So Green Dam + Youth Escort blocks images based on skin tone. But what if I like Afro-porn? These, and other important questions are arising now that serious analysts (which is to say, people other than me), have had some time to dig into the capabilities of Jinhui’s now infamous software package. The verdict is pretty much as you might have guessed: Green Dam + Youth Escort is a poorly designed rip-off of a foreign nanny-ware product, is unstable, and is riddled with security holes. It is, in short, crapware. I won’t go into the gruesome details, but if you’re interested I highly recommend an analysis by the Computer Science and Engineering division of the University of Michigan. For those in a hurry, the summary gives you a taste of their conclusions:
We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process.
We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg. Green Dam makes frequent use of unsafe and outdated programming practices that likely introduce numerous other vulnerabilities. Correcting these problems will require extensive changes to the software and careful retesting. In the meantime, we recommend that users protect themselves by uninstalling Green Dam immediately.
Judging from the livid reaction in China, no-one will have to work too hard to convince Chinese computer users to take that advice. So this will go down as yet another shining moment in the annals of government procurement.
But despite what you may think, the government’s real problem wasn’t in the procurement process or obviously less-than-rigorous technical evaluation. It was in the public communication, which was nonexistent. This is a bit of surprise because on average, Chinese government bodies have become significantly better at public communication in the past few years, developing a level of responsiveness to public opinion that would have been unthinkable a couple of decades ago. But the radar was definitely switched off in this situation.
In Imagethief’s personal experience, most Chinese people are relatively sanguine about the Great Firewall (or Net Nanny or Golden Shield or what have you). It doesn’t interfere with most of the things your average Chinese net user wants to do (watching a complete and conveniently subtitled version of the new Star Trek movie on Youku, for instance), and is treated as a kind of necessary but slightly obnoxious inconvenience, like a younger brother who wants to join your pickup soccer game. You can always make him play fullback, where he’ll probably stay out of trouble.
But there is something important about how the mechanism of the Great Firewall relates to this forgiving attitude. The Great Firewall is implemented at a distance from the end user, in the ISPs, routers and gateways that form the infrastructure of the Internet. It’s enforced out in the cloud, and is thus abstract to some degree, even if its effects are apparent in the information you can or cannot access at any given time.
But what the regulator does in the cloud is one thing. What it does when it reaches out and plants its mitts squarely in your computer — your personal computer, in all senses of the word– is entirely different. It is the difference between posting speed limits and deploying the highway patrol on dangerous stretches of road, and putting a governor in your car so it won’t go over 55 mph no matter what you do. The former is completely reasonable for the public good. The latter is an insult to your manhood (unless you’re a woman, in which case it’s presumably an insult to something else).
Now, imagine that the authorities are not only putting a governor in your car, but that it’s a crappy governor that sometimes kicks in when you’re only going 35, stalls the car completely when you break 55 rather than simply limiting your acceleration, and spontaneously unlocks all the doors and starts the engine when car thieves walk by. That’s about where we stand with Green Dam + Youth Escort according to the analyses.
It’s conceivable that the authorities could have pulled this off if they had taken a few basic steps. First, it would have been good to have a period of public consultation. At least that would have provided a chance to assess public reaction and respond appropriately prior to making a commitment. They also could have used that period to defuse some of the negative reaction from the PC manufacturers, all of which are publicly walking a fine diplomatic line, and privately lobbying like Jack Abramoff on poppers and Red Bull. At the risk of letting you see how a PR person thinks (a dark and terrible thing), if I was selling this idea I’d do as much work as I could with grass-roots and community groups and academics to build up the problem of undesirable information with supporting comment from a variety of different directions. I’d run a parallel media compaign also building up the problem and making sure that regulatory interest in a solution was presented in an appropriately benevolent light. Then I’d position the free inclusion of parental control software (and that’s how I’d describe it) with all computers sold in the country as a gift, not as a mandate. Importantly, I’d suggest making it clear that the software is only included with the computer as a disk, and not preinstalled. I’d combine that with community distribution to get the software out to households that already have computers. This puts the software potentially on the desktops of children and students for whom it matters (if you believe in such things) while not wasting time on the committed geeks and randy young men who will immediately scrub the software off of any computer they buy. I’m not saying I like doing this, I’m just saying that’s how I would do it if I had to.
Oh, it would help immeasurably if the software itself wasn’t complete crap. Because I’d also encourage public review of the software itself prior to finalizing the plan. And, after all, you’ll have a much easier time selling this idea to the PC industry and enlisting their support if the PC industry doesn’t think it’s going to break their products.
Instead, the authorities mandated bad software by fiat without warning anyone. In the face of the entirely predictable backlask, they are reduced to their usual double-pronged approach to managing public opinion, telling the mainstream commercial media to tone down the criticism and running a happy-banner up the trusty Xinhua flagpole. Good luck with that. Imagethief stands by his original judgment: In six months, this will all be conveniently flushed down the memory hole. You might want to order a new PC soon just for the souvenir value.
- Open Net Initiative: China’s Green Dam: The Implications of Government Control Encroaching on the Home PC
- Rebecca MacKinnon: More Green Dam documents and statements
- John Pomfret: China’s rising Internet
- Danwei: Green Dam girl (Well worth your time)
- Danwei: Oddities in the Green Dam filtered words list