A Weather Tracker for Internet Censorship

Total Page:16

File Type:pdf, Size:1020Kb

A Weather Tracker for Internet Censorship ConceptDoppler: A Weather Tracker for Internet Censorship Abstract Our probes were designed to find out where the filtering Technical research about Internet censorship has centered routers are and how reliably they do the filtering. Two insights around evasion and counter-evasion. In this paper we offer came from the results of these probes: a new research direction: surveillance of the mechanisms • of censorship and counter-surveillance, where those against Contrary to common belief, the filtering mechanism is not a censorship track its implementation and application over time firewall that peremptorily blocks all offending packets at the for scrutiny by others. international gateway of the Internet between China and We present two sets of results in this paper, Internet other countries. Our results suggest that only roughly one measurement results on the keyword filtering of the Great fourth of the filtering occurs at the international gateway, ``Firewall'' of China (GFC), and initial results of using latent with a much larger constituent of the blocking occurring semantic analysis (LSA) as an efficient way to probe for several hops into China, and some filtering occurring as unknown keywords and reporoduce a blacklist of censored many as 14 hops past the border. In fact, depending on the words. Our Internet measurements suggest that the GFC's path packets take from our source point into China, XX% of keyword filtering is more of a panopticon than a firewall and the IP addresses we probed were not blocked at all because show that probing is arduous due to the GFC's complexity. This they did not pass a filtering router. Combined with the motivates ConceptDoppler, an architecture for maintaining a fact that a single ISP did a disproportionate amount of the censorship ``weather report'' about what words are blocked blocking, our results show that the GFC's implementation in different places around the world, using LSA for efficient is much more centralized than previously thought. Even probing. This can lead to a much more complete understanding on routes where there are filtering routers, the filtering is of censorship. For example, we discovered 666 words on the inconsistent and tends to let many packets through during GFC blacklist, including surprises such as Y‡ (ethanol) and busy network periods. yÒ (Hitler). • Probing can be very arduous because of the complexity of the GFC. Not only is the filtering heterogeneous in its Everybody talks about the weather but nobody does implementation and inconsistent both during busy periods anything about it. and depending on the path, but there is also a lot of noise in such forms as RSTs generated by misconfigured routers Charles Dudley Warner (1829--1900) and hosts, inconsistent paths because of traffic shaping, IP tunneling, Internet Exchange Points (IXPs) [ref], and routers that do not conform to the RFC for handling TTLs 1. Introduction [ref]. Inspired by recent work [?] on the Great Firewall of China The first of these insights motivates the need for (GFC)'s keyword filtering mechanism, we sought a better surveillance/counter-surveillance as a focus of censorship re- understanding of its implementation and found it to be not search rather than evasion/counter-evasion. Evasion is nugatory a firewall at all, but rather more of a panopticon where for a censorship mechanism that was not designed to keep up the presence of censorship, even if not pervasive, promotes with high loads of traffic during peak periods, and that does not self-censorship. Clayton et al. [?] provide more details about filter on a significant number of paths. This is why we propose how the GFC's keyword filtering operates. Basically, filtering- ConceptDoppler as a first step towards an Internet censorship capable routers watch for keywords in GET requests or HTML weather report. responses (and possibly in other protocols) that are on a blacklist The second of these insights motivates the need for efficient of keywords considered to be sensitive. If a packet containing a probing. We can send candidate keywords through a blocking keyword passes through one of these routers, the router sends router and receive an answer in the form of a RST as to a reset packet (RST) to both the source and destination IP whether that word is on the blacklist in that location or not address of the packet in an attempt to reset the connection. with some probability, but in order to track a blacklist where words can be added and removed at different places over time requires efficiency. It is not possible to take the encyclopedic dictionary of words for a particular language and probe each word in thousands of places every day. Even if it were, this amount of traffic is very invasive. This is why we propose latent semantic analysis (LSA) as a way to efficiently probe for unknown keywords on the blacklist by testing only words related to concepts that have been deemed as potentially sensitive. Regardless of whether we are