Chinese Censor-Beating Software Resembles Malware, But Isn't 160
coondoggie writes "Software designed to beat Chinese censorship may behave in ways that seem suspect, but it is
all part of the application's strategy to fool the Great Firewall of China, according to one programmer of the software. 'There are many built-in tricks that do all kinds of things to confuse the firewall,' says David Tian, a scientist for NASA who works spare-time on UltraSurf, the free software designed to promote unrestricted Internet access for citizens of China persecuted for being members of Falun Gang, the religious group the Chinese government is trying to suppress."
Falun Gang (Score:5, Informative)
I think it's Falun Gong [wikipedia.org]
Re:Falun Gang (Score:5, Funny)
I think it's Falun Gong
Great, now Slashdot will be censored in China. I hope you are happy.
Re:Falun Gang (Score:5, Interesting)
Re: (Score:2)
Re: (Score:1, Informative)
-1 boring, and spoken like someone who's never even visited China.
To get the attention of the Chinese authorities, you would have to be important. That means someone who's a threat in some way.
Assuming you're a white English speaker, that rules you out. You wouldn't even appear on the radar.
Now the perverse thing was that I found China to be more free, everything being relative.
I don't smoke pot.
I don't steal cars.
I do share thousands of files, some of which are going to attract the growing intellectual pro
Free as long as you don't break the law (Score:2)
Re: (Score:2)
I found this myself when I was there. There are laws, but they appeared to be enforced selectively, based on whether or not they are trying to put pressure on you or someone you work for.
Re: (Score:3, Informative)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1, Insightful)
Uhm Falun gang is not far from the truth. Although I do not agree with the Chinese government's methods of persecution, falun gong is akin to scientology in own operations.
anon. cow. for good reason
Re: (Score:2)
Uhm Falun gang is not far from the truth. Although I do not agree with the Chinese government's methods of persecution, falun gong is akin to scientology in own operations.
anon. cow. for good reason
Only if you believe everything the Chinese Ministry of Truth (or lack thereof) tells you.
From my point of view , it's resembles a form of Budhism , and that's one of the most peaceful religions i know.
Re: (Score:1)
Its akin to scientology in a way, I think only in that it is a form of Qi gong, as such, many of its principles are about the energy of the body and proclaim things as science, when in fact they are spiritually based, not scientifically based.
This is true of all qi gong forms in China - most of them well respected like a science, but without rigor for truth.
Many qi gong principles are common sense and others are almost like faith healing. None are to be tested, but many have a good standing in universities.
Re: (Score:2)
And my mother practices Reiki, beliving crystal rocks and chakra/chi are used to heal the body, despite (to my knowledge) any actual benefits noted by any reputable scientific source beyond the placebo effect.
There are a lot of religious groups who claim their religion follows the strict, rigorous testings of science. Hell, creationists have museums to "explain" why it's a scientifically valid theory.
The problem with your comparison to Scientology is when most people hear "Scientology," they think "money-gr
Re: (Score:1)
Actually, I tend to think of that of any modern American Christian religion.
Re: (Score:2)
To be honest, so do I, but I'm speaking from how most people think.
Re: (Score:2)
Re: (Score:2)
The problem with your comparison to Scientology is when most people hear "Scientology," they think "money-grubbing, murderous, evil bastards."
You are right , that is exactly what i thought .
Re: (Score:2)
despite (to my knowledge) any actual benefits noted by any reputable scientific source beyond the placebo effect.
The good old placebo effect has healed more people than any of your fancy science. If she uses crystal rocks and she's healthy, why do you care?
If you have a headache and a placebo pill that only works 80% of the time, take 10 and be done with it. Fun fact: said placebo pills are actually banned in the US. I don't think I'll ever understand why.
Re: (Score:2)
Isn't that true of all mass organsied religion?
Re: (Score:2)
"Ancient weapons and hokey religions are no match for a good blaster."
Confuse it? How? (Score:5, Insightful)
You shouldn't be trying to "confuse it", you should be making sure that the traffic patterns aren't unique and discernable. In other words, using steganography. All this "confusion" stuff I read in the article gives the user a distinct pattern of behavior that can identify the user as actively using said software. If you're trying to get under the radar of the government, don't start by sending up a big digital flare that says "Hey! I'm trying to bypass your crap." It usually ends badly for the would-be revolutionary, who's first job (I might add) is to survive.
