Wikileaks has published what is said to be proof that computers compliant with “Green Dam” can be maliciously controlled, using vulnerabilities in that censorware.
Green Dam is a new Chinese state censorship program mandated to be provided with all PC’s sold in China after July 1, 2009. The program “complements” the existing internet censorship system, and extends it to many third party applications, such as Skype and text editors which are monitored for the use of forbidden phrases such as “falun gong”.
This ZIP file provides a web page and associated computer code that can be used to remotely take control of any computer system running the Green Dam software. The only requirement is that the user is enticed to look at a site hosting a copy of the exploit page.
The technique used is a buffer-overflow using Microsoft’s “.net” encoding.
Chinese Green Dam censorship system exploit, 22 Jun 2009 (Wikileaks, via @ClayShirky)