Wikipedia drops the ball on China - not too late to make amends

What happened?

From October 2011, Wikipedia started to fully support HTTPS connections on all language versions. This meant that for the Chinese language Wikipedia, the Great Firewall of China (GFW) could not selectively block sensitive content. This also meant that hundreds of articles that are blocked on the HTTP version of Wikipedia, were freely accessible to Chinese internet users if they simply added an ‘S’ behind HTTP.

On May 31, 2013, GFW began to block the encrypted version of Wikipedia through port blocking. HTTPS connections are usually established on port 443 while HTTP connections are on port 80. GFW only blocks Wikipedia’s IP on port 443.

All language versions of the encrypted version of Wikipedia are also blocked. See the testing data on our system for Chinese WikipediaEnglish Wikipedia and Wikipedia.

Consequence of the block

The HTTPS version of Wikipedia is blocked while the HTTP version is not. This method forces users inChina to use the unencrypted HTTP version, which is subject to keyword filtering; hundreds of articles are blocked including articles on Tiananmen Square protests.

Why

It surprises us that GFW took one and a half years to respond to the support of HTTPS on Wikipedia. One explanation of the slow reaction is that Wikipedia by default uses HTTP and only a minority of visitors to the site would use HTTPS.

But what caused GFW to target Wikipedia after all this time? One factor is that as we near the Tiananmen Square anniversary, Wikipedia has an extensive article on this incident. However, this cannot be the only factor as the encrypted version remained untouched in June 2012.

Another factor might have something to do with us. Freeweibo has been actively targeted by GFW. One of our mirror domains was blocked last week, only four days after its launch.

Coincidentally, we began to reference Wikipedia articles on our search pages from May 20th. Since then, “六四” has almost always been one of the top search terms on Freeweibo. A search for “六四” on Freeweibo will present an abstract of the Wikipedia article and a link to Wikipedia, both of which are embedding resources directly from Wikipedia using HTTPS.

However, Freeweibo is blocked in China so blocking the encrypted version of Wikipedia will not affect Freeweibo users as they are already using circumvention tools.

Maybe GFW believes that references to the encrypted version of Wikipedia would proliferate and decided to take action before use of the encrypted version became too widespread. This has been exactly the case for the default encrypted connection to Gmail.

Why is HTTPS so important?

In China, HTTPS is power. If the service is too important to block completely and all-encrypted, it offers the only way that Internet users in China can access information in an unrestricted way. That is, the authorities can’t track what they do on the website, and they can’t block content selectively. HTTPS takes the power away from the censors and puts it back in the hands of the ordinary users. There is nothing else like it. The censors hate it. Sites like Wikipedia should love HTTPS.

A major battle lost for information flow

In September last year, Wikipedia founder Jimmy Wales threatened to make default connections to Wikipedia encrypted if the UK passed a snooping bill. However, China has long been known to use deep packet inspection to examine all outgoing traffic and also blocks traffic to certain articles on Wikipedia. Why didn’t Wikipedia make its HTTPS version default for Chinese users? It might simply be that Wikipedia staff hold Chinese readers in less regard to English ones and did not even discuss this change internally in the first place.

It might be that they did discuss this action but feared that China would block the entire website again and decided against it. If this is in fact what happened, they made a very wrong decision.

When Gmail switched to HTTPS this troubled the Chinese authorities greatly yet they have not taken the drastic step to block Gmail completely. In the case of Github, which enforces HTTPS connections, the authorities actually backed away from blocking the site.

Wales has been critical of Google’s operations in China, but Google went HTTPS-only on Gmail four years ago. Still, we regret that we did not spend time trying to convince Wikipedia to switch to their encrypted version as a default or to enforce HTTPS on their Chinese subdomain earlier. Wales and his team at Wikipedia should have come under fire earlier for not taking the right steps in China.

Still not too late for Wikipedia

Jimmy Wales is quoted as saying:

“Currently we’re broadly available in China, but they continue to filter certain pages,” says Wales. “… and we think it’s a stable situation. We don’t approve of the filtering at all, but we can’t stop them from [doing it],” he adds.

That is simply not true. What Wikipedia can do now is to resolve to a different IP address that is not interrupted by GFW (for example, 208.80.154.225) and more importantly switch HTTPS to default or enforce HTTPS. Such changes will only take minutes to implement and take effect. If those changes were made, Wikipedia would take the chance that the site would be fully blocked, however, based on the existing evidence, it’s more likely that GFW would leave Wikipedia alone.

Wikipedia is now collecting user feedback on this block. But the situation is clear enough with our analysis and the feedback collected so far. They should act immediately rather than do nothing but observe the situation.

