Digging Under the Great Firewall of China


IT security expert Sebastian Wolfgarten wanted to find out if he could get
around the so-called Great Firewall of China, a vast Internet
censorship system that prevents Chinese citizens from accessing
information their government deems sensitive. Yesterday, he told Chaos Communication Congress attendees how he did it.

Researchers have known
for the past several years that when Chinese citizens type certain
phrases like “Falun Gong” and “Taiwan” into Google, they
receive very different results than people outside the region do. Wolfgarten
wanted to know why, and whether there might be a simple technical way
to dig a little escape route through the Great Firewall.

Getting into China’s network turned out to be easier than you might imagine. Wolfgarten simply bought a server at a Chinese ISP by phone. Once the server was set up, he could log into it from Germany. And all the data that went through the server
would be subject to the same digital censorship that Chinese citizens
experience every day. He quickly discovered that when he requested
information on Taiwan through his Chinese server, he got
no data in return. Sometimes, he couldn’t access his server for days
on end. When he phoned the ISP for information, workers there told
him the server was running. He was just blocked from reaching it.

Over the next year, he tried several
methods for getting uncensored data to his Chinese server through
the Great Firewall. He would log into the server, then make requests for information about Amnesty.org or
Falun Gong. What he discovered was that there are three fairly simple
ways to trick the automatic Chinese censorship system.

The first, and easiest, is to use the anonymous network Tor. Though there has been some debate as to whether Tor would work in China, it seems to be successful for now. Another method, which had been previously identified by researchers with the OpenNet Initiative a couple of years ago, involves essentially ignoring censorship commands sent by Chinese servers. Apparently the Great Firewall censors data by responding to forbidden key words with a network command called a “reset.” The reset instructs the Chinese computer to drop its connection. The hitch is that the data is still coming in, but injected with the “reset” command. Program your own firewall to ignore “reset” commands and you’ve got uncensored data.

Crafty anti-censorship types in China can also get uncensored data by doing something called “tunnelling,” which seems particularly appropros when dealing with a Great Firewall. Wolfgarten tested what happened when he hid requests for “Falun Gong” inside seemingly-innocuous requests for e-mail or basic network information. A computer outside the Wall unwraps the requests, gets the data, rewraps them and returns them to China uncensored.

Wolfgarten admitted that it’s not clear that servers owned by foreigners are subject to the same treatment as Chinese-owned servers. He concluded by saying that a lot more research needs to be done, and invited others to help him.

You can read Wolfgarten’s paper about his research here. –Annalee Newitz