considering the censorship [copyright notice will appear here] of Nazi-related material in Germany [?], the blocking of child 1 2007/5/6 pornography in England [?], the filtering of sexual topics in 1.2 Proposed Framework libraries in the United States [?], or the more global restrictions In this paper, we propose a framework for understanding of countries such as Iran [?] or China [?], it is imperative, when keyword-based censorship. We seek not only to discover which developing policy about Internet censorship, that we understand words are part of the blacklist used for a keyword-based both the technical mechanisms of censorship and the way in censorship mechanism, but also to monitor the blacklist over which censorship is used. This gives policy makers an exact time as words are added or deleted when the implementation record of how a censorship mechanism was used and how it was of the censorship mechanism itself is heterogeneous and implemented over a period of time. For example, policy makers varies in different parts of the Internet infrastructure. With cannot ask important questions such as why ``øÕb'Õ˜'' such a framework the research community could maintain a (Judicial yuan grand justices) was blocked at a particular place ``censorship weather report.'' While this could be used to and time without first knowing that it was blocked. evade censorship (Zittrain and Edelman [?] propose putting As a first step toward an Internet censorship weather report, HTML comments within blocked words, and we discuss other we explore the keyword filtering mechanism of the GFC. possibilities in Section 5 where we discuss future work), more Keyword filtering is an important tool for censorship, and a importantly we can use real-time monitoring of an entire complete picture of the blacklist of words that are blocked, over country's Internet infrastructure to understand the ways in time and for different geographic locations within a specific which keyword blocking correlates with current events. This can country, can prove invaluable to those who wish to understand aid those on both sides of a particular censorship debate, either that government's use of keyword-based Internet censorship. by adding weight to efforts to reduce censorship by pressuring the censor, or by giving policy makers a complete picture of the 1.1 Keyword-based Censorship application and implementation of different mechanisms. We design and evaluate our framework for the Great The ability to block keywords is an effective tool for govern- Firewall of China, the most advanced keyword-based Internet ments that censor the Internet. Censorship can be comprised censorship mechanism. As pointed out by the Open Net of numerous techniques, including IP address blocking, DNS Initiative, ``China's sophisticated filtering system makes testing redirection, and a myriad of legal restrictions, but the ability to its blocking difficult'' [?]. Essentially, we perform active probing block keywords in URL requests or HTML responses allows of the GFC from outside of China, focusing exclusively on for a high granularity of control that achieves the censor's goals keyword-based filtering of HTTP traffic. with low cost. In addition to covering a broad cross section of the country, As pointed out by Danezis and Anderson [?], censorship probing should also be continuous, so that if a current event is an economic activity. The Internet has economic benefits means that a word is temporarily blocked, as has been observed and more blunt methods of censorship than keyword filtering1, for URL blocking [?], we will know when the keyword was such as blocking entire web sites or services, decrease those added to the blacklist and in what regions of the country it was benefits. There is also a political cost of more blunt censorship blocked. While a snapshot of the blacklist from one router at mechanisms due to the dissatisfaction of those censored. For one time is a gold nugget of information, our goal is to refine example, while the Chinese government has shut down e-mail a large quantity of ore and maintain a complete picture of the service for entire ISPs, temporarily blocked Internet traffic from blacklist. overseas universities [?], and could conceivably stop any flow of This requires great efficiency in probing for new keywords, information [?], they have also been responsive to complaints thus we propose the use of conceptual web search techniques, about censorship from Chinese citizens, recently allowing access notably latent semantic analysis [?], to continually monitor the to the Chinese language version of Wikipedia [?, ?], before blacklist of a keyword-based censorship mechanism, such as restricting access again [?]. Keyword-based censorship gives the GFC. We propose to apply latent semantic analysis to pare censoring governments the ability to control Internet content in down a corpus of text (the Chinese version of Wikipedia [ref] a less draconian way than other technologies, making censorship in this paper) into a small list of words that, based on the much more effective in achieving their goals.
