Scott Wolchok, Randy Yao, and J. Alex Halderman from University of Michigan, published a brief paper describing remotely exploitable vulnerabilities in this mandatory software. Within a short period of time exploit code was on milw0rm and a module had been posted to Metasploit.
At this point China has pulled the mandatory requirement while they spend some time reconsidering their potential creation of a Billion node botnet. Adding an interesting twist to the story is the claim by Solid Oak Software that some of the code for Green Dam was ripped off their CYBERSitter product by "unknown sources"... although something tells me they were Chinese.
August 14th: After massive blowback, China has changed their mind on mandatory installation of Green Dam, according to several sources... and apparently, the rest of the universe was confused, it was never intended to be mandatory in the first place!
From the WSJ: "Mr. Li said Thursday the software was always intended to be optional and not a mandatory installation, adding that the regulations were unclear when first released by the Ministry of Industry and Information Technology in May.
The regulation "wasn't fully considered, and not expressed clearly, and gave everyone the impression that this is mandatory," he said... Mr. Li said Thursday the ministry's intention was always for the software to be installed on a voluntary basis by individuals or their parents. "The head of the family has the right to choose," he said, adding that China "fully respects everyone's freedom to choose."" Of course they do, who else would think otherwise?