We’re all aware of the Chinese Great Firewall, the tool the Chinese government uses for mass censorship and for safeguarding and strengthening its totalitarian control over the country and its population. It turns out that through a Chinese shell company called Geedge Networks, China is also selling the Great Firewall to other totalitarian regimes around the world. Thanks to a massive leak of 500 GB of source code, work logs, and internal communication records, we now have more insight into how the Great Firewall works than ever before, leading to in-depth reports like this one from InterSecLab.
The findings are chilling, but not surprising. First and foremost, Geedge is selling the Great Firewall to a variety of totalitarian regimes around the world, namely Kazakhstan, Ethiopia, Pakistan, Myanmar, and another unidentified country. These governments can then ask Geedge to make specific changes and ask them to focus on specific capabilities to further enhance the functionality of the Great Firewall, but what it can already do today is bad enough.
The suite of products offered by Geedge Networks allow a client government unprecedented access to internet user data and enables governments to use this data to police national and regional networks. These capabilities include deep packet inspection for advanced classification, interception, and manipulation of application and user traffic; monitoring the geographic location of mobile subscribers in real time; analyzing aggregated network traffic in specific areas, such as during a protest or event; flagging unusual traffic patterns as suspicious; creating tailored blocking rules to obstruct access to a website or application (such as a VPN (Virtual Private Network) or circumvention tool); throttling traffic to specific services; identifying individual internet users for accessing websites or using circumvention tools or VPNs; assigning individual internet users reputation scores based on their online activities; and infecting users with malware through in-path injection.
↫ The Internet Coup: A Technical Analysis on How a Chinese Company is Exporting The Great Firewall to Autocratic Regimes
Internet service providers participate in the implementation of the suite of tools, either freely or by force, and since the tools are platform-agnostic it doesn’t matter which platforms people are using in any given country, making international sanctions effectively useless. It also won’t surprise you that Geedge steals both proprietary and open source code, without regards for licensing terms. Furthermore, China is allowing provinces and regions within its borders to tailor and adapt the Great Firewall to their own local needs, providing a blueprint for how to export the suite of tools to other countries.
With quite a few countries sliding ever further towards authoritarianism, I’m sure even places not traditionally thought of as totalitarian are lustfully looking at the Chinese Great Firewall, wishing they had something similar in their own countries.
Hot take: Uncensored access to the internet is not some god-given right, it’s a right given to you by your government.
“But I can always use a VPN!”, well, no, that assumes your government allows payment processors to pay the VPN provider AND that they don’t block the VPN provider’s website AND that they don’t block the IP addresses of the VPN provider’s servers.
The reason I am saying this is because governments we don’t think of as authoritarian such as the UK government are already talking about banning VPNs so they can’t be used to work around the “Online Safety Act” (which itself is a fairly Orwellian law, as it requires doxxing yourself and providing ID data to random private companies).
Also, the EU is proposing an “EU Chat Control Law” which would require chat providers to scan private messages under the guise of protecting the children, even in encrypted chats, so communications privacy isn’t a god-given right either.
My point is, nerds think there will always be one neat technical trick to avoid censorship and ensure communications privacy, but when it comes to anti-censorship and communications privacy solutions that people who aren’t massive turbonerds can actually use, those solutions exist because the government allows them to exist.
>Uncensored access to the internet is not some god-given right, it’s a right given to you by your government.
I think it’s the opposite, uncensored access *is* a God-given right (just like the right to free speech) and the government is the one taking it away. But that’s only a different perspective, the end result is the same.
>The reason I am saying this is because governments we don’t think of as authoritarian such as the UK government are already talking about banning VPNs
I do think of the UK as authoritarian; sure they’re still not as bad as China or Russia in terms but they’re NOT liberal (for Americans: libertarian) by any means.
j0scher,
I am also afraid that “western” countries are becoming less democratic and more authoritarian.
What I meant is that it’s not a right that nobody can take from you (like the right to have your own thoughts, since the government can’t scan your brain), it’s a right that CAN be taken from you by the government.
