Yesterday, I posted a note about some of the methods that political dissidents and their supporters are using to circumvent attempts by authoritarian governments to block access to the Internet. China also has an authoritarian government, run by the Communist party, although it has allowed more economic freedom than has been typical under such regimes. The Chinese government’s approach to controlling the Internet has also been a bit more nuanced than that of Libya or Egypt.
Technology Review had an article this week on one approach that, according to Google, the Chinese government is using to alter the results of Web interactions “on the fly”. The company believes this activity is responsible for apparent “technical problems” experienced by some Chinese users.
The Chinese government is thought to have tightened communications in response to political unrest in the Middle East. Google discovered that problems with Gmail from within China came in the form of an attack that caused the Web application to freeze when a user took certain actions, such as clicking the “send” button.
The technique that China is apparently using is not new, and in fact is in common use by many organizations. It employs a Web “proxy server” between the user and the global Internet; all traffic to and from the Web must pass through the proxy. This means that software on the proxy server can examine, record, or modify messages passing in either direction. It is, of course, enormously easier to introduce this kind of proxy if the government controls all of the available communications links with the outside world. Defending against this kind of attack is very difficult, if the proxy system has authentic cryptographic credentials (which an ISP run by a national government almost certainly has).
As in basic cryptology, there is always an arms race between those who want to protect information, and those who want to disclose it.