China's New Censorware Software Has Serious Security Flaws
from the is-that-a-surprise? dept
This probably doesn't come as much of a surprise to anyone, but China's new mandated censorware that is required to be installed on all new PCs sold in the country has serious security flaws that put users' computers (and their data) at risk. Of course, censorware/spyware type software almost always does that -- and, it seems likely that the Chinese government isn't all that concerned about the privacy of citizens and their computer usage. Still, the bigger fear is that the security flaws can (and will) be used to basically hijack all those computers and turn them into a botnet. That should certainly be a bigger concern, especially given the Chinese governments' insistence that it wants to crackdown on the widespread use of Chinese servers for spamming operations anyway.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: blocking, censorship, china, great firewall, security
Reader Comments
Subscribe: RSS
View by: Time | Thread
Or they want to use them as a botnet
[ link to this | view in chronology ]
People's "Liberation Army - Covert Cybernetic Division
Clever, very clever... Two birds from one shot... stifling freedom of speech/thought and getting a covert cyber-army.
Then again, there is that Hanlon's razor which states that one should not ascribe to malice what can be adequately explained by incompetence...
[ link to this | view in chronology ]
Re: People's "Liberation Army - Covert Cybernetic Division
"...unless it's commies!"
[ link to this | view in chronology ]
People's "Liberation Army - Covert Cybernetic Division
Clever, very clever. Two birds from one shot... stifling freedom of speech/thought and getting a covert cyber-army.
Then again, there is that Hanlon's razor which states that one should not ascribe to malice what can be adequately explained by incompetence...
[ link to this | view in chronology ]
This isn't news
Not to mention Adobe reader or flash player which again are almost mandated everywhere.
[ link to this | view in chronology ]
Double Edged Sword
Some Of The Problems I See....
Some external agent takes over the system and points it at China or some other country. If the software has an auto update function thats easy enough to hack and p2p a mod across the entire country. Talk about holding the world record for botnet size .... they have ~300 million internet users and ~150 million computers.
China using it to hack any country on the planet... There have been news reports of systems being hacked at power plants, US govt facilities, Air traffic, Telcom, etc, all coming from China. Now imagine that being done on an automated system using ~150 million PC's. Really scary thought.
Wouldn't it be funny if someone hacked the system/software to allow only access to China's disallowed/banned sites..... and randomly sent the users to them... ... yeah I know that wont work because of the great fire wall being the backup but it would be funny none the less.
[ link to this | view in chronology ]
Because of widespread piracy of windows in asian countries including china, the vast majority of users over there already have various botnets and back doors on their systems already. Conficker is almost exclusively found in countries with high rates of OS piracy (asia, africa, etc). I remember seeing infection rates of 4 - 5% in the US, and 80% in asia at one point.
As for china itself, I think you guys need to stop trying to apply the US version of "freedom" to that country. It is arrogant as hell.
[ link to this | view in chronology ]
Uhh what? I didn't know that the US had it's own version of Freedom. I know it's not as free as many people would like, but I didn't know there was a seperate version.
As far as I know freedom is freedom, the US has a bunch and China has very little. I know most Chinese would like more, not sure how that makes me arrogant though.
[ link to this | view in chronology ]
Re:
I know what you mean, but I'd disagree. For instance, American freedom is generally freedom from government, but we get bombarded by corporate influences and messages, which we aren't free from. European freedom seems to be the opposite: freedom from malicious corporations (not saying all are, but Europe is more anti-business than us) while bombarded by government influences and messages. Arab freedom (what little non-dictatorial freedom there is in the Arab world) seems to be freedom from corporations AND government, except where government and religion cooincide (Sharia).
"I know most Chinese would like more, not sure how that makes me arrogant though"
You do? I'm not sure. I'm not saying you're wrong, I'm just not sure. I certainly am not going to take the word of my American government, influenced by corporate leaders the would absolutely LOVE to have mainland China opened up by "democracy", at face value. I don't know any people that lived on the mainland of China and then moved here. What I DO know is that there are an assload of Chinese people, and I have a very difficult time believing that if the majority of them wanted a different government, they wouldn't have.
[ link to this | view in chronology ]
Re:
Actually, most Chinese have pretty much as much freedom as they want, they have very little to complain about in that way, especially in their day to day lives. I have spent a fair amount of time in China (and I will be back there again next month), and my experience with real people is that they lead pretty decent lives overall, and they have plenty of freedom.
As I said, it is arrogant to assume that "american style" freedom is the right freedom for everyone. China's freedoms come with control and oversight, with both the occassional slap of the iron first as well as the helping hand of national socialistic ideals. For an American, some of it would be shocking, some of it would be amazing, and all of it would be different. But in the end, everyday chinese are hard working people who do the same as you, strive for a better life.
Save your pennies, apply for your Visa, and go spend some time. Broadened your horizons.
[ link to this | view in chronology ]
Didn't take long, did it?
Green Dam version 3.17 remote buffer overflow exploit with shellcode for Microsoft Windows XP SP2.
[ link to this | view in chronology ]
[ link to this | view in chronology ]