China’s announcement today that it will be making “Green Dam Youth Escort” software optional comes fresh on the heels of an explosive public outcry in recent days . Individuals and interest groups have denounced Green Dam over both censorship issues and security. Lawyers and academics have challenged the legality of the software. Companies and internet users in the United States have made allegations that parts of Green Dam have been swiped from open source code without proper credit as well as taken from Solid Oak’s Cybersitter program.
China’s Anti-Porn Campaign
China’s campaign against pornography was launched by seven government departments and commenced on January 5, 2009. Since that time several people have been arrested under Chinese criminal law for nonprofit distribution of pornographic and “lewd” content, a crime that carries a sentence of up to two years, with violence, libel, private information, and content in violation of Chinese standards of public decency all falling within the definition. Hundreds of websites have since been shut down and the campaign was extended in late January to mobile phone messages, radio, online blogs, videos, and chat rooms.
The Building of Green Dam
Scott Wolchuk, Randy Yao, and J. Alex Halderman of the Computer Science and Engineering Division of the University of Michigan have created a thorough analysis of the Green Dam Censorware system explaining how it works as well as its security risks. Green Dam is a software program that filters URL, text, and image content. It was built by a company called Jin Hui and can be downloaded free of charge. The computer vision technology used in Green Dam to filter image content purportedly flags images with a large amount of human skin tone (close-ups of faces are excluded). The text filter works by scanning text entry fields for blacklisted words, and URLs are filtered in a similar fashion.
Green Dam has been heavily criticized for posing serious security risks. Two security problems were discovered by the aforementioned analysis at the University of Michigan. The program is vulnerable both via its web filtering and blacklisting methods which permit third parties to write code and effectively take control of the computer. The specifics of these vulnerabilities are further outlined in the analysis along with a demonstration attack page illustrating exactly how the bugs in Green Dam place computers at risk.
More Than Just Sex?
Apart from security issues Green Dam has also been criticized for being capable of far more than its supposed ban on pornography. The program has been criticized as an invasion upon privacy, for its future spying potential, and for aiding in censorship of Falun Gong, articles commemorating the anniversary of Tiananmen Square, political criticism, and sites like Twitter and YouTube. To make matters worse, copyright and open source infringement violations have been recently alleged. Solid Oak Software in California claims that Green Dam contains stolen components of Solid Oak software in its makeup. The analysts at University of Michigan as well as various posters in a forum on SourceForge have all claimed that the program contains code taken from OpenCV. One poster writes:
I am posting to reveal the factor that there is a Chinese software develped with OpenCV has bought by Ministry of Industry and Information Tech (MII) of China at 41,700,000CNY ( about USD 600,000). This software named Green Dam – Youth Escout, develped by Zhenzhou Jinhui Computer System Co. Ltd of China. This company deleted the BSD license document which should be included in OpenCV when released it. MII of China bought it on last month for its one-year-using license and require that all the computers sold in China MUST pre-install this software.
They say no publicity is bad publicity-but apparently not in the case of Green Dam. In an apparently last minute desperate attempt by Chinese authorities to save face over the course of the last 24 hours ZDNet UK has reported that China has ordered the makers of the Green Dam software to rush out a patch to fix security issues and news outlets like The Guardian have reported that China has agreed to make the software optional in lieu of its original compulsory mandate. Whether or not the international outrage over Green Dam dies down depends heavily on future action on the part of Chinese officials and remains to be seen. Furthermore, despite the Chinese government’s recent decision against making the software mandatory after July 1, copyright infringement and open source violations will continue to be hotly contested regardless of whether or not the program is optional. Lastly, Green Dam is only a small part of a widespread debate regarding the rights of netizens living behind the “Great Firewall”.