The number of people who go “VPN bruh” without realizing that their government allows them to have VPNs, even on tech forums, is annoying.
kurkosdr,
I understand what you mean. It wasn’t a description of the way things should be, but rather the way things are.
In a real democracy, people have rights over the government rather than the other way around. That we have governments treating people as it’s subjects implies democracy is not well. Of course democracy was always a spectrum rather than a binary condition. Our “representative democracy” was never perfect, but even so the rise in authoritarian tendencies is very troubling. Not only is the population loosing representation, but the pillars of democracy itself have been under attack. I worry that democracy will end if we keep allowing power to become more concentrated. The biggest problem is that so many people don’t want to admit it until it’s already too late. Once we empower a dictator to shut down any and all opposition, it will be too late for regret.
*sigh*
Reality is more complicated though.
For example, the current UK government (a Labour government) has expressed support for the “Online Safety Act”, while Farage’s “Reform UK” party opposes it. I personally didn’t expect that.
Also, if you look at the countries supporting the EU Chat Control Law ( https://fightchatcontrol.eu/ ), you’ll see that some of those countries supporting it are considered “progressive” run by “progressive” governments.
You’d assume “progressive” countries wouldn’t support such laws, but in reality, it’s more complicated.
kurkosdr,
Yes, although it doesn’t contradict my feelings on the matter. Both progressives and conservatives can pass laws that can ultimately be exploited by authoritarians. It’s why we need to be so cautious about giving the government new powers. It won’t matter which party passed the laws or how well intentioned they were if they lead to the government having more power over the people they’re supposed to be serving.
Authoritarians are becoming more adept at exploiting completely unrelated government powers to achieve their powerplay objectives. Like the Trump administration not having the legal authority to oust officials of independent agencies like the Fed, and yet corruptly using the powers of the executive government to go after them anyway.
https://apnews.com/article/trump-lisa-cook-federal-reserve-85fca8a405faa66e11c9567a193468e3
It’s really hard to prevent authoritarians from abusing everything, but we (as liberals and conservatives) need to be smarter than to pass laws that would give the government more censorship powers on the internet (for example). It doesn’t matter if a party has a “progressive” or “think of the children” reason for doing it, it’s objectively stupid insofar as it leads directly into an authoritarian trap. This is ongoing not just in the EU, but the US as well.
I agree,
It is literally the whole point of US Constitution.
All our rights come naturally from the Creator. The State just promises not to infringe on them, or at least without cause.
For example we have the right to “life and liberty” (and pursuit of happiness). However we lock down criminals or even execute them on occasion. However this is supposed to be extremely rare and after significant scrutiny.
Same with free speech. Regardless of platform, it is a basic human right. The government can only limit it under certain circumstances.
(Even, shouting “fire” in a crowded place is also considered free speech. However if you cause a stampede, and then you will be liable).
Back to Internet.
The governments were supposed to help protect against this. What they should have done is actually boycotting or even sanctioning countries that does this.
However as long as money is on the line…
Unfortunately this is quite a complex topic.
First of all, of course censorship is evil and I am very happy to not living in China and against all authoritarian idea.
At the same time I made the experience, that liberty and freedom of speech request for education and responsibility.
I stay at places where even a rumor of witchcraft can result in a violent mob killing hundreds of people just because they belong to minorities. Where people believe literally everything they see on TikTok. You joke about Voodoo stopping bullets? Here, this is perceived reality.
In such an environment, my compass for freedom and liberty starts turning and indeed I can see a need for fragile governments to execute some control.
There is no easy answer.
I love the EU. GDPR, but… “can we have universal decryption key for everyone’s data” 🙂
But think of the children! This is how authoritarians get their censorship and anti-privacy laws passed.
True.
They would either use “children” or “security” to take away freedoms and sneak in unpopular legislation.
What was the saying?
“Don’t let a good crisis go to waste”
I don’t believe in conspiracies in general. However if there is a coincidence, the politicians will definitely want to use it.
Btw, GDPR is not without issues either. It not only caused “consent fatigue” (much worse than Windows UAC prompts), but it unduly affected smaller companies and stifled innovation. But that is another topic.
Oh boy, just what the world needed