Even in so-called "free" countries like the US, the government can imprison people indefinately on the off chance that the encrypted data may be subversive. How do you suppose China would handle it? Encryption doesn't enable free speech -- a gun to the head is a pretty effective way of recovering the key.
Save lives: Use stenography.
Re:Confuse it? How? (Score:4, Funny)
Save lives: Use stenography.
abv cmt shd b fxd
Re: (Score:1, Offtopic)
abv cmt shd b fxd
ebg13 be fvzvyne vf abg fgrabtencul. Nyfb, gb jungrire zbqrengbe qrpbqrf guvf: Zbq rirelbar jub cbfgf gur bevtvany -1, sbe orvat gbb ynml gb tbbtyr sbe ebg13.
Re: (Score:1)
It says Above comment should be fixed. stpd cnt bth
trl w/sml pns.
Re: (Score:2)
http://mrl.nyu.edu/~dhowe/TrackMeNot/
It sends out search based noise and obfuscation by making randomized search-queries to popular search engines, e.g., AOL, Yahoo!, Google, and MSN..
Re:Confuse it? How? (Score:5, Interesting)
It sends out search based noise and obfuscation by making randomized search-queries to popular search engines, e.g., AOL, Yahoo!, Google, and MSN..
*face palm* Googling "how do I blow up government buildings" is going to attract the attention of shub internet no matter how many bogus queries you put before or after it. Most filtering schemes are based on content -- they don't care to do statistical analysis. You're just not that important. All they need to hang you is proof you visited a certain website or looked for certain terms. For example, if I typ[$)%(T^NO CARRIER
Re: (Score:2)
Like the NSA, China would pick up on some terms mostly to do with tanks and people in the late 1980-90's ect.
Been stuck on some ip with junk packets moving around after day might trip something to..
Re: (Score:3, Funny)
Googling "how do I blow up government buildings" is going to attract the attention of shub internet no matter how many bogus queries you put before or after it.
If anyone is wondering the answer to that question but doesn't want to attract the attention of the "shub" internet, I've got the answer right here. There is usually somewhere on the building a small thermal exhaust port approximately 2 meters wide. A direct hit with a proton torpedo should cause a chain reaction that will destroy it. I should caution you that ONLY a direct hit will cause a chain reaction.
Re: (Score:2)
Breaks my heart to see everyone here talking about Google, but maybe that's because I'm on UK's Virgin (likely to be Phorm infested at any time makes you paranoid).
Re: (Score:2)
You need to camouflage the message so that it becomes entirely innocent:
How do I blow up a thousand party balloons for a party being held in a couple of Government buildings?
Re: (Score:3, Informative)
The point of bogus queries is to avoid tracking based on behavior, which is of course a matter of concern in this context. It is assumed that your ip address is already hidden.
First, "tracking based on behavior" -- What exactly constitutes behavior? A string of a thousand randomly generated queries, popular or not, mixed in with several queries on how to build bombs is going to be flagged. It isn't generating any real extra work for them to deduce who you are by traffic analysis, because packet sizes, times sent/received, and other data specific to the request is going to correlate with a specific time and place, which means a specific person (in all likelihood).
As to the IP addr
Re: (Score:2)
When you are the network, you can trace back.
Re: (Score:2)
Re: (Score:1)
Like a cat, of course! http://www.youtube.com/watch?v=B2Je1CEPkUM [youtube.com]
Re: (Score:1)
you should be making sure that the traffic patterns aren't unique and discernable. In other words, using steganography. All this "confusion" stuff I read in the article gives the user a distinct pattern of behavior that can identify the user as actively using said software.
From what I gather from the article, it is actually the opposite of what you though it was:
Chinese authorities monitor UltraSurf carefully and try to identify signatures that can be used to set filters, so the software sends out useless traffic to make noise that makes it difficult to characterize the legitimate traffic, he says. ... UltraSurf programmers play a cat-and-mouse game with Chinese censors trying to block its traffic, so the team working on it has to continually alter its methods to adapt to each innovation in the Great Firewall, he says. "We have a great understanding of the Great Firewall and how to defeat it."
It could have been clearer if he had used the word "deceive" instead of "confuse", or if you had actually read the article. Oh wait sorry, forgot where I was.
do'h (Score:3, Insightful)
and no chinese read /. so the secret is safe.
Re: (Score:1)
Re: (Score:2)
comspiracy (Score:2, Funny)
What is the obsession with Falun Gong? (Score:5, Insightful)
My own personal explanation for this bizarre behavior is that Westerners actually don't know anything about Falun Gong, and don't care to learn. They are comfortable with the "narrative" that FG=good, China=bad. And as recent events have shown, narratives are more important and cherished than the actual facts on the ground. People get *angry* when their comfortable narratives are revealed to be inaccurate.
