Circumvention Tool Deleted After Police Visit Developer

The developer of an open source circumvention project known as Shadowsocks was “invited to tea” last week, after which he posted the following message to the Shadowsocks’ GitHub page:

Screen Shot 2015-08-24 at 2.07.22 PM

The project’s GitHub pages now show only the developer’s note “removed according to regulations,” a reference to the censorship notices seen on Chinese sites. The first two lines of @clowwindy’s message, shown in the screenshot above, have since been replaced by asterisks, but a lengthy list of user comments expressing heartfelt thanks to the developer remains. On Twitter, GreatFire.org noted on Friday:

GreatFire.org explains why Shadowsocks became popular in China, situates the developer’s police visit into the Xi administration’s ongoing crackdown on circumvention tools, and offers a warning to others working on circumvention in China:

ShadowSocks is merely a protocol, just like a VPN, that secures Internet traffic.  A similar example is torrenting. Torrenting pirate content is illegal, but the torrent protocol is totally legal and has many legitimate uses.The protocol is completely open-source and the author made no financial gain from the project. The author, whose user name is clowwindy, did not provide any service to let Chinese netizens bypass Internet censorship. Despite this, the visited his home and pressured him to remove the project.

[…] Since January, 2015, the authorities have stepped up their control over in China. This trend has continued into the summer and recently other circumvention tool developers have encountered problems.

[…] This incident with ShadowSocks makes it clear that the Cyberspace Administration of China is working closely with state security and local police to further Xi Jinping’s crackdown on internet freedom in China. We strongly encourage all developers who are operating in the internet freedom space in China to stay anonymous. This should include choosing to continue your work on an anonymous basis. […] [Source]

GreatFire.org also notes that GoAgent—another open source circumvention tool that enjoys wide-use in China—was also been removed from GitHub by its developer on the morning of August 25.

In his latest cartoon for CDT, found inspiration in the removal of Shadowsocks. A gunman, nested on top of the Great Firewall, takes aim at two paper airplanes—Shadowsocks’ logo. The cartoon is titled ” 打飞机,” literally “beat the airplane,” a popular Chinese slang term for “masturbation.”

打飞机 anti Shadowsocks 新版In March, Chinese authorities were suspected to be behind a major DDoS attack on GitHub, on which the hosting service commented “we believe the intent of this attack is to convince us to remove a specific class of content,” a reference to censorship circumvention tools developed by GreatFire. Motherboard reports that GitHub this morning faced another attack that many suspect China to be responsible for:

The popular code repository website GitHub was hit by a cyberattack on Tuesday morning, just a few months after it suffered a massive and enduring distributed denial of service attack, which was linked to China.

The company disclosed the new attack on Twitter and on its status page.

Roughly four hours after GitHub reported the first disruptions due to the attack, the company announced that everything was back to normal. Reached via email, a company spokesperson declined to provide more details about the attack beyond the scant timeline published on GitHub’s status page.

But many observers noticed that the timing of the attack might indicate that China is again to blame. Last weekend, Shadowsocks, a popular tool created by Chinese hackers to circumvent China’s censorship system, was forced to shut down, apparently due to pressure from the Chinese government. […] [Source]