GreatFire July

News Sites Update

After Bloomberg was blocked in June, we are tracking whether other news websites will follow with great interest. Of particular interest is http://cn.nytimes.com - the Chinese version of the New York Times which was also launched in June. It has not yet been blocked. The Hong Kong edition of Yahoo! News was less lucky. http://hk.news.yahoo.com was blocked on July 3 and has stayed inaccessible in China since. Yahoo! China (http://cn.yahoo.com), which is hosted in China and operates under Chinese censorship regulations, is still working well though.

Bye-bye Slideshare

http://www.slideshare.net was blocked on July 11 and has stayed blocked since. This is the first time that Slideshare has been permantently blocked since we started monitoring access to it from China in March, 2011.

High-Profile Censorship On Weibo

任志强 , CEO of one of the largest real estate company in China, member of the CPPCC (Chinese People's Political Consultative Conference) and a Weibo profile with 9 million followers had his account temporarily blocked after posting tweets about the Beijing floods. He was unblocked shortly after. Less lucky was the US Consulate in Shanghai whose Weibo account was permanently shut down (full story). 

Censored Video Games

Some insiders reported on Baidu that video games without a special license from Chinese authority will be taken down from any website. The original story has since been deleted but a copy is shown here to the right. The game Political Machine 2008 was blocked on Weibo (weibo: 政治机器2008) though the similar terms weibo: 政治机器 and weibo: 政治机器2012 were not. We can't wait for the day the Chinese polical power struggles become a video game too.

Additionally, the online marketplace Taobao added to the censorship by not allowing any searches for the game Diablo (暗黑3暗黑破坏神diablo). Unlike the likes of Sina Weibo and Baidu, though, they don't admit to censoring but instead only display a message that nothing could be found.

More Glitches In The System

At around 11:00 pm on July 16 and 10:30 pm on July 31, the Great Firewall stopped some of its so called DNS poisoning. On both occasions, the DNS poisoning was back within a few hours. But for the duration of the incidents, it was possible to get correct IP addresses for high-profile blocked websites such as http://www.facebook.com and http://www.twitter.com. Most would still be inaccessible, though, since they are also blocked by IP addresses and by keyword filtering.

Another incident was that China Telecom users were unable to access any foreign websites from about 10:20 am to 10:40 am on July 27. Other ISPs such as China Unicom did not seem to be affected. This follows a similar outage in April this year, though this time it lasted for a shorter time period. Also it seemed to be more complete this time around, seemingly blocking all types of traffic to foreign servers.

Keywords Blocked

These keywords were not blocked in China before July 2012. From sometime in July and onwards, they have all been blocked. A total of 15 new keywords that we track were blocked in July, which compares to 231 keywords that were blocked in June.

  1. google: bloomberg
  2. google: 买通gov做靠山
  3. weibo: chen xi
  4. weibo: dafengqixi
  5. weibo: guo boxiong
  6. weibo: xijingping
  7. weibo: xizang
  8. weibo: 晚自习后
  9. weibo: 胡77
  10. weibo: 胡佳_(社活動家)
  11. weibo: 胡萝卜
  12. weibo: 警车被掀翻
  13. weibo: 阿扁对小胡
  14. weibo: 黄海ci胡

Keywords Unblocked

These keywords were all blocked in China before July 2012. From sometime in July and onwards, they have all been unblocked. A total of 42 keywords that we track were unblocked in July, which compares to 24 keywords that were unblocked in June. 20 of them contain the number 64, which is a reference to the June 4 massacre of 1989. It indicates that any mentioning of that event was deemed particularly sensitive around the time of the anniversary.

  1. weibo: 426社论
  2. weibo: 6420
  3. weibo: 64之 后
  4. weibo: 64之后
  5. weibo: 64之役
  6. weibo: 64二十周年
  7. weibo: 64历史
  8. weibo: 64历史
  9. weibo: 64平反
  10. weibo: 64式手枪
  11. weibo: 64手抢
  12. weibo: 64手枪
  13. weibo: 64旁见
  14. weibo: 64死难
  15. weibo: 64母亲
  16. weibo: 64真像
  17. weibo: 64纪念
  18. weibo: 64血案
  19. weibo: 64血腥
  20. weibo: 64诗集
  21. weibo: 64遇难
  22. weibo: GC党
  23. weibo: bbc
  24. weibo: gongchan当
  25. weibo: gongchan挡
  26. weibo: renquan
  27. weibo: ren权
  28. weibo: 丁关根
  29. weibo: 党下台
  30. weibo: 八大
  31. weibo: 占领重庆
  32. weibo: 发票代理
  33. weibo: 夜袭珍珠港美人受惊
  34. weibo: 宗教 迫害
  35. weibo: 暴动
  36. weibo: 朝鲜+兵变
  37. weibo: 枪声
  38. weibo: 法会
  39. weibo: 猥亵
  40. weibo: 盲人
  41. weibo: 纪念64
  42. weibo: 自焚

Foreign Websites Getting Faster

When we started monitoring websites in March, 2011, the average download speed of an Alexa Top 500 website not hosted in China was less than 13 kilobytes per second. As you can see in this graph, since then it's steadily increased and now stands at almost 18 kilobytes per second. This is still slow of course, but at least it's going in the right direction. Here's the source data.

Loading chart..

Comments

More Blog Posts

Subscribe to our mailing list
Show content from Blog | Google+ | Twitter | All. Subscribe to our blog using RSS.

Mon, Jan 26, 2015

An Open Letter to Lu Wei and the Cyberspace Administration of China

January 26, 2015

Beijing, China

 

Mr. Lu Wei

Director of the Cyberspace Administration of the People’s Republic of China 中央网络安全和信息化领导小组办公室主任

Director of the State Internet Information Office 国家互联网信息办公室主任

Deputy Director of the Central Propaganda Department of the Chinese Communist Party 中共中央宣传部副部长

Cyberspace Administration of China,

Floor 1, Building 1,

Software Park, Chinese Academy of Sciences,

4 South 4th Street, Zhongguancun,

Beijing, China, 100190

 

Dear Mr. Lu,

On January 22, 2015, the Cyberspace Administration of China (CAC), which is under your direct control, wrote a response to a story we published about an MITM attack on Microsoft. In the post, your colleague, Jiang Jun, labelled our accusations as "groundless" and  "unsupported speculation, a pure slanderous act by overseas anti-China forces".

We at GreatFire.org take great offense to these comments and we will refute them in this letter.

Mon, Jan 19, 2015

Outlook grim - Chinese authorities attack Microsoft

On January 17, we received reports that Microsoft’s email system, Outlook (which was merged with Hotmail in 2013), was subjected to a man-in-the-middle (MITM) attack in China.

The following screenshot shows what happens when a Chinese user accesses Outlook via an email client (in this case, Ice-dove):

We have tested Outlook to verify the attack and have produced the same results. IMAP and SMTP for Outlook were under a MITM attack. Do note however that the web interfaces (https://outlook.com and https://login.live.com/ ) were not affected. The attack lasted for about a day and has now ceased.

This form of attack is especially devious because the warning messages users receive from their email clients are much less noticeable than the warning messages delivered to modern browsers (see screenshot at the end of this post for comparison).

(Sample error message from default iPhone mail client)

Fri, Jan 09, 2015

GFW upgrade fail - visitors to blocked sites redirected to porn

In the past, the Chinese authorities’ DNS poisoning system would direct Chinese internet users who were trying to access Facebook, Twitter and other blocked websites (without the use of a circumvention tool) to a set of fake IP addresses that are blocked in China or are non-existent. After waiting for some time, Chinese internet users would receive a timeout message if they were trying to access a blocked site.

However, with the new DNS poisoning system, in addition to those IP addresses used before, the Chinese authorities are using real IP addresses that actually host websites and are accessible in China. For example, https://support.dnspod.cn/Tools/tools/ shows that if a user tries to access Facebook from China, they might instead land on a random web page, e.g. http://178.62.75.99

Below is a screenshot by a Chinese user when he was trying to access our GreatFire.org website which was blocked in China. He was redirected to a goverment site in Korea. In essense, GFW is sending Chinese users to DDOS the Korea government's website.

One Chinese Internet user reported to us that when he tried to access Facebook in China, he was sent to a Russian website, unrelated to Facebook. Another user tweeted that he was redirected to an German adult site when he tried to access a website for a VPN.

某墙你这什么意思,DNS 污染返回给我一个德国工口站的 IP,满屏很黄很暴力弹弹弹(

— nil (@xierch) January 4, 2015

Wed, Dec 31, 2014

CNNIC leadership change coincides with blocking of Gmail

On December 26, 2014, in an announcement posted on their website, a new chairperson for CNNIC was directly appointed by the Cyberspace Administration of China. The announcement of this appointment coincided with the complete blocking of Gmail.

Cyberspace Administration of China (中央网信办) is chaired by Lu Wei, “China’s web doorkeeper”. Lu Wei is also the vice chair of the Central Propaganda Department, according to his official resume.

chair.png

This office is directly responsible for the blocking of Gmail and other websites including Facebook, Twitter and Google.

CNNIC is China’s certification authority and operates the country’s domain name registry. 

What are certificates used for?

Certificates are used primarily to verify the identity of a person or device, authenticate a service, or encrypt files. 

What is a certification authority (CA)?  

Tue, Dec 30, 2014

Gmail completely blocked in China

All Google products in China have been severely disrupted since June of this year and Chinese users have not been able to access Gmail via its web interface since the summer. However, email protocols such as IMAP, SMTP and POP3 had been accessible but are not anymore. These protocols are used in the default email app on iPhone, Microsoft Outlook on PC and many more email clients.

On December 26, GFW started to block large numbers of IP addresses used by Gmail. These IP addresses are used by IMAP/SMTP/POP3. Chinese users now have no way of accessing Gmail behind the GFW. Before, they could still send or receive emails via email clients even though Gmail's web interface was not accessible. 

Google's own traffic chart shows a sharp decline of Chinese traffic to Gmail. 

Below is a ping request to the Gmail SMTP server, which is completely inaccessible in China.

 

Subscribe to our blog using RSS.

Comments

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.