
Google Can Bring an End to Censorship in 10 Days - nkurz
https://en.greatfire.org/blog/2013/nov/google-can-bring-end-censorship-10-days-heres-how
======
lucb1e
> The code-sharing site Github uses encrypted-only access and, perhaps not
> intentionally, broke the pattern of Internet control in China.

Encrypted-only access is not a solution, it's a patch. Here is how China could
break it if they wanted to:

1\. Choose domains that you want to monitor in this way. E.g. github.com.

2\. Requests to any IP for that domain on port 443 will return a certificate
that the Chinese government issued using CNNIC. This is trusted by at least
Mozilla: [http://snag.gy/E1ftE.jpg](http://snag.gy/E1ftE.jpg) (note to self:
delete that ca)

3\. Requests to any IP for that domain on port 80 will be converted to ssl. So
the browser is connected over http to the ISP, and the ISP's servers will
connect over https/ssl to Github.

In all instances, monitoring is possible. Forcing ssl is no solution. It does
make monitoring harder though, and I suppose that is a good thing already, but
all the Chinese government needs to do is throw money at it and the ISPs will
be able to handle this.

~~~
livnev
Surely, this is an (admittedly broad and difficult) issue with CAs and the
trust element of SSL authentication. By the theory of SSL, an 'attacker' is
not supposed to have control over a 'trusted' CA, so SSL is 'supposed to'
protect against this.

~~~
onedognight
> By the theory of SSL, an 'attacker' is not supposed to have control over a
> 'trusted' CA, so SSL is 'supposed to' protect against this.

Every major government has a CA cert in your browser. SSL was obviously
designed to be subverted in exactly this way. You won't even get a warning.
Google pins their own certs in their own browser, but Moxy's Convergene.io or
something like TACK would need to be implemented by Google and Mozilla for you
to have a fighting chance.

~~~
livnev
Exactly. But the important point is that the current situation with CAs may be
flawed, but since ultimately the user has control over which certificates to
trust, it will be possible to use better trust models (like convergence.io) to
eliminate censorship. After that, we can indeed use encryption to fight
censorship.

------
FreakyT
How is the author overlooking the most obvious course of action the Chinese
government could take?

China could easily block Google outright -- while the Github reversal the
author mentions is certainly surprising, Google represents only a small sliver
of Chinese search engine use [1] and probably wouldn't result in much of a
mass outcry.

[1] [http://thenextweb.com/asia/2013/09/17/baidu-still-tops-
china...](http://thenextweb.com/asia/2013/09/17/baidu-still-tops-chinas-
search-market-with-63-share-as-merger-shakes-up-chasing-pack/)

~~~
teawithcarl
Sincerely, you're wrong.

GreatFire.org exists to end China's censorship - they have pondered long,
researched, and have not missed your point.

China's weakness is they cannot censor where it crimps the economy too much.

Read: Collateral Freedom
[https://openitp.org/pdfs/CollateralFreedom.pdf](https://openitp.org/pdfs/CollateralFreedom.pdf)

China blocking all Google products would make such a backlash in China that
it's not a feasible move for the China government. Just as with Github, too
many people would complain about losing $$ in the economy.

Gmail, Android, Chrome, Picasa, Google Drive, Docs, Translate, Maps, Scholar,
Books, Earth, AppEngine, Research, Hangouts. Too many Chinese rely on these
financially, and in their jobs.

GreatFire.org is right. This is a superb defrocking of censorship that will
work.

The real question is why isn't Google doing this.

~~~
wodenokoto
You've never been to China, have you?

Access to gmail is spotty and unreliable, like most other google services.
Android phones connect to Chinese android market and most have alternative
chinese only app markets. If google where to stop access to android market,
people would get pissed, but switch app-provider.

For the rest, these are barely used services. I don't even think hangouts are
accessible, since it's a part of Google+, which is blocked. Maps? Year, it's
nice, but so is Baidu maps. Picasa? Which economy is impacted by picasa?

> China's weakness is they cannot censor where it crimps the economy too much.
> It's brilliant.

While this is true, google is not one of them.

~~~
teawithcarl
I've been going to China since 1985 (28 years), speak Chinese and Japanese,
and read the newspapers fluently in both.

------
jpollock
Are you sure Google's big enough in China to have an impact?

[http://www.chinainternetwatch.com/4371/search-engine-
market-...](http://www.chinainternetwatch.com/4371/search-engine-market-
update-q3-2013/)

Even worse, that's by revenue, not searches:

[http://www.chinainternetwatch.com/3809/china-search-
engine-m...](http://www.chinainternetwatch.com/3809/china-search-engine-
market-share-update-august-2013/)

3% of search is a blip.

[EDIT: Fixed the links mangled by cut-n-paste from other thread]

~~~
criley2
Did you even read the article? Eric talks about how American designed
encryption paradigms will eventually introduce free speech that cannot be
stopped or surveilled even in places like China.

What Google's search market shares have to do with that concept is beyond me,
though.

~~~
jpollock
The article was not about the technology, but about the ability for Google to
unilaterally affect the ability for the Chinese government to surveil their
population.

The premise relies on Google being irreplaceable to the Chinese economy.

    
    
        We are gambling with Google’s stack that
        they are big enough and important enough
        that the Chinese authorities would not 
        dare block it in mainland China completely.
    

However, that isn't supported by the data - Google's market share. If Google
did something which the government truly objected to, such as offering
encrypted proxies (which encrypted search is), then they could block the
entire domain and only affect the portion of their population that uses it.

Market share is a good proxy to measure that population, and it's 3%.

I'm not convinced that 3% is large enough to cause the government to give up.

------
salient
Google doing this would be great, and I do support it. However, the effect
would be so much greater if _all_ US companies allied against stuff like this,
and form some kind of BSA against censorship and surveillance by governments
around the world.

The last time Google did this with the Chinese government, I remember
Microsoft was _ecstatic_ at potentially replacing Google in China with Bing,
by _following_ the same requests Google wouldn't, from the government, just so
they can win even an extra 1 percent market share (which they never did,
anyway - Baidu filled the gap).

As long as US companies keep screwing each other over for that extra 1 percent
they can gain over their competitors in China, if they _do_ follow China's
orders, while the competitors do not, this is going to be a very hard thing to
"win". So shame on those who do that.

~~~
charliesmith
In the past we have strongly suggested that all sites switch to HTTPS. If this
happened on "World Global HTTPS Awareness Day", i.e., at about the same time,
then I think China would be faced with some tough decisions.

------
WalterSear
"How Archer Daniels Midland could end world hunger in just 10 days"

"How the United States Senate could end political gridlock in just 10 days"

------
ywyrd
Keep in mind this quote comes from the same man who said, "If you have
something that you don't want anyone to know, maybe you shouldn't be doing it
in the first place."

~~~
erichocean
I wish the correct response to that statement (and it's spiritual brother: if
you've done nothing wrong, you should have nothing to hide) was as widely
known as the statement itself.

As an idea, it should be so thoroughly discredited by now that merely stating
it approvingly marks one as either morally deficient, an idiot, or both.
Making that statement should be at the same level of social disapproval as,
say, suggesting genocide as a reasonable way to deal with undesirable people
groups.

As of today, though, regular run-of-the-mill people are unable to formulate
why that statement is not just wrong, but ridiculously, appallingly so. I fear
learning why will come at a rather significant cost to humanity in general. :(

I guess this is how civilization moves forward. It's not pretty.

------
pdfcollect
What about surveillance by Google itself? What we should be asking ourself is
how do we improve [https://duckduckgo.com](https://duckduckgo.com) ? or
something similar.

------
MichaelTieso
While I support the work they are doing, the Chinese themselves don't care all
that much about the sites that are blocked. Having lived in China, everyone I
spoke to did not care about Facebook being blocked. I'm making a huge
generalization but to them if Facebook is blocked then it must not be very
important. Why use Facebook anyway when I have QQ?

Changing the public view from within China to fight against censorship is
harder but I think it would be far more effective.

------
teawithcarl
Google Could End Censorship in China in 10 Days - Why doesn't it?

[http://www.theguardian.com/commentisfree/2013/nov/22/google-...](http://www.theguardian.com/commentisfree/2013/nov/22/google-
end-china-web-censorship-10-days?CMP=twt_gu)

This Guardian article is a "shorter version" of the original article at
[http://en.GreatFire.org](http://en.GreatFire.org)

------
oddx
I'm not native english speaker, so sorry if I wrong. But does Schmidt actually
means '10 days'? If I understood correctly Schmidt mean that if we (all people
who do internet) starts to encrypt everything (http 2?) then it will be more
difficult to do censorship. And he unlikely mean 10 days, probably 10 years.

~~~
lambda
He meant that Google could encrypt their own traffic in 10 days, and offer
mirrors of blocked websites via their cache feature; not that everyone could
encrypt all traffic in 10 days.

~~~
oddx
Can you provide quote for your interpretation? For me "You cannot stop it if
it’s a good idea broadly held" sounds more about global technological and
ideological shift.

~~~
lambda
Sorry, Eric Schmidt had said that we could end censorship in a decade (10
years). That's the quote at the top of the article: "We can end government
censorship in a decade. The solution to government surveillance is to encrypt
everything."

The author of this article, "charlie", is contending that actually, Google
could end it in 10 days, simply by turning on encryption for their own service
and offering cached versions of any sites that are blocked.

So yes, Schmidt was talking about a global technological shift, while this
author was talking about a simple pragmatic step that could be taken by one
company, Google, and which they already have the infrastructure for as they
already do everything needed (encrypt traffic, offer caches) for their other
properties.

------
est
that seems to be a great idea, google could also do Germans a favor by hosting
"this video is not available in your country" mirrors, right?

~~~
nisa
It's Google themselves that block the videos on YouTube for German visitors.
Their rationale is that this frees them from paying the fantasy fees that GEMA
wants from them.
[https://en.wikipedia.org/wiki/Blocking_of_YouTube_videos_in_...](https://en.wikipedia.org/wiki/Blocking_of_YouTube_videos_in_Germany)

~~~
est
guess what, China has laws that 'regulate' news and online videos, too

------
peeters
> Critics of our approach will say that the "do it, they might not block you"
> argument is tenuous at best. But that is not what we are saying. What we are
> saying is:

>>“Google! Do it! If they don't block you, freedom wins. If they do block you,
there will be much more opposition to censorship inside China and the system
will be forced to change, thus freedom wins too!”

>Win-win.

I don't think the author realizes what a "win" means to corporations. Helping
the cause of freedom doesn't turn losing a billion potential customers into a
win, it's just the silver lining on a very dark cloud.

~~~
charliesmith
No - they are losing market share in search (3%) and if they keep their
current course will continue to lose. The opportunity here is to gain one
billion customers (well, 600 million now), by freeing the internet in China
and hence at least making substantial money on ad sales.

------
ams6110
I supposed that encrypted search is better than not, but won't help when the
NSA is tapping from inside their machine rooms.

------
lazyjones
No, because surveillance is censorship too.

~~~
DanBC
As far as I'm aware Google hasn't ever shot anyone in the head, which is a
common occurrence in China. (China executes more people than all other nations
combined. Real numbers are hard to find, but about 5,000 people in 2009 is
accepted for a low end figure by most people. That's 13 per day, or one person
every two hours.)

Comparing Google's surveillance to Chinese totalitarian state is obscene.

~~~
judk
What about when China gov hacks into Google (has already happened) (and NSA is
still happening) and uses Google user data for China Govt "common
occurrences"?

------
tokenrove
Google has employees in China, and making a strong-arm motion like this could
put them in danger.

~~~
charliesmith
That is a valid point and past Google blog posts have alluded to this danger.
I made this point in the longer blog post which appears on our web site, but
not in The Guardian article. [http://googleblog.blogspot.co.uk/2010/01/new-
approach-to-chi...](http://googleblog.blogspot.co.uk/2010/01/new-approach-to-
china.html)

------
cbhl
I feel like this article is extremely short-sighted. If Google did the things
that the author suggests, China would simply block all of Google instead. It
has done this in the past, and would not hesitate to do so again.

~~~
d0ugie
The article postulates an effective outcry, akin to that of the github
incident which resulted in success, were that to happen. Perhaps it is you who
is shortsighted?

------
d0ugie
A bold move such as this would, whether it worked or not, at least restore
Google's credibility as an avoider of evil, the Google twinkle many of you
think has fizzled.

------
sseveran
If Google did encrypt traffic in China what would prevent China from serving
Google China with a subpoena for the SSL private key under a gag order?

------
scovetta
SSL is only a minor speed bump when you have control over trusted root CAs or
the ability for "force" installation of your own CA.

------
switch007
You need an SSL certificate:

    
    
      Request URL: http://tripstamp.com/api/authenticate
      Request Method: POST

