Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Sunday April 12 2015, @09:49AM   Printer-friendly
from the with-great-power-comes... dept.

We had two Soylents send us news of a new tactic in state-sponsored attempts at silencing undesired content on the internet:

China Is Said to Use Powerful New Weapon to Censor Internet.

Late last month, China began flooding American websites with a barrage of Internet traffic in an apparent effort to take out services that allow China’s Internet users to view websites otherwise blocked in the country.

Initial security reports suggested that China had crippled the services by exploiting its own Internet filter — known as the Great Firewall — to redirect overwhelming amounts of traffic to its targets. Now, researchers at the University of California, Berkeley, and the University of Toronto say China did not use the Great Firewall after all, but rather a powerful new weapon that they are calling the Great Cannon.

The Great Cannon, the researchers said in a report published Friday ( https://citizenlab.org/2015/04/chinas-great-cannon/ ), allows China to intercept foreign web traffic as it flows to Chinese websites, inject malicious code and re-purpose the traffic as Beijing sees fit.

The system was used, they said, to intercept web and advertising traffic intended for Baidu — China’s biggest search engine company — and fire it at GitHub, a popular site for programmers, and GreatFire.org, a nonprofit that runs mirror images of sites that are blocked inside China. The attacks against the services continued on Thursday, the researchers said, even though both sites appeared to be operating normally.

http://www.nytimes.com/2015/04/11/technology/china-is-said-to-use-powerful-new-weapon-to-censor-internet.html

[Continued after the break.]

China's "Great Cannon" used to silence government critics

Citizen Lab, a Canadian human rights organization, published a report on what it calls the Great Cannon - a DDOS system that they say is deployed by the Chinese government. This system was allegedly used for the recent attack against GitHub.

We show that, while the attack infrastructure is co-located with the Great Firewall, the attack was carried out by a separate offensive system, with different capabilities and design, that we term the “Great Cannon.” The Great Cannon is not simply an extension of the Great Firewall, but a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses, and can arbitrarily replace unencrypted content as a man-in-the-middle.

The operational deployment of the Great Cannon represents a significant escalation in state-level information control: the normalization of widespread use of an attack tool to enforce censorship by weaponizing users. Specifically, the Cannon manipulates the traffic of “bystander” systems outside China, silently programming their browsers to create a massive DDoS attack. While employed for a highly visible attack in this case, the Great Cannon clearly has the capability for use in a manner similar to the NSA’s QUANTUM system,4 affording China the opportunity to deliver exploits targeting any foreign computer that communicates with any China-based website not fully utilizing HTTPS.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by McD on Monday April 13 2015, @12:01AM

    by McD (540) Subscriber Badge on Monday April 13 2015, @12:01AM (#169470)

    RequestPolicy is great, but power users only need apply. And as that page points out, the torch has been passed to RequestPolicy Continued [github.io].

    Personally, I'm really pleased with Policeman [mozilla.org], which seems like RequestPolicy with a much improved interface. I've found it quite usable, even in it's "beta" state.

    But as great as it is to have control via extensions like these, they're simply too complicated for most users.

    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  

    Total Score:   3  
  • (Score: 2) by maxwell demon on Monday April 13 2015, @08:04PM

    by maxwell demon (1608) on Monday April 13 2015, @08:04PM (#169950) Journal

    Thank you for the information; the Policeman extension indeed looks very interesting. Does it also handle redirects?

    Also, do you know if existing rules can be moved from RequestPolicy to Policeman?

    --
    The Tao of math: The numbers you can count are not the real numbers.
    • (Score: 1) by McD on Wednesday April 22 2015, @04:00PM

      by McD (540) Subscriber Badge on Wednesday April 22 2015, @04:00PM (#174028)

      Sorry for the lag, didn't notice your reply. I believe Policeman handles redirects, but haven't seen enough to recall for sure.

      I also believe it offers to import RequestPolicy rules on first run.

      • (Score: 2) by maxwell demon on Wednesday April 22 2015, @07:01PM

        by maxwell demon (1608) on Wednesday April 22 2015, @07:01PM (#174081) Journal

        Thank you for the information.

        A comment on the add-on page says it has trouble with Firefox 37, so I'll wait a bit before trying, but I'll definitely try it.

        --
        The Tao of math: The numbers you can count are not the real numbers.