Atheist media? (Score:5, Insightful)
While I agree that Falun Gong is a total wacky cult (and I have old friends where sadly involved with it), but maybe you should think with a little objectivity calling the media atheist. I mean the one thing that a US presidential candidate must do is prove their love to Jesus. Don't you think if the media were atheist this sort of thing would be questioned a bit more. The one thing that a major political candidate simply can not be is Atheist, polls have pretty much proven that we will get an islamic president before we get an atheist. Personally I find the rites of all christianity, and bible stories just as nutty as the Xenu crap. Think for a second if you first heard these stories when you were in your 20s.
Re: (Score:2)
I mean the one thing that a US presidential candidate must do is prove their love to Jesus
Not just presidents, congressmen too. I personally think Obama is agnostic and his Christian faith is merely political.
Re: (Score:2)
Calling them collectively atheist is indeed objective. As opposed to what, reporters for the 700 Club? The heartwarming "conversion of the week" series on 60 Minutes?
I mean the one thing that a US presidential candidate must do is prove their love to Jesus.
Hey, we were talking about the media - how'd we switch gears t
Re: (Score:1)
Re: (Score:2)
On one hand, you have fundamentalist athiests in charge of Western media who take every opportunity to attack and discredit any religion, much less crazy cults like Scientology or Raelism.
"Western media" is hardly homogenous.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
On one hand, you have fundamentalist athiests in charge of Western media who take every opportunity to attack and discredit any religion
The attacks on religion carried out tend to be a little less brutal than harvesting religious people for organs. Nobody cares if Falun Gong is criticized.
an officially atheist government (the best kind!)
Officially atheist governments have tended to be every bit as brutal as theocratic dictatorships. Secular government is far more desirable. Religious beliefs should be irrelevant to government since they cannot issue a decree that affects the existence or otherwise of any god. Believing something without evidence is not valid grounds for criminal sanctions
Re: (Score:2)
Religious beliefs should be irrelevant to government since they cannot issue a decree that affects the existence or otherwise of any god.
Having just re-read I, Claudius and Claudius the God, I couldn't help but chuckle a bit at this. I'm sure the Roman Senate could have benefited immensely from your sagacity.
Re: (Score:2)
Seriously, wtf is this Western obsession with the Falun Gong?
About fifteen or twenty years ago, some US newspaper columnists were comparing them (somewhat favorably) to the "Society of Righteous and Harmonious Fists". I'm not sure whether this comparison was original, or derived from CCP communiques. In the spirit of "the enemy of my enemy is my friend", FG became somewhat celebrated.
discredit != crackdown (Score:3, Insightful)
Re: (Score:2)
you have fundamentalist athiests in charge of Western media who take every opportunity to attack and discredit any religion
As an atheist, I would really have liked to get the memo that we are now in charge of the Western media. That could have been quite handy for my career.
Re: (Score:2)
You don't criminalize beliefs. If you think they're wrong TALK TO THEM. That's what adults and civilized countries learn.
Re: (Score:2)
Religion in China is allowed as long as it's "approved" by the dictatorship.
Falun Gong = Branch Davidians? That's a rich one. So the FG are stockpiling small arms, explosives and .50 caliber machineguns, and it's an anti-China conspiracy that the Western media and public ignores... right.
You can delude yourself all you want, but the fact of the matter is, in Western countries you have a whole lot more freedom than you do in China. Oh, and you don't fucking get tortured and executed for your religious belief
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
This next sentence is intended to be an insult: you sound like a shil
Re: (Score:2)
Becuase disagreeing with religious nuts, and arguing with them is somehow similar to locking them up, beating them and kicking them out of the country?
Re: (Score:2)
Brillant (Score:2)
Also, that could be very bad news for malware/botnet/spambots programmers/controllers... at least, i hope so.
'English needs braces!' (Score:1)
Chinese {Censor-Beating} Software...
or
{Chinese Censor}-Beating...
were meant. Though one should take no joy in anyone's being beaten, I found myself somewhat warming to the concept of code that beat censors....
('Mental plan!')
