18
INTERNET CENSORSHIP – The Information Blocking Wall Di Wen dw2464
INTERNET
CENSORSHIP
– The Information
Blocking Wall
Di Wen dw2464
Why Study Internet Censorship?
Free Speech Internet in Day-to-day Life – Information Source Difference from Other Censorships A Global Issue
History of Internet Censorship
Censorship Has Been in Existence Almost as Long as Intellectual Exploration
The History of Censorship Can be Traced Back to Ancient Times: Socrates, Protagras, Galileo, Bulunuoga
Internet Censorship Emerged in 1990s, Not Long After Usage of Internet
CHINA: Great Fire Wall Started in 1998. Keeps Upgrading.
USA: CDA (Communications Decency Act) COPA (Child On-line Protection Act)
Internet Censorship Methods – Non-technological
TAKE-DOWN: Regulators Force Websites to Shut Down
SELF-CENSORSHIP: Use Laws or Social Norms to Educate People
Internet Censorship Methods – Brute-force
FULL BLOCK
Cut off Routers. Disconnected from World's Internet. Used in 2011 Egyptian Protests SEARCH RESULT REMOVAL:
Internet Search Service Company Cooperates with Government by Removing Forbidden Entries in Search Results
Story of Baidu and Google in 2010 Funny Words: River Crab, Grass Mud Horse, Six + Four
Internet Censorship Methods – Technical Blocking
IP BLOCKING
Block Access to Specific Hosting Servers with Banned IP One of the Earliest Strategies
DNS TAMPERING
Focus on Domain Names Instead of IP Addresses DNS Server Refuses to Resolve Domain Names, or Returns
Wrong IP Addresses for the Domain Names Usually Returns a Fake IP Which is Already Blocked
“The Great DNS Wall of China”
Comparison Between the Normal US DNS Servers and Tampered Chinese Servers
Running Two Rounds of DNS Query Tests Using the Same Set of Partially Tampered Domains
Result:
Internet Censorship Methods – Technical Blocking
URL FILTERING Look for Sensitive Strings in the URL Input into Browser
PACKET FILTERING Scan the Information Contained in Packets, and
Terminates the TCP Packet Transmissions When a Certain Number of Sensitive Keywords Are Detected
CONNECTION RESET Set the Firewalls So That the System Will Automatically
Block Connections from/to an Entity for a Period of Time if the Previous TCP Connection was Blocked
Internet Censorship
Brute-force
Non-technological
Technical Blocking
Take-down
Self-censorship
Full Block
Search Result Removal
IP Blocking
DNS Tampering
Internet Censorship Methods
URL Filtering
Packet FilteringConnection
Reset
Analysis of Internet Censorship Methods – Non-technological & Brute-Force
TAKE-DOWN & SELF-CENSORSHIP
Useful in Countries Where Government Is Highly Centralized and Owns Great Power Over Its People – Dictatorship
Not Useful in Democratic Countries
FULL BLOCK & SEARCH RESULT REMOVAL
Simple And Efficient – No Way to Fight Back High Cost: Egyptians Lost $ 110 Million In the Internet Locking Jan 2011 Chinese Government Received Unanimous Criticism for Google
Quit
Analysis of Internet Censorship Methods
– Technical Blocking
Advantage over Non-technical Blocking: There Are Websites Which Citizens Can Access But Government Has No Control
Disadvantage: Under-blocking & Over-blocking
IP BLOCKING:
Works for All Protocols Based on IP Depends on the Accuracy of the Blacklist of Registered IPs IPs Keep Changing – Difficult to Maintain Accuracy May Falsely Block Accepted Websites on the Same Server of
the Forbidden Websites on the List Easily Bypassed Using Proxies
Analysis of Internet Censorship Methods
– Technical Blocking
DNS TAMPERING: Works for All Protocols Based on IP Focus on Domain Names – Domain Names Seldom Change Circumvented by Looking for Not Tampered Foreign Servers
Or Get IP Address via Other Ways besides DNS Queries – Inconvenient
URL FILTERING: Only Works for HTTP Accuracy Depends on Blacklist of Blocked URL Strings Bypassed by Escape Characters and VPN Scunthorpe Problem: A String Is Blocked Because Its Text
Contains a Substring of Letters Shared with Forbidden Strings
Analysis of Internet Censorship Methods
– Technical Blocking
PACKET FILTERING:
Works for All Protocols Based on TCP Focus on TCP Packets Instead of Higher-level Input Strings Scunthorpe Problem Circumvented by VPN Or Modifying the TCP/IP Stack to
Reduce the Amount of Text in a Packetng the TCP/IP stack to reduce the amount of te in a packet
CONNECTION RESET
Works for TCP-based Protocols Avoided by Omitting the Signal of Reset from Firewall
Analysis of Internet Censorship Methods
– Summary
DNS Tampering Looks to Be the Best Solution But The Choice Depends on Specific Situation – Use as Much
as Needed
Future of Internet Censorship Techs – Current Circumvention Tools
Came into Being Shortly after Censorship Technologies – Cat-and-mouse Game
WEB PROXIES Hides Connections between User and Forbidden Server
TUNNELING SOFTWARE A Means for Communication from Network Locations with
Restricted Connectivity: behind NATs, Firewalls, etc.
VPNs (Virtual Private Networks) Build a Secure Connection to Another Region Which
Doesn't Pose Restriction on the Blocked Material in the User's
Region
Future of Internet Censorship Techs –Trends of Censorship Technologies
Move Filtering from Browsers to Web Proxies
Easier Maintenance and Better Compatibility No Longer Able to Bypass Internet Censorship by Any
Modifications or Deletions on Browsers
Move from Static Detection to Dynamic Analysis
Solve the Problem of Accuracy of Blacklist in IP & URL Blocking
Keyword-matching on Every Page Instead of Per Website Kills the Attempts to Fight against Censorship by Changing IP
Addresses or URL Strings
Conclusions
Non-Technical Methods are Powerful, but Have Limited Usage
Technical Blocking Methods Are Preferable. The Government Should Choose among the Technical Blocking Methods According to the Practical Conditions and Implement as Many Methods as Possible to Fight against Different Kinds of Anti-censorship Users
Future Trends: Combination of Proxy Servers and Dynamic Content Analysis Can Make Internet Censorship More Efficient and Powerful
The Cat-and-mouse Games Go Marching On……
THE END!
