China's Great Firewall
February 22, 2023Author: Luke McKay
The Golden Shield Project
The Golden Shield Project, better known as the “Great Firewall of China”, starting in 1998 and still in progress, has an end goal to monitor and censor incoming and outgoing internet traffic in China. The firewall is currently the world’s largest and most effective internet censorship program. It can block almost any web traffic coming into and out of China. It uses multiple sophisticated techniques to filter the web. China is known for having extreme laws that control its citizens in a way that most countries see as unethical. The firewall impacts the citizens of China in many different ways.
Source: Lam, Oiwan
What exactly does the Great Firewall of China do?
When an internet user in China tries to access one of the 8000+ blocked websites it has listed, they won’t necessarily see an indicator pop up on the screen that it is blocked. Instead, the website’s connection will load forever. Sometimes, the website will produce a network or connection error, such as a timeout message. So, how does the firewall filter large amounts of internet traffic? Well, it uses relatively complex layers to get the job done. These layers use different methods that combine into one firewall.
Source: Support Host. Result of a failed website connection.
Let's take a dive into some of the different methods used to filter the internet in China:
1: Internet Protocol (IP)* blocking -
IP blocking is very simple. IP blocking takes a website's IP address, and restricts any traffic being sent by the user. A user attempting to view an IP blocked website will result in a network error message, because the user never established a connection.
2: Packet filtering -
Packet filtering is the active process of scanning incoming and outgoing packets of data for keywords that China doesn’t want its citizens viewing. If a packet is spotted having sensitive information that is supposed to be censored, it will deny its user access to whatever information the user is seeking out.
3: Domain Name (System) DNS** Poisoning -
DNS poisoning, or DNS spoofing, is the process of taking an incoming DNS response, and rerouting the user to a different web address that wasn’t the intended page.
The History of the Golden Shield Project:
So how did this all start? In 1994, the World Wide Web was accepted into China under former president, Jiang Zemin. China didn’t have any filters on the internet until 2000. China’s government was increasingly growing wary of westernization within the country, so the Golden Shield Project was initiated to block the western world on the internet. As computer technology progressed, the firewall became stronger. Compared to back in 2000, it is significantly harder to bypass the firewall today.
How are the citizens of China affected by the firewall?
The citizens of China have different opinions on the firewall’s impacts. Some protest, while others are in support of the firewall’s accomplishments. This split population has their reasons. Protestors are fighting for their rights. They often experience legal issues because of their protests. Based on the way China’s laws are established, protesting is considered political dissent. When looked at from a westernized lens, the citizens of China who back up and support what the firewall is accomplishing are often viewed as people that have been “controlled” by the Chinese nationalist government. Citizens in China often grow up being nationalists due to the intense pressure that its society produces. Life goes on and some people just think of the firewall as an everyday part of life. Citizens affected by the firewall are being kept from a vast resource, the World Wide Web.
Source: opendemocracy.net. Protests against China’s Great Firewall.
Getting past the firewall:
There is a way to get around the firewall.
Virtual Private Networks (VPNs) - VPNs change your IP address to one that is different from the one you actually have. This allows you to bypass the firewall, because the firewall only affects the IP addresses in China.
Although, most of the VPNs that are out there won’t cut it. Before you choose a VPN, you need to make sure it supports OpenVPN protocol. The OpenVPN protocol uses SSL encryption*** to hide data of the user. This protocol is arguably the most secure VPN protocol. It has high speed connections and is very reliable.
VPNs with this protocol include NordVPN, Astrill, ExpressVPN, VyprVPN, and BufferedVPN. ExpressVPN is by far the most reliable one. It has the highest internet speeds, the most servers in most countries, and it is the most reliable at getting through the firewall.
There can be legal issues if you are a citizen of China attempting to view international news. It is considered political dissent for a citizen of China to actively seek outside news sources. So keep this in mind if you are a citizen of China. But China allows tourists to use VPNs with no concern.
* An IP address is a unique string of characters that identifies a device on the internet.
** DNS converts the domain name (name of a website) into an IP address, so the web browser can communicate with the internet and load the requested page.
*** SSL encryption essentially scrambles data generated by the user until the point that it is impossible to make sense of.