Recommended publications
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield
    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
    [Show full text]
  • A Taxonomy of Internet Censorship and Anti- Censorship
    A Taxonomy of Internet Censorship and Anti- Censorship Draft Version December 31, 2010 Christopher S. Leberknight Mung Chiang Princeton University Princeton University Department of Electrical Engineering Department of Electrical Engineering [email protected] [email protected] Harold Vincent Poor Felix Wong Princeton University Princeton University Department of Electrical Engineering Department of Electrical Engineering [email protected] [email protected] ABSTRACT – Internet is supposed to be born free, yet it is censored almost everywhere, and severely censored in a few countries. The tug-of-war on the Internet between censors and anti-censors is intensifying. This survey presents a taxonomy on the principles, techniques, and technologies of Internet censorship and anti-censorship. It highlights the challenges and opportunities in anti-censorship research, and outlines a historical account via the lenses of news coverage in the past decade. I. INTRODUCTION Internet is supposed to be born free, yet it is censored almost everywhere, and severely censored in a few countries. Censorship is defined as the institution, system or practice of reading communication and deleting material considered sensitive or harmful [1]. Throughout history, various methods of censorship have been used to reinforce specific religious and political agendas. Technology has often served as a major obstacle and catalyst for mandating censorship. Even though technological advancement often ameliorates the inefficiencies and limitations of the past, it also can precipitate unforeseen consequences. The invention of the printing press in Europe in the 15th century is a prime example. The printing press not only increased the spread of information and knowledge but it also increased the practice and frequency of censorship.
    [Show full text]
  • Obfuscating Network Traffic to Circumvent Censorship
    Obfuscating Network Traffic to Circumvent Censorship Awn Umar MEng Mathematics and Computer Science University of Bristol May 21, 2021 Abstract This report explores some techniques used to censor information in transit on the Internet. The attack surface of the Internet is explained as well as how this affects the potential for abuse by powerful nation state adversaries. Previous research and existing traffic fingerprinting and obfuscation techniques are discussed. Rosen, a modular and flexible proxy tunnel, is introduced and evaluated against state-of-the- art DPI engines, as are some existing censorship circumvention tools. Rosen is also successfully tested from behind the Great Firewall in China. 1 Contents 1 Contextual Background 3 1.1 Information on the Internet.....................................3 1.2 Security of Internet Protocols....................................3 1.3 Exploitation of the Internet by Nation States...........................5 1.3.1 Mass Surveillance.......................................5 1.3.2 Censorship..........................................6 1.4 Ethic of Responsibility........................................7 2 Project Definition 7 2.1 Aim and Objectives.........................................7 2.2 Scope.................................................8 2.3 Vocabulary..............................................8 3 Adversarial Model 8 4 Traffic Identification Methods 11 4.1 Endpoint-Based Filtering...................................... 11 4.2 Traffic Fingerprinting........................................ 13 5 Network
    [Show full text]
  • The Great Firewall's Active Probing Circumvention Technique with Port
    The Great Firewall’s active probing circumvention technique with port knocking and SDN Pavel Liubinskii School of Electrical Engineering Thesis submitted for examination for the degree of Master of Science in Technology. Espoo 31.12.2020 Supervisor Prof. Jukka Manner Advisor MSc Markus Peuhkuri Copyright © 2020 Pavel Liubinskii Aalto University, P.O. BOX 11000, 00076 AALTO www.aalto.fi Abstract of the master’s thesis Author Pavel Liubinskii Title The Great Firewall’s active probing circumvention technique with port knocking and SDN Degree programme Computer, Communication and Information Sciences Major Communications Engineering Code of major ELEC24 Supervisor Prof. Jukka Manner Advisor MSc Markus Peuhkuri Date 31.12.2020 Number of pages 65 Language English Abstract This thesis observes the phenomenon of online censorship, both from blocking and mitigation perspectives. It enumerates and characterizes typical methods and types of Internet censorship, as well as effective circumvention solutions and strategies. Additionally, the study provides detailed observations of the Great Firewall, the ultimate weapon of a Chinese censor, and the Tor anonymity network, the broadly recognized anti-censorship and anti-surveillance tool. Furthermore, it illuminates the Tor network blocking and the firewall’s scanning engine (active probing), which is used to detect mitigating servers. The results of the study indicate that 1) The Tor network is heavily suppressed in China; 2) Active probing technique still contributes to blocking decisions; and 3) The Great Firewall successfully engages blocking against obfs4 Tor bridges. Finally, the work suggests a solution for bypassing the Great Firewall using a traffic engineering approach, i.e., software-defined networking and the well-known port knocking technique.
    [Show full text]
  • Multiproxy: a Collaborative Approach to Censorship Circumvention
    MultiProxy: a collaborative approach to censorship circumvention Gaomei Shi MultiProxy: a collaborative approach to censorship circumvention Master’s Thesis in Computer Science Distributed Systems group Faculty of Electrical Engineering, Mathematics, and Computer Science Delft University of Technology Gaomei Shi 28th March 2019 Author Gaomei Shi Title MultiProxy: a collaborative approach to censorship circumvention MSc presentation 29th March 2019 Graduation Committee Dr. sc. ETH J.S.Rellermeyer Delft University of Technology Dr. ir. J.A.Pouwelse Delft University of Technology Dr. -Ing. T.Fiebig Delft University of Technology Abstract In recent years, many countries and administrative domains exploit control over their communication infrastructures to censor online materials. The concrete reas- ons behind the Internet censorship remain poorly understood due to the opaque nature of the systems. Generally, Internet censorship is to disrupt the free flow of information. It involves a series of steps to stop the dissemination of inform- ation, or prevent the access to information, for example, disrupt the link between the users and providers. These technologies bring significant inconvenience for le- gitimate users. The goal of the thesis is to undertake a recent study to measure the behavior of the Great Firewall of China (GFW). Based on that, this work designs a Peer-to-Peer (P2P) circumvention system called MultiProxy which exploits the blockchain-based economical model in order to create a balanced environment for resources providing and consuming. The system also uses multi-hop messaging to protect the privacy of the request initiators. The evaluation results show that MultiProxy can evade censorship while protecting users privacy. iv Preface Censorship is existing and prevalent with the advent of the Internet.
    [Show full text]
  • Massbrowser: Unblocking the Censored Web for the Masses, by the Masses
    MassBrowser: Unblocking the Censored Web for the Masses, by the Masses Milad Nasr, Hadi Zolfaghar, Amir Houmansadr, and Amirhossein Ghafari College of Information and Computer Sciences University of Massachusetts Amherst fmilad, hadi, amir, [email protected] Webpage: https://massbrowser.cs.umass.edu Abstract—Existing censorship circumvention systems fail to [65] to block access to certain destinations or to prevent offer reliable circumvention without sacrificing their users’ QoS certain forms of content from being transmitted. To ensure and privacy, or undertaking high costs of operation. We have compliance and to detect undercover political/social activists, designed and implemented a censorship circumvention system, repressive regimes additionally utilize advanced networking MassBrowser, whose goal is to offer effective censorship circumven- tools, including deep packet inspection (DPI), to prevent the tion to a large mass of censored users, with a high quality of service use of the censorship circumvention technologies by their (QoS), low cost of operation, and adjustable privacy protection. Towards this, we have made several key decisions in designing citizens [81], [16], [36], [37]. our system. First, we argue that circumvention systems should To restore the openness of the Internet, researchers have not bundle strong privacy protections (like anonymity) with designed and deployed an arsenal of tools [25], [66], [14], [42], censorship circumvention. Additional privacy properties should [47], [78], [33], [77], [8], [84], [32], [53] to help users bypass be offered to the users of circumvention systems as optional features which can be enabled by specific users or on specific censorship. Such tools, known as circumvention systems, de- connections (perhaps by trading off some QoS).
