CyberTech Awareness Program

China’s Great Firewall

Diving into the most advanced censorship program in the world.
February 22, 2023
Author: Luke McKay


The Golden Shield Project

The Golden Shield Project, better known as the “Great Firewall of China”, started in 1998 and still in progress, has an end goal of monitoring and censoring incoming and outgoing internet traffic in China. The firewall is currently the world’s largest and most effective internet censorship program. It can block almost any web traffic coming into and out of China. It uses multiple sophisticated techniques to filter the web. China is known for having extreme laws that control its citizens in a way that most countries see as unethical. The firewall impacts the citizens of China in many different ways.

Source: Lam, Oiwan

What exactly does the Great Firewall of China do? 

When an internet user in China tries to access one of the 8000+ blocked websites it has listed, they won’t necessarily see an indicator pop up on the screen that it is blocked. Instead, the website’s connection will load forever. Sometimes, the website will produce a network or connection error, such as a timeout message. So, how does the firewall filter large amounts of internet traffic? Well, it uses relatively complex layers to get the job done. These layers use different methods that combine into one firewall. 

Source: Support Host. Result of a failed website connection. 


Let’s take a dive into some of the different methods used to filter the internet in China: 

1: Internet Protocol (IP)* blocking – 

IP blocking is very simple. IP blocking takes a website’s IP address and restricts any traffic being sent by the user. A user attempting to view an IP-blocked website will receive a network error message because the user never established a connection.

2: Packet filtering –

Packet filtering is the active process of scanning incoming and outgoing packets of data for keywords that China doesn’t want its citizens to view. If a packet is spotted having sensitive information that is supposed to be censored, it will deny its user access to whatever information the user is seeking out. 

3: Domain Name (System) DNS** Poisoning – 

DNS poisoning, or DNS spoofing, is the process of taking an incoming DNS response and rerouting the user to a different web address that wasn’t the intended page.


The History of the Golden Shield Project: 

So how did this all start? In 1994, the World Wide Web was accepted into China under former president, Jiang Zemin. China didn’t have any filters on the internet until 2000. China’s government was increasingly growing wary of Westernization within the country, so the Golden Shield Project was initiated to block the Western world on the internet. As computer technology progressed, the firewall became stronger. Compared to back in 2000, it is significantly harder to bypass the firewall today.


How are the citizens of China affected by the firewall?

The citizens of China have different opinions on the firewall’s impacts. Some protest, while others are in support of the firewall’s accomplishments. This split population has its reasons. Protestors are fighting for their rights. They often experience legal issues because of their protests. Based on the way China’s laws are established, protesting is considered political dissent. When looked at from a Westernized lens, the citizens of China who back up and support what the firewall is accomplishing are often viewed as people who have been “controlled” by the Chinese nationalist government.  Citizens in China often grow up being nationalists due to the intense pressure that its society produces. Life goes on and some people just think of the firewall as an everyday part of life. Citizens affected by the firewall are being kept from a vast resource, the World Wide Web. 

Source: opendemocracy.net. Protests against China’s Great Firewall. 

Getting past the firewall: 

There is a way to get around the firewall.  

Virtual Private Networks (VPNs) – VPNs change your IP address to one that is different from the one you actually have. This allows you to bypass the firewall because the firewall only affects the IP addresses in China. 

VPN Diagram

Although, most of the VPNs that are out there won’t cut it. Before you choose a VPN, you need to make sure it supports the OpenVPN protocol. The OpenVPN protocol uses SSL encryption*** to hide the data of the user. This protocol is arguably the most secure VPN protocol. It has high-speed connections and is very reliable.

VPNs with this protocol include NordVPN, Astrill, ExpressVPN, VyprVPN, and BufferedVPN. ExpressVPN is by far the most reliable one. It has the highest internet speeds, the most servers in most countries, and it is the most reliable at getting through the firewall. 

There can be legal issues if you are a citizen of China attempting to view international news. It is considered political dissent for a citizen of China to actively seek outside news sources. So keep this in mind if you are a citizen of China. However, China allows tourists to use VPNs with no concern. 

Additional Info:

* An IP address is a unique string of characters that identifies a device on the internet.

** DNS converts the domain name (name of a website) into an IP address, so the web browser can communicate with the internet and load the requested page.

*** SSL encryption essentially scrambles data generated by the user until the point that it is impossible to make sense of.

Resources:

  • correspondent, China. “The Great Firewall of China.” OpenDemocracy, 15 Mar. 2013, https://www.opendemocracy.net/en/great-firewall-of-china/.  
  • Hockenberry, Craig. “Fear China.” Furbo.org by Craig Hockenberry, 22 Jan. 2015, https://furbo.org/2015/01/22/fear-china/. 
  • How Great Is the Great Firewall? Measuring China’s DNS … – Usenix. https://www.usenix.org/system/files/sec21-hoang.pdf.  
  • Ivan, Messina “This Site Can’t Be Reached: How to Solve.” SupportHost, 8 July 2022, https://supporthost.com/this-site-cant-be-reached/.
  • James, Trevor. “8 Best VPN for China 2022.” The Food Ranger, 8 Oct. 2022, https://www.thefoodranger.com/best-vpn-for-china/. 
  • Lam, Oiwan, and Jack Hu. “China’s Great Firewall Grows Ever-Stronger as Virtual Private Networks Disappear.” Global Voices, 27 June 2017, https://globalvoices.org/2017/06/27/chinas-great-firewall-grows-ever-stronger-as-virtual-private-networks-disappear/. 
  • Marks, Tove. “Censorship in China: How to Bypass the Great Firewall of China.” VPNoverview.com, 9 Sept. 2022, https://vpnoverview.com/unblocking/censorship/internet-censorship-china/. 
  • Roberts, E. “China’s Great Firewall – Stanford University.” Free Speech vs Maintaining Social Cohesion, https://cs.stanford.edu/people/eroberts/cs181/projects/2010-11/FreeExpressionVsSocialCohesion/china_policy.html. 
  • Roberts, E. Torfox, https://cs.stanford.edu/people/eroberts/cs181/projects/2010-11/FreedomOfInformationChina/the-great-firewall-of-china-background/index.html. 
  • Schmitz, Matt. “How the Great Firewall of China Affects Performance of Websites Outside of China – Dotcom-Monitor Web Performance Blog.” Dotcom, 29 Mar. 2022, https://www.dotcom-monitor.com/blog/2022/03/27/how-the-great-firewall-of-china-affects-performance-of-websites-outside-of-china/. 
  • Wang, Yaqiu. “In China, the ‘Great Firewall’ Is Changing a Generation.” Human Rights Watch, 28 Oct. 2020, https://www.hrw.org/news/2020/09/01/china-great-firewall-changing-generation. 
  • “What Is Openvpn?” OpenVPN, 20 Apr. 2022, https://openvpn.net/faq/what-is-openvpn/#:~:text=OpenVPN%20Tunneling%20Protocol,find%20%E2%80%94%20and%20fix%20%E2%80%94%20vulnerabilities.

Posted

in

by

Savannah Ciak

Tags:

, , , , ,