Academics discover hidden layer in China’s Great Firewall


Level 16
Thread author
Top poster
May 4, 2019
A team of academics from the University of Maryland has discovered a previously hidden layer in China’s Great Firewall censorship system.

Introduced in the late 90s, the Great Firewall (GFW) is a system of middleboxes installed at China’s internet exchange points and internet service providers that allow the government to intercept internet traffic, sniff on its content, and block connections to websites and servers the state doesn’t deem acceptable.

While there are different censorship mechanisms inside China’s Great Firewall that cater to different protocols, its most potent and technically advanced system is the one meant for dealing with HTTPS encrypted web traffic.

Today, this HTTPS censorship mechanism includes two separate systems.

The first, and the oldest, is the one that works by intercepting HTTPS connections in their incipient stages and then looking at a connection data field called SNI, which exposes the domain a user is trying to access.

Even if Chinese censors can’t decrypt the content of the actual HTTPS connection, this SNI field allows the Chinese government to block users from accessing unwanted sites.


Level 12
Top poster
Aug 2, 2020
Older versions of Firefox had the option to encrypt SNI. Since FF 85 they use ECH which is apparently better for privacy.