Risk

10/6/2009
04:32 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

CBS Interactive Sued For Distributing China's Green Dam Filter

Internet filter maker Solid Oak Software has filed a lawsuit against CBS Interactive's ZDNet China for distributing China's Green Dam filtering software, which allegedly includes the company's code.

Solid Oak Software, the Santa Barbara, Calif.-based maker of Internet filter CYBERsitter, on Monday filed a $1.2 million copyright infringement lawsuit against CBS Interactive.

The lawsuit alleges that CBS Interactive's ZDNet China made the controversial Green Dam filtering software available for download on its Web site and that Green Dam included code copied from Solid Oak's CYBERsitter program.

The Chinese government earlier this year said that all PCs sold in China would have to come with Green Dam installed by July 1.

The government claimed that the software was necessary to protect young people from unhealthy Internet content -- mainly pornographic and violent material -- but human rights groups reported that the software blocked political and religious content too.

Following protests by Chinese academics and computer user, as well as rights groups, computer trade groups, and government officials from various countries, the Chinese government softened its stance.

In an August 13 news conference, Minister of Industrial and Information Technology Li Yizhong acknowledged that the government's mandate "not thoughtful enough," according to China Daily, and said the software would be optional.

Having recognized the problem with mandates that affect consumers directly, the Chinese government is now directing its orders at businesses.

Last month, the Chinese government began requiring Internet service providers and data centers to install "Blue Dam" on their servers, a combination of hardware and software filtering said to be 20 times more effective than Green Dam.

Solid Oak's lawsuit alleges that the developers of Green Dam copied almost 3,000 lines of code from CYBERsitting and incorporated it into Green Dam.

"A central component of the PRC's Green Dam initative was to convince and incentivize online providers to participate by offering the Green Dam software for free download on Internet sites," the lawsuit claims. "Defendant CBS willingly participated in the PRC's plan, offering Green Dam for free download on its Web site, ZDNet China."

The lawsuit claims that Green Dam was downloaded more than 31,000 times and that CBS has benefited by offering the software.

Solid Oak Software is seeking $1,238,450, the number of downloads times the $39.95 price charged for a legal copy of CYBERsitter.

CBS Interactive is not the only company involved in the distribution of Green Dam. Sony, for example, began distributing PCs with Green Dam in late June.

Gregory A. Fayer, an attorney with Gipson Hoffman & Pancione who is representing Solid Oak, said that the company is still weighing its options with regard to additional lawsuits.

He said that the main goal of the lawsuit was to protect Solid Oak's rights, but acknowledged that the case has broader implications for the ability of smaller companies to protect their intellectual property from infringement overseas.


InformationWeek has published an in-depth report on e-discovery. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.