative

      Well, you could always hope that they make Opera 10 the default browser in China and exploit its webserver capabilities...

  3. Given the situation by Anonymous Coward · · Score: 4, Insightful

    If china PCs had been hammering my servers for updates to their plagiarized software, I'd have called the CIA to see what to slip in next update. Much more fun but oh so less publicity :/

    1. Re:Given the situation by uffe_nordholm · · Score: 4, Interesting

      It could have been hilarious to see the mess of acusations and finger-pointing if Solid Oak had slipped something really nasty into an "only for you, my special Chinese friend" update.

      Or maybe Solid Oak could have done some good with an update: see to it that all traffic in and out of the computers is heavily encrypted, and has to pass through one of several servers outside of China in order to be decrypted and sent on it way. That way they could have helped bring free speech to the Chinese.

    2. Re:Given the situation by CodeBuster · · Score: 5, Interesting

      This has been done before. During the Cold War, in order to disrupt the Soviet economy and serve them some comeuppance for their industrial espionage activities, the CIA, in partnership with American Technology companies ensured that hardware and software with carefully arranged "flaws" found its way into Soviet hands. In one particular instance a "flawed" natural gas pipeline software and associated hardware went "haywire" (i.e. it ran the ultra-high pressure test) after a planned period of normal operation. The result was the largest non-nuclear man-made explosion ever seen from space (the satellites designed to detect plumes from ICBM launches detected a tremendous flash from the area near Vladivostok where the pipeline in question was located). This article covers some of the details excerpted from the book At the Abyss: An Insider's History of the Cold War as recalled by Thomas C. Reed, a former Air Force secretary who was serving in the National Security Council at the time.

    3. Re:Given the situation by RenHoek · · Score: 3, Funny

      The only poetically correct thing to do is to send porn via the updates. :)

    4. Re:Given the situation by CraftyJack · · Score: 3, Informative

      Here's the link. It gets mentioned just about every time that electronic espionage crops up. At this point, everyone that reads /. has seen this about three times over.

      Interesting, maybe. No longer informative.

  4. *sigh* by jbacon · · Score: 4, Interesting

    Oh China, you never change...

    But oh man, it would have been so hilarious to see what happened to Solid Oak's update servers when the ENTIRE NATION of China hit them at once! I predict flames.

    1. Re:*sigh* by Garbad+Ropedink · · Score: 5, Funny

      The correct terminology is the 'Linksys Eruptous'. It's a terrible scenario where a server is so overwhelmed with traffic it tries to leap out the server room and escape the building. They have a bad case of that over at Twitter. They actually have people on staff who're just on standby with nets and scooters.

      --
      And that was the last Terry Fox run I ever participated in.
  5. Obvious DLL update... by Anonymous Coward · · Score: 3, Insightful

    Now if they can just figure out a way to get those DLLs to display "The Chinese Government is Oppressing you. Remember the valiant souls who gave their lives trying to earn your freedom at Tienanmen Square!" on all the computer screens in China...

  6. Sounds like Cybersitter contributed by ekimminau · · Score: 5, Interesting
    We have 1 of three possible scenarios:
    1) The Green Dam developers have fully reverse engineered Cybersitter to the point they can reuse pre-compiled binaries and snippets of code required to call them.
    2) Cybersitter's development network has been thoroughly compromized to the point that the Chinese Green Dam developers have fully plagurized another companies proprietary code.
    3) Cybersitter has contributed to the development of the Chinese Green Dam and was therefore paid for their effort.
    1 is certainly possible. 2 is truly frightening on a number of levels. 3 is just wrong and may be a violation of federal law. As they are a US company, contributing code to the development of a Chinese firewall product could be subject to the same verbiage as a US firewall, i.e something similar to:

    Under U.S. law, the Software may not be downloaded or otherwise exported, reexported, or transferred to restricted countries, restricted end-users, or for restricted end-uses. The U.S. currently has embargo restrictions against Cuba, Iran, Iraq, Libya, North Korea, Sudan, and Syria. The lists of restricted end-users are maintained on the U.S. Commerce Department's Denied Persons List, the Commerce Department's Entity List, the Commerce Department's List of Unverified Persons, and the U.S. Treasury Department's List of Specially Designated Nationals and Blocked Persons. In addition, the Software may not be downloaded or otherwise exported, reexported, or transferred to an end-user engaged in activities related to weapons of mass destruction.

    and/or:

    The Software available to download from this Site is commercial computer software as that term is described in 48 C.F.R. 252.227-7014(a)(1). If acquired by or on behalf of a civilian agency, the U.S. Government acquires this commercial computer software and/or commercial computer software documentation subject to the terms of this Agreement as specified in 48 C.F.R. 12.212 (Computer Software) and 12.211 (Technical Data) of the Federal Acquisition Regulations ("FAR") and its successors. If acquired by or on behalf of any agency within the Department of Defense ("DOD"), the U.S. Government acquires this commercial computer software and/or commercial computer software documentation subject to the terms of this Agreement as specified in 48 C.F.R. 227.7202-3 of the DOD FAR Supplement ("DFAR") and its successors.

