| This is the second part of my series on the Internet | | | | China blindly blocking larger parts of China's networks |
| in China. I recently returned from a year teaching at | | | | from connecting. This included one incident that |
| a Chinese University. During my time in China, I had | | | | basically cutoff service from China to most of Europe |
| the pleasure of getting to know the state of the | | | | and the United States.An often overlooked aspect of |
| Internet in China, both directly and indirectly, through | | | | our fight against Spam and malicious activity is our |
| my own use of the Internet and the classes. In my | | | | own contribution to censoring the Internet in China |
| last article, The Butterfly Effect Part I: Microsoft, | | | | (also by extension other developing nations). What |
| Security, and the Developing World, I dealt with the | | | | seems to have been missed is how we, as systems |
| effect of pirated software and security and its | | | | administrators and security professionals, also are |
| impact on development. In this article, I would like to | | | | contributing to the great firewall of China. |
| cover my experience of the Chinese Firewall from | | | | |
| the inside and the way we contribute to censorship in | | | | Here is how it works for those unfamiliar with the |
| China.Scanning Chinese networks the old fashion way | | | | process: Millions of unlicensed, unsecured, and |
| with nmap or similar tools struck me as a bit impolite | | | | unpatched Microsoft desktops across China are |
| and potentially illegal. Being on the other side of the | | | | turned into zombies networks by the bad guys. |
| wall, I was not going to push my luck too much. | | | | Those bot/zombie networks attack servers with |
| However, part of my teaching duties involved several | | | | Spam and malicious activity outside of China. Systems |
| classes on research writing and basic computer skills. | | | | administrators around the world cutoff traffic to their |
| This gave me access to a very effective network | | | | network by blocking large blocks of IP addresses in |
| testing tool. Basically, several hundred average | | | | mainland China. The average user inside China |
| Chinese University students. To get an idea of what | | | | attempts to connect to websites outside China on |
| the average Chinese experience of the outside | | | | those networks and fails. This failure to connect, |
| Internet world was like, I could simply assign my | | | | both inside and outside China, is then attributed to |
| students to retrieve various information from the | | | | the government sensors and the mystic of the |
| Internet and wait for their reports. For example, if a | | | | firewall is reinforced. The effect is that the Chinese |
| site was not reachable from inside China, I would be | | | | firewall, if only in part and inadvertently, is being |
| quickly inundated by emails and questions from panic | | | | reinforced by Western democratic countries and |
| stricken students trying to complete their homework | | | | companies protecting their systems from China's |
| assignments.My total number of students was well | | | | infected computers.Granted, that this is a very |
| over a 1,000 for the length of the school year. I | | | | effective method of protecting networks. However, |
| could also add to this all the miscellaneous students, | | | | it would seem rather hypocritical of us to cheer for |
| staff, and public seminars where I simply referred | | | | Open Source, the free flow of information, and |
| them to my teaching website (hosted outside of | | | | criticize the Chinese Governments actions; while at |
| China). That would bring the number to something like | | | | the same time, with a couple dozen key strokes, we |
| 2,000 people. About 100-200 in any given week | | | | restrict millions of people from accessing information |
| where engaged in some sort of Internet related | | | | they so desperately need to further their |
| project for my classes. My own modest teaching site | | | | development. Yes, we need to, and should, cutoff |
| received a little over 5,000 hits in my time in China. | | | | the spam and bot nets from the Internet; however, |
| So, through my classes at the University and other | | | | it needs to be done with more of a scalpel and less |
| schools in Eastern-Central China, I was able to run a | | | | of a howitzer.Overall, the restrictions on the Internet |
| sort of ongoing distributed human scan of Internet | | | | in China are first and foremost a function of |
| connectivity in China.My informal survey results: | | | | networks that are overwhelmed by such a rapidly |
| Of course there is always a few students that | | | | growing user base. One estimate puts the NEW |
| would, for one reason or another, be incapable of | | | | Internet users in China at over 10,000,000 people a |
| connecting; however, when a site could not be | | | | month. Even this is perhaps a low figure. Many of my |
| accessed at all, I would see my student red flag go | | | | own students never used the Internet until they |
| up quickly. Normally, within about 24 hours of giving | | | | came to the University. In addition, thousands of |
| an assignment it would be obvious that something | | | | inexperienced systems administrators struggle to |
| was wrong. | | | | manage computer systems built and documented for |
| | | | the English speaking community. Secondly, the |
| My own Internet connection provided to me by the | | | | restrictions on the free flow of information are a |
| University, as far as I could tell, seemed completely | | | | function of the network security environment in |
| unadulterated and functioned as it would in any | | | | China. Millions of compromised computers attacking |
| Western country. This included access to many news | | | | networks inside and outside China, and our inevitable |
| sites in Taiwan and Japan. For example, I could | | | | security response to them. Finally, I would list the real |
| access the Gutenberg library, but my students could | | | | efforts of the authorities to restrict information. The |
| not. News sites such as BBC, and occasionally CNN, | | | | reality is, China simply does not have the computing |
| were completely unaccessible by me or the students. | | | | power and expertise to effectively regulate all of the |
| The Google search engine seemed to do some | | | | traffic on the Internet. The volume of white noise |
| strange things. Both my students and I were able to | | | | alone insures this fact. The most effective control |
| download, and watch live, the entire U.S. presidential | | | | methods the authorities have is the simple |
| debate on C-span's website. Later, we were able to | | | | psychological intimidation associated with showing an |
| download the transcripts in both English and Chinese; | | | | ID to use a computer in a public Internet cafe. I |
| including the segments where Bush directly criticized | | | | might remind the reader that using a computer in a |
| China. These were the same transcripts and video | | | | public libraries in the United States also has similar |
| that I later used to teach debate class at the | | | | conditions attached.There are very real controls on |
| University. | | | | the flow of information in China. What needs to be |
| | | | understood is the practical reality for millions of |
| On my own Linux computer, I had no problems | | | | Chinese to access information is far less terrible than |
| connecting to bank websites in New York with 128 | | | | what it is made out to be in Western Press, at least |
| bit SSL; or connecting by SSH to computers in the | | | | on a Political level. Increasingly China is becoming more |
| United States and South America. I also frequently | | | | politically open, if for no other reason than it is a |
| used Skype to make encrypted phone calls to friends | | | | prerequisite for a market economy to function |
| and family around the world; Granted, the quality of | | | | correctly. This will take time. However, on a technical |
| the connection was at times so poor as to be | | | | level, the restrictions are far worse than what is |
| unusable. This I would take to be more an issue of | | | | recognized outside of China. Because, in the final |
| distance and network quality than censorship. | | | | analysis, not being able to connect is as bad as not |
| Bittorent and FTP functioned normally, including Linux | | | | being allowed to connect. Charles Spencer in the |
| sites hosted in Taiwan and the United States.The | | | | founder and of Spencer Global International |
| most surprising source of censorship in China:There | | | | Consulting with members in more than 10 countries in |
| were several instances where the red flag on my | | | | North and South America, Europe, and Asia. Spencer |
| human Internet scanner went up to an unusual high | | | | is also editor and Chief designer of All Southern Chile |
| level. Students reported 100% failure. After | | | | ( a development project of Spencer Global |
| investigating the problem, I discovered that it was | | | | International Consulting to promote the South of |
| not a firewall restriction or China's own network | | | | Chile in English to the World. |
| failure, but foreign networks and servers outside of | | | | |