Without the right of correspondence: how to deal with unwanted Internet services in China

Having a huge army of “Internet punishers”, China is making serious efforts to ensure that the very fact of censorship, control and surveillance was not felt by ordinary citizens of the country. Can Roskomnadzor follow the Chinese script of network censorship?

The history of the confrontation of the telegram messenger Telegram in the person of Pavel Durov F 58 and the regulator in the person of Roskomnadzor led to the fact that the clouds thicken over all Runet.

In May, the head of the Ministry of Communications Nikolai Nikiforov has not ruled out that the problems with obtaining encryption keys, similar to those that have arisen with Telegram, can touch the Viber-messenger with an audience in Russia of 9.4 million users. The operational director of Viber Media S.a.r.I. Michael Shmilov stated that Viber can not fulfill the requirement to provide security keys. And again in the notorious end-to-end Encryption, where keys are stored on user devices.

However, the very next day after the speech of Nikiforov, the head of Roskomnadzor stated that there are no prerequisites for blocking, and at the same time, conversations began about creating a “white list” of IP-addresses, in order to isolate the IP-addresses of forbidden resources on his side, once it’s refused to do vendors Google and Amazon.

All this forcibly makes one think about a special way for the Russian Internet, especially in world practice there are already examples of regulation of the worldwide network. The experience of China is very indicative for Russia in the light of recent events – how do the restrictions work in the Middle Kingdom?

Gold of the party

The project “Golden Shield” is one of the 12 key PRC projects in the field of e-government, called “golden”. Among other “gold” projects are such projects as “Golden Bridges” (for general economic information), “Gold Customs” (for foreign trades), “Gold Card” (for electronic currencies), Golden Finance (for financial management), “Golden agriculture “(for agricultural information),” Golden Taxation “(for taxation),” Golden Water “(for information about water resources),” Golden Quality “(for quality control), etc.

The unofficial name – “The Great Chinese Firewall” – somewhat underestimates the scale of the world’s largest complex of subsystems for monitoring, recognizing and managing traffic with a 15-year history. According to the Open Society Institute researchers, this project does not only have its name but also the amount of resources involved in it. According to the estimates of the Open Society Institute, more than 30,000 employees are constantly working on the project, and its estimated cost at the time of launch was more than $ 800 million.

The Golden Shield is primarily a server system on a channel between local backbone providers and international networks. Each of these gateways has a system of Internet sniffers and proxy servers that are used to copy data packets classified by DPI technology (the technology for verifying and filtering network packets based on their content and on the basis of statistical data). The copied information is analyzed by the servers of the Golden Shield based on several technologies at the same time: blocking and filtering by IP addresses, filtering DNS queries (they translate the user’s request in the form of a domain into an IP-address intelligible to the servers) and their redirection, blocking and filtering Internet- URLs for the presence of keywords, deep filtering of information packets (DPI), data compromise in the DNS query system, and then resetting the connection to the resource when an abnormal intensity of the Internet connection (connection probe) and algorithm s machine learning to classify traffic (SVM), after which the system makes a decision on the possible restriction of access to the resource.

READ  Budget analogue iPhone X has fallen to a critical level

The power of technology

If the first three technologies are applied successfully by many countries, including Russia, the latter (DPI, connection probe and SVM) are just the main power of the “Great Firewall”. They allow you to block any connections through a VPN (it is called in China 翻墙 “fan Qiang”, which literally translates as “climb over the wall”), SSH tunnels and other methods that for a long time served as faith and truth to local residents in their pursuit access to the desired and blocked Western messengers and social networks.

With the help of DPI technology, low-level checking and filtering of network packets is performed on their content in real-time mode, and from the point of view of an external observer, there are practically no delays or manipulations with traffic. For this, huge computing power is used, namely, a data center the size of a small city that uses swarm intelligence (Swarm Intelligence) to manage the balancing and processing of data between its countless parts-nodes. And yes, this is the same DPI technology that, in peacetime, is used by providers in conjunction with advertisers to analyze the actions of browser users to subsequently target advertising: it is thanks to it, if you were looking for a discount on Bentley on the website of the dealership, such advertising will be you chase in the mail and skype.

Connection probe is a technology that, when trying to connect to any service outside the national network gateway, “freezes” such a request and initiates an advanced connection to the target address already on its own behalf, which makes it practically possible to uniquely identify the type of external service that a user from China wants to use. For example, the i2p anonymous resource network, which is a decentralized and dynamic network within the network, has been successfully blocked using the above technology in China and Iran, as well as the more common Tor traffic anonymization system. (With Tor you try not to let yourself know, i2p hides from other sites and other network resources.)

