Etikettarkiv: Great Firewall

The “Great Cannon” and China’s information arsenal

The following article was originally posted at The Pearl of Lao-tzu.

While classic censorship continues to be a vital part of the PRC information control repertoire, its relative importance is decreasing as the techniques deployed by the regime become increasingly sophisticated.

We have seen the rise of a new approach to internet management since the Hu Jintao administration’s Sixth Plenum in 2011. This new regime focuses on ”control and management” rather than outright suppression of independent voices.

Over the last few years, a ”soft” censorship had developed that allows criticism but silence collective expression and the formation of independent public opinon. The strength of this approach to information management lies in its subtlety; the spread and impact of a certain message is controlled without the need of direct censorship.

If my interpretation is correct, the management of the release and spread of Chai Jing’s Under the Dome was an impressive example of this new approach to information management.

The viral documentary was promoted by the official press and within a few days the video had 200 million hits. The Ministry of Science and Technology profited from the heightened public interest when it announced a five year air pollution control project and in a widely publicized speech Premier Li Keqiang told the National People’s Congress: “Environmental pollution is a blight on people’s quality of life and a trouble that weighs on their hearts … We must fight it with all our might.”

However, Chai Jing’s documentary was soon shut down and further ”hype” of the topic was discouraged. This left many observers perplexed, but I would argue that their failure to understand the situation is simply a result of them being unable to think beyond the dichotomy of liberalization-censorship or civil society-state.

”Under the Dome” was actually a perfect example of how the Chinese information regime made use of a legitimate voice from civil society (民间) to advance its own environmental reform agenda; the ”answers” that are suggested in Chai Jing’s documentary are almost identical to the government’s. At the same time, independent, public debate on the matter was limited.

Chai Jing’s case can be compared to how U.S. Democrats and French Socialists tried to exploit the enormous success of Thomas Piketty’s Capital in the Twenty-First Century to legitimate their politics in contrast to those of their opponents to the right, while completely avoiding any serious debate on inequality.

The overall approach of the new Chinese internet regime is thus one of guidance and containment rather than suppression, but it does not mean that brute force is not employed when necessary. One example is the ”seven baselines” for a clean Internet that were adopted at the China Internet Conference in August 2013 and followed by a campaign against influential and critical celebrities on China’s Weibo, the so-called ”Big V:s”.

Now it seems that the information control forces of the PRC have a new weapon in their arsenal: the ”Great Cannon” that was used for an attack on GitHub and

A recent research report suggests that the attack did not make use of the Great Firewall, as was initially assumed, but was carried out ”by a separate offensive system, with different capabilities and design, that [the authors of the article] term the “Great Cannon.”

The authors explain how this independent device hijacks traffic from individual IP addresses and is capable of arbitrarily replacing unencrypted content.

While the attack on GitHub was a simple DoS attack, the ”Great Cannon” potentially has the far more important capability to ”exploit by IP address”

A technically simple change in the Great Cannon’s configuration, switching to operating on traffic from a specific IP address rather than to a specific address, would allow its operator to deliver malware to targeted individuals who communicates with any Chinese server not employing cryptographic protections.  The GC operator first needs to discover the target’s IP address and identify a suitable exploit.  The operator then tasks the GC to intercept traffic from the target’s IP address, and replace certain responses with malicious content.  If the target ever made a single request to a server inside China not employing encryption (e.g., Baidu’s ad network), the GC could deliver a malicious payload to the target.  A target might not necessarily realize that their computer was communicating with a Chinese server, as a non-Chinese website located outside China could (for example) serve ads ultimately sourced from Chinese servers.

It should be clear to all that the Chinese information regime is evolving. To make sense of this evolution, the analysis and the terminology must evolve as well.

Puck Engman