An Open Letter to Lu Wei and the Cyberspace Administration of China

January 26, 2015

Beijing, China

 

Mr. Lu Wei

Director of the Cyberspace Administration of the People’s Republic of China 中央网络安全和信息化领导小组办公室主任

Director of the State Internet Information Office 国家互联网信息办公室主任

Deputy Director of the Central Propaganda Department of the Chinese Communist Party 中共中央宣传部副部长

Cyberspace Administration of China,

Floor 1, Building 1,

Software Park, Chinese Academy of Sciences,

4 South 4th Street, Zhongguancun,

Beijing, China, 100190

 

Dear Mr. Lu,

On January 22, 2015, the Cyberspace Administration of China (CAC), which is under your direct control, wrote a response to a story we published about an MITM attack on Microsoft. In the post, your colleague, Jiang Jun, labelled our accusations as "groundless" and  "unsupported speculation, a pure slanderous act by overseas anti-China forces".

We at GreatFire.org take great offense to these comments and we will refute them in this letter.

We do not level accusations against CAC lightly. We took great lengths to provide data collected during the attack to back up our claims. Multiple reports confirmed our analysis, including screenshots and tests posted by Chinese internet users as well as independent analysis from security experts.

We have reported on previous MITM attacks against iCloud, Yahoo, Microsoft and Google, all of which have been confirmed by the respective companies. We have also asked independent security experts to examine the data we or Chinese users captured during each MITM attack. Please see the independent data analysis in each instance here: Outlook, iCloud, Google, Yahoo, Github. In each case the conclusions are similar:

Our conclusion is that this was a real attack on Microsoft's email service. Additionally, the attack is very similar to previous nationwide Chinese attacks on SSL encrypted traffic, such as the attack on Google a few months ago.   

Two independent security experts contacted by Reuters said GreatFire's report appeared credible.

"All the evidence I've seen would support that this is a real attack," said Mikko Hypponen, chief research officer at security software developer F-Secure.

To be more specific, it appears as if the MITM attacks are being performed on backbone networks belonging to China Telecom (CHINANET) as well as China Unicom.  

All evidence indicates that a MITM attack is being conducted against traffic between China’s nationwide education and research network CERNET and www.google.com.

The fact that the MITM machine was six hops away from the user indicates that the MITM is taking place at some fairly central position in China's internet infrastructure, as opposed to being done locally at the ISP.

We have noted your department's denial of involvement in the Outlook MITM attack. However, Jiang Jun acknowledges that an attack took place. We assume that by proclaiming your innocence, you believe that others are responsible for the attack.

If CAC is not responsible for the attack, nor complicitly letting it happen, can you please explain how “hostile forces” can tap into the backbone of Chinese Internet and implement nationwide MITM attacks six times over the past two years?

Why did CAC not launch an investigation after you denied any involvement in a MITM attack against Apple’s iCloud in October, 2014? Do note that your colleague Mr. Jiang states:

The Chinese government is a staunch advocate for cyber security and stands firmly against any sort of cyber attack. China will crack down on online offensive maneuvers initiated in China and those launched via Chinese Internet infrastructure in line with law.

Can you please explain, Mr. Lu, how CAC has cracked down on these “offensive maneuvers”? How come your department is censoring reports about this attack and even stories that appear in state media, including People's Daily?

Mr. Jiang also makes several accusations about GreatFire.org, all of which we would like to address in this letter.

"姜军说,Greatfire.org是境外反华组织创办的反华网站,长期对中国政府进行无端攻击.此次炒作选在国家网信办宣布依法关闭一批违法违规网站、栏目和微信公众账号之时,蓄意引发不满情绪,污蔑指责中国网络空间治理制度”.

Our translation: Jiang Jun said, GreatFire.org is an anti-China website set up by an overseas anti-China organization (1). It has long made groundless charges against Chinese government (2). They (GreatFire.org) timed this incident with an announcement from CAC about the closure of illegal websites, website columns, and public WeChat accounts (3), aiming to incite dissatisfaction and to smear China's cyberspace management system (4).

(1) Three people founded GreatFire.org in 2011 without any help from any external organizations. We were dissatisfied with Internet censorship in China and we decided to fight against it. We are not anti-China but we are anti-censorship in China. Please take the time to read more about the history of our organization.

(2) We've been monitoring and writing about Chinese Internet censorship since 2011. In fact, the main purpose of GreatFire.org is to automatically test internet censorship in China. All of our blog posts are backed up by hard data, collected from automatic testing, manual testing and user reports. As mentioned earlier, we have even provided the full raw data on the most recent MITM attack. This evidence is far from being “groundless”.

