查看完整版本: 研究人员发现绿坝高危漏洞

研究人员发现绿坝高危漏洞

匿名读者 写道 "密歇根大学研究人员今日发布了一份绿坝的分析报告，报告中指出了一些绿坝的安全隐患，
包括一个可以被远程利用的栈溢出漏洞。这三名研究人员分别是密歇根大学计算机系的Scott Wolchok, Randy Yao和J. Alex Halderman。漏洞演示地址：[url]http://wolchok.org:8000/[/url]。请注意，安装了绿坝的用户，访问上述网址，浏览器将会崩溃（无其它危害）。当然如果精心设置网页，可以直接控制用户电脑。

   |如果此漏洞被恶意黑客利用，5000万的绿坝用户将可能全部被黑客控制，沦为肉鸡和傀儡。目前的解决方案是：
   |1. 关闭绿坝的过滤功能
   |2. 卸载绿坝(研究也显示软件自身的卸载并不干净)"

根据密歇根大学团队反向工程绿坝的dat加密文件，显示它监视的对象简直是无所不包，
监控和屏蔽的网站甚至包括了download.windowsupdate.com，liveupdate，也就是说它将控制Windows补丁的安装。/.的报道说，中国正在创建世界上最大的僵尸网络。

如果黑客真的行动起来那么真不错。网络的净化绝对不是安装什么垃圾软件可以解决的

看到这个消息并不觉得奇怪，因为政府就想用这个来控制机器啊。

绿坝有漏洞一点也不奇怪啊，现在网上不是说绿坝被破解了吗

[size=3]研究报告的总结和结论部分摘译：[/size]
[size=3][/size]
[size=3]　　“绿坝”软件存在由于编程错误导致的严重的安全漏洞。任何网站都可以利用这些漏洞控制安装了“绿坝”的计算机，用来偷窃私人数据、发送垃圾邮件或用作僵尸网络的机器。此外，黑客也可以利用这些漏洞，在“绿坝”自动更新时安装恶意程序。

　　这些漏洞是在仅对该软件进行了不到12小时的测试之后就发现的。研究人员相信这只是冰山的一角。由于“绿坝”软件频繁使用不安全的和过时的编程技术，很容易引入许多其他的漏洞。要纠正这些问题，必须对该软件进行重大的改写，并做仔细的重新测试。研究人员建议用户立即卸载“绿坝”以保护自己。[/size]
[size=3]
[/size]
[size=3]
[/size]
[size=3]　　如果“绿坝”软件按现在的版本安装，将会严重削弱中国计算机安全性。虽然他们发现的这些具体漏洞很容易打上补丁，但是这些已知的漏洞反映的是系统性的错误，要纠正全部问题，需要对程序做大规模的改写和全面的测试，这是在7月1日开始预装之前难以完成的。[/size]
[size=3]
研究报告的全文见：

[url=http://www.cse.umich.edu/~jhalderm/pub/gd/]http://www.cse.umich.edu/~jhalderm/pub/gd/[/url]



Summary

contains very serious security vulnerabilities. Unfortunately, these problems seem to reflect systemic flaws in the code. The software makes extensive use of programming techniques that are known to be unsafe, such as deprecated C string processing functions including sprintf and fscanf. These problems are compounded by the design of the program, which creates a large attack surface: since Green Dam filters and processes all Internet traffic, large parts of its code are exposed to attack. If Green Dam is deployed in its current form, it will significantly weaken Chinas computer security. While the flaws we discovered can be quickly patched, correcting all the proble


We have discovered remotely-exploitable vulnerabilities in Green Dam, the censorship software reportedly mandated by the Chinese government. Any web site a Green Dam user visits can take control of the PC.

According to press reports, China will soon require all PCs sold in the country to include Green Dam. This software monitors web sites visited and other activity on the computer and blocks adult content as well as politically sensitive material.ms in the Green Dam software will likely require extensive rewriting and thorough testing. This will be difficult to achieve before Chinas July 1 deadline for deploying Green Dam nationwide.

We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process.

ment. Any web site a Green Dam user visits can take control of the PC. According to press reports, China will soon require all PCs sold in the country to include Green Dam. This software monitors web sites visited and other activity on the computer and blocks adult content as well as politically sensitive material. We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition,
We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg. Green Dam makes frequent use of unsafe and outdated programming practices that likely introduce numerous other vulnerabilities. Correcting these problems will require extensive changes to the software and careful retesting. In the meantime, we recommend that users protect themselves by uninstalling Green Dam immediately.

......

Conclusion

Our brief testing proves that Green Dam contains very serious security vulnerabilities. Unfortunately, these problems seem to reflect systemic flaws in the code. The software makes extensive use of programming techniques that are known to be unsafe, such as deprecated C string processing functions including sprintf and fscanf. These problems are compounded by the design of the program, which creates a large attack surface: since Green Dam filters and processes all Internet traffic, large parts of its code are exposed to attack.

If Green Dam is deployed in its current form, it will significantly weaken China's computer security. While the flaws we discovered can be quickly patched, correcting all the problems in the Green Dam software will likely require extensive rewriting and thorough testing. This will be difficult to achieve before China's July 1 deadline for deploying Green Dam nationwide.ms in the Green Dam software will likely require extensive rewriting and thorough testing. This will be difficult to achieve before Chinas July 1 deadline for deploying Green Dam nationwide.
[/size]

不知名的小公司做出来的东西能好到哪里去?

诺顿和微软的家长控制软件都没有被这么大量推广过