Slashdot Mirror
Defeating China's National Firewall
Bruce Schneier is reporting on his blog that a recent paper is discussing how to defeat China's national firewall. From the article: "However, because the original packets are passed through the firewall unscathed, if both of the endpoints were to completely ignore the firewall's reset packets, then the connection will proceed unhindered! We've done some real experiments on this -- and it works just fine!! Think of it as the Harry Potter approach to the Great Firewall -- just shut your eyes and walk onto Platform 9¾."
that most of the Chinese people don't know/care about the firewall?
Send email from the afterlife! Write your e-will at Dead Man's Switch.
How the heck is it anything like shutting your eyes and walking onto Platform 9¾?
Maybe if the Chinese authorities found you on board this 'train', they could act like those terrible dementor things I guess.
It is irresponsible for people to post ways of bypassing the security restrictions a sovereign nation has enacted upon its people. If the Chinese people don't like the way their government is restricting their access to information then they have a moral obligation to overthrow that government, either peacefully via voting in the next election, or by force using a militia formed from the people. By showing the Chinese people ways to exist comfortably within the restrictions imposed by an immoral government we're not helping them to reach a better place in life.. namely a free and democratic Republic of China.
If I'm correct, and I think I am:
This has the potential to triple the traffic through their firewall as resets are sent for every packet. So consequently, not only is it an illegal act of hacking (even by US standards) but the potential does exist for a resulting DOS attack that could take the firewall down completely.
Kids have to much time on their hands. No matter how "horrible" Chinese internet policy is by US standards, it's their damned network segment. Let them work it out for themselves.
Another consultant who stuck it out.
"We are the Priests, of the Temples of Syrinx..."
See the parallel?
Engineering is the art of compromise.
The chinese internet doesn't belong to the chinese government, it belongs to the chinese people. When they have a real democracy then "they" (the people) can decide how to run it. Until then we shouldn't respect how "they" (the government) want to run the internet any more than we would if some bank robbers were holding hostages and "they" (the robbers) wanted to decide how to run the bank.
I am neither a lawyer nor a Chinese resident, so I am not sure, but I don't think that it is illegal. If someone in China wants to connect to a server in the USA, and that server happened to be told to ignore reset packets from China, then that can't be illegal. If a Chinese citizen's computer just happened to be configured to ignore reset packets, then I doubt that it will be illegal. Having said that, actually looking at forbidden content is probably illegal.
But how will they know? You cannot tell if a remote host is responding to reset packets from your firewall, at least not directly. This seems like it will work.
Currently hooked on AMP
Do you recall that little American Revolution way back in the mid 1770's? You know, the one the then-English colonies were LOSING? The U.S. would have been in quite a pickle without the French providing financial and military aid. Sure, it was in their own self-interest, but that makes their aid no less valuable.
Just because a Revolution receives assisstance from the outside makes it no more or less legitimate.
SirWired
> You cannot tell if a remote host is responding to reset packets from your firewall, at least not directly.
If you had to send multiple resets for the same port pair, they're ignoring you.
Just wait till after the 2008 Olympics - China doesn't want protests so expect them to be nice till the games are over.
Gimmicks like these wont last long. How many chinese would actually search for information against their government? Even if they do, they will always have the fear of being caught. Until every Ying Yang realizes the need to overthrow the system, nothing is going to happen.
Why do you think that the only legitimate way to deal with a bad government is to overthrow it, by election or force? What's wrong with getting a bad government to change its ways?
Do you think that any time a government is doing something bad, that the government should be overthrown (or voted out)? What if a government is doing some really wrong things, but it's also doing some good things? Suppose you think that a President has done one thing that's very wrong, but that aside from that one thing, he's done a fantastic job. Are you morally obliged to vote that President out? Imagine it's 1948. You think Truman did a terrible thing when he used nuclear weapons in Japan, but you approve of everything else he's done, and you don't like Dewey. Are you morally required to vote for Dewey anyway?
Do you think that armed rebellion is the only way for a non-democratic government to become democratic? If so, why do you think this? There are examples in recent history of non-democratic governments becoming democratic without a shot being fired (e.g., most of Eastern Europe). Or think about the way the U.K. changed from a non-democratic monarchy to a parliamentary democracy with a figurehead monarch.
Have you thought about what would be involved in overthrowing China's government by force? For some period of time, China would be without any government at all. Think how wonderful it would be for a country with a population of over a billion and a large supply of nuclear weapons to find itself suddenly without a government.
One way to get a government to stop trying to regulate something is to make its efforts to regulate it spectacularly ineffective. This happened in the United States with Prohibition. Why can't it happen in China?
Why yes, I do. It is why I am a Libertarian. It is a huge waste of time, effort and money to stop drugs. Instead the government should regulate the HELL out of them like they do Cigarettes and Alcohol, and tax them into oblivian. Prolly would get rid of the Income Tax with the revenue.
.........
AND it would clean up the Drug Cartel Violence found in Brazil, Argentina, Mexico
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
i am neither a lawyer nor a Chinese resident, so I am not sure, but I don't think that it is illegal. If someone in China wants to connect to a server in the USA, and that server happened to be told to ignore reset packets from China, then that can't be illegal. If a Chinese citizen's computer just happened to be configured to ignore reset packets, then I doubt that it will be illegal. Having said that, actually looking at forbidden content is probably illegal.
