Slashdot Log In
Red Flag Linux Forced On Chinese Internet Cafes
Posted by
timothy
on Wed Dec 03, 2008 04:12 PM
from the billions-and-billions-served dept.
from the billions-and-billions-served dept.
iamhigh writes "Reports are popping up that Chinese Internet Cafes are being required to switch to Red Flag Linux. Red Flag is China's biggest Linux distro and recently received headlines for their Olympic Edition release. The regulations, effective Nov. 5th, are aimed at combating piracy and require only that cafes install either a legal version of Windows or Red Flag. However, Radio Free Asia says that cafes are being forced to install Red Flag even if they have legal versions of Windows. Obviously questions about spying and surveillance have arisen, with no comment from the Chinese Government."
Related Stories
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Where Exactly is the Danger? (Score:5, Interesting)
Obviously questions about spying and surveillance have arisen ...
Um, it uses RPM as a package manager so as long as the government isn't forcing Cafes to use a certain package repository or use certain packages, where does the danger of surveillance lie? I mean, I wouldn't trust the Chinese government either but I am confused why a mandate of Red Flag Linux upsets people in this case ... and a recommendation from the DoD is probably heralded [cbronline.com]?
Yeah, they're running an industry's tech core, yeah they're stating exactly what OSS to use but where is the danger?
Re:Where Exactly is the Danger? (Score:4, Informative)
Well if the distro includes an RPM that was custom built by the Chinese government and is specified as a dependency for other RPM's then even switching to a different RPM repo wouldn't help. Or the Red Flag installer could come with an RPM that includes a rootkit or other backdoor utilities that the RPM leaves behind even when uninstalled. So even if you switch repos after the initial install it could leave the system compromised.
Parent
You can't spot the obvious danger? (Score:4, Insightful)
Parent
No danger whatsoever (Score:5, Insightful)
The new rules that went into effect Nov. 5 are aimed at cracking down on the use of pirated software, said Hu Shenghua, a spokesman for the Culture Bureau in the city of Nanchang.
Welcome to China!
Parent
Re:You can't spot the obvious danger? (Score:5, Insightful)
And you think that Yahoo, Google, Cisco, Microsoft etc. aren't in league with the PRC government? In order to do business in China, you have to do as the government say. Actually, it kind of works like that in every nation...
The backdoor fears are being overblown, this is open source after all. It would be trivial to compare the binary packages installed on one of the internet cafe computers with a standard Red Flag install to see if any have been modified. Then strace or disassemble the modified binary to find out what it is doing. If you're worried that the entire Red Flag distribution might be compromised, consider that the Chinese government is recommending that this distribution be used on government and corporate computers. If there were a deliberately introduced backdoor, then it is highly likely that either a Western security researcher, or the NSA, would find it, and then be able to gain access to the Chinese computers. Thus the Chinese government actually has a very strong motive to ensure that there isn't a generic backdoor. And again, finding such a backdoor would be trivial - all you have to do is compile your own distribution using the same versions of each source package, and then compare the output binaries. Having said that, Debian had a modified ssh package with a gaping security vulnerability for a long time before anyone noticed... but eventually someone did.
I really think that there is a higher risk of the Chinese government sneaking a backdoor into Windows through a Chinese-American employee of Microsoft, or through compromising a Chinese CDROM factory or OEM manufacturer, than of being able to covertly introduce a secret backdoor into an open source Linux distribution like Red Flag. Having the source makes hiding a backdoor very difficult - if they ever did introduce a backdoor, they would probably be quite blatant about it. And as for the Windows comparisons, we still don't really know what the _NSAKEY [wikipedia.org] was for.
Parent
Re:It's a silo. Anyone can set one up. (Score:5, Insightful)
Parent
Re:It's a silo. Anyone can set one up. (Score:5, Funny)
Parent
Re:It's a silo. Anyone can set one up. (Score:4, Informative)
you're forgetting that China filters heavily. there's no reason to believe any RPM repositories other than the one hosted by the government would be accessible.
Parent
Re:Where Exactly is the Danger? (Score:4, Insightful)
Government mandate: You will use this, regardless of how good or bad it is, or we will put a bullet in you.
Just a little different.
Also, that article you linked talked about an internal DoD recommendation. They don't really care what Happy Fun Time internet cafe is using.
Parent
Re: (Score:3, Informative)
&& rootkit preinstalled
probably a rootkit cleaner would fix that but the site to download it is blocked by the "Great Wall of China" - dang!
Re:Where Exactly is the Danger? (Score:5, Informative)
Or they could just make some code changes to the rootkit cleaners available in the repository so that it ignores any hypothetical pre-installed rootkits. Most people are going to install programs from the official repository instead of directly downloading the source.
Parent
Re:Where Exactly is the Danger? (Score:5, Insightful)
I'm confused.
Are there concerns that the Chinese government are going to be spying on citizens using the open source Red Flag operating system, or are there concerns that using the closed source Windows operating system will allow some group to spy on the Chinese?
The second seems like a greater risk than the first.
Parent
Re:Where Exactly is the Danger? (Score:5, Interesting)
On that topic, is it very easy to get the source code for Red Flag Linux and to compile the whole thing from source?
I searched Google for 'Red Flag Linux' which quickly led me to the English index page [redflag-linux.com] that's thin on information. The Download link only seems to allow for downloading an ISO, but I didn't go as far as downloading it. The Wikipedia article for Red Flag Linux [wikipedia.org] states that it's an Open Source model, but doesn't seem too clear beyond that.
Can the entire Red Flag system be compiled from source? Not that it'd really matter, I guess. Most Chinese sysadmins would probably just install the binaries from an official repository anyway.
Parent
Re:Where Exactly is the Danger? (Score:4, Insightful)
As I was saying earlier, I have Red Flag Linux 2.0. This is an old version, so what I say about it, may not apply to the current version 6.0. It does not come with sources.
I see many people here presume that Red Flag Linux is open source software. I think that's a whole lot of assuming without knowing jack.
Parent
Re:Where Exactly is the Danger? (Score:4, Informative)
Umm, hello?
ftp://ftp.redflag-linux.com/pub/redflag/dt6sp1/SP1/ [redflag-linux.com]
At least it looks like they have both source and binary ISO images (though no directories with individual packages, and English site seems to be unmaintained).
Parent
Re:Where Exactly is the Danger? (Score:4, Interesting)
Parent
Re:Where Exactly is the Debate? (Score:5, Insightful)
Yes, there can and should be questions.
The first one to ask is "who would want this rumour, true or not, to be spread?"
The second one to ask is "do those who might benefit have a history of disinformation?"
The third one to ask is "if country X monitors hundreds of millions of PCs, where are all the millions of people doing the monitoring?"
China is a new capitalist society with roots in communism, and has quite a bit of baggage to deal with. Among them a propensity to overregulate everything, and likewise for the citizens to ignore all the regulations as long as no-one is watching.
I don't doubt for a second that the Chinese government can and will spy on some of its citizens, just like CIA, FBI, NSA and SS will over here. But they quite frankly don't have the infrastructure to do full scale computer surveillance, nor any need to -- if they want someone arrested, they simply arrest him or her. They don't need to collect evidence and convince a judge first.
And just like here, if they want to monitor internet traffic, doing it at the ISP or confiscating equipment is far easier than backdooring individual systems. For one thing, you don't need highly skilled agents capable of accessing back doors with the required finesse and understanding.
This whole article smells of FUD and agitprop. Sure, China is designated the new Big Evil, and the US needs another Enemy to believe in right now. But seeing Chinese government conspiracies in everything doesn't make it true, any more than seeing communist conspiracies in the 50s and 60s made that propaganda true.
My guess: A canton or city government decided to go linux, and chose Red Flag as their distro. Some zealous and cerebrally challenged bureaucrats (I know, a tautology) then interpreted that as an order. And a newspaper picked up the blunder, and wrote a note about it, which was then picked up and massaged to fit the desired perception by their western colleagues who like to post propaganda against the enemy du jour, because it sells ads. Our local Ministry of Truth won't interfere, as long as the bashing is against this year's designated foe.
ICBW, but it seems like a much simpler explanation.
And personally, I think China is on the road towards freedom, even if they stumble every now and then. But we need to keep in mind that it's going to be a long march.
Parent
Finally (Score:4, Funny)
The year of Linux on the desktop, right?
Re:Finally (Score:5, Funny)
Parent
Re:Finally (Score:5, Funny)
Every time I hear this meme I imagine it being part of the opening voiceover for Season 3 of Babylon 5.
It was the year of fire... the year of destruction... the year we took back what was ours. It was the year of rebirth... the year of great sadness... the year of pain... and the year of joy. It was a new age. It was the end of history. It was the year everything changed. It was the year of Linux on the desktop. The year is 2261. The place: Babylon 5.
Parent
Re:Finally (Score:5, Funny)
That's Season 4! (And no, I'm not telling you the combination to Captain Kirk's safe.)
Parent
Re:Finally (Score:5, Funny)
Note there will never be a year of the Windows or OS X either.
*cough* Tiger [wikipedia.org] *cough*
Parent
Re:Finally (Score:5, Funny)
So, we just name the next Ubuntu Malignant Monkey or Dancing Dog. Problem solved.
Parent
Re:Finally (Score:5, Interesting)
One major reason internet cafe is asked to install Linux is probably to restrict gaming. Internet cafe in China is vastly different than it's counterpart in America. Think of it more as a "gaming center" rather than a place to surf the net. A few years back most of them used to provides food and bed to lure it's gamer based customer to stay 24/7.
Over the past 5 or 6 years, there are increasing social problems generated by internet cafe. Parent's concern for their kids is a major issue. There are also a few incidents of unlicensed internet cafe not reaching safety regulation. One fire outbreak has caused 24 death in 2002 in a internet cafe in Beijing. Chinese government has been trying t o resolve these problems by introducing tighter regulations. Just to name a few: A policy came out a few years back requires all internet cafe to obtain a license, and no new license would be issued; Also under aged people are not allowed to enter internet cafe during weekdays unless accompanied by parent; All users are required to register wit h their ID before using internet cafe.
This new move is nothing more than another regulation to address the issued introduced by internet cafe. As most games does not run natively on Linux, the government probably expects to turn internet cafe away from the old "gaming center" model, into a role fitted more to it's actual name.
A rather ironic thing is, Linux was the choice for it's incompatibility with most games. So I guess YEAR_OF_LINUX_ON_DESKTOP=$((YEAR+1)) still holds.
Parent
Re:Finally (Score:4, Funny)
I checked all 12 signs of the Chinese zodiac -- couldn't find the Year of Linux, sorry.
Parent
Poor Microsoft... (Score:5, Interesting)
You know Microsoft has been pushing for the Chinese government to do something about the rampant piracy in China... They no doubt expected reduced piracy to lead to more legal installations of Windows but it has backfired on them hugely with this move to allow Internet Cafés to use Red Flag Linux.
Also the spying claims are meh. We already know the Chinese Gov. watch the pipes closely there really is no advantage in further monitoring within Internet Cafés.
In other news (Score:5, Funny)
Windows market share suddenly drops below 50%
Parent
Re:In other news (Score:5, Insightful)
...While number of licensed copies remains the same.
Parent
Re:Poor Microsoft... (Score:4, Informative)
...but it has backfired on them hugely with this move to allow Internet Cafés to use Red Flag Linux.
Unfortunately, this isn't permission (they already had that). This is now a mandatory thing.
Parent
Re:Poor Microsoft... (Score:5, Insightful)
Maybe it's the fact that Windows is an OS made from their good friends in the US, and Windows is proprietary, and we know how many Americans (US) feel about the risk of software working against you...
It's like the US Government buying Cisco routers made in China, how the US sabotaged a Russian oil pump station, there's only so much trust to be had, and when you have people from the Land of Microsoft being untrusting of Microsoft, how can you possibly expect a xenophobic, militant country to?
Next will be North Korea I bet.
Parent
Re:Poor Microsoft... (Score:5, Interesting)
no, no, no. you have it all wrong. don't you know that piracy is theft? now that hundreds of thousands of Chinese internet cafes are no longer pirating windows and stealing tens of millions of dollars from Microsoft, their quarterly profits will surely skyrocket as a result.
after all, the BSA would never lie about the losses caused by piracy. if software pirates are actually stealing money from businesses, then surely any reduction in piracy will necessarily translate into economic gains by the industry. that is, of course, unless they made up their figures for financial losses based on the specious reasoning that not buying software from a company is equal to stealing from them.
Parent
Fitting Name (Score:5, Funny)
Re: (Score:3, Interesting)
Unlike that designated by a corporation one works for? :)
The UI is Hilariously Windows-ish (Score:5, Interesting)
Isn't this the part [slashdot.org] where Gates shits his gourd and asks to meet with Hu Jintao? Then baits the large part of greater China with free software that he writes off as a goodwill donation? I mean, we are talking a serious part of the world's population
unintended consequences (Score:3, Interesting)
In this case, though, I suspect that there are some other motives at work besides curbing piracy--namely supporting a local software developer/distributor over a foreign one and possibly the ability to better control/monitor internet access in the future.
Well, One Thing is for Sure .... (Score:5, Interesting)
In China, because a large number of the players do not own the computer they use to play games (e.g. Internet cafes), the CD keys required to create an account can be purchased independently of the software package. In order to play the game, players must also purchase prepaid game cards that can be played for 66 hours and 40 minutes.[43] A monthly fee model is not available to players of this region. The Chinese government and The9, the licensee for World of Warcraft in China, have imposed a modification on Chinese versions of the game which places flesh on bare-boned skeletons and transforms dead character corpses into tidy graves. These changes were imposed by the Chinese government in an attempt to "promote a healthy and harmonious online game environment" in World of Warcraft.
Re:Well, One Thing is for Sure .... (Score:5, Funny)
Why does the Chinese government want to keep it secret that inside each living, breathing person, is a skeleton waiting to get out and start swinging around a comically huge sword?
Parent
Another motive (Score:5, Insightful)
Re:Another motive (Score:5, Funny)
Parent
Gaming (Score:4, Informative)
This is stupid. (Score:5, Interesting)
The internet cafes in China are not going to run Linux anytime soon.
Why?
Because the cafe users are gamers, mostly. They use the *cheap* internet connection to play one of tons of different windows only MMORPGs(And that includes World of Warcraft.) or Online shooters.(Used to be counterstrike.)
To ask those internet cafes to run Linux is to ask them to get rid of their source of profits.
Re:This is stupid. (Score:5, Interesting)
To ask those internet cafes to run Linux is to ask them to get rid of their source of profits.
Or it is to ask game publishers to provide a Linux version (or fund WINE) if they want any revenue from China (assuming low piracy rates for games).
Parent
Re:This is stupid. (Score:4, Informative)
Parent
spying...LOL (Score:4, Informative)
I have had the occasion to visit MII in China. They can already get a screenshot of what any iCafe user is doing in real time. I saw it with my own eyes. Combine that with their requirement that iCafe users need to show their ID card when they rent a computer and there is effectively zero privacy. These were windows PC's so I'm not sure why the hurry to switch to Linux. It probably has less to do with the actual operating system and more to do with the vendor who is supporting the switchover backhanding some government lackey a Benz or three. Welcome to China.
Oh Sweet Irony (Score:4, Funny)
That's going to be a lot of new Linux users.
Imagine Linux on the desktop taking off due to support from a totalitarian regime!
Btw. does anyone know if Red Flag contributes any code back to the community? It would be interesting if they've submitted any of their changes to KDE, Gnome, or OpenSSH...
irony, irony, irony (Score:3, Interesting)
that which was started to cricumvent corporate control, is used as a tool for authoritarian control
this is not in any way good for linux
it cuts to the very core of the rationale we all use for saying linux and open source software is a superior approach
if the software is coopted and subverted by an authoritarain regime, where is the inherent freedom that makes open software ideologically superior?
a corporate controlled software can make deals with an authoritarian regime, and withhold support for certain functionality. not that they do, but that they can. but with open source, the devil doesn't need to make deals with you, he just ignores you completely, and uses the software for dominance and control as the authoritarian regime sees fit
Why is that even worth talking about? (Score:4, Insightful)
Re: (Score:3, Insightful)
What "questions about spying and surveillance?" TFA doesn't mention any.
Did you read the same article I did? From TFA:
It quoted Xiao Qiang, director of the California-based China Internet Project, as saying the new rules would help authorities regulate Internet cafes that now operate on the margins of the law, and allow them to undertake heightened surveillance.
3 full paragraphs in the article discuss surveillance.
Re: (Score:3, Insightful)
What good is a fork? The rest of the world generally isn't using Red Flag anyways and China isn't exactly all butterflies and tater tots when it comes to their directives.
If they say you have to use Red Flag, you'll be using Red Flag or they'll be "reeducating" you on just WHY you should be using it.
Re: (Score:3, Insightful)