A Quick Investigation of EdgeCast CDN Blocking in China

This morning, GreatFire.org published a story stating that EdgeCast CDN, one of the more popular content distribution networks that handles content for a number of large websites, has been blocked by the Chinese national filter. As a result, a friend emailed me asking what I thought, and pointed out that all we have are a few reports and a link to a status update from EdgeCast themselves.

As usual, my attempt to write a short email failed, and I ended up carrying out an impromptu investigation into this. With minor edits, I’ve reproduced my email detailing how I looked into this below. For reference, this was carried out from an internet connection based in Oxford, UK.

Based on prior knowledge we have evidence that China will man-in-the-middle (UDP) DNS requests for blocked sites, but ignore genuine ones. So first, let’s pick a Chinese IP address almost at random:

$ ping baidu.cn
PING baidu.cn ( 56(84) bytes of data.

Check that it’s actually in China, using the MaxMind GeoIP database:

$ geoiplookup
GeoIP Country Edition: CN, China
GeoIP City Edition, Rev 1: CN, 22, Beijing, Beijing, N/A, 39.928902,
116.388298, 0, 0

Check that it’s not a DNS server:

$ dig @ baidu.cn

; DiG 9.9.2-P2 @ baidu.cn
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached

Excellent.… Read full post

Open Rights Group Report: “Digital Surveillance”

The Open Rights Group have recently released “Digital Surveillance – Why the Snoopers’ Charter is the wrong approach: A call for targeted and accountable investigatory powers”. The report sets out various arguments as to why the proposed Communications Data Bill in the UK, which aims to massively extend the scope of surveillance over online communications, is a terrible, counterproductive, expensive, and unnecessary idea.

I was asked to contribute a section on the risks of the existing proposals, and some thoughts on where things should go in the future. My contribution is reproduced here, but please do go and download the full report.

Where laws intersect with technology, as is strikingly the case with surveillance, the discrepancy between the pace of technological change and the pace of legal change requires lawmakers to consider carefully the risks that arise from the future development and application of technologies. Crucially, and challengingly, it is necessary to differentiate between the limitations that exist in current technologies, and will disappear as technology develops; and those limitations that are fixed and inherent.

Information technologies, and in particular the Internet, have expanded the potential for surveillance to a degree that would have seemed fantastical in previous decades. Unprecedented levels of data can now be collected, stored, and analysed, and can be combined and controlled with an amazing degree of centrality.

Read full post

Chinese Internet Filtering: The Curious Case of the Florida Pet Club

Of the various ways to filter the internet, manipulating DNS is probably the simplest and cheapest in terms of resources. DNS, the Domain Name Service, is the mapping between the human-readable URLs that we use, like https://www.pseudonymity.net, and the more machine-friendly IP addresses, like

The Chinese Golden Shield Project, or Great Firewall, famously makes use of a range of techniques. These include keyword filtering, as reported by Clayton et al., as well as active blocking of services such as Tor at the IP level, and more manual censorship and takedown on services like Weibo.

In the past year or so I’ve spent some time tinkering with exactly how China’s internet is filtered. In particular, I’ve been interested in the extent to which the system is centrally-driven, with blanket country-wide decisions and implementation, against how many of its decisions are loose and locally applied by regional authorities and ISPs.

To study this it is more or less useless to fire up a VPN, or a copy of Tor, and run network tests. Filtering conditions may vary by ISP, by province, by city or by ISP. When I see a report that some site ‘is blocked in China’, my immediate response has become to ask where.… Read full post

Workshop on Free and Open Communications on the Internet (FOCI’12)

Following on from the fantastically interesting FOCI workshop last year, I am co-chairing this year’s FOCI workshop along with Roger Dingledine of the Tor Project. The workshop will again be co-located with USENIX Security, which is being held this year in Bellevue, Washington in August.

Although FOCI revolves around USENIX Security, and therefore by default falls on the more technical side of research, we are actively encouraging submissions from any field with something interesting to say on internet censorship. Social science, political science, law, economics, ethics, psychology — if you have something to say then send us your work!

The call for papers is here: https://www.usenix.org/conference/foci12

I hope to see you there!… Read full post

Discussing Online Privacy in the Observer, with Tom Chatfield

I was recently approached by the Observer to take part in an email-based discussion with Tom Chatfield about online privacy and the direction that companies like Facebook and Google are taking us.

It was a lot of fun to write, over the course of a day, and there were some interesting points raised. 1000 words each isn’t enough to explore very much, but I found it surprisingly useful for clarifying my thoughts on the subject, and quite inspiring for some of the future work that is constantly buzzing around my head.

The original story on the Observer is here.… Read full post

Presentation on Mapping Chinese Censorship

I recently presented my work on censorship mapping to my colleagues at the OII, including a couple of maps with early analysis of DNS manipulation in Chinese cities.

