Saturday, June 13, 2009

Internet filtering

I'm all for Internet filtering software. I personally use Blue Coat's K9 software, which is free and quite powerful. Apart from helping me to avoid seeing as many racy images on the Internet, it has probably saved me from a few attacks on my computer. I search the Internet a lot in my work, and every now and then my search results brought up a shady website--the kind that tries to install malware on your computer--which K9 was able to warn me about.

But I think China has gone too far with their Green Dam-Youth Escort program. They are requiring that every computer in China be shipped with this software installed. The reason is probably two-fold. First, it helps to protect their youth (and probably a lot of adults) from a degrading and addictive substance that would undoubtedly cost their GDP millions (at least!) through lost productivity. Secondly, it gives the Chinese government an easy way to control the information that is available to their users. In the past, they've resorted to blocking Google itself, just to prevent their citizens from finding information about opposition parties during an election. If they control filtering software that's been installed on the majority of the computers in their country, that gives them much more power over what information their citizens are accessing.

But even if China didn't have a history of blocking information from their citizens, and even if we had no reason to believe that's how this software would be used, this is still a bad move, and it will come back to bite them if they go through with it. Why? Whenever you have a piece of software that you install on a significant number of machines, you are opening yourself up to hacking attacks. Microsoft has had to invest fortunes in order to try to patch the security holes in Windows, because their operating system is so ubiquitous that it's an obvious target for hackers. Think about it: if you want to infect the largest number of computers possible, are you going to spend time finding a security hole in some program that only one computer in a hundred has installed, or a program that 88% of the world's computers use? Even if the other program is much easier to hack, it won't give you nearly as much bang for your buck. So if you're going to require that all computers in China ship with certain software installed, you'd better be putting a lot of money toward making sure it's secure.

And China obviously hasn't made any serious effort to do so.

In fact, rather than having their own security experts design this software from the ground up, they apparently stole big chunks of a California-based company's filtering program to make it. With such obvious corner-cutting, you can expect that the software would be extremely fragile. And indeed it is. A University of Michigan professor and his students were able to successfully infiltrate a computer with this software installed within just a few hours. So what China is effectively doing is filling their country with computers that any decent hacker could bend to his will.

That's not the kind of move you'd expect from a nation that has gone to the effort of hacking key systems in the United States, just in case they ever need to hurt us. Obviously somebody in the Chinese government understands the threat that hackers can pose to a nation. Anti-Chinese elements could deal enormous damage to China's economy simply by hacking their computers and making them crash continuously. Professional spammers could attack the vulnerable computers in a way that forces them to load up the very sites the Chinese government is trying to protect their youth from seeing. The entire nation's computers could become a vast digital robot army that can be used to attack other computers around the world.

Of course, it probably won't get that far. Once all the new computers start crashing, either the Chinese government will realize the error of their ways and backtrack, or the Chinese people will get smart and uninstall the program first thing. The question is, how much damage will the government allow before they are willing to admit their mistakes?

As Confucius said, "An oppressive government is more to be feared than a tiger."
Post a Comment