Academics discover hidden layer in China’s Great Firewall

Correlate

Level 16
Thread author
Verified
Top poster
Well-known
May 4, 2019
743
A team of academics from the University of Maryland has discovered a previously hidden layer in China’s Great Firewall censorship system.

Introduced in the late 90s, the Great Firewall (GFW) is a system of middleboxes installed at China’s internet exchange points and internet service providers that allow the government to intercept internet traffic, sniff on its content, and block connections to websites and servers the state doesn’t deem acceptable.

While there are different censorship mechanisms inside China’s Great Firewall that cater to different protocols, its most potent and technically advanced system is the one meant for dealing with HTTPS encrypted web traffic.

Today, this HTTPS censorship mechanism includes two separate systems.

The first, and the oldest, is the one that works by intercepting HTTPS connections in their incipient stages and then looking at a connection data field called SNI, which exposes the domain a user is trying to access.

Even if Chinese censors can’t decrypt the content of the actual HTTPS connection, this SNI field allows the Chinese government to block users from accessing unwanted sites.
 

The_King

Level 12
Verified
Top poster
Well-known
Aug 2, 2020
565
Older versions of Firefox had the option to encrypt SNI. Since FF 85 they use ECH which is apparently better for privacy.