Security holes poked in Chinese compulsory PC filter plan Plans to mandate the use of a particular brand of censorware software in China pose a grave security risk, security watchers and net privacy activists warn. All PCs shipped to China from July 1 2009 onwards will be required to bundle a locally brewed application called Green Dam Youth Escort in order to prevent access to " …
"By creating a software monoculture the Chinese authorities are creating a risk that a vulnerability in the software, providing it was serious enough to allow remote code injection, could be used to create a huge botnet. More subtle flaws might also be used to create targeted attacks on government computers - a factor that is unlikely to pass unnoticed down at the NSA."
Riiight, so that's different from Microsoft and Windows how exactly?
Mines the one with the <insert distro> Linux Live CD in the pocket
required to bundle != required to run
Nowhere do I see it reported as mandatory to run this application. So it isn't censorship or snooping, nor does a security hole cause a potential botnet comprised of every PC in China. As usual the western media, security watchers and privacy activists are hyping this into something it is not. Admitedly if it's recommended by the government then a lot of idiots will run it (think of the children!) but that is a different matter.
I haven't heard enough details to know if this is a good idea or not... perhaps El Reg can enlighten me?
If this is parental-control software which adults can turn on for their kids, then getting it bundled with the PC seems reasonable. If it's no use then they can turn it off or uninstall it. (You might argue it's a waste of government funds and/or a "stealth tax" on PCs, but there are plenty of ways all governments waste money & tax people).
If this is state-control software where the state says "all computers shall run this filter which cannot be turned off, or else", then that's different. (And in that case, the aim is _not_ for the filter to be 100% effective. Trying to get around the filter will likely be cause enough to be thrown in jail; so it just gives one more way to catch dissidents).
Even my parents know how to uninstall software.
Even if they made it difficult with malware tactics, computer literate people will be able to and pass this information on. Even if they make it completely impossible to uninstall, no malware survives a format and reinstall.
Or install Linux.
"By creating a software monoculture the Chinese authorities are creating a risk that a vulnerability in the software, providing it was serious enough to allow remote code injection, could be used to create a huge botnet. More subtle flaws might also be used to create targeted attacks on government computers - a factor that is unlikely to pass unnoticed down at the NSA."
Simple enough...
The rest of the world just block traffic from China and you'll never have to worry about the potential risk of botnets again.
I like the way you think.
Surely even the chinese .gov will have to admit their censorship is over the top if people can't access any site outside china without having to go through proxies.
Or maybe they will think their .gov is being even worse with the censorship, in which case maybe some good might come from it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