    (Completely and totally plagarized from the ZoneAlarm legal page, http://www.zonealarm.com/security/en-us/legal.htm )

    --
    Armaments, 2-9-21 And Saint Attila raised the hand grenade up on high, saying, 'O Lord, bless this Thy hand grenade' N
    1. Re:Sounds like Cybersitter contributed by afabbro · · Score: 4, Insightful

      We have 1 of three possible scenarios: 1) The Green Dam developers have fully reverse engineered Cybersitter to the point they can reuse pre-compiled binaries and snippets of code required to call them. 2) Cybersitter's development network has been thoroughly compromized to the point that the Chinese Green Dam developers have fully plagurized another companies proprietary code. 3) Cybersitter has contributed to the development of the Chinese Green Dam and was therefore paid for their effort.

      I think the most likely scenario is that someone walked out of Cybersitter, Inc. with a thumb drive full of code. I guess you could call that (2), but I think it's more likely that a contractor (or even offshore development team) pinched the code via copy than a team of black hats in Hunan broke into Cybersitter's servers.

      By the way, you might find google's toolbar, which spellchecks, helpful before you compromize and plagurize more posts ;-)

      --
      Advice: on VPS providers
    2. Re:Sounds like Cybersitter contributed by RenHoek · · Score: 3, Interesting

      Or they're just using DLL's.. I mean you can just call the functions inside them without too much trouble..

      And even if you _do_ do some reverse engineering.. You don't have to fully reverse everything to get stuff to work.. I mean as long as you get a chuck of opcodes and you know where the entry point is and what parameters you have to push into them, then you can run code without doing much reverse engineering at all.

  7. From the Shanzhai angle, it's hilarous by GeoVizer · · Score: 5, Interesting

    Here's the best write-up I've seen on the absurdities of Green Dam Youth Escort. http://people.oii.ox.ac.uk/hanteng/2009/06/12/shanzhai-nature-inside-the-green-dam-youth-escort-software/ The adoption of this software has the following absurdities: 1. It simultaneously embodies paranoid totalitarianism (surveillance and internet access controls) and extreme incompetence (this opens a huge security hole everywhere it is installed, the folks at the NSA must be grinning). 2. It embodies an ethos both puritanical (blocking porn) and piratical (taking commercial and BSD software without attribution). Plus more I'm sure. It's my new favorite software.

  8. What a waste by theinvisibleguy · · Score: 5, Insightful

    A recent slashdot posting talked about how China had some of the best programmers in the world, you'd think they would be able to program something better than cybersitter let alone just copy some code.

  9. Re:None of this should be surprising by Icegryphon · · Score: 3, Insightful

    If you where them wouldn't you do the same?
    They are on a war footing, apparently we keep fooling ourselves into thinking everyone wants to play nice.
    We also fool ourselves that they need us. Well news for those reading, They don't.
    There is a reason they laughted at Geithner

  10. The most likely scenario... by Ritz_Just_Ritz · · Score: 3, Insightful

    CCP member and government official "Mister Wang" finds out about a party directive to more directly control internet surfing in one of the "secret" directives often issued by the government to the MII. So he calls his nephew, "Mister Lee," and tells him that if he has a software package that can meet the following requirements (secret list supplied), he will fast track approval for the software and split the revenue (silently, of course...through a foreign bank account). Because after some initial "trial period" the computer companies will be forced to purchase this software. Instant revenue stream. ka-ching (which means "fucking pay me, you laowai clod" in Mandarin)

    Unfortunately, Mister Lee has no such software. So he hires some Chinese black hats to grab the code from something resembling the requirements from a foreign company. The foreign company will have zero recourse since Mister Wang is "connected" and the Chinese government tends to wink at this behavior anyway. Since Mister Wang is steamrolling the software through the government's maze of approvals, nobody even bothers to QC the code prior to mandating its use.

    With the exception of the surnames, I'm reasonably sure that's EXACTLY how this clusterfuck was perpetrated.

    All your code are belong to us. Set us up the firewall....

  11. In China, "copyright" means right to copy. by cenc · · Score: 3, Interesting

    In China, "copyright" means right to copy.

    It has been in the culture for thousands of years, and no one thinks it is wrong. For example, for thousands of years honoring the greatest artist and scholars meant training to copy their work exactly. Chinese just don't get the whole western copyright thing. Especially in a communist / socialist country where all property is officially property of the State. They might be right.

    I worked at Chinese University. We had a guy that we called "Mr. Copy". He worked in the English department during the day making photo copies of exams and materials for teachers, audio tapes, whatever. At night he would setup his table in the main plaza and sell the latest pirated DVD movies for less than a $1, including all the screeners that had not been released in the States yet. There where hundreds if not thousands (e.g. 8-10 at the base of my apartment building alone) of these guys just around the one University I was at.

    --
    Living in Chile