The analysis is very preliminary, and there are considerable caveats even for the early results, but here’s the presentation:

Fine-Grained Censorship Mapping
View more presentations from Joss Wright
Read full post

Freedom of Communication on the Internet Workshop (FOCI): Fine-Grained Censorship Mapping — Information Sources, Legality and Ethics

This year saw the first workshop on Freedom of Communications on the Internet, co-located with USENIX Security in San Francisco. My contribution, co-authored with Ian Brown and Tulio de Souza, focused both on the means for mapping censorship in greater detail as well its legal and ethical implications.

The paper was inspired by the realization that censorship at the national level need not, and clearly often is not, applied equally across a country. The riots in Ürümqi, in Xinjiang, resulted in a blanket internet ban for that region that was not extended to the rest of China. The widely-reported shutdown of Egyptian internet service for several days during the 2011 Egyption revolution was not experienced, at least at first, on the ISP that provided service for important financial services. The ability to filter selectively is clearly, in the view of a censor, very useful.

Even when censorship is intended to apply equally, practical considerations can cause localized discrepancies. In large-scale or complex censorship regimes total centralization may be infeasible, resulting in censorship being delegated to local authorities or organizations. These may, in turn, make different choices in how to implement filtering at the local level, with varying results.

All previous major studies of internet censorship have considered filtering at the national level, without investigating the potential for local variation.… Read full post

Experiences of Chinese Internet Censorship

I was recently invited to speak at Dalian Technical University, in Liaoning Province in Northern China, and took the opportunity afterwards to spend three weeks travelling around China with my family. (Finally putting several years of studying Mandarin into practice, with a reasonable level of success, and having a fantastic time.)

Being in China, I couldn’t help but poke a little at the limitations imposed on my connection. Travelling with 14-month old twins is a full-time job, albeit one that I can highly recommend, which did not leave me a great deal of time to analyse connections. I will therefore only report on my personal experiences and impressions, although the data that I did gather will hopefully be useful for a future paper based on work that I presented at FOCI’11. As such, anyone who knows a little about Chinese state-level internet censorship is unlikely to find anything new here.

In my time in China, I ran simple filtering tests on all the Internet connections to which I had access, covering locations in Beijing, Dalian, Shanghai and Hangzhou. I also took the chance to run code to test local nameservers for DNS manipulation when requesting known blocked sites.

The most notable observations from my own experiences were:

  • Secondary effects of blocking
  • Twitter and Facebook are some of the more well-known blocked sites in China.… Read full post

    Freedom of Communications on the Internet (FOCI) Workshop

    I’m on my way back from the Workshop on Free and Open Communication on the Internet (FOCI) that was held in the last few days at Georgia Tech in Atlanta. Hosted by Nick Feamster, FOCI brought together a number of computer scientists, activists, lawyers and policy makers to discuss the impact of anti-censorship technologies and to think about future directions from a number of angles.

    It’s always interesting to see experts on the same topic from different fields together, and FOCI was no exception. Despite occasional diversions into policy-speak or tech-talk that left half the room baffled, I came away more impressed with how often we had managed to cross that barrier.

    The technical side of the crowd seemed to have the benefit of more time to present, and so there were thorough discussions on the nature of filtering mechanisms and their technical capabilities as well as details of anti-censorship technologies, particularly Tor. Roger Dingledine gave some interesting, if slightly statistically questionable, numbers regarding Tor usage in various countries during the recent events in the Middle East.

    An estimate from Hal Roberts, based on surveys of activist bloggers, was that 3% of worldwide internet users employed some form of anti-censorship tool, including web-based proxies.… Read full post

    Contentious Connections

    I have a comment piece in the Guardian today about network neutrality and BT’s Content Connect service. The online version is here.

    I’ll let the article stand largely by itself, whilst pleading the difficulty of putting the net neutrality debate across in 800 words whilst simultaneously linking in BT’s Content Connect.

    One point I would like to add, for anyone who finds this, is that the term “net neutrality” can be, and often is, very misleading; if you’re new to the subject then “neutrality” almost certainly means something different to what you think it means! Common terms combined with complicated technical subject matter are a recipe for disaster. Tim Wu’s excellent “Network Neutrality FAQ” should be required reading for this subject.

    The Guardian article in full:

    The desire for high-bandwidth internet services, such as internet TV is placing ever greater demands on the internet’s infrastructure. New technologies are being developed to meet these demands, but companies are increasingly considering new business models. With its Content Connect service, BT has brought itself into conflict with a fundamental design principle of the internet, raising concerns that the drive for profit could lead to changes that will harm consumers and content producers.

    The principle in question is that of net neutrality, which broadly states that data passing over the internet should be treated equally regardless of whose data it is.

    Read full post