Re: (Score:1)
Personally, I'd have been tempted to write "Chinese-Censor-Beating Software", as that implies that the ce
Re: (Score:1, Troll)
Porn (Score:1)
Wolves in sheep's clothing (Score:3, Interesting)
Steve Topletz and Jonathan Logan gave a fascinating talk at the BlackHat Briefings this past July, where among other things they discussed how one Chinese tactic in dealing with privacy groups is to set up their own organizations...a darker kind of astroturfing, if you will...that compete against legitimate privacy-focused groups. They also detailed their analysis of UltraSurf, which revealed some fairly horrifying things. For one, it's not just the code itself that historically has been trojan-esque in nature, but the behavior as well. Once they fired it up, it started probing a multitude of networks, all belonging to either Western governments, the financial sector, or the military. Also, it demonstrated that it was listening in within SSL sessions, as demonstrated by its behavior when browsing within SSL would return an error page (even a custom one, that wouldn't be of the normal size expected for a 404 response, for example). So, I'm not too likely to believe a guy just because he works for NASA; NASA is not an organization that was founded to provide bona fides for security researchers, so it really doesn't add any mantle of credibility for this topic.
Censor-beating software MUST resemble malware (Score:2)
The biggest problem is plausible deniability - if they search your computer and find the software, how do you explain its presence?
There is really only one way to solve this problem: the software must credibly pass as malware. It must have at least some of the traits of malware, and it must be actively used as malware, otherwise it's not credible, and in sufficiently oppressive countries you will likely end in prison for just having it on your machine.
Hold it, hold it... did you get that? (Score:2)
Did you see that little gem hidden in the description? The program is behaving like malware to fool the Great Firewall. Since the goal is bypassing the Great Firewall, does that mean that the Great Firewall is more lenient if it thinks the traffic that is hitting it is generated by malware?
Just thinking...
Re: (Score:2)
Re: (Score:2, Funny)
Re: (Score:2)
*is slapped by a noodly appendage of the flying spaghetti monster*
never mind...
Re: (Score:1)
...drinking the blood and eating the body of a zombie will get you into heaven.
I do not know of anybody that considers that a prerequisite.
Re: (Score:1)
I do not know of anybody that considers that a prerequisite.
It's called the eucharistic rite. Basically, the cult works like this: Eat the body, drink the blood, [redacted], go to heaven. Warning: Some members believe that you have to pour water over them, others believe that submerging them in a lake works, but regardless there other prerequisites besides eating brains and sucking blood. Please visit your priest and see if eating brains is right for you!
Re: (Score:1)
It's called the eucharistic rite.
I am aware of that, though it's usually called Communion among Protestants. Like I said, I don't know anyone that considers it a prerequisite.
Re: (Score:3, Interesting)
That's one way in which Protestants have seemed to make more sense to me. It's just an up or down "Accept Jesus y/n" type choice. No chanting, no strange priesthood.
God, sometimes it just boggles my mind that we still have religion. I'll be playing a fantasy game, or reading
Re: (Score:1)
baptism(not long after birth)
and no communion until......
first holy communion(aged 7)
where after you can eat all the little wafers as much as you like then
confirmation(aged was 11-12)
HOWEVER that how it WAS!..LOL just spoke to a catholic friend and he says that the infallible church of Rome has admitted an error in the ritual order as was
it seems it seems that it should have been baptism ====>confirmation =====> first holy communion!
now where is that fl
Re: (Score:1)
that should have read.....
yups IN catholicism the ORDER is.......
oops
Re: (Score:2)
first holy communion(aged 7) where after you can eat all the little wafers as much as you like then
A child who eats as many wafers as he pleases is not aware of the essential difference between "the bread of the eucharist" and ordinary bread, and is therefore ill equipped to receive communion.
From Quam Singulari (1910) [papalencyclicals.net]
1. The age of discretion, both for Confession and for Holy Communion, is the time when a child begins to reason, that is about the seventh year, more or less. From that time on begins the obligation of fulfilling the precept of both Confession and Communion.
2. A full and perfect knowledge of Christian doctrine is not necessary either for First Confession or for First Communion. Afterwards, however, the child will be obliged to learn gradually the entire Catechism according to his ability.
3. The knowledge of religion which is required in a child in order to be properly prepared to receive First Communion is such that he will understand according to his capacity those Mysteries of faith which are necessary as a means of salvation (necessitate medii) and that he can distinguish between the Bread of the Eucharist and ordinary, material bread, and thus he may receive Holy Communion with a devotion becoming his years....
Re: (Score:2)
If you're going to criticize a religion for being inconsistent, then you might as well get the details right...
Re: (Score:2)
now where is that flying spaghetti monