Saturday, June 13, 2009

NEWS: Company alleges Chinese software has stolen code

SAN FRANCISCO (AP): A California company claims that the Internet-filtering software China has mandated for all new personal computers sold there contains stolen programming code.

Solid Oak Software of Santa Barbara said Friday that parts of its filtering software, which is designed for parents, are being used in the "Green Dam-Youth Escort" filtering software that must be packaged with all computers sold in China from July 1.

Solid Oak's founder, Brian Milburn, said he plans to seek an injunction against the Chinese developer that built the software, but acknowledged that it's new legal terrain for his company.

"I don't know how far you can try and reach into China and try to stop stuff like this," he said in an interview. "We're still trying to assess what they're doing."

A phone number for the Chinese developer could not immediately be located. A call by The Associated Press to China's embassy in the U.S. after business hours Friday went unanswered.

China has mounted a vigorous public defense of the software, saying it wants it to block violence and pornography. But critics say it censors many more things, and does it on a deeper level than the Internet censorship China currently employs.

China has more than 250 million Internet users and employs some of the world's tightest controls over what they see, often called the "Great Firewall of China," which refers to technology designed to prevent unwanted traffic from entering or leaving a network.

Political sites and others the government deems offensive are routinely blocked, but that happens at the network level. Savvy users can get around it by bouncing through "proxy" servers in other countries, but it takes some sophistication. Blocked sites simply won't load in users' Web browsers.

The new software blocks sites directly from a user's machine.

A report released Thursday by University of Michigan researchers who examined the Chinese software supports Solid Oak's claim that the Green Dam software contains pirated code. The report also found serious security vulnerabilities that could allow hackers to hijack PCs running the Chinese software.

The report found that a number of the "blacklist" files that Green Dam employs were taken from Solid Oak's CyberSitter program.

Blacklists are lists of Web sites that have been flagged as violent or pornographic or malicious or otherwise offensive. Web browsers on computers where blacklists are in use are instructed to block those sites.

The report's authors - researchers in the university's computer science and engineering division - also said they found another clue that Solid Oak's code was stolen: a file that contained a 2004 CyberSitter news bulletin that appeared to have been accidentally included in Green Dam's coding.

No comments: