China’s “Great Firewall” (GFW), officially the Golden Shield Project of the Ministry of Public Security, is both clever and stupid, subtle and blunt.
As with any internet filtering system, there are only two methods to block bad stuff: keep a list of “bad sites” and prevent access, or look at the content live and figure out whether it’s good or bad on the fly. The GFW uses both.
Al Gore was mocked for calling the internet the “Information Superhighway”, but the analogy works. Like the road network, a maze of suburban streets leads to relatively few freeways, all administered by a myriad of local authorities.
When your computer requests a website, imagine a truck driving out your front gate. The driver knows the site’s name but not how to get there. Normally, you’ll get directions.
“Amnesty International? Sure, that’s 78.136.0.19,” says the domain name system (DNS).
“78.136.0.19? Go via Telstra, ask again once you’re in San Jose,” says your ISP’s router. In San Jose, you’re told to go to New York and so on to Amnesty’s London office.
In China, though, your driver only gets blank looks.
“Amnesty? Never heard of it.”
“78.136.0.19? No, no such place.”
With relatively few links connecting China to the world, this block is easy. Unlike Senator Conroy’s p-rn filters, the GFW doesn’t have to worry about collateral damage. It blindly blocks entire sites, as well every site sharing the same internet address — not only Amnesty, but everyone in that office tower.
The GFW also looks at content, and here’s the true subtlety. Researchers at the ConceptDoppler project have found that it can disrupt internet traffic within China that even mentions touchy subjects. Imagine your truck encountering random checkpoints. If it contains banned concepts like “news blackout” or “gerontocracy” your delivery is simply burned, never to be seen again.
ConceptDoppler says the banned words still get through 28% of the time, and the blocking can’t keep up with heavy internet traffic. But even partial blocking encourages self-censorship through the perception that you’re being watched. Perhaps that’s even more effective because it discourages offline conversation too.
Getting around the GFW is easy enough for geeks — though perhaps beyond the skills of average internet users like sports journalists. Wikipedia lists the techniques, and Reporters Without Borders has a handbook.
Using proxies is like first sending your truck to a benign destination so it gets those helpful directions. Once there, the package is opened and the secret instructions inside forward your message to the real destination. To avoid content filtering, just speak in code. Learn to say “duck-breeding club” rather than “student dissident meeting”.
This “great game” has been going on for years and has been widely reported; just because the bloody olympic games are about to start is this hitting the mainstream. In (a few) years gone by, the chief mechanism for filtering was things like websense; and when most access was from internet cafes (a term i find strange, as none of them actually serve up an internet on a plate), there used to be big signs on the wall saying things like “please please do not go looking for troublesome things, because if you trigger off enough alerts we will get shut down and have to tell the authorities who was using these machines at that time” etc.
In a previous job I had, I would sometimes get WebSense blockages up to 15 times a day. Not once was I asked about it, but at the same time, I was more careful and remembered that BigBrotherWasActuallyThere and server logs could be used against me in the future.
So yes, technically things have changed, but the overall strategy is the same – keep the peasants from seeking things that are potentially disruptive to the status quo, by letting them know that if they are picked up (and there is that chance if they get up someone’s [feral] goat) the consequences could be VERY nassty.
Self regulation tends to work best when there is a damn heavy stick involved.
Here are a few links to get you started if you need to bust through a firewall:
HOWTO bypass Internet Censorship, a tutorial on getting around filters and blocked ports
http://www.zensur.freerk.com/
Proxy.org – The Proxy Authority
http://proxy.org/
Vtunnel.com is here to help you beat internet filtering!
https://www.vtunnel.com/
Ninja Proxy | Fast, free, anonymous web browsing with NinjaProxy.com
http://www.ninjacloak.com/
Your Freedom: HOME
http://www.your-freedom.net/
Free Proxies: Freeproxies.org hosts the best cgi proxy servers on the web, for free.
http://www.freeproxies.org/
Free Anonymous Surfing, Free Surfing through a Proxy (thefreecountry.com)
http://www.thefreecountry.com/security/anonymous.shtml
Stunnel.org
http://www.stunnel.org/