Net filter firm says Chinese stole code

A Santa Barbara company said Friday that the Internet-filtering software that China has mandated for all new personal computers sold in that country contains stolen programming code.

Solid Oak Software Inc. said parts of its filtering program, which is designed for parents, can be found in the Green Dam Youth Escort filtering software that must be packaged with all computers sold in China starting next month.

Brian Milburn, Solid Oak Software’s founder, said he planned to seek an injunction against the Chinese developer that built the software, but he acknowledged that the company was on unfamiliar legal terrain.

“I don’t know how far you can try and reach into China and try to stop stuff like this,” Milburn said. “We’re still trying to assess what they’re doing.”

The Chinese developer could not be reached for comment.

The software blocks sites from a user’s machine.

China has mounted a vigorous public defense of the software, saying it wants it to block violence and pornography. But critics say it could be used for political censorship.

A report released Thursday by University of Michigan researchers who examined the software supported the assertion that it contained code from Solid Oak’s Cybersitter program.

A number of the “blacklist” files that Green Dam employs were taken from Cybersitter, the researchers found.

Blacklists are lists of websites that have been flagged as violent, pornographic, malicious or otherwise offensive. Web browsers on computers where blacklists are in use are instructed to block those sites.

The report’s authors -- researchers in the university’s computer science and engineering division -- said they found another clue that Solid Oak’s programming code was stolen: a file containing a 2004 Cybersitter news bulletin that appeared to have been accidentally included in Green Dam’s code.

The researchers also said they found serious security vulnerabilities in the Chinese software that could allow hackers to hijack personal computers running it.