No Sex Please - Were Chinese

Their hackers are amongst the best; their government IT staff are not.

北京 (Rixstep) -- Their hackers are formidable but their government IT staffers are laughable. The geezers in Beijing really hate sex and have decided their fellow citizens must learn to hate it too.

But it's all down to programming skills. And outside the realm of Chinese hackerdom things are about as clever as they are at Microsoft or Sony.
Green Dam Youth Escort

Green Dam Youth Escort by the luminary Zhengzhou Jinhui Computer System Engineering Company (郑州金惠计算机系统工程有限公司) with expert assistance from Dazheng Human Language Technology Academy (北京大正语言知识处理科技有限公司) is supposed to protect the brave people of China from attractive images that might undermine the social fabric of the country.

But here's the catch: it only works with Microsoft Internet Explorer on Microsoft Windows.


Green Dam (not to be confused with the great rock group Green Day) also collects user data in the best spirit of Google. As of 1 July 2009 all computers sold in China must ship with this atrocity either pre-installed or enclosed on a CD ('Chinese Disc') and OEMs must report the number of boxen shipped with the software. Chinese schools were required to have Green Day Dam installed on all computers by the end of May.

The idea is to improve the quality of living by building a 'green healthy network environment to protect the healthy growth of young people'.
Golden Shield

Green Dam works with Golden Shield (金盾工程 aka the Great Firewall of China) which censors online information deemed to be disruptive to the smooth operation of the triumphant Chinese society. Golden Shield was founded in 1998 when the benevolent dictators in Beijing saw an emerging threat in the 'China Democracy Party' (中国民主党) and decided to just make all those blokes criminals. The total cost of Golden Shield is so far estimated to be close to US$1 billion. But WTF - everybody already owns a bicycle.

Golden Shield was removed from certain strategically interesting locations for the Olympic Games: Internet cafés and hotels. The idea being foreigners were already contaminated and there was no longer any way to help them.

Greg Walton of the International Centre for Human Rights and Democratic Development (国际中心的人权和民主发展) reported the following about 金盾工程 in October 2001.

Old style censorship is being replaced with a massive, ubiquitous architecture of surveillance: 金盾工程. Ultimately the aim is to integrate a gigantic online database with an all-encompassing surveillance network incorporating speech and face recognition, closed-circuit television, smart cards, credit records, and Internet surveillance technologies.

The $1 billion 金盾工程 is commonly used for the following.

* Connection resets. If a previous TCP connection is blocked by 金盾工程 then future connection attempts from both sides are blocked for an additional 30 minutes.
* DNS filtering and redirection. This involves refusing to resolve certain degenerate domain names or outright lying about what addresses they really have. DNS filtering and redirection affects all IP protocols and not just HTTP.
* IP blocking. Just block the danged IPs and be done with it. IP blocking affects all IP protocols and not just the counterrevolutionary HTTP. Thank goodness.
* Packet filtering. Terminate TCP packet transmissions when a certain number of 'controversial keywords' are detected. This affects all TCP protocols.
* URL filtering. Scan the requested pages before delivering them. Too many degenerate keywords found and you cause the client computer to self-destruct.

But despite the inordinate cash poured into Golden Shield there are ways around it.

* Connection resets. Ignore the reset packet. DUH.
* DNS filtering and redirection. Use good DNS servers, use the IP directly, hack the hosts cache.
* IP blocking. Use a proxy.
* Packet filtering. Use SSL or VPN, use escaped HTML, reduce the MTU.
* URL filtering. Use SSL or VPN, use escaped HTML in URLs, defuse the bomb.

No comments:

Post a Comment