0
images/news/security.jpgExperts have warned of serious security flaws in the Chinese government's censorship software, which could open the door to hackers creating huge botnets.
Programming errors in the Green Dam Youth Escort software, which the Chinese Ministry of Industry and Information Technology said on Tuesday must be pre-installed on all new computers in the country, are at the root of the flaws, according to experts from the University of Michigan.
"Once Green Dam is installed, any website the user visits can exploit these problems to take control of the computer," wrote the university's researchers. "This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet." The warning came in a paper published on Thursday by researchers Scott Wolchok, Randy Yao and J Alex Halderman.
The Green Dam software filters content by blocking URLs and website images and by monitoring text in other applications. The filtering blacklists include both political and adult content.
The researchers said that after only one day of testing Green Dam, they discovered programming errors in the code used to process website requests. These would result in buffer over-run conditions on all computers running the software, they said.
"The code processes URLs with a fixed-length buffer, and a specially crafted URL can overrun this buffer and corrupt the execution stack," said the researchers. "Any website the user visits can redirect the browser to a page with a malicious URL and take control of the computer."
The researchers built a proof-of-concept program to demonstrate the flaw and said it would crash any computer running Green Dam.
In addition, Green Dam can be used to install any other program on a computer, via a blacklist vulnerability. This problem would allow Green Dam's makers, or a third-party impersonating them, to execute arbitrary code and install malicious software on the user's computer, after installing a filter update.
ZDNet UK
Programming errors in the Green Dam Youth Escort software, which the Chinese Ministry of Industry and Information Technology said on Tuesday must be pre-installed on all new computers in the country, are at the root of the flaws, according to experts from the University of Michigan.
"Once Green Dam is installed, any website the user visits can exploit these problems to take control of the computer," wrote the university's researchers. "This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet." The warning came in a paper published on Thursday by researchers Scott Wolchok, Randy Yao and J Alex Halderman.
The Green Dam software filters content by blocking URLs and website images and by monitoring text in other applications. The filtering blacklists include both political and adult content.
The researchers said that after only one day of testing Green Dam, they discovered programming errors in the code used to process website requests. These would result in buffer over-run conditions on all computers running the software, they said.
"The code processes URLs with a fixed-length buffer, and a specially crafted URL can overrun this buffer and corrupt the execution stack," said the researchers. "Any website the user visits can redirect the browser to a page with a malicious URL and take control of the computer."
The researchers built a proof-of-concept program to demonstrate the flaw and said it would crash any computer running Green Dam.
In addition, Green Dam can be used to install any other program on a computer, via a blacklist vulnerability. This problem would allow Green Dam's makers, or a third-party impersonating them, to execute arbitrary code and install malicious software on the user's computer, after installing a filter update.
ZDNet UK
