Academics discover hidden layer in China’s Great Firewall

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
A team of academics from the University of Maryland has discovered a previously hidden layer in China’s Great Firewall censorship system.

Introduced in the late 90s, the Great Firewall (GFW) is a system of middleboxes installed at China’s internet exchange points and internet service providers that allow the government to intercept internet traffic, sniff on its content, and block connections to websites and servers the state doesn’t deem acceptable.

While there are different censorship mechanisms inside China’s Great Firewall that cater to different protocols, its most potent and technically advanced system is the one meant for dealing with HTTPS encrypted web traffic.

Today, this HTTPS censorship mechanism includes two separate systems.

The first, and the oldest, is the one that works by intercepting HTTPS connections in their incipient stages and then looking at a connection data field called SNI, which exposes the domain a user is trying to access.

Even if Chinese censors can’t decrypt the content of the actual HTTPS connection, this SNI field allows the Chinese government to block users from accessing unwanted sites.
 

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
542
Older versions of Firefox had the option to encrypt SNI. Since FF 85 they use ECH which is apparently better for privacy.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top