/. too much (especially if you are a foreign national simply visiting family there), but if they even begin to think you're a subvesrive engaged in treason or sedition, pO.of, you're done, no proof required. Stop, do not pass Go, do not collect $200. Go with the nice men in blue uniforms directly to the "police van that looks like any other" parked right outside your front door.
The problem hinges on the fact that the is no (enforceable) law preventing the Chinese government from doing what it likes to who it likes that does anything they don't like. Remember, they require no warrants, no subpoenae, and no trial. They only have to notice that you have accessed something they don't like enough to pay attention to you, and you're toast (see above mentioned death vans).
Perhaps, as another poster mentioned above, the Chinese will restrain themselves up unto the 2008 Olympics, but I doubt it. Again, see the above death wagons, which "look like any other police van." Also, whoever said they haven't got the resources is deluding themselves. If the RIAA has the resources to track people downloading illegally (though the lack the resources to document and prosecute anywhere near the majority), there are 1.3 billion with a "B" people in China. Even though you don't hear about it much, they assault US networks (telecom and government) with regularity. I'm sure they have enough people to monitor home traffic closely enough to suit their purposes - remember, all it takes is a small app to parse logs for forbidden traffic in the past X days or whatever. Combined with random live monitoring and historical traffic analysis, I'm sure they can monitor more than enough to make it as unsafe to commit thought crime on the internet as it is for the average American to get away with hacking the average website hosted by a paranoid provider. I rather doubt they care about anyone posting on
"Inveniemus Viam Aut Faciemus" 'We will find a way... Or we will make one!' --Hannibal of Carthage
Yes, we can mock the Great Firewall implementors for incompetence, but let's remember that the technical means are really only a reminder of the underlying law. Many laws don't have any built-in means of enforcement at all. My car has no speed governor to keep it under 65 mph, does that mean the government is just stupid? Or that I can't get busted for speeding? Almost all laws are easy to break; the real problem is getting away with it, especially if the government decides to target you for whatever reason.
I feel a lot of sympathy for the Chinese who've died or who've been jailed and tortured for disobeying their formerly communist and now fascist regime, but in the end changing that is up to the admittedly indifferent and mostly indoctrinated Chinese population.
However when the Chinese people allow their communist party gestapo to continue raping and demolishing their *peaceful* Tibetan neighbours, *that's* something no decent person in the whole world should tolerate without taking some action.
It's both ridiculous and ironic at the same time that the general indoctrinated (everyone's spending a minute in the Chinese "education system" gets a full load of brainwashing, that is a verifiable fact) Chinese population is taught to hate the Japanese to their guts for what took place in *parts* of China during their *civil war* over sixty years ago while these same idiots are absolutely idolizing their own expansionism-driven 100% destruction of Tibet.
*That* is what should drive the action against the Chinese regime by both decent Chinese people (who are few but do exist) and anybody else who feels that wiping out a peaceful nation (which Tibet was for centuries after adopting buddhism) can not be tolerated.
Geeks with respect for human life and dignity can play a major part in breaking the fascist Communist Party's stranglehold on information. I've made my informed choice and you can either 1) play ignorant and sympathize with the Chinese regime, 2) wash your hands and ignore the whole thing, or 3) figure out ways to try and stop the madness driven by the Chinese dictatorship. It's that simple.
Should invading one's peaceful neighbours be opposed, or rewarded with trade deals?
Then he'll go home to his wife and kids, proud that he's done a good job. If you're here, raise your hand.
Kind of funny, eh, that repression has been outsourced to us now. (Yes, Cisco helped set up the great firewall, sold the equipment, and worked extensively to prevent free access by Chinese citizens.)
The baby's fine -- please stop sending business cards.
Great walls are never great. Look at Berlin as well. And now look at what we're trying to do in America. Every 'great wall' becomes a tourist attraction.
Please, for the good of Humanity, vote Obama.
Are you going to track every blocked connection for a whole country? and keep them in memory? Remember this is the content filtering part of their defences. I assume they have some address filtering as well. So it might not work for everything (eg /.).
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
The Great Firewall will come down and there is a good possibility that the Chinese government might have another trick up it's sleeve to cut off what it considers unsafe. That being said, the Chinese are also pragmatic. They do see the writing on the wall(hee hee) and are more likely trying to control the end of this present paradigm so that they end up with many of the same people in power and of course they all wish to remain breathing. Uncontrolled revolution can be quite messy and bad for the health and a country the size of China can cause a lot of collateral damage if open revolution breaks out.
mugabe was once a hero on the street in zimbabwe
ask the street what they think of him now
i have no doubt that nationalism is fervent in china. i also have no doubt that a chinese person can separate pride in china from pride in the CCP. i am proud to be an american, but i don't like the bush administration. see how that works?
additionally, in 2008, i know bush won't be in the white house anymore. and i will get to add my voice to who the next leader will be. and so i am happy with how my government works, even though i don't like its composition right now
that's called legitimacy in the eyes of the people. it creates confidence, stability. can your average chinese citizen say the same about their relationship with their government?
my point is very simple, but if you don't want to accept it, that's fine: but democracy is the only form of government known to mankind that manufactures legitimacy. every other form of government, legitimacy decays over time
i'm certain other governments have and will retain mythical status in the eyes of their people, even if they aren't democratic, for decades even
but unless the people are consulted again, that legitimacy will eventually decay into resentment
it's a simple straightforward concept
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it