Every PC in China could be at risk of being taken over by malicious hackers because of flaws in compulsory government software.
The potential faults were brought to light by Chinese computer experts who said the flaw could lead to a "large-scale disaster".
The Chinese government has mandated that all computers in the country must have the screening software installed.
It is intended to filter out offensive material from the net.
The Chinese government said that the Green Dam Youth Escort software, as it is known, was intended to push forward the "healthy development of the internet" and "effectively manage harmful material for the public and prevent it from being spread."
"We found a series of software flaws," explained Isaac Mao, a blogger and social entrepreneur in China, as well as a research fellow at Harvard University's Berkman Center for Internet and Society.
For example, he said, tests had shown that communications between the software and the servers at the company that developed the program were unencrypted.
Mr Mao told BBC News that this could allow hackers to "steal people's private information" or "place malicious script" on computers in the network to "affect [a] large scale disaster."
For example, a hacker could use malicious code to take control of PCs using the software.
"Then you have every computer in China potentially as part of a botnet," Colin Maclay, also of Harvard, told BBC News.
A botnet is the name given to a network of hijacked computers that can then be used to pump out spam or launch concerted attacks on commercial or government websites.
No one from Jinhui Computer System Engineering, the company that developed Green Dam, was available for comment.
The software has also caused a backlash amongst privacy experts, academics and some Chinese citizens. It has also raised the scorn of the blogosphere inside the country who feel the system is no match for tech-savvy teenagers.
One blogger posted a screenshot of the software purportedly blocking an attempt to visit a porn site using Microsoft's Internet Explorer.
But, he said, there was no problem accessing the site using the Firefox web browser.
Others have reported that the system only runs on Microsoft Windows, allowing Mac and Linux users to bypass the software.
It is thought that at least 3m computer users have already downloaded the software, opening them up to potential security problems.
No comments:
Post a Comment