Tools helping China’s netizens to bypass the Great Firewall appear to be facing a fresh round of crackdowns in the run-up to the country’s quinquennial party congress that will see a top leadership reshuffle. Greater censorship is not at all uncommon during countries’ politically sensitive periods, but the stress facing censorship circumvention tools in China appears to be on a whole new level.
“Starting from October 3, 2022 (Beijing Time), more than 100 users reported that at least one of their TLS-based censorship circumvention servers had been blocked,” writes GFW Report, a censorship monitoring platform focused on China, in a GitHub post.
TLS, or transport layer security, is a ubiquitous internet security protocol used for encrypting data sent across the internet. Because data shared over a TLS connection is encrypted and cannot be easily read, many censorship circumvention apps and services use TLS to keep people’s conversations private. A TLS-based virtual private network, or VPN, directs internet traffic through a TLS connection instead of pushing that traffic to one’s internet provider.
But Chinese censors seem to have found a way of compromising this strategy. “The blocking is done by blocking the specific port that the circumvention services listen on. When the user changes the blocked port to a non-blocked port and keeps using the circumvention tools, the entire IP address may get blocked,” GFW Report says in the post.
According to GFW Report’s estimates provided to TechCrunch, more than half of China’s netizens who circumvent online censorship use some sort of TLS-based tools.
Tech-savvy users may buy their own domains and set up services to bypass the so-called “Great Firewall (GFW)”, an elaborate censorship system developed by the Chinese authorities to regulate the country’s internet access, such as blocking certain foreign web services or slowing down their traffic. But many netizens instead opt for ready-to-use subscription services from resellers, which rely heavily on TLS-based techniques, says GFW Report.
“The TLS-based tools have been reportedly blocked before, but we have never seen it got [sic] blocked on such a scale,” the organization notes. “At the same time, knowing October will be the most politically sensitive time this year, we have been preparing some backup plans for months with other developers which will get released soon to mitigate the blocking.”
According to GFW Report, some of the TLS-based censorship circumvention tools that are reportedly blocked include trojan, Xray, V2Ray TLS+Websocket, VLESS, and gRPC, but it has not yet received any reports that naiveproxy, another tool used to circumvent censorship, has been blocked.
While some may continue to find new ways to play “catch-me-if-you-can” with the country’s censors, the less technical demographic is left with few options. Ever since China outlawed the unauthorized use of VPNs in 2017 — though unhindered internet access can be granted for certain use cases, such as university research or cross-border businesses — major VPN apps have been removed from domestic Android and App Stores.
Censorship circumvention apps that face state blockades often don’t stay blocked for long. Providers that are pulled from app stores can soon reappear reincarnated with a different name and look, repeating that process indefinitely if they get removed again. Apple Censorship, a group unaffiliated with Apple but which tracks when the company acquiesces to censorship demands, found that around 200 VPN services it surveyed the past summer were unavailable in China’s app stores, while Belarus came in second place with 21 of the VPN apps unavailable, Benjamin Ismail, project director at Apple Censorship tells TechCrunch.
Bans on internet services can also be unpredictable. While the major services of Google, Twitter, Facebook, and the like have long been unavailable in China, some of their less-known services have been allowed to stay. Many services don’t get blocked until a certain event or uptick in usage put them on regulators’ radar. The voice-based social network Clubhouse, for example, had a short-lived boom in China that saw netizens freely speaking their minds and tuning into politically sensitive topics before the app’s inevitable ban.
A handful of Google’s less sensitive products existed in China until recently. On September 30, my colleague Kyle reported that Google Translate became unavailable in China; the parent firm later confirmed it discontinued the service in mainland China “due to low usage,” meaning it’s a voluntary retreat rather than a ban.
But GFW Report’s findings suggest the government might have indeed imposed new restrictions on Google services. China has blocked google.com and all its subdomains *.google.com, affecting more than 1,100 domains and a large number of popular services, including firebase.google.com, translate.google.com, maps.google.com, scholar.google.com, feedburner.google.com, and ads.google.com, the censorship tracking platform said in a post on October 1. We’ve reached out to Google for comment.