China drops Green Dam web filtering system


Chinese officials appear to have retreated from their controversial plan to install an internet filtering system on computers in the country.

The industry and information technology minister, Li Yizhong, said today that the notion that the Green Dam programme would be required on every new computer was “a misunderstanding” spawned by poorly written regulations.

He said all public computers in schools and internet cafes must install the software – but the government “respected the choice of individuals who do not install it”. He said: “Those who overstated and politicised the issue, or even attacked China’s internet regulation, are irresponsible,” and added that pornography was the main target of the software.

Its initial plans met with fierce opposition when they were announced, with many internet users fearing that the software – which blocks pornographic, violent and politically sensitive content – would also be used to monitor behaviour, curb access to information and track users.

At first it appeared that the campaign, which was backed by the US government, was gaining ground. However last month, hours before the programme was due to be implemented, officials briefed that there would be a delay, but the plans would eventually go ahead.

Today’s announcement appears to make that suspension permanent, with Li saying the government would neither require the programme to come pre-installed on new computers, nor force computer makers to include the programme on a CD with optional software.

Read the full story on the Guardian website.


Gumblar PC virus targets Google users


A computer virus that targets Google users is mutating rapidly, turning it into what some are calling the biggest threat to online security today.

The worm, known as Gumblar, attacks computers through vulnerabilities in some version of Adobe’s PDF reader and Flash player software. Once it infects a victim’s PC, it silently redirects the user’s Google search results to sites that download more malware onto the machine or allow criminals to conduct “phishing” attacks to steal login details for banking, social networking and websites.

Gumblar has begun to spread through websites where passwords or software have previously been compromised, so that visitors to the sites are unwittingly infected without realising it – a so-called “drive-by download exploit”. Infected PDF documents and Flash films on the site attack the victim’s PC.

Although Gumblar has been known about some time, its activity has increased rapidly in recent weeks. The unidentified writers behind the program have changed its mode of attack, so that it draws malicious code from a web page based in China, and have developed new techniques to avoid being spotted.

“The Gumblar attacks have morphed again,” said Mary Landesman, a senior security researcher with ScanSafe. “What we’re really looking at here can only be described as a botnet of compromised websites. And a growing one at that.”

Read the full story on the Guardian website.

GhostNets in the machine


It wasn’t until last Sunday that Scott Henderson knew he’d been duped. The former US army intelligence officer, along with his colleague “Jumper” had been tracking an alleged Chinese hacker, nicknamed Lost33, who had promised him an interview. “Lost33 did not make contact with Jumper last night.

In fact, it seems he spent the night changing his QQ number” – QQ is a popular Chinese instant messaging service – “and deleting all info from his blog. The website is now completely empty, except for a change to his personal data,” said Henderson on his blog.

Henderson had been tracking Lost33 after his email address – – turned up in an investigation called GhostNet. GhostNet started when Information Warfare Monitor (IWF), a team of cyberwarfare researchers created by Toronto University and the Canadian security thinktank SecDev, had been asked to conduct a security audit for the Tibetan government in exile. It had found malicious software on the Dalai Lama’s most sensitive computers.

The investigation found links back to command and control servers located mainly in China. From there, the IWF found infected computers under the control of those servers in 103 countries.

Read the full story on the Guardian website.

Major cyber spy network uncovered


An electronic spy network, based mainly in China, has infiltrated computers from government offices around the world, Canadian researchers say.

They said the network had infiltrated 1,295 computers in 103 countries. They included computers belonging to foreign ministries and embassies and those linked with the Dalai Lama – Tibet’s spiritual leader.

There is no conclusive evidence China’s government was behind it, researchers say. Beijing also denied involvement.

The report comes after a 10-month investigation by the Information Warfare Monitor (IWM), which comprises researchers from Ottawa-based think tank SecDev Group and the University of Toronto’s Munk Centre for International Studies.

They were acting on a request from the Tibetan spiritual leader’s office to check whether the computers of his Tibetan exile network had been infiltrated.

Read the full story on the BBC News website.

China’s internet ‘spin doctors’


internet usersChina is using an increasing number of paid “internet commentators” in a sophisticated attempt to control public opinion.

These commentators are used by government departments to scour the internet for bad news – and then negate it.

They post comments on websites and forums that spin bad news into good in an attempt to shape public opinion.

Chinese leaders seem aware that the internet – the only public forum where views can be freely expressed – needs close attention.

China’s Communist Party leaders have long sought to sway public opinion by controlling what the media can report.

That policy was extended to the internet, and many websites are blocked by a system sometimes dubbed the “great firewall of China”.

Read the full story on the BBC News website.