From Lih’s blog (links from the original):
Researchers at the University of Cambridge have done some analysis on how the PRC’s Great Firewall (GFW) handles the “blocking” or interruption of web page loading midstream when it detects sensitive keywords related to the day after June 3 and certain religious groups. What they discovered is quite surprising, because it indicates that the mechanism is simple, clever, but at the same time, quite straighforward to circumvent. Read on for a layman’s explanation of the technical paper.
For the non-techie, the simple explanation is that the GFW sends a “TCP reset” packet to both the web server supplying the suspicious page and to the client (ie. your computer) loading it. It’s the equivalent of an “emergency stop” packet usually reserved for situations of bad connectivity so that both sides know to disconnect abruptly.
It appears the GFW in PRC cleverly uses this technique so that it can stymie the loading of pages, and so it does not have to actively make subsequent decisions to drop packets by correlating them to previous ones.
For background, see this Newsweek report on the Great Firewall by Traci Carpenter, which identifies the routers China uses to filter the internet as coming from US firm Cisco.
