Ways around the censorship in China

in #help8 years ago

Censorship can be annoying at the best of times, but if you live in China then you know it can be an absolute bitch, especially around politically sensitive times of the year such as June 4th.

The Chinese censorship system uses several layers to achieve it's goal.
DNS blocking/poisoning
IP blocking
Content and keyword blocking
Self-censorship.

I will focus on some of these and some possible ways around them, starting with DNS blocking.

The DNS system simply put, translates domain names to their IP addresses, this system was set up because it's easier for people to remember words, such as google.com, or facebook.com rather than strings of numbers for IP addresses.

For DNS blocking, the censorship system intercepts DNS requests for IP addresses and in a nutshell, blocks the browser from finding the correct IP, making it think that the website doesn't exist.

DNS blocking is the most common form of blocking in China, and if you could overcome this, you'll be able to get a lot more websites, even without a VPN. Unfortunately it doesn't keep you anonymous, but does hide your DNS requests.

The best solution for this is to use a tool called DNScrypt, and to prove it works, install it and then go to the https://www.torproject.org/ of course it helps that the torproject.org uses https which defeats keyword blocking ;-)

Also recommended is the use of HTTPS everywhere plugin/extension with any browser to make sure the website utilises HTTPS if it's availabe.

So I have covered DNS blocking and one way to overcome this by using a tool called DNScrypt, next I will cover IP blocking.

For IP blocking the GFW (Great Firewall) of China simply outright blocks the IP address/es of the target website.

This is a little different from DNS blocking in that after the browser makes the DNS request and finds the IP address, the browser then tries to connect to it using a short process.

First the browser asks the website if it is at the IP address it has and waits for it to respond, the website responds with a "Hi, I'm here!"

Second the browser asks if it can open a connection to the site, then the website responds with a "Yes, you have permission to connect"

Third, the browser then opens a connection to the IP address and port allowing it to download the webpage data.

With IP blocking the GFW will then fake a signal to appear as though it is coming from the blocked/banned IP address telling the browser that the server has dropped the connection, which fools the browser into closing the connection to the server.

An example of IP blocking in China, coupled with DNS blocking, is Google, poor oh poor Google, they have the royal treatment in China and are blocked across the board, as is Facebook, but not Twitter, I discovered Twitter is only DNS blocked.

Unfortunately the only way to overcome this level of blocking is to completely hide your web traffic to the blocked website and the only way to do that is to use a VPN or proxy software, which is in short supply these days with the increase in censorship under the current leadership.

You have a few choices that still seem to work at the time of writing.

First you can try a paid service, but even they have been disrupted recently, I have been using Astrill and they have really struggled to keep up this year.

Second, you can try a free service such as Tor, Shadowsocks or Lantern

Or you can use a P2P network or app for communications such as qtox, bitmessage and retroshare, of which I use all three.

Keep safe!