China’s censorship software found faulty
University of Michigan team finds ‘major security vulnerabilities,’ even as mandate to install the program sparks fury.
Beijing — As the Chinese government banned public criticism of its controversial new requirement that all computers sold in China carry censorship software, the plan came under new fire from an unexpected quarter Friday.
A team of computer engineers at the University of Michigan warned that the program, due to be installed on all new computers here by the end of this month, “will significantly weaken China’s computer security” because of faulty programming.
The policy, communicated quietly last month to computer manufacturers but published only this week, had already drawn fierce international and domestic criticism from free-speech advocates.
Officials have presented the Chinese-made program “Green Dam-Youth Escort” as a way of protecting children from pornography by blocking computer access to websites that appear on an automatically updated blacklist for offering “harmful information.”
Critics say it could too easily be used by the authorities to deny access to any site they found politically undesirable.
“Pornography is one concern, but their main target is political and other sensitive information,” charges Li Fangping, a civil rights lawyer who has filed a request under China’s Open Government regulations for a public hearing into the decision to impose “Green Dam-Youth Escort.”
Such fears seem to be justified by the lists of banned words that would trigger the software that the University of Michigan team, which tested it on its own initiative, decrypted: They include both sexual and political references, especially to the outlawed Falun Gong spiritual sect.
The US experts’ report also said they had found “two major security vulnerabilities” that “allow remote parties to execute arbitrary code and take control of the computer” running the software. They recommended that anyone already running the program should “remove the software immediately.”
Supportive comments (only) allowed
Meanwhile the ruling Communist Party’s propaganda department ordered all media to “focus on supportive comments” about the Green Dam software, and “not print doubts or criticism,” according to a June 10 edict that has leaked onto the Chinese Internet.
The order came in the wake of several days of fierce debate, both in the official media and in Internet chat rooms, over the dangers of the program.
Its makers, Jinhui, boast on their website that Green Dam offers “real-time screen captures, detailed Internet usage records for post-facto monitoring,” and a tool to disable proxy servers, which many Chinese Internauts use to get around the “great firewall” and into sensitive political sites that would otherwise be blocked by existing filters.
China’s Ministry of Industry and Information Technology ordered on May 19 that all computers sold in China from July 1 must have the Green Dam-Youth Escort program “pre-installed,” though ambiguous wording in the directive has suggested to some that it could be sold as an accompanying CD-Rom.
The manufacturers insist that users are free to turn off or uninstall the software, though users of the free downloadable version currently available say it cannot be uninstalled simply from a computer’s control panel.
US manufacturers in a quandary
US computer manufacturers, caught between breaking the law in the second-largest market in the world and assisting censorship, have called on Beijing to “reconsider implementing its new mandatory filtering software requirement.”
In a statement earlier this week, four US technology industry associations said they hoped for “open and healthy dialogue on how parental control software can be offered in the market in ways that ensure privacy, system reliability, freedom of expression, the free flow of information, security, and user choice.”