    [Show full text]
  • Geoblocking and Global Video Culture
    EDITED BY RAMON LOBATO & JAMES MEESE GEOBLOCKING AND GLOBAL VIDEO CULTURE A SERIES OF READERS PUBLISHED BY THE INSTITUTE OF NETWORK CULTURES ISSUE NO.: 18 EDITED BY RAMON LOBATO & JAMES MEESE GEOBLOCKING AND GLOBAL VIDEO CULTURE 4 THEORY ON DEMAND Theory on Demand #18 Geoblocking and Global Video Culture Editors: Ramon Lobato and James Meese Copy-editing: Leonieke van Dipten Editorial support: Miriam Rasch Cover Design: Katja van Stiphout DTP: Leonieke van Dipten EPUB development: Leonieke van Dipten Infographics: Sandra Hanchard Printer: Print on Demand Publisher: Institute of Network Cultures, Amsterdam, 2016 ISBN: 978-94-92302-03-8 Contact Institute of Network Cultures Phone: +3120 5951865 Email: [email protected] Web: http://www.networkcultures.org This publication is available through various print on demand services. For more infor- mation, and a freely downloadable PDF: http://networkcultures.org/publications This publication is licensed under the Creative Commons Attribution-NonCommercial-NoDe- rivatives 4.0 International (CC BY-NC-SA 4.0). GEOBLOCKING AND GLOBAL VIDEO CULTURE 5 6 THEORY ON DEMAND CONTENTS Preface and acknowledgements 9 Introduction: The New Video Geography 10 Ramon Lobato PART I: PERSPECTIVES ON GEOBLOCKING 25 Tunneling Media: Geoblocking and Online Border Resistance 32 Juan Llamas-Rodriguez The Logics and Territorialities of Geoblocking 42 Cameran Ashraf and Luis Felipe Alvarez León Geoblocking, Technical Standards and the Law 54 Marketa Trimble Periscope, Live-Streaming and Mobile Video Culture 64 Adam
    [Show full text]
  • A Weather Tracker for Internet Censorship
    This paper will appear at the 14th ACM Conference on Computer and Communications Security, Oct. 29-Nov. 2, 2007 ConceptDoppler: A Weather Tracker for Internet Censorship Jedidiah R. Crandall Daniel Zinn Michael Byrd Univ. of New Mexico Univ. of California at Davis Univ. of California at Davis [email protected] [email protected] [email protected] Earl Barr Rich East Univ. of California at Davis Independent Researcher [email protected] [email protected] ABSTRACT The text of this paper has passed across many Internet routers on its way to the reader, but some routers will not pass it along unfet- Everybody talks about the weather but nobody does tered because of censored words it contains. We present two sets anything about it. of results: 1) Internet measurements of keyword filtering by the Great “Firewall” of China (GFC); and 2) initial results of using la- Charles Dudley Warner (1829–1900) tent semantic analysis as an efficient way to reproduce a blacklist of censored words via probing. Our Internet measurements suggest that the GFC’s keyword fil- Categories and Subject Descriptors tering is more a panopticon than a firewall, i.e., it need not block K.4.m [Computers and Society]: Miscellaneous every illicit word, but only enough to promote self-censorship. China’s largest ISP, ChinaNET, performed 83.3% of all filtering of our probes, and 99.1% of all filtering that occurred at the first General Terms hop past the Chinese border. Filtering occurred beyond the third Experimentation, human factors, legal aspects, measurement, secu- hop for 11.8% of our probes, and there were sometimes as many as rity 13 hops past the border to a filtering router.
    [Show full text]
  • Censorship Resistant Web Applications
    c Copyright 2016 Will Scott Censorship Resistant Web Applications Will Scott A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy University of Washington 2016 Reading Committee: Thomas Anderson, Chair Arvind Krishnamurthy, Chair Tadayoshi Kohno Program Authorized to Offer Degree: UW Computer Science & Engineering University of Washington Abstract Censorship Resistant Web Applications Will Scott Co-Chairs of the Supervisory Committee: Professor Thomas Anderson UW CSE Associate Professor Arvind Krishnamurthy UW CSE Of the countless individuals around the world confronted by Internet censorship every day, only a small fraction are successful in reaching their destinations. This is a failing of the cen- sorship circumvention community. The widespread nature of censorship reflects our inability to understand, work around, or fix the problem as a whole. This dissertation presents novel approaches to measuring, circumventing, and resisting Internet censorship without relying on users. In particular, we present (a) Satellite, a system for remotely monitoring the state of DNS-based censorship. Satellite is able to document new episodes of censorship and shed new light on already documented cases. (b) uProxy, a system for in-browser circumvention based on social trust and private routes for individual users. Through circumvention, we deploy an easy-to-use system that is already in use by tens of thousands of users. (c) Activist, a library allowing web publishers to circumvent many forms of censorship without any user involvement. Through resistance, we have established an alternative approach to censorship circumvention. A particular focus is the implementation of these systems; all three exist as public, free, open-source code.
    [Show full text]
  • Downloading Circumvention Software Or Using Cache Feature of Google Search
    UC Berkeley UC Berkeley Electronic Theses and Dissertations Title Threat modeling and circumvention of Internet censorship Permalink https://escholarship.org/uc/item/0bh5c50p Author Fifield, David Publication Date 2017 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers.
    [Show full text]
  • An Analysis of Internet Censorship Circumvention Techniques
    International Journal of Security and Its Applications Vol. 10, No. 5 (2016) pp.63-72 http://dx.doi.org/10.14257/ijsia.2016.10.5.06 An Analysis of Internet Censorship Circumvention Techniques Tianbo Lu, Jinyang Zhao, Lingling Zhao, Yang Li and WanJiang Han School of Software Engineering,Beijing University of Posts and Telecommunications, 100876, Beijing, China [email protected], [email protected], [email protected] Abstract Since Internet was born, it has deeply influenced almost every aspects of people’s life. However, at the mean time when people enjoy the convenience brought by the Internet, there is censorship existed every corner of the internet world. Censorship circumvention technique to protect people’s communication against censors. During the past decades, anti-censorship techniques have a broad and extensive development, however not all of the censorship circumvention techniques have effect in circumvent the censors and there is still not a very useful and convenient technique to ensure the anonymity of internet communication. In this paper, we tried to analyze the current situation of censorship and anti-censorship techniques and give a comprehensive view on the censorship circumvention techniques and systems. Keywords: Censorship Circumvention, Anonymity, Privacy Protection 1. Introduction Along with the development of the Internet and the convenience brought by Internet, the war between censors and anti-censors is never stopped. Once there was a new technique for censoring Internet, soon there would be some ways to invade this censorship, and it is the same in the contrary way. In this paper, we want to give a comprehensive view on the current censorship circumvention techniques and summary on the trend of censorship circumvention techniques.
    [Show full text]
  • Understanding and Circumventing the Great Firewall of China
    Understanding and Circumventing The Great Firewall of China Lisa Fan Mentor: Ming Chow 12/12/15 Abstract The “Great Firewall of China” is nowadays almost as famous as the country’s original Great Wall. However, not many people know exactly how the government blocks and monitors foreign content and user access. In this paper, I will discuss both the methods taken by the government to censor content, as well as current methods for circumventing the firewall. I will start with a brief history of internet censorship in China, then examine the current state of the firewall. Specifically, I will look out how the firewall is set up, and how the government monitors its citizens’ internet access. Then, I will discuss the current techniques being used to circumvent the firewall, including VPNs, proxy servers, and popular applications. Finally, the paper will consider the implications of internet censorships, including the morality, citizen response, and future outlook, as well as comparisons against internet censorship in other countries. To the Community The Great Firewall of China affects the everyday lives of over a billion people. Understanding the various ways to circumvent it is not only useful for us American students who may one day travel to China, but also from a moralistic perspective, in realizing the extent to which Chinese citizens must go to gain freedom to information. By studying how the Firewall is implemented, we can also become more vigilant of potential censorship happening in the United States. For example, the rejected SOPA bill of 1 2013 would have opened the door to deep packet inspection and DNS poisoning, both utilized in China .​ ​ This paper will also shed light on some common attacks and tools used on the various layers of the internet.
    [Show full text]