Great Firewall Filtering Revealed – Andrew Lih

From Lih’s blog (links from the original):

Researchers at the University of Cambridge have done some analysis on how the PRC’s Great Firewall (GFW) handles the “blocking” or interruption of web page loading midstream when it detects sensitive keywords related to the day after June 3 and certain religious groups. What they discovered is quite surprising, because it indicates that the mechanism is simple, clever, but at the same time, quite straighforward to circumvent. Read on for a layman’s explanation of the technical paper.

For the non-techie, the simple explanation is that the GFW sends a “TCP reset” packet to both the web server supplying the suspicious page and to the client (ie. your computer) loading it. It’s the equivalent of an “emergency stop” packet usually reserved for situations of bad connectivity so that both sides know to disconnect abruptly.

It appears the GFW in PRC cleverly uses this technique so that it can stymie the loading of pages, and so it does not have to actively make subsequent decisions to drop packets by correlating them to previous ones.

[Full Text]

For background, see this Newsweek report on the by Traci Carpenter, which identifies the routers China uses to filter the internet as coming from US firm Cisco.

SUPPORT CDT

Tweets

Google Ads 1

CDT EBOOKS

Giving Assistant

Amazon Smile

Google Ads 2

Anti-censorship Tools

Life Without Walls

Click on the image to download Firefly for circumvention

Open popup
X

Welcome back!

CDT is a non-profit media site, and we need your support. Your contribution will help us provide more translations, breaking news, and other content you love.