[liberationtech] Cryptocat Censored in China

Ralph Holz holz at net.in.tum.de
Sun Dec 23 03:54:00 PST 2012 

Hi Martin,

Thanks for the update. I remember we've been in contact about this once,
and recall that for reasons of security you cannot fully explain how
exactly you conduct the measurements (samples taken, positions, etc.).
Fully appreciated, although it does make it much harder for others to
replicate your measurements (and I'd like to try that...).

What I'm wondering, though, is this: did you ever do stats on how many
domain names come back as throttled when accessed via HTTPs, but don't
when accessed via HTTP? It might simply be that SSL handshakes get extra
scrutiny on the GFW?

Ralph

> I'm the founder of GreatFire.org. Let me try to explain how we run our
> tests. I'd very much like to get your feedback on how our system can
> become more accurate and transparent.
> 
> The two Crypto.cat URLs being tested can be viewed here:
> https://en.greatfire.org/https/project.crypto.cat
> https://en.greatfire.org/https/blog.crypto.cat
> 
> Both pages state that the URLs are "x% restricted in China" but "0%
> blocked". Next to the "Otherwise restricted" label, there's a link to
> "Throttling" explaining our definition which in turn refers
> to https://en.wikipedia.org/wiki/Bandwidth_throttling. A throttled
> websites is slow but not blocked. Labeling it as throttled also suggests
> that it's intentionally slow, which we cannot prove. A lot of foreign
> websites are slow in China, but there are big differences. For example,
> we strongly suspect that GMail and other Google services are actively
> throttled, to discourage people from using them. Other websites could
> simply be slow because of where they are hosted and the speed from China
> to that web host.
> 
> On our test pages, if you click on any date in the calendar, you can
> view our detailed test data. You can for example see that the "Host IPs"
> for Crypto.cat returned when tested from the US and different locations
> in China are the same. You can also verify the HTML title and the
> download size, etc.
> 
> Crypto.cat is not blocked in China now, but if it becomes popular, it
> will most likely be blocked. If they use DNS poisoning you'd have to
> setup mirror websites. If they block the IP, however, you can rotate the
> IP addresses to get around it. We offer a service that does this
> at https://unblock.cn.com and we'd be happy to help you reach as many
> users as possible in China.
> 
> Feedback very welcome.
> 
> Martin Johnson
> ---
> https://FreeWeibo.com <https://freeweibo.com/> - Uncensored, Anonymous
> Sina Weibo Search.
> https://GreatFire.org <https://greatfire.org/> - Monitoring Online
> Censorship In China.
> https://Unblock.cn.com <https://unblock.cn.com/> - We Can Unblock Your
> Website In China.
> 
> 
> 
> On Sun, Dec 23, 2012 at 1:04 AM, Joss Wright
> <joss-liberationtech at pseudonymity.net
> <mailto:joss-liberationtech at pseudonymity.net>> wrote:
> 
>     On Sat, Dec 22, 2012 at 05:48:34PM +0100, Ralph Holz wrote:
>     >
>     > PS: While I was at it, I checked the current DNS rewriting for
>     > twitter.com <http://twitter.com>. It still points to a Korean IP.
> 
>     Some of the more fun DNS poisoning in my experiments[1] were >=15
>     apparently unrelated servers across China all redirecting
>     torproject.org <http://torproject.org>
>     to 'tonycastro.net <http://tonycastro.net>' or 'tonycastro.com
>     <http://tonycastro.com>', and a separate set redirecting
>     to 'thepetclubfl.net <http://thepetclubfl.net>'.
> 
>     A New Scientist journalist wrote up that work[2] and contacted both
>     sites. Tony Castro[3] instantly threatened to sue everyone in sight for
>     implying that he was a Chinese sleeper agent. The Pet Club webmaster had
>     noticed the Chinese traffic and was interested to know where it had come
>     from. :) (I suggested setting up a few China-focused pay-per-view
>     adverts.)
> 
>     Joss
> 
>     [1]
>     http://www.slideshare.net/josswright/through-a-router-darkly-remote-investigation-of-chinese-internet-f
>     [1b
>     <http://www.slideshare.net/josswright/through-a-router-darkly-remote-investigation-of-chinese-internet-f
>     [1b>]
>     http://www.pseudonymity.net/~joss/doc/work/presentation/2012/10/wright-censormap.pdf
>     (Original)
>     [2]
>     http://www.newscientist.com/article/mg21628936.300-florida-pet-spa-mystery-link-to-chinas-great-firewall.html
>     (Requires registration.)
>     [3] http://tonycastro.net/ (A life story worth Googling...)
> 
>     --
>     Joss Wright | @JossWright
>     http://www.pseudonymity.net
>     --
>     Unsubscribe, change to digest, or change password at:
>     https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> 
> 
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 


-- 
Ralph Holz
Network Architectures and Services
Technische Universität München
Phone +49 89 28918043
http://www.net.in.tum.de/de/mitarbeiter/holz/
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF

More information about the liberationtech mailing list