China’s infamous Great Firewall, the massive surveillance and censorship system sitting between China’s internet and the rest of the world, has been circumvented and bypassed by numerous techniques over the years with varying degrees of success and longevity.
The latest trick, carried out by activists at Great Firewall monitoring site Greatfire.org, is to upload mirrored copies of blocked sites to cloud hosting services, challenging the Great Firewall operators to block major brands like Amazon and Google cloud hosting, or allow freer access to banned material.
The move came in response to further blocking by the Great Firewall, with Chinese versions of the Reuters and Wall Street Journal news sites added to the blocklist in mid-November. The Reuters site was mirrored to the Amazon cloud service within a few days of the new blockages.
China is notorious for filtering all sorts of web traffic, both blocking specific sites and services (including Facebook and Twitter) and monitoring for a long list of keywords, ready to cut connections as soon as they become suspect.
Freedom of speech activists have pointed to the Great Firewall, officially referred to as the “Golden Shield Project“, as a clear example of repression, while economists have suggested the filtering of the internet is impeding China’s potential for economic development.
The inventor of the World Wide Web, Sir Tim Berners-Lee, recently made clear his belief that China’s government would be forced to gradually slacken their control over the internet, and that the Great Firewall will eventually be dismantled, citing mainly economic reasons.
For now, residents of China are stuck with limiting themselves to the government’s approved list of sites and subjects, or trying various means of bypassing the controls, from technical methods like proxies and VPNs to more human tricks like using codewords to replace banned terms, or sending images rather than text.
This latest technique offers the promise of access to all manner of proscribed information, but it doesn’t really break the Great Firewall. The internet is about much more than simply viewing information, and the interactivity and opportunities to join forces offered by sites like Facebook and Twitter are what make them seem so dangerous to the Chinese government.
A mirrored version of a website can never be much more than a one-way viewing experience; even news sites are highly interactive and public-driven these days, so if the commenting and forum systems are not integrated into those of the official site, there remains a divide between China and the rest of the world.
Worse, if people within China start treating such mirrored sites as the real thing, it will make life much easier for criminals. Websites that look right but have the wrong address should always be a warning sigh to internet users. Anything that makes it normal for users to see websites at the wrong addresses robs them of a simple and important safeguard against things like phishing.
So, let’s hope that the Chinese government starts thinking of the advantages of opening up its internet to the rest of the world, which should be good for its economy, its people’s happiness and its nation’s reputation. Let’s hope it starts that process soon.
In the meantime, if Chinese citizens do feel obliged to try to find ways around the censorship, let’s hope they can do it safely and cautiously, and not start picking up any bad habits.
5 comments on “Great Firewall of China bypassed by cloud mirrors”
Ok, this is probably nit-picking, but I’d rank the readership of nakedsecurity as sufficiently technical as to distinguish between the Internet and the World Wide Web. Tim Berners-Lee invented the latter, and has made no contributions to the invention of the former.
Also, what’s the advantage of static mirroring of a website (which can be quite inconvenient) to a regular proxy server, or a web application that proxies the requests when they’re being sent?
I agree, fixed, thanks.
As to the advantage of static mirroring – I don’t have any more information to go on but since they’ve only just started and they’re reproducing mostly static sites it is perhaps just ‘good enough’.
The cost of running these mirrors must be quite serious given the potential popularity of the sites and the size of the audience. You can run a mirror on S3 but you’d have to run a proxy on EC2.
If the Chinese government were genuinely concerned about its economy, its people’s happiness, or its nation’s reputation, they wouldn’t be communists in the first place.
I object to politically charged agenda on an IT-security blog. The PRC does not obey the western liberal democratic ideas which are forcibly pushed onto the net. The chinese empire works according to its own 5000 year old principles. They are not monothesitic and they do not adhere to the religion of self-individualism. By the way, I think no british entity shall criticize China, due to lack of moral foothold (cue two opium wars…)
Furthermore, why should China make any effort tweaking the Great Firewall? They just tell Google and Amazon to keep their cloud fully compliant with the laws of the PRC, else on the third re-offense they would be completely banished from PRC, causing large financial loss and forcing them to comply pre-emptively.
One of most important principles of freedom of information is that anyone can say anything but everyone have also a choice what information to trust and what information is interesting to them. We are all aware of media wars of today but only legit weapon against that is education. Do every Chinese citizen can be 100% that government make always a best choice for him? As much as “west” others are also free to show their opinions and ideas on internet. The only problem with great china firewall is that Chinese government denied civilians free choice that they can say what is good and what is bad for them and they don’t have a right to do that.