China’s Great Firewall has been in place for a long time, and unfortunately for many whose online activities and access to the internet are severely censored thanks to it, it’s working very well.
However, security researchers are now reporting that Beijing is making additional efforts for the tool to become more efficient, and the goal now is to block connections using safe and encrypted protocols, along with IP addresses involved in the process, for a short stint (several minutes at a time).
The news is coming from from iYouPort, the University of Maryland, and the Great Firewall Report, and claims that China’s update affecting secure HTTPS connections was rolled out at the end of July.
However, the latest restriction is said to be limited to traffic through TLS 1.3 (Transport Layer Security, a newer and safer iteration of SSL) and ESNI (Encrypted Server Name Indication, preceded by SNI) protocols.
This means that HTTPS connections using older technologies – SSL and SNI – are not blocked by the Great Firewall. That’s because these protocols let Chinese authorities in charge of executing internet censorship figure out which domain a user is connecting to.
What’s behind the decision is the rising use of these modern, more secure technologies, that are proportionately making life harder for Chinese censors who are tasked with controlling what kind of content internet users are allowed to access.
According to some reports, among the ESNI implementations now blocked by the Great Firewall may be Cloudflare’s ESMI.
As ever, when such censorship is ramped up in similar ways, researchers and users start looking, and often finding, ways to circumvent the bans. The three authors of the report listed six ways to work around the latest Great Firewall bans, including two that are included in apps and software and others that work client-side.
But the three research outfits who keep an eye on developments in the Chinese internet censorship scene don’t sound very hopeful that these will be usable for a long time. As always, a whack-a-mole is expected to ensue, as ways to bypass restrictions appear, only for China’s authorities to squash them.