(3) Unless you are accusing us of staging this attack, how is it possible that we can "time" the MITM attack with your announcements? Microsoft has confirmed that there was an attack - we simply reported on it in a timely fashion. In fact, this timing provides some indication that CAC is indeed behind the MITM attack. Perhaps the closing of WeChat accounts and the attack on Outlook were part of the same plan?

(4) We do agree on one thing and that is that we are "aiming to incite dissatisfaction and smear China's cyberspace management system". We are here to watch what you are doing, to criticise you when you are wrong and to end online censorship in China. And we are encouraging netizens and companies alike to fight against GFW and Chinese internet censorship in general. We've called for Microsoft, Apple and others to immediately revoke trust for CNNIC certificate authority. Your continued MITM attacks, your denial of your involvement in these attacks, and your baseless accusations against us are only adding to the urgency of revoking trust for CNNIC.

We have also noted that you have instructed Chinese media to discontinue mentions of us in the Chinese press, after you labeled us as “anti-China”. However, no matter what censorship measures you put in place, our voice will continue to be heard by state media, including this mention in the Global Times:

"The Great Firewall is blocking the VPN on the protocol level. It means that the firewall does not need to identify each VPN provider and block its IP addresses. Rather, it can spot VPN traffic during transit and block it," one of the founders of an overseas website which monitors the Internet in China told the Global Times Thursday via e-mail.

We look forward to receiving an apology from you for your groundless slander against us; your “wild guesses and malicious blemishes" will not help solve cyber issues.

Sincerely,

The Team at GreatFire.org


 

 

Comments

More Blog Posts

Subscribe to our mailing list
Show content from Blog | Google+ | Twitter | All. Subscribe to our blog using RSS.

Mon, Jun 10, 2019

Apple Censoring Tibetan Information in China

Apple has a long history of censorship when it comes to information about Tibet. In 2009, it was revealed that several apps related to the Dalai Lama were not available in the China App Store. The developers of these apps were not notified that their apps were removed. When confronted with these instances of censorship, an Apple spokesperson simply said that the company “continues to comply with local laws”.

In December, 2017, at a conference in China, when asked about working with the Chinese authorities to censor the Apple App Store, Tim Cook proclaimed:

"Your choice is: do you participate, or do you stand on the sideline and yell at how things should be. And my own view very strongly is you show up and you participate, you get in the arena because nothing ever changes from the sideline."

In the ten years since Apple was first criticized for working with the Chinese authorities to silence already marginalized voices, what has changed? Apple continues to strictly follow the censorship orders of the Chinese authorities. When does Tim Cook expect that his company will help to bring about positive change in China?

Based on data generated from https://applecensorship.com, Apple has now censored 29 popular Tibetan mobile applications in the China App Store. Tibetan-themed apps dealing with news, religious study, tourism, and even games are being censored by Apple. A full list of the censored apps appear below.

Thu, Jun 06, 2019

Report Shines Spotlight on Apple’s Censorship Practices in China

The newest Ranking Digital Rights Corporate Accountability Index makes recommendations on what companies and governments need to do in order to improve the protection of internet users’ human rights around the world. Ranking Digital Rights (RDR) works to promote freedom of expression and privacy on the internet by creating global standards and incentives for companies to respect and protect users’ rights.

In their 2019 Accountability Index, RDR looks at the policies of 24 of the world’s most important internet companies in respect to freedom of expression and privacy and highlights the companies that have made improvements and those companies that need to do more. RDR notes that:

Insufficient transparency makes it easier for private parties, governments, and companies themselves to abuse their power over online speech and avoid accountability.

In particular, the report highlights how Apple has abused their power over online speech, and notes instances of this in China. According to the report, Apple has not disclosed data around the content that it removes from its App Store when faced with requests from the government authorities.

While [Apple] disclosed data about government requests to restrict accounts, it disclosed no data about content removal requests, such as requests to remove apps from its App Store. Apple revealed little about policies and practices affecting freedom of expression, scoring below all other U.S. companies in this category.

The report makes intelligent and sensible recommendations for governments. However, the recommendations also highlight how difficult it is to have these discussions with governments like China’s.

Thu, Nov 30, 2017

About those 674 apps that Apple censored in China

Apple opened the door on its censorship practices in China - but just a crack.

Tue, May 23, 2017

Is China establishing cyber sovereignty in the United States?

