Google Executive Chairman Eric Schmidt said recently that encrypting everything can end government censorship in a decade.
To hell with 10 years, says anti-censorship group GreatFire.org - Google could do it in 10 days, and the group is happy to show how.
GreatFire knows whereof it speaks.
It recently threw bricks through the Great Firewall of China, the world's most censored state.
It did it by putting up copies of censored sites - known as mirror sites - hosted by Amazon Web Services.
The mirrors successfully unblocked Reuters' Chinese website (blocked since 15 November) and the China Digital Times website (blocked for years after having once created mirrors for GreatFire's FreeWeibo project, which offers uncensored and anonymous Sina Weibo search).
The mirrors didn't take 10 years to work; they were effectively "almost immediately," GreatFire writes, so it's a no-brainer that Google could get it done quickly:
Almost immediately, these mirrors got thousands of visits a day from China. But we are just a small team of activists with very limited resources. If anyone has the power to implement this technology widely it’s Google.
It takes two simple steps, GreatFire says.
From its post:
1. Google needs to first switch its China search engine (google.com.hk) to HTTPS by default. It has already done this in the US and in other markets but not in China. What this essentially means is that for Chinese netizens using Google, they will be taken to https://www.google.com.hk, the encrypted version of the search engine. By using the encrypted version, the great firewall of China cannot selectively block search results on thousands of sensitive terms.
2. While we provide a pretty comprehensive list of websites that are blocked in China, Google holds the best list of blocked websites, everywhere in the world. If the website that a user tries to visit from the search results on Google is blocked in the country that the user is in, Google should redirect the user to a mirrored version of the same website hosted by Google.
Perhaps it is as easy as that.
But as Naked Security's John Hawes notes, treating mirrored sites as the real thing has its dangers.
Websites that look right but have fishy URLs are a traditional warning sign that crooks might be luring web surfers onto a dangerous site where they could be in store for malware infection or other cyber attacks.
Neither option is optimal: we have on one hand a state of censorship that cuts Chinese netizens off from the world, and on the other hand we have the possibility of proliferating mirrored sites that could be traps set by criminals.
What do you think? Is mirroring the answer, and should Google take on the onus, as GreatFire suggests?Follow @NakedSecurity