Slashdot Mirror


Cambridge Breached the Great Firewall of China

Darren Rayes writes to mention a ZDNet article on Cambridge academics' claims that they have breached the great firewall of China. They also claim that by misusing the firewall they can launch DDoS attacks against IP addresses behind the wall. From the article: "The IDS uses a stateless server, which examines each data packet both going in and out of the firewall individually, unrelated to any previous request. By forging the source address of a packet containing a 'sensitive' keyword, people could trigger the firewall to block access between source and destination addresses for up to an hour at a time."

9 of 250 comments (clear)

  1. Legal action against Cambridge? by zanderredux · · Score: 5, Insightful
    Isn't Cambridge deliberately creating an opportunity for the Chinese government to prosecute them?

    What about those inside China using those exploits for legitimate ends?

    Is Cambridge indirectly helping the Chinese government to fix firewall issues?

    Are Cambridge researchers after fame at the expense of the freedom of the Chinese people?

  2. Re:Congratulations by Trigun · · Score: 4, Insightful

    Better they do it from the outside then the Chinese government find the guys doing it from the inside.

  3. Solution? by QuantumFTL · · Score: 4, Insightful

    I wonder what the chinese government would do if groups of individuals from around the world used techniques like this to DDoS the firewall. I highly doubt that they could get their population to accept them completely shutting off access to the outside world, and a stateful firewall would be considerably more expensive, assuming they wanted to keep their same (terrible) level of performance.

    What does slashdot think about this?

  4. Re:hard to believe by cperciva · · Score: 3, Insightful

    I can't imagine why anyone would choose a stateless firewall

    Stateful firewalls scale poorly.

  5. six of one... by Armchair+Dissident · · Score: 4, Insightful

    ...half a dozen of the other.

    Certainly TFA suggests that the DoS attack could be used against chinese government computers, but this could also be used against chinese citizens. An exploit is, after all, an exploit. So I would suggest that in the case of the DoS attack, reporting it to the appropriate people - in this case the Chinese authorities - was the right thing to do.

    Unfortunately, in this case, the very flaw that allows a DoS against machines within China also permits those inside the firewall to ignore the resets sent back, so by reporting the DoS, they've also reported how the censorship can be circumvented. (or, by discovering the censorship circumvention they've unfortunately stumbled upon a DoS attack).

    In this case, I really don't think that there is a One True Answer.

    --

    The ways of gods are mysteriously indistinguishable from chance.
  6. National Security by subl33t · · Score: 5, Insightful

    Go ahead, mod me down.

    Couldn't the Chinese government view this as an act of terrorism? In the interest of national security the Chinese government will start an ambiguous "War on Terror" after the the US "War on Terror" and "War on Drugs" which are _also_ unwinnable and declared solely to keep the ruling party in power via fear.

  7. Cyber Attacks, a good thing?? by Theovon · · Score: 4, Insightful

    Is it just me, or does it seem rather unkind to go about declaring, "Look at me! I just conducted a cyber-attack against China!" Hey, I'm no fan of China's government or censorship, and I am aware that China have tried to attack other countries' computers, but two wrongs don't make a right. Unless we're doing something defensive to ward off an attack from China, I see little point in taunting them and giving them reason to tighten security even further. It just doesn't seem right.

  8. Oblig. Monty Python (parody) - The Terrorist Song by usurper_ii · · Score: 3, Insightful

    The Terrorist Song
    by Usurper_ii
    (Sung to the tune of Python's The Lumber Jack Song)

    I'm a terrorist and I'm OK
    I read at night and I work all day.

    The Government:
    He's a terrorist and he's OK
    He reads at night and he works all day.

    I read a lot and I seek the truth
    I go to the lavatory.
    After OKC, I saw some things that didn't make sense to me.

    The Government:
    He doesn't believe our story about OKC,
    We monitor when he goes to the lavatory.
    On Wednesday night, he went to an unapproved web site.

    Chorus:
    He's a terrorist and he's OK
    He reads at night and he works all day.

    When, after 9-11 didn't all add up,
    I met with others on the net, to talk it up.

    The government:
    He didn't believe our story about 9-11.
    We followed him to unapproved web sites after hours.
    In our report, well say he had bomb-making materials under his sink.

    Chorus:
    He's a terrorist and he's OK
    He reads at night and he works all day.

    I don't think a plane hit the Pentagon.
    I think the World Trade Center buildings fell all wrong.
    I wish I could convince my dear ol' mom!!

    The government:
    He's a terrorist and we're going to make him pay?!
    We read his e-mail and didn't like what he had to say?!...

    Just me:
    I wish I'd been born, back when America was really free!!

    The Government:
    He's a terrorist and we're going to make him pay
    He reads the Constitution and knows his rights.
    He's just like McVeigh, Bin Laden, and al-Qaeda!!

    Chorus:
    He's a terrorist and he's OK
    He reads at night and he works all day.

  9. Re:Congratulations by 91degrees · · Score: 3, Insightful

    It's information.

    They're academics.

    Their whole raison d'etre is to learns and share their learning. The information itself is ethically neutral. It can be used for good or for bad.