Current Wikipedia Executive Director Sue Gardner will be stepping down later this year. On her resignation she said:

“There are many organizaations and individuals advocating for the public interest online — what’s good for ordinary people — but other interests are more numerous and powerful than they are. I want that to change. And that’s what I want to do next.”

If you do leave feedback for Wikipedia, make sure you tell Gardner that she can make that change right now! You can also contact Wikipedia and urge them to make the change now.

How to get around this

Because GFW only blocks port 443 on 208.80.154.225 and 208.80.154.235 (so far), we can manually resolve domains to other IP owned by Wikipedia to bypass the block. However, unless Wikipedia officially resolves to those IP and switch HTTPS to default, GFW can easily block port 443 on those IP addresses too.

Add the following address to hosts file

208.80.154.225 zh.wikipedia.org

208.80.154.225 en.wikipedia.org

208.80.152.211 upload.wikimedia.org

Related Block

China has a long history of disrupting Wikipedia. You can read about it on Wikipedia. A much more comprehensive version is available in Chinese.

A similar block was used against Google Docs and Google Groups to force users to connect through HTTP. Back then, GFW used SSL certificate filtering. Since Google set HTTPS for viewing Google Groups as default, GFW has poisoned the domain. For Google Docs, GFW seems to back away from blocking it at all, leaving both HTTP and HTTPS unblocked.

Correction - June 10, 2013

Our original story incorrectly referred to Sue Gardner's role at Wikipedia. As per Wikimedia's response to us: Sue Gardner is the Executive Director of the Wikimedia Foundation, the non-profit that operates Wikipedia.

Comments

More Blog Posts

Subscribe to our mailing list
Show content from Blog | Google+ | Twitter | All. Subscribe to our blog using RSS.

Wed, Mar 19, 2014

Bing Bests Baidu Censorship

Abstract

Independent research from Xia Chu has shown that, in addition to non-China content, Bing censors a vast amount of content that is hosted inside China and which is not censored by China-based internet companies like Baidu. After communicating our issues with Microsoft, Bing removed certain censorship rules (kudos to Bing), but much work remains to be done.

We recently called for Microsoft to release its transparency report for Bing (as have others - full disclosure, Rebecca sits on our advisory board).  Microsoft has yet to respond to this request. But Xia’s independent research of Bing’s China censorship policy could be regarded as a de facto transparency report for the search engine.

In this thorough study, the results of which we have verified, Xia examined Bing's SERP (search engine results page) for over 30,000 sensitive and nonsensitive query terms, and launched these queries from both inside and outside of China. Comparing and examining these results, plus querying with special search operators, reveals unprecedented detail on Bing's China filtering practices.

The main findings from Xia’s research include:

  • Bing has a list of “forbidden” terms where no results are shown. 139 such terms have been identified.

  • Bing has a blacklist of websites that it never shows to China users. 329 such websites are identified. (5 have been lifted after our communication with Microsoft.)

Thu, Feb 13, 2014

Setting Bing's Broken Record Straight

We can also now trace complicit Bing Chinese censorship back to 2009 as highlighted by Nicholas Kristof. It looks like Microsoft has indeed changed its censorship mechanism after our research made headlines this week. But Bing is still seriously flawed on two fronts: its algorithm favors pro-Chinese government websites by default on all search terms in simplified Chinese and their front end mistakenly delivers explicit censorship of search results on some search terms for users from all over the world.

Wed, Feb 12, 2014

No error here: Microsoft deploying Chinese censorship on global scale

Microsoft says: “The results themselves are and were unaltered outside of China”. This is simply not true.

Tue, Feb 11, 2014

Bing practicing Chinese censorship globally

Our latest research indicates that Microsoft’s search engine Bing is censoring English and Chinese language search on its home page in order to exclude certain results. We have also noticed that Bing is practicing subtle censorship with search results. In both instances, Bing is filtering out links and stories that the Chinese authorities would deem damaging.

Thu, Jan 23, 2014

Massive blocking of foreign media in China

After Tuesday’s report Leaked Records Reveal Offshore Holdings of China’s Elite by ICIJ, China blocked a number of major newspaper websites. All websites below were blocked after publishing copies of the original report. They're all listed as the publishing partners for “Chinaleaks” stories on ICIJ's website. The Great Firewall rarely blocks non-Chinese websites. Many of them have published the Chinese version of the report which probably explains the unusual development.

Newspaper

Main Language

Article

http://www.icij.org

English

Chinese

http://www.theguardian.com

English

Subscribe to our blog using RSS.

Comments

I savor, lead to I discovered just what I used to be looking
for. You have ended my 4 day lengthy hunt! God Bless you man.
Have a great day. Bye

Here is my homepage: bharat patel seo

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.