国外绿坝漏洞分析:Analysis of the Green Dam Censorware System (2)
Conclusion
Our brief testing proves that Green Dam contains very serious security vulnerabilities. Unfortunately, these problems seem to reflect systemic flaws in the code. The software makes extensive use of programming techniques that are known to be unsafe, such as deprecated C string processing functions including sprintf and fscanf. These problems are compounded by the design of the program, which creates a large attack surface: since Green Dam filters and processes all Internet traffic, large parts of its code are exposed to attack.
If Green Dam is deployed in its current form, it will significantly weaken China's computer security. While the flaws we discovered can be quickly patched, correcting all the problems in the Green Dam software will likely require extensive rewriting and thorough testing. This will be difficult to achieve before China's July 1 deadline for deploying Green Dam nationwide.
Additional Screenshot
Users can configure which categories of web sites are blocked by Green Dam.
Additional filters are used to block adult and politically-sensitive terms in text entry fields.
Acknowledgments
We wish to thank our colleagues at the University of Michigan who alerted us to Green Dam and assisted with translation.Contacting the Authors
Please send questions or comments to Professor J. Alex Halderman.
责任编辑:blackpower
本文引用网址:
