September 5, 2008
Is the Great Firewall of China effective?
As is well known, the Chinese government engages in extensive monitoring and blocking of various foreign web sites in order to control what kind of information gets into the country. Indeed, this very blog is blocked in China. (I think it's part of a general blocking of the Typepad site and not connected with anything I wrote.) People disagree, however, on the effectiveness of this information blockade. Discussing Chinese web-site blocking in a 2006 Financial Times interview, Bill Gates said, "It is not possible to block information, it is just not." According to this view, getting around the Great Firewall of China is sufficiently simple that anyone with a very modest amount of determination and technical skill can do so.
This view has a lot to be said for it: it's quite true that it's remarkably easy to get around the GFW, and to the best of my knowledge it's not even illegal under Chinese law to do so. You can use a proxy server or a virtual private network; the free ones tend to have service restrictions or may be slow, but even the more effective fee-based ones are very cheap (maybe $40 a year or something like that).
But the reality seems to be different. I often receive e-mails from people working in (for example) foreign law firms or foreign financial institutions in China telling me that they can't access my blog. What does this mean? It means that these law firms and financial institutions, although their business relies critically on access to good information, have simply surrendered to the GFW even though they have deep pockets and specialized IT departments that could, if they wished, solve the problem by outsourcing it to a bright 12-year-old. I find this puzzling and actually a little shocking. It's hard to think of any institutions that would be more likely to get around the restrictions of the GFW - they have the money and the technical expertise. If they can't be bothered, how many others can be?
TrackBack URL for this entry:
Listed below are links to weblogs that reference Is the Great Firewall of China effective?:
As someone with personal experience in this area, there are good technical reasons why large organzations don't deploy such tools.
Organizations (and by implication, their IT departments) with fiduciary responsibilities to clients often take an extremely conservative approach to network security. They may spend the money to connect offices using VPNs, but they have little incentive to deploy GFW circumvention tools that cross the corporate firewall because these tools (by their nature) potentially open (un)known vulnerabilities to outsiders, expose the organization to liability, and could violate local laws. Moreover, the tools private individuals (and your 12 yr. old) use to get around the GFW often work by routing traffic through untrusted 3rd parties.
Most such networks are rigidly compartmentalized, and all non-essential ports and service and affirmatively closed/shut-down.
Also, consider that the insurance rates for these firms would probably go up significantly.
Posted by: Glenn Tiffert | Sep 5, 2008 1:55:27 PM
Well while foreign firms may have surrendered to the GFW, internet users seem to be all too happy to fool censors. Look at what I've found today, (http://florasapio.blogspot.com/2008/09/sneaking-pictures.html) and make sure to click the link right after the second picture -
Posted by: Flora Sapio | Sep 8, 2008 2:36:44 AM