READ  The new Russian drone is equipped with a video camera with a 60x zoom

The Reference Vector Method (SVM) is one of the machine learning algorithms that helps DPI analyzers automatically classify large arrays of disparate data. The algorithm allows you to identify hidden patterns in Internet traffic, by analyzing the frequency of certain characters, packet lengths and other anomalies. For example, in China, the theme of the Tiananmen Square riots in Beijing on June 4, 1989, notoriously known as the Tiananmen Square Massacre, was tabooed. “Golden Shield” using DPI, dynamically scanning the national traffic, blocks any web addresses with references to the specified date. After the Chinese adapted to designate this date as May 35 (and many other witty ways), the usual analysis became much more complicated and the SVM algorithm came to the aid, which is capable of detecting the objects of censorship disguised by man.

With the help of the described mechanisms, the traffic is classified with subsequent blocking of the identified prohibited resources and networks. All unclassified traffic, and under this category, any encryption means (the notorious Telegram case, for example), be it SSH, XOR or VPN traffic, is separated from HTTPS traffic, and then subjected to artificial buffering. For the user, this looks like a slowdown in the performance of any “uncertified” software, if at all. As a result, users select local analogues – Baidu search engine, weChat messenger, “Weibo” twitter, “YouTube” Youku, an online encyclopedia Sogou Baike or a modified version of the VPN for corporate purposes, which the government can decipher.

It should be noted that China began its struggle with VPN also with the ban of VPN-services, which could be observed in Russia. But similar services grow like mushrooms after the rain, and several blocks appear at the site of the blocked one, that’s why the special pride of the “Golden Shield” is precisely in blocking the use of the VPN technology itself and the like.

Foreign search engines operating in China, including Yahoo and Bing, similarly filter the search results. Thus, it combines virtually all possible technical methods of filtration to date, using them selectively in relation to these or other resources. Some can be completely blocked, others only partially.

Tens of thousands of invisible censors

Censorship – a long and natural element of Chinese culture – back in the days of the Qin Dynasty in the 3rd century BC, the Emperor Shihuandi, on the advice of the legally-minded philosopher Li Sy, ordered the digging of 460 Confucian scholars alive and burning all Confucian literature so that they did not get into the broad masses. Traditions are also followed after more than two thousand years, during the reign of the Communist Party, the authors of the scientific work, published in the journal Science, write. If the automatic part of the “Golden Shield” fights with the filtering of traffic directed to unwanted resources and applications, then with the undesirable content in social networks with hundreds of millions of users – it is a real army of censors. Researchers at Harvard University have estimated their number in an unprecedented tens of thousands of participants, including government bloggers and the so-called Internet police, engaged in various types of content filtering of Internet resources.

READ  What else will honor Honor 10 and what will not be in it?

It is noteworthy that having a huge army of “Internet punishers”, China at the same time makes serious efforts that the very fact of censorship, control and surveillance in no way outwardly felt ordinary citizens of the country. Any attempts to discuss this problem openly and point out the facts of control are sometimes even more harshly suppressed than criticism of the leadership and policy of the Communist Party.

Will Russia Repeat the Chinese Way

The way to the Internet free from the Western influence of news about the religious organization “Falun Gong” and the discussion of the struggle for national independence in Tibet and Xinjiang to the Internet was quite long and complicated. Although the “Golden Shield” was put into operation in 2003, the first baptism of fire took place in 6 years, in 2009, when the first targets of the Communist Party hit YouTube, owned by Google, and then by Google itself, the mail service Gmail, Twitter, Flickr and Hotmail. After a couple of months, Facebook was blocked, even the arrival of its head Mark Zuckerberg, who spoke in Mandarin before the students of Tsinghua University in Beijing, did not help. Then followed the interlocking Pinterest, WhatsApp, Snapchat and Instagram – this is not the whole list.

Speaking of Russia, we can say that we are only at its beginning. And it’s not so much that domestic projects with the implementation of DPI are estimated at $ 40-50 million, while the Chinese national system of the “Golden Shield” has clearly exceeded one billion, and the fact that the Russian DPI is technically unable to implement a really deep analysis of passing packets, which means that its barrier barriers will potentially be managed by qualified users.

So far we see that the lack of real technical capabilities is compensated by “brute force” and fan locks. We are unified with China only the root causes of these events, namely, the unwillingness of Western Internet giants and web services to comply with local legislation and respect the laws of sovereign states.


Leave a Reply

Your email address will not be published. Required fields are marked *