Chinese National Firewall Isn't All that Effective

Interesting research:

The study, carried out by graduate student Earl Barr and colleagues in the computer science department of UC Davis and the University of New Mexico, exploited the workings of the Chinese firewall to investigate its effectiveness.

Unlike many other nations Chinese authorities do not simply block webpages that discuss banned subjects such as the Tiananmen Square massacre.

Instead the technology deployed by the Chinese government scans data flowing across its section of the net for banned words or web addresses.

When the filtering system spots a banned term it sends instructions to the source server and destination PC to stop the flow of data.

Mr Barr and colleagues manipulated this to see how far inside China's net, messages containing banned terms could reach before the shut down instructions were sent.

The team used words taken from the Chinese version of Wikipedia to load the data streams then despatched into China's network. If a data stream was stopped a technique known as "latent semantic analysis" was used to find related words to see if they too were blocked.

The researchers found that the blocking did not happen at the edge of China's network but often was done when the packets of loaded data had penetrated deep inside.

Blocked were terms related to the Falun Gong movement, Tiananmen Square protest groups, Nazi Germany and democracy.

On about 28% of the paths into China's net tested by the researchers, blocking failed altogether suggesting that web users would browse unencumbered at least some of the time.

Filtering and blocking was "particularly erratic" when lots of China's web users were online, said the researchers.

Another article.

Posted on September 14, 2007 at 7:52 AM • 16 Comments

Comments

AnonymousSeptember 14, 2007 8:27 AM

The other article is much more interesting and detailed than the BBC report. Thanks for the link, Bruce.

More interesting than the technology is the inference that "the Great Firewall of China doesn't have to block every illicit word out there—only enough so that users conduct self-censorship because they know their online movements are being watched."

Patriot Act et al, anyone?

Wicked LadSeptember 14, 2007 8:30 AM

Very interesting. It would be gratifying if our experience with spam could be put to good use in subverting Chinese censorship (as covered in the eWeek article).

JasonSeptember 14, 2007 10:01 AM

The Thai censorship "firewall" is similar. There is not very much perimeter security, but the ministry of communication requires ISPs to filter sites it has blacklisted. Next there are laws which ban discussion of certain political topics or people and also circumvention of the censorship technology (so using TOR is now illegal).

Enforcement is also nonstandard: recently a webmaster from a forum covering a sensitive subject went missing for some weeks, not arrested, but abducted by the police.

But without doubt the largest obstruction to free discourse is self-censorship, since it is a cultural construct, not a legal one.

If your strategy is to minimize total damage (i.e. dangerous or unsafe ideas among the public), then this is a classic defense-in-depth technique and it is very effective. Many Thais are either unaware or unwilling to discuss pivotal events from the country's history. I can only assume China is similar or even more scary.

David HarperSeptember 14, 2007 10:02 AM

It's a pity that the Chinese National Firewall doesn't also block outgoing email traffic containing phrases such as "penis enlargement", "herbal viagra" and "cheap meds".

Now *that* would be a useful service to the rest of the world.

BrianSeptember 14, 2007 10:03 AM

If the firewall was actually effective, maybe they'd use it to stop the flow of malware from their networks to the rest of the world. They continue to be a major source of mal traffic due to all the zombied machines.

Johnny B GoodSeptember 14, 2007 10:08 AM

Off topic, but Bruce have you seen this?
"Why don’t the terrorists attack us more?"
(http://www.timesonline.co.uk/tol/comment/columnists/matthew_parris/article2409790.ece)

DigitalCommandoSeptember 14, 2007 10:13 AM

If we were to burrow deep into the chinese democracy suppression machine, we may find that their "internet filter" is actually just a block of uncooked saimin noodles.

adam hazzlebankSeptember 14, 2007 10:31 AM

It was my understanding that the web filtering is actually implemented at the ISP level (I may be wrong, and I can't find a source right now). The Chinese government says "don't embarrass us" and the ISP has to figure out how exactly to do the filtering. That would explain why the filtering is somewhat patchy.

AverySeptember 14, 2007 10:33 AM

Given the fact that the Chinese are still quite sensitive about the Nanking Massacre, I am surprised that they block references to the Nazi Germany. I would think they'd be all over any opportunity to compare WWII Japan with WWII Germany. Anyone know what their reasoning behind this is?

Kadin2048September 14, 2007 12:38 PM

Avery: "I would think they'd be all over any opportunity to compare WWII Japan with WWII Germany. Anyone know what their reasoning behind this is?"

Perhaps because they're more afraid of comparisons between the current government and Nazi Germany? That's the only thing that comes to mind to me. If that's the case, it's certainly interesting.

AnonymousSeptember 14, 2007 2:02 PM

@kadin, avery:
Your worldview is showing. The point is that the whole of WWII is irrelevant except what happened to China. How cab China keep nationalism as a virtue when it keeps getting sullied with disucssions of what some European barbarians did to each other 70 years ago?

Dr HuSeptember 14, 2007 4:46 PM

I think the easiest way to beat the Great Firewall might be to format the text with forced line breaks so that the message reads in columns, with the lines being gibberish. All Chinese characters in a given font have the same width, so they align perfectly. Thus, a message like "123456789" would be written like this:

741
852
963

It shouldn't be too hard to write a program to do this automatically.

I just tested and found out that if I try to search for "法轮" (falun) or "轮功" (lungong) on cn.yahoo.com (from abroad), my connection is reset, but "法国 车轮 气功" (Faguo chelun qigong) works just fine. However, there's a problem: how to let the interested Chinese readers find such pages? That's the real challenge, IMHO, and I haven't found any satisfactory answer. Of course, the government might also want to "kill the chicken to scare the monkey", that is, find a few such unpatriotic traitors and punish them harshly to dissuade others from engaging in such corrupt, un-Chinese behavior.

As to self-censorship, I did suggest caution to a friend of mine after she told me in an e-mail she was unhappy about the one-child policy. I wouldn't try to stop her if she publicly criticized the government on purpose (I would worry for her, though), but I'd hate to see her get in trouble just for being careless.

Dr Yubi Hu (��?逾��?)

(No, that's not my real name. I am a Ph.D., though.)

MeganApril 16, 2014 8:40 PM

The problem for China's leadership is that ultimately the cost of keeping the lid on the Internet will conflict with the need to maintain a steady increase in the average standard of living. At that point, living standard gains will be sacrificed in order to maintain control, which will exacerbate people's dissatisfaction with the Party. But this is several years away yet. Meanwhile the game goes on and China, in this one tiny area, continues to innovate in order to suppress more general innovation. Quite ironic.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..