It seems the western media and Chinese blogosphere agree on one thing; Green Dam is not winning any popularity contests. Today, the Chinese government backed down on the mandatory usage of the software, though it will still come either pre-loaded or be included on a compact disc with all PCs sold on the mainland from July 1st.
There are several problems associated with this software, each one an interesting topic in itself. I’d like to run down the issues associated with its release, one by one.
1) Why the sudden announcement of this invasive software with virtually no implementation time given to the manufacturers?
The Chinese government instituted this requirement less than a month before the mandatory start date. That time period is incredibly brief for manufacturers to test the software for compatibility and vulnerability. That is what I meant when I used the word “invasive”. We can only speculate on the answer. My guess is that the government wanted to keep reaction time to a minimum, anticipating that this would be unpopular.
2) Since the purpose of the software is to allow parents to keep their children from viewing pornography and sexually explicit material, why make the installation mandatory on all computers?
There can be a few reasons for this. The government might feel the parents aren’t sophisticated enough to install the software. The government might want to eliminate pornography and sexually explicit material for all Chinese netizens. The government might want to censor more than just pornography; i.e. Falun Gong, Tibetan issues, Tiananmen, etc. in a more active method compared to the current GFW. However, it also filters out flesh-colored images such as Garfield and Hello Kitty. The government might want to have a channel into personal computers in order to have the ability to censor other information in the future.
3) Is the software reliable and secure?
Apparently, it is not. Tests have shown it censors innocent sites and misses some harmful ones. Worse than that, it has major security vulnerabilities. A University of Michigan study found numerous security flaws in the software, with the potential for hackers to steal personal information, send spam or introduce malicious viruses.The Chinese government has already ordered Green Dam to release patches that would fix the security holes. If the program is as infected as it apparently is, what is to prevent a foreign entity from using this vulnerability to cripple millions of Chinese personal computers in a massive attack?
4) Are parts of the software stolen from Solid Oak Software’s CyberSitter program?
Solid Oak Software thinks so and is prepared to go to court over it. The University of Michigan study, which you can read here, lists the specific files pirated from CyberSitter. Green Dam disputes this and has threatened Solid Oak with legal action. Today, Solid Oak sent HP and Dell “cease and desist” letters. Lenovo has already agreed to include the software in China, so could this directly affect Lenovo’s business in the States and HP and Dell’s business in China?
5) If you buy a computer in China and this program is already installed, what are your options?
Net polls in China have indicated that 80% of Chinese computer users plan to uninstall this software. Per the University of Michigan study:
“Green Dam allows users who know its administrator password to uninstall the software. We tested the uninstaller and found that it appears to effectively remove Green Dam from the computer. However, it fails to remove some log files, so evidence of users’ activity remains hidden on the system.
In light of the serious vulnerabilities we outlined above, the surest way for users to protect themselves is to remove the software immediately using its uninstall function.”
I recommended to my Chinese friends that if this goes through, they re-format their hard drive after purchase, then re-install software excluding Green Dam. Personally, I always re-format my hard drive after purchase to remove the unwanted junk programs that I’ll never use.
6) Final issue: How can China protect children from pornography on the net in a responsible manner?
The current method is the GFW, which has been shown to be effective concerning Falun Gong, Tiananmen and Tibetan issues in the past. However, the keywords for those issues are relatively easy to control. Pornography is another matter altogether. Is there a reactive way to do so without having to actively run programs on individual computers? And if Green Dam isolates individual websites, why can’t the GFW do the same thing? Will Chinese netizens ever agree to have programs installed on their computers that have the potential to allow the government to know every website they visit and have access to all their personal information?
I’m more of a hardware than software guy, and I know we have quite a few commentators that are very good with software. What do you think? Is there a better way for the government to protect children in a more benign manner?