Great Firewall of China
What is the Great Firewall of China?
The Great Firewall of China is the name that western media has given to the combination of tools, services and rules that the government of the People's Republic of China uses to block certain internet content from those within China's borders.
The Great Firewall was deployed in China as early as 1996, under the direction of the Chinese Ministry of Public Security, at which time the initiative was called The Golden Shield Project. In 2013, administration of the Great Firewall shifted to the Cyberspace Administration of China.
The goal of the Great Firewall is to shield Chinese residents from certain information that the People's Republic of China considers to be counter to the best interests of the government and people of China. The firewall blocks entire websites and filters content on sites that are not completely blocked.
The Great Firewall of China is considered a splinternet, which divides the global public internet into a subset of information for a specific region. As a form of splinternet, internet inside of China is different than it is in the free world, where access is open and users are free to visit any website they want. Users inside of a splinternet -- such as the Great Firewall of China -- get a view of the outside world that is controlled by the operators of the splinternet, which in this case is the government of the People's Republic of China.
How does the Great Firewall of China block content?
The Great Firewall of China blocks content using a variety of different techniques.
At the most basic level, all internet traffic coming into and out of China via terrestrial links through network access points can be inspected in one way or another by government authorities. With that access, the Great Firewall can block entire domains and IP address ranges from being accessible within the borders of the People's Republic of China.
In addition to outright blocking of certain domains and IP addresses, the system is configured to identify certain keywords and phrases. When a user attempts to search for the blocked keywords and phrases, the Great Firewall blocks or redirects the website query in a way that will not let the user access the requested information. The redirection can be achieved via DNS cache poisoning, IP address blocking or URL redirection.
In addition, the Great Firewall can also effectively block traffic by resetting network connections to a given domain or IP address with an approach known as a Transmission Control Protocol reset attack. The Chinese government is also able to intercept some encrypted traffic via man-in-the-middle attacks against Transport Layer Security (TLS) and Secure Sockets Layer certificates. With the TLS certificate interception, the Great Firewall peaks inside of what otherwise would be encrypted data packets. With the ability to break TLS encryption, the Great Firewall can potentially gain visibility into data traffic that users are expecting to be secure and private.
The operators of the Great Firewall also actively probe network connections looking for potential proxy IPs where users attempt to tunnel through the firewall with a VPN or Tor privacy network.
Services and websites blocked by the Great Firewall
The People's Republic of China blocks an evergrowing list of services and websites with the Great Firewall. The most notable services blocked include the following:
- BBC
- Discord
- Dropbox
- Netflix
- Reuters
- The Economist
- The New York Times
- The Washington Post
- Google search services
- YouTube
- Zoom
- Some Wikipedia entries
While many domains and services are blocked in China, there is no shortage of other services available that specifically cater to those behind the Great Firewall.
Microsoft, for example, has developed a China-specific version of its Bing search engine. Amazon has also built a China-specific site. Moreover, Chinese users have access to WeChat and Weibo for social networking, and Didi provides a Chinese version of a ride-sharing service.
There are also media content services in China that are not easily accessible outside of the country. China-only video streaming services include Bilibili, Youku, ManguoTV, iQiyi and PPTV. Music streaming services includes Baidu Yinyue, Kugou and QQ Music.
Dangers of creating the Great Firewall
The Great Firewall is intended to shield Chinese citizens from information that the government of the People's Republic of China considers to be dangerous. But this splinternet creates another set of dangers. The Great Firewall is in effect a massive form of internet censorship, limiting the ability of those within China to freely access any information source they choose.
Without free and open access, the internet can become a medium for government propaganda that hides information, and in some cases can fuel disinformation about any number of different topics. While users outside China generally have open access, disinformation can still occur.
Here are 10 ways to spot disinformation on social media.
Restricting access also limits diversity of opinion and can lead to more polarized and nationalist views that could be potentially harmful to minorities and those whose views are not represented in the censored view of the internet.
How to bypass the Great Firewall of China
Ever since the Great Firewall was first deployed, those within China and people outside of it have tried various techniques to get past it.
The most often cited approach is to use some form of a VPN to create an encrypted tunnel that will not allow government authorities to see where the traffic is going. The challenge with the VPN approach is that the Chinese government actively searches for VPN access points to block them. It is also potentially possible to bypass the Great Firewall with proxy servers that have not yet been identified by Chinese authorities.
Using the Tor privacy network is another potential approach to attempt to bypass the Great Firewall. As with regular VPNs, the Chinese government is actively looking for Tor nodes to block access. Users can still bypass the Great Firewall with Tor, but it's a process that involves constant adjustment to stay a step ahead. Among the most up-to-date listings of VPN services that might work to bypass the Great Firewall is Circumvention Central, which offers information in Chinese and in English.