In case there was any confusion, China wants you to know that the Great Firewall of China—the censorship of internet content potentially critical of the government—is alive and well.
In January, VPN users in China
suddenly found they could not access the services they relied upon to reach
blocked content such as Google, Facebook, and the New York Times. (We know some
of you SumRandos are experiencing this pain. We’re working on it.)
By February, real-name
registration was announced, requiring social media users to register
accounts with their true identities. Although users could still represent
themselves online with a pseudonym, any impersonations of others was banned. Think:
no pretending to be Xi Jinping.
Which brings us to March.
Just last week, the Chinese anti-censorship organization
GreatFire experienced a distributed denial of service (DDoS) attack, in which
an attempt was made to shut down the website by overwhelming its servers with
2.6 billion requests per hour. According to GreatFire co-founder Charlie Smith,
“This kind of attack is aggressive and is an exhibition of censorship by brute
force. Attackers resort to tactics like this when they are left with no other
options.” Although the source of the attack has not been identified, Smith all
but named the Cyberspace Administration of China (CAC) as a prime suspect.
In his blog post immediately prior to the DDoS attack, Smith
was boastful in explaining why the Chinese government did not pose a threat to
GreatFire: “We believe that the Chinese authorities would not dare block all
websites and apps being served by CDNs because they understand the economic
implications of this action…Recognizing that the authorities have been hesitant
to crackdown on our method of circumvention, we have accelerated our expansion
of the development of collateral freedom…”
“Collateral freedom” is GreatFire’s response to Chinese
censorship: GreatFire creates mirrors of blocked websites, which are delivered
through major content delivery networks (CDNs). The government is given a
choice: shut down all websites and apps associated with CDNs that Chinese
businesses have come to rely upon (such as Amazon) and watch the economy
flounder, or let GreatFire be.
The approach worked well, until last week. If March 17's DDoS attack were orchestrated by the Chinese authorities,
it is clear that GreatFire underestimated the government as a worthy opponent in the
game of exploiting loopholes. GreatFire survived the attack, but the war is far from over.
So, what’s next for the Chinese censors?*
April 1 brings controversial new banking regulations to China: by this date banks must have an initial plan for sharing all source code with the government and ensuring all encryption complies with Chinese standards. Rather than hand over source code and see their encryption broken or be run out of China altogether, the United States, the European Union, and Japan have been pushing for further discussion for months; the Chinese government, however, has continued with its characteristic steamroll ahead.
The Chinese government has repeatedly described the new banking regulations as necessary for security. In truth, they are a method for the government to continue to monitor content while also protecting domestic business, perhaps at the expense of the economy overall. And a China that puts nationalism ahead of economic prosperity is a dangerous place for Charlie Smith’s GreatFire to be.
April 1 brings controversial new banking regulations to China: by this date banks must have an initial plan for sharing all source code with the government and ensuring all encryption complies with Chinese standards. Rather than hand over source code and see their encryption broken or be run out of China altogether, the United States, the European Union, and Japan have been pushing for further discussion for months; the Chinese government, however, has continued with its characteristic steamroll ahead.
The Chinese government has repeatedly described the new banking regulations as necessary for security. In truth, they are a method for the government to continue to monitor content while also protecting domestic business, perhaps at the expense of the economy overall. And a China that puts nationalism ahead of economic prosperity is a dangerous place for Charlie Smith’s GreatFire to be.
*This article has overlooked last week’s man-in-the-middle (MITM) attack on Google, Microsoft and Mozilla. While undoubtedly linked to the China Internet Network Information Center (CNNIC) and, in turn, the CAC, the attack, which issued unauthorized digital certificates, was ultimately in the hands of MCS Holdings, an Egyptian company. Rather than use this incident as an opportunity to point fingers directly at China, we see this as demonstrative of a need for reform of the conditional access system. And that is a topic for another day.
No comments:
Post a Comment