September 29th, 2009

Hacker ships tool to circumvent China's Green Dam filter

Posted by Ryan Naraine @ 5:22 am

Categories: Anti Virus, Arbitrary Code Execution, Browsers, Denial of Service (DoS), Digital rights management, Exploit code, Locally Running Web Servers, Microsoft, Patch Watch, Pen testing, Phishing, Research, Responsible disclosure

Tags: Researcher, Hacker, Tool, Productivity, Government, Security, Ryan Naraine

A security researcher at the University of Michigan has released a tool that help Chinese computers users disable the censorship functionality of the controversial Green Dam Youth Software.

The Dam Burst utility, created by researcher Jon Oberheide, works by by injecting code into a running application and removing the Green Dam hooks that enable it to monitor and block user activity. This effectively restores the running application to its original uncensored state, Oberheide explained.

Here’s the skinny from the Dam Burst documentation:

Unlike other tools that disable or uninstall the Green Dam software, Dam Burst does not require administrative privileges. Since Dam Burst can be run as an unprivileged user to disable the Green Dam censorware in currently running applications, it is very effective in situations where the user is restricted from obtaining administrator privileges and may wish to avoid censorship (eg. public/internet cafe computers that the user may not own).

As a pleasant side effect, disabling the Green Dam components within a running process actually increases the security of the end host as the vulnerable code paths within the Green Dam software are no longer exploitable by an attacker.

The Chinese government originally mandated that Green Dam be shipped on all new PCs but this pre-installation has been delayed.

A remote code execution vulnerability was discovered on Green Dam a short time after it was released for download.