China has reportedly upgraded its 'Great Firewall' to instigate a crackdown on Transport Layer Security (TLS) encryption-based tools that are used by citizens to evade the censorship system.
The Great Firewall of China (GFW) is a term which refers to the combination of tools, rules, and services imposed by China’s government which results in specific internet content being blocked in the country.
CIO Priorities: 2020 vs 2023
Zero Trust, SaaS Security, and its impact on SD-WAN being a priority
Great Firewall Report, an organisation that monitors China’s censorship methods, has found that more than 100 users have reported at least one of their TLS-based censorship circumvention servers had been blocked.
Users had begun to make these reports from 3 October onwards, declaring that the TLS-based circumvention protocols that are reportedly blocked include trojan, Xray, V2Ray TLS+Websocket, VLESS, and gRPC.
“The blocking is done by blocking the specific port that the circumvention services listen on. When the user changes the blocked port to a non-blocked port and keeps using the circumvention tools, the entire IP addresses may get blocked,” reported the organisation.
None of the domain names are added to GFW’s DNS or SNI blacklists. The report added that in a few cases, the blocking seems to be dynamic since the web browser could still access their circumvention ports but not the circumvention tools did not work.
The organisation suspects that the blocking could be related to the TLS fingerprints of the circumvention tools. It said it would investigate if the GFW uses the TLS fingerprints sent by these clients to identify circumvention protocols.
TLS fingerprints are a relatively new but popular tool used by security researchers to identify and differentiate which clients are interacting with server infrastructure. Tools look at the ways in which different clients and servers handle TLS negotiations, allowing to differentiate between them.
China could potentially be upgrading its Great Firewall as the 20th National Congress of the Chinese Communist Party takes place next week on Sunday 16 October.
This is where the nation’s leaders are set to discuss the country’s strategy for the next five years. The congress, which takes place twice each decade, will be critical for China to deliver the second of president Xi Jinping’s “Two Centenaries” goals and boost the nation to the forefront of global powers by 2049, according to the state-backed People’s Daily.
The first of these goals was to build a moderately prosperous society by 2021 and the second was to be delivered by 2049. Xi's long-term vision is to 'build a modern socialist country that is prosperous, strong, democratic, culturally advanced and harmonious'.
China is known for having blocked many online services that operate in the West and are used to communicate and broadcast information that may damage the reputation of the Chinese government.
Examples include impartial news organisations such as the BBC and CNN, plus most major social media platforms like Facebook, Twitter, Instagram, WhatsApp, and Reddit.
The entire Google suite is also blocked, prohibiting the use of tools such as Gmail, Google Drive, and Maps. Other communication platforms such as YouTube and even Slack are also prohibited in the region.
After exiting the region years before, Google came under fire in 2018 after it was revealed the company was working on a secret project - a search engine built exclusively for operation in China that would allow the government to censor search results.
Codenamed 'Project Dragonfly', the secret product was ultimately scrapped in 2019 following a revolt by Google employees. The search engine would reportedly allow for censorship on topics such as human rights, democracy, and peaceful protests.
