Solid Oak Software and the Chinese deserve each other
Of all the filtering software makers in all the world, it's interesting and appropriate that Chinese software developers chose Solid Oak Software's CyberSitter to (allegedly) pirate -- not because it's the best out there, but because it's historically hewed the closest to enforcing the kind of heavy-handed control that Beijing likes.
Santa Barbara-based Solid Oak set up a hue and cry over the weekend, saying that China's "Green Dam Youth Escort" filtering software bears unmistakable proof of piracy. Examination of the software and its server logs seems to indicate the company is correct -- aside from the long list of sites to be filtered, there are bits of familiar code and even calls back to Solid Oak's servers. (Chinese officials have flatly denied that any intellectual property was stolen, and a subsequent update to the package eliminated many of the callbacks and other suspect code.)
If, as it seems, the Chinese contractors in charge of building Green Dam stole code from Solid Oak, that's wrong and I hope there are consequences -- perhaps from Solid Oak, which has already suggested that US manufacturers adding Green Dam to PCs shipped to China may be opening themselves up to legal action, but certainly from the Chinese government, which ought to welcome an opportunity to
make an example of whoever's embarrassed them this time make a stand for intellectual property rights.
But neither security folk nor anti-censorship activists are crying too hard for this particular victim. Solid Oak's got what you'd call a history.
Back in the mid-1990s, in the first flush of the Communications Decency Act and the gold rush for companies that purported to filter Internet content for pornography, hate speech, and such, Cybersitter came under an immense amount of scrutiny for extending itself past simple porn-filtering to block sites ranging from the National Organization for Women to Godiva Chocolate, as well as LGBT support sites, animal-rights information, certain ethics publications, a history of Plymouth Rock and the Mayflower, sites containing the phrase "don't buy CyberSitter," and any reference to anti-censorship activist Bennett Haselton.
Solid Oak officials famously railed at Haselton, exhorting him at one point to "hang out at the mall with the other kids" (Haselton was a junior at Vanderbilt at the time) and telling CNET that "he doesn't know anything, and he's just a kid." As for NOW and other groups blocked, Milburn told CyberWire Dispatch that "If NOW doesn't like it, tough... We have not and will not bow to any pressure from any organization that disagrees with [our] philosophy."
Further press scrutiny seemed to agitate company president Brian Milburn even further. At one point, he told reporter Declan McCullagh that he'd requested that the Department of Justice "launch a criminal investigation" into McCullagh and his publication (back then, The Netly News) for allegedly publishing "source code" and "reverse engineering" the product. Another researcher who published instructions on how to block CyberSitter was blocked by the software, as was his entire ISP -- CyberSitter, unlike other filtering software, was at that time not able to block specific URLs and thus chose to block the entire domain.
A dozen years later, Milburn and Solid Oak are back in the spotlight -- and sticking to their earlier claims that Haselton and other researchers had "reverse engineered" the system. Yes, it seems as if the company that cried wolf back in '96 might actually have teeth sunk in its butt this time. On the other hand, considering Solid Oak's "philosophy" and smear tactics against anyone who dares to voice disagreement with them, I'd say it couldn't have happened to a more appropriate company.
But it's funny how things work out, isn't it. After all the outrage expressed by bloggers, privacy advocates and other activists (inside and outside China) about the compulsory filtering program, it just might have been Solid Oak's piracy allegations that broke the camel's back, compelling Beijing to announce on Monday that use of the software was to be optional after all. It's rare that two wrongs make a right, but it's possible we're seeing two creepy free-speech-hating entities trip each other up, and I'm loving the spectacle.
And now for something almost completely different: It has come to my attention that some of us are experiencing intermittent spasms of optimism about end-user tech smarts. I'm concerned that these delusions could cause someone to get hurt, perhaps in a *headdesk* accident of some sort or after one of us ends up in jail for throttling a coworker for complaining about a forced password reset because, "Why can't I just use 'password' again like I do on all my other stuff including my bank accounts and the company VPN?"
You need to get a grip on that optimism, friend, and so I offer to you the most depressing tech item I'm seen all day -- depressing because some reporter went to college and earned a degree to get a job writing this stuff, depressing because I'm not getting back the two minutes of my life I spent reading it, and depressing because out there in the world, someone's publicly described stale pop tart Britney Spears as a "technophile." Now wipe that hopeful glow off your face and get back to work.