Last week Twitter came under attack from a DDoS attack orchestrated by the Chinese authorities. While such attacks are not uncommon for websites like Twitter, this one proved unusual. While the Chinese authorities use the Great Firewall to block harmful content from reaching its citizens, it now uses DDoS attacks to take down content that appears on websites beyond its borders. For the Chinese authorities, it is not simply good enough to “protect” the interests of Chinese citizens at home - in their view of cyber sovereignty, any content that might harm China’s interests must be removed, regardless of where the website is located.

And so last week the Chinese authorities determined that Twitter was the target. In particular, the authorities targeted the Twitter account for Guo Wengui (https://twitter.com/KwokMiles), the rebel billionaire who is slowly leaking information about corrupt Chinese government officials via his Twitter account and through his YouTube videos. Guo appeared to ramp up his whistle-blowing efforts last week and the Chinese authorities, in turn, ramped up theirs.

via https://twitter.com/KwokMiles/status/863689935798374401

Mon, Dec 12, 2016

China is the obstacle to Google’s plan to end internet censorship

It’s been three years since Eric Schmidt proclaimed that Google would chart a course to ending online censorship within ten years. Now is a great time to check on Google’s progress, reassess the landscape, benchmark Google’s efforts against others who share the same goal, postulate on the China strategy and offer suggestions on how they might effectively move forward.

flowers on google china plaque

Flowers left outside Google China’s headquarters after its announcement it might leave the country in 2010. Photo: Wikicommons.

What has Google accomplished since November 2013?

The first thing they have accomplished is an entire rebranding of both Google (now Alphabet) and Google Ideas (now Jigsaw). Throughout this blog post, reference is made to both new and old company names.

Google has started to develop two main tools which they believe can help in the fight against censorship. Jigsaw’s DDoS protection service, Project Shield, is effectively preventing censorship-inspired DDoS attacks and recently helped to repel an attack on Brian Krebs’ blog. The service is similar to other anti-DDoS services developed by internet freedom champions and for-profit services like Cloudflare.

Subscribe to our blog using RSS.

Comments

恭喜greatfire.org获得国家级 “反华” 认证。 加油!

鄙视那些个发言人

Great letter. Look forward to hearing if there's a response, though I think we all know how likely that is.

加油

加油

visitor of this site, so keep posting for us,

click the below links to create backlink
best free backlink website then click.
msg movie

thank for sharing Ontips-in

thanks for this post, keep it up for updating us, i am waiting for ur new article.

thanks again
IPL8 live stream 2015

Its like you read my mind! You appear to know so much about this, like you wrote the bolok in it or something.
I think that you can do with some pics to drive the message home
a bit, but instead of that, this is excellent blog.
A great read. I will certainly be back.

Here is my webpage: perdre du poids rapidement (Quentin)

hello friends, here we are represent latest collection of palm sunday images thanks

Thanks for this post and i will be waiting for another

happy mothers day 2015
happy mothers day
mothers day 2015

这个网站并不那么反华,比无国界记者好多了。无国界纯粹是为了反对而反对。

Hi! This is kind of off topic but I need some advice from an established blog.
Is it tough to set up your own blog? I'm not very techincal but I can figure
things out pretty fast. I'm thinking about making my own but I'm not sure
where to begin. Do you have any ideas or suggestions?
With thanks

My site Backlinks

那么网信办回复了你们吗?

good Share what you're watching and just what feels you more interested https://mobdrodownloads.com Using below link you can download Mobdro 1.2.446 APK 2015.nice.

You can see more at Three people founded GreatFire.org in 2011 without any help from any external organizations. We were dissatisfied with Internet censorship in China and healthoffset.com decided to fight against it. We are not anti-China but we are anti-censorship in China. Please take the time to read more about the history of our organization

good to date functions such as songs streaming, showbox as well as set up the apk variation of Showbox application. best.

So if you want to view you fevorite TV shows like https://iterrariumtv.com which is readily available for Android as well as.

You can easily check modem settings with https://www.192-168-l-l.net/ and router setup also.

tubidy tunes most recent included mp3s by tubidy mp3 tracks. tubidy.mobi would certainly be much better referred as the heaven for

else method to install your TV gamer on IOS.However, You TV Player you TV player is out Google play store as well as you have.

Yep! Hope Mr Lu Wei see this letter! He should read it and understand how many difficulties he cause for the users around China. instagram online Thank you for writing the letter!

I am from bangladesh. want to communicate Mr.Lu wei.important.please help guys..my email k.iftakhar@yahoo.com thanks

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.