AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Great firewall9/20/2023 ![]() ![]() It says China’s internet controls have reached “ new extremes.” In the past year, people have been jailed for posting ill-advised comments - including in private chats - on the Twitter-like Weibo or WeChat, Tencent's ubiquitous messaging service. All this contributes to China having the least online freedom of the 65 countries monitored by rights group Freedom House. government to create backdoors into its password-protected products, has deleted apps and built local data centers in line with Chinese government requirements. Meanwhile, foreign companies that want to operate on the mainland are forced to adopt practices often seen as invasive elsewhere. Pooh’s temporary banishment came after bloggers depicted Xi as the cartoon bear. Moves to restrict online freedoms include squelching a rising tide of #MeToo accusations measures that all but eliminate the ability to post social media or even play games anonymously and constricting the pipeline of new games to vet content and combat addiction. Securing China’s “cyber sovereignty,” or protecting the country’s internet from undue foreign influence, is one of Xi’s avowed goals. China began blocking Facebook's WhatsApp messaging service ahead of the congress and extended a clampdown on virtual private networks, a commonly used method to circumvent the Great Firewall. While strict censorship is nothing new in one-party China, under President Xi Jinping online restraints have grown tighter, particularly around the time of politically sensitive events like the death of Nobel Peace Prize winner Liu Xiaobo and the Communist Party Congress in 2017. The stakes go beyond China, which is setting an example that other authoritarian countries can imitate. It’s a joint effort between government monitors and the technology and telecommunications companies compelled to enforce the state’s rules. China is able to control such a vast ocean of content through the largest system of censorship in the world, aptly known as the Great Firewall. Sergio de Eccher Sergio de Eccher Sergio de Eccher Escaping from the Great Firewall Escaping from the Great Firewall Escaping from the Great Firewall A A. Even Winnie the Pooh got temporarily banned. There’s little coverage of the 1989 student protests in Tiananmen Square. We responsibly disclosed our findings and suggestions to the developers of different anti-censorship tools, helping millions of users successfully evade this new form of blocking.China’s online population of 800 million gets a highly restricted internet, one that doesn’t include access to Google, Facebook, YouTube or the New York Times. Our understanding of the GFW’s new censorship mechanism helps us derive several practical circumvention strategies. ![]() We estimate that, if applied broadly, it could potentially block about 0.6% of normal Internet traffic as collateral damage. We show evidence that the rules we inferred have good coverage of what the GFW actually uses. We simulate the inferred GFW’s detection algorithm on live traffic at a university network tap to evaluate its comprehensiveness and false positives. Our Internet scans reveal what traffic and which IP addresses the GFW inspects. These heuristics are based on the fingerprints of common protocols, the fraction of set bits, and the number, fraction, and position of printable ASCII characters. We find that, instead of directly defining what fully encrypted traffic is, the censor applies crude but efficient heuristics to exempt traffic that is unlikely to be fully encrypted traffic it then blocks the remaining non-exempted traffic. In this paper, we measure and characterize the GFW’s new system for censoring fully encrypted traffic. Although China had long actively probed such protocols, this was the first report of purely passive detection, leading the anti-censorship community to ask how detection was possible. ![]() The GFW’s new censorship capability affects a large set of popular censorship circumvention protocols, including but not limited to Shadowsocks, VMess, and Obfs4. In early November 2021, the Great Firewall of China (GFW) deployed a new censorship technique that passively detects-and subsequently blocks-fully encrypted traffic in real time. One of the cornerstones in censorship circumvention is fully encrypted protocols, which encrypt every byte of the payload in an attempt to “look like nothing”.
0 Comments
Read More
Leave a Reply. |