For the first time, the Chinese government has attacked one of the best, most secure tools for surfing the Internet anonymously. The clampdown against the tool, called Tor, came in the days leading up to the 60th anniversary of China’s “national day” on October 1. It is part of a growing trend in which repressive nations orchestrate massive clampdowns during politically sensitive periods, in addition to trying to maintain Internet firewalls year-round.
“It was the first time the Chinese government has ever even included Tor in any sort of censorship circumvention effort,” says Andrew Lewman, the executive director of Tor Project, the nonprofit that maintains the Tor software and network. “They were so worried about October 1, they went to anything that could possibly circumvent their firewall and blocked it.”
Tor is one of several systems that route data through intermediate computers called proxies, thereby circumventing government filters. To anyone watching Internet connections, the traffic then seems to be coming from the proxies. Tor provides stronger anonymity protection than most others, because it uses several such proxies and encrypts the Internet protocol (IP) addresses at each step. The downside is that Tor slows down Internet access considerably.
The potential for Tor’s IP address to be blocked has always existed, especially since Tor Project publishes them openly in an online directory. Until late September, however, China never bothered to block it. Then, on September 25, Tor usage by Chinese citizens plunged from thousands of users (between 8,000 and 10,000 Tor requests from China were active at any given moment in the preceding days) to near zero. “Based on what we tested, it appears that they pulled the list on September 18, and it took until September 25 to get that into their firewall apparatus,” says Lewman. On Tuesday, Tor Project published an analysis of China’s effort.
The analysis found some good news. The use of workarounds called “bridges”–IP addresses of volunteer computers who have agreed to connect users to the otherwise-blocked Tor network–soared during the period, helping many Tor users back online. The distribution of these bridge addresses was coordinated through various instant-messaging services in China. While hard numbers were not available, Lewman says bridge use increased 70-fold.
Gain the insight you need on security at EmTech Digital.
Watch video from the event