Chinas Great Firewall suffers its biggest leak ever as 500GB of source code and docs spill online censorship tool has been sold to three different countries Toms Hardware
pLeaks tie Chinas stategrade DPI gear to deployments in Myanmar Pakistan and beyond pp
When you purchase through links on our site we may earn an affiliate commission Heres how it works
ppChinese censorship sprang a major leak on September 11 when researchers confirmed that more than 500GB of internal documents source code work logs and internal communications from the socalled Great Firewall were dumped online including packaging repos and operational runbooks used to build and maintain Chinas national traffic filtering systemppThe files appear to originate from Geedge Networks a company that has long been linked to Fang Binxing widely described as the father of the Great Firewall and from the MESA lab at the Institute of Information Engineering a research arm of the Chinese Academy of SciencesppContained in the leak are what appear to be full build systems for deep packet inspection platforms as well as code modules that reference the identification and throttling of specific circumvention tools Much of the stack is geared toward DPIbased VPN detection SSL fingerprinting and fullsession loggingppResearchers at the Great Firewall Report who first verified and indexed the material say the documents outline the internal architecture of a commercial platform called Tiangou which is designed for use by ISPs and border gateways They describe it as a turnkey Great Firewall in a box with initial deployments reportedly built on HP and Dell servers before shifting to Chinesesourced hardware in response to sanctionsppA leaked deployment sheet reveals that the system was rolled out across 26 data centers in Myanmar with live dashboards monitoring 81 million simultaneous TCP connections The system was reportedly operated by Myanmars staterun telecoms company and integrated into core Internet exchange points thereby enabling mass blocking and selective filteringppAnd it doesnt stop at Myanmar Partner reporting from WIRED and Amnesty International reveals that Geedges DPI infrastructure has been exported to other states Pakistan Ethiopia and Kazakhstan being among the recipients where its often used alongside lawful intercept platforms In Pakistan Geedges equipment allegedly forms part of a larger system known as WMS 20 which is capable of conducting blanket surveillance on mobile networks in realtimeppThe scale and specificity of this leak offer a rare glimpse into how Chinas censorship check is engineered and commercialized WIREDs reporting also describes how the leaked documents show Geedges system can intercept unencrypted HTTP sessionsppGet Toms Hardwares best news and indepth reviews straight to your inboxppSo far researchers have only just begun to comb through the sourcecode archive which remains underevaluated mainly However analysts argue that the presence of build logs and dev notes could help identify protocollevel weaknesses or operational missteps that censorship circumvention tools may exploitppThe entire archive is now mirrored by Enlace Hacktivista and others with researchers urging caution for anyone downloading or examining it Airgapped VMs or other sandboxed environments are strongly recommendedppFollow Toms Hardware on Google News or add us as a preferred source to get our uptodate news analysis and reviews in your feeds Make sure to click the Follow buttonppLuke James is a freelance writer and journalist Although his background is in legal he has a personal interest in all things tech especially hardware and microelectronics and anything regulatory pp
Toms Hardware is part of Future US Inc an international media group and leading digital publisher Visit our corporate site
pp
Future US Inc Full 7th Floor 130 West 42nd Street
New York
NY 10036 p
When you purchase through links on our site we may earn an affiliate commission Heres how it works
ppChinese censorship sprang a major leak on September 11 when researchers confirmed that more than 500GB of internal documents source code work logs and internal communications from the socalled Great Firewall were dumped online including packaging repos and operational runbooks used to build and maintain Chinas national traffic filtering systemppThe files appear to originate from Geedge Networks a company that has long been linked to Fang Binxing widely described as the father of the Great Firewall and from the MESA lab at the Institute of Information Engineering a research arm of the Chinese Academy of SciencesppContained in the leak are what appear to be full build systems for deep packet inspection platforms as well as code modules that reference the identification and throttling of specific circumvention tools Much of the stack is geared toward DPIbased VPN detection SSL fingerprinting and fullsession loggingppResearchers at the Great Firewall Report who first verified and indexed the material say the documents outline the internal architecture of a commercial platform called Tiangou which is designed for use by ISPs and border gateways They describe it as a turnkey Great Firewall in a box with initial deployments reportedly built on HP and Dell servers before shifting to Chinesesourced hardware in response to sanctionsppA leaked deployment sheet reveals that the system was rolled out across 26 data centers in Myanmar with live dashboards monitoring 81 million simultaneous TCP connections The system was reportedly operated by Myanmars staterun telecoms company and integrated into core Internet exchange points thereby enabling mass blocking and selective filteringppAnd it doesnt stop at Myanmar Partner reporting from WIRED and Amnesty International reveals that Geedges DPI infrastructure has been exported to other states Pakistan Ethiopia and Kazakhstan being among the recipients where its often used alongside lawful intercept platforms In Pakistan Geedges equipment allegedly forms part of a larger system known as WMS 20 which is capable of conducting blanket surveillance on mobile networks in realtimeppThe scale and specificity of this leak offer a rare glimpse into how Chinas censorship check is engineered and commercialized WIREDs reporting also describes how the leaked documents show Geedges system can intercept unencrypted HTTP sessionsppGet Toms Hardwares best news and indepth reviews straight to your inboxppSo far researchers have only just begun to comb through the sourcecode archive which remains underevaluated mainly However analysts argue that the presence of build logs and dev notes could help identify protocollevel weaknesses or operational missteps that censorship circumvention tools may exploitppThe entire archive is now mirrored by Enlace Hacktivista and others with researchers urging caution for anyone downloading or examining it Airgapped VMs or other sandboxed environments are strongly recommendedppFollow Toms Hardware on Google News or add us as a preferred source to get our uptodate news analysis and reviews in your feeds Make sure to click the Follow buttonppLuke James is a freelance writer and journalist Although his background is in legal he has a personal interest in all things tech especially hardware and microelectronics and anything regulatory pp
Toms Hardware is part of Future US Inc an international media group and leading digital publisher Visit our corporate site
pp
Future US Inc Full 7th Floor 130 West 42nd Street
New York
NY 10036 p
