Google DNS Poisoning Follows Brief Unblocking

Google DNS Poisoning Follows Brief Unblocking

Percy Alpha, an independent Internet freedom researcher and co-founder of GreatFire.org, observes that all Google search domains have been subjected to DNS poisoning on March 29th, two days after Google became temporarily unblocked within the Great Firewall. The attack is believed to be a deliberate move by Chinese censors to prevent similar lapses from reoccurring in the future.

On March 29, all of Google search domains are DNS poisoned. Google has been blocked in China since last year but the block was only IP block.  At the time of the writing, the DNS poisoning against all google search domains are still effective. More specifically, the DNS poisoned domains are  *.google.*  and google.*  (* can be anything). However *.google.com is NOT DNS poisoned even though google.com is. This is probably due to some other products hosted on *.google.com, for example, mail.google.com

[…] Many speculate that the techinical reasons behind the “unblock” was due to the fact of Google used a fresh set of IP addresses (e.g http://tech.sina.com.cn/i/2016-03-28/doc-ifxqswxk9723114.shtml report censored already) or that GFW is down. I am still looking into exactly what happened.  However, this led to a storm on Weibo, claiming Google has been unblock.

But at that time, many users thought the “unblock” was an intentional policy change as many rumors Google would return to China.  Even Hu jixin, the editor of Global Times chimed in on weibo, surprisingly saying that GFW should only be a temporary measure and the long term employment of it can only make Chinese society more fragile, and that the GFW should have some downtime occasionally, and eventually deprecated. The weibo was censored.

As you can imagine, this short term of accessibility of Google caused so much society reaction and media attention to censorship. By DNS poisoning Google, even if Google adds new IP address in the future or if GFW is down for a short time, local DNS resolver will still return cached fake IP addresses. Hence Google will be blocked without any lapse. [Source]

South China Morning Post’s He Huifeng earlier reported that Google’s search engine became temporarily accessible in China on Sunday night in a rare firewall breach that was likely made possible with the introduction of new IP servers.

At about 11.30pm, a growing number of Chinese internet users put posts online saying they were able to access Google’s search engine through Google.com, Google.com.hk, Google.com.vn, Google.com.sg.

Yet Gmail and other popular foreign websites, such as Facebook and YouTube, remained blocked during the period, according to the internet users.

Access to Google was short-lived because all the services were once again blocked by about 1.15am on Monday.

Some Chinese media said on their official microblogs that access had become possible because Google had introduced a series of new IP servers – vn\jp\uk\in\ar\es\pk\sa\sg – in Asian areas.

These had taken the Great Firewall of Chinese authorities – the world’s most sophisticated internet censorship mechanism – at least an hour to recognise and then block. [Source]

Chinese Internet users responded to the brief period of accessibility with excitement and frenzied searches, report Simon Denyer and Xu Yangjingjing at The Washington Post:

At 10:06 p.m. on Sunday night, one user posted a screenshot of google.com.vn with the words “without VPN.” News swiftly spread, and users began recording their experiences.

“Google temporarily accessible. My friends are all talking about it. It seems everybody is psyched, doing all kinds of searches,” the user gongxinhua1 wrote on Twitter (above).

One posted the search results for the phrase “China’s best actor” – with the top result a book by that name about former Prime Minister Wen Jiabao: Not the sort of thing that Chinese search engine Baidu is likely to highlight.

Another posted the search for June 4th in Chinese – the date of the 1989 Tiananmen Square massacre of pro-democracy protesters.

[…] “It feels weird searching for things without a VPN,” one user wrote, while another said surfers should “enjoy while you can: Who knows what is going to happen in the morning.” [Source]

Google left China in 2010 after refusing to comply with government censorship requests. The tech giant is currently making its way back with plans to launch a Play store in China.

CDT EBOOKS

Subscribe to CDT

SUPPORT CDT

Browsers Unbounded by Lantern

Now, you can combat internet censorship in a new way: by toggling the switch below while browsing China Digital Times, you can provide a secure "bridge" for people who want to freely access information. This open-source project is powered by Lantern, know more about this project.

Google Ads 1

Giving Assistant

Google Ads 2

Anti-censorship Tools

Life Without Walls

Click on the image to download Firefly for circumvention

Open popup
X

Welcome back!

CDT is a non-profit media site, and we need your support. Your contribution will help us provide more translations, breaking news, and other content you love.