

Ask HN: Are my assumptions about the Great Firewall true? - westiseast

I was wondering, out of interest, if someone more knowledgeable could explain whether my assumptions about the Great Firewall are true&#x2F;false&#x2F;impossible&#x2F;paranoid delusions :)  I live in China, and run an online business based in the UK, so I waste a lot of time dealing with The Great Firewall.<p>* I assume the Firewall is vindictive - if I visit a blocked website, it seems to then block <i>any</i> other website for a short period of time.
 * I assume that part of the Firewall involves &#x27;trusted&#x27; routers or particular network points. I mean, I can connect to my VPN at home, but NEVER from a Starbucks or public wifi.
 * At some level, I assume that my browser is maybe infected with some virus and plays some part in choosing what to block and when. 
 * I assume that despite using a VPN, the government probably still knows what I&#x27;m looking at.
 * I assume that, somewhere on a government database, I have a profile that is invoked during the Firewalls activities that says &quot;yeah, don&#x27;t worry about this guy, he only reads news and isn&#x27;t involved in protest movements&quot; or something like that.<p>I&#x27;m not really paranoid (!), but just realised I have a lot of assumptions about what&#x27;s happening behind the scenes, but no idea whether those things are even possible. Many thanks!
======
tbronchain
Hmm, not quite.

Here are my assumptions after spending time in China since almost 2 years now:
1- Nope, it's not vindictive. If you can't access any other website after
visiting a blocked site, you maybe have a problem with you network
configuration (just an assumption). 2- You cannot connect your VPN in a
Starbucks because they block the ports/protocols that allows your VPN to work.
Sometimes, it's also the reason why it's hard to connect to your VPN. It's
also the reason why sometimes your connection may suddenly stop working
(download speed drop to 0). My assumption on that is, if, randomly, they
detect too much trafic through encrypted channel, they block it. 3- No, if
you're not using a Chinese browser, you're probably not infected by any
"virus". Although, some says QQ may include some spyware in it. I don't know
much on that. 4- Your provider knows what you're looking at. Like any provider
in the world. Because internet companies in China are owned by the government
at more than 50%, then indirectly yes, the government potentially knows what
you're doing. The truth is quite different. In reality, their system is pretty
similar than prism (yes, really). When the "police" require some data, they
ask the providers about the metadata. That's it. From what I've heard, they're
much less organised than they seems. The real difference between Chinese gvt
and others it that they don't hide doing it. Plus the censorship. 5- "I assume
that, somewhere on a government database [...]", hm, probably not.

I've heard GFW had several ways to "censor" the internet: DPI and DNS
poisoning mostly. Also some "random control". Also, the GFW is this kind of
system able to learn and adapt itself. Apparently, if too many people try to
access a foreign website, it gets blocked. There is also some crawlers looking
for keywords ... Not 100% sure, it can be only guesses.

About the "QoS downgrade" @auganov was talking about, once again it's a bit
different. What really happens is that the providers have a limited bandwidth
to go outside of China. Biggest providers (China Telecom/Unicom) have "a lot",
others have really not much, but it's still pretty limited, and when many
people are connecting together, we're back in the old days of "rush hours" and
slow internet. In the middle of the night, I can easily reach 5MB/s (which is
about 40Mbps), through VPN.

Hope I answered your questions :) Also, if anyone knows a bit more about GFW,
I'd be glad to hear about it!

------
auganov
It somewhat matches my experience too. Generally I'd say there's 3 classes of
blocking: total block (twitter, fb), rate limiting (google), and general QoS
downgrade (which seems so random that it might just be the infrastructure
being so bad). I really doubt any of that happens ad-hoc based on your usage
profile. And yes I did notice that certain routes might not work on non China
Telecom networks, but that again is probably just bad infrastructure. I always
assume The Great Firewall is 80% market protectionism and 20% censorship (or
rather irrational fear on the side of the govt). Wouldn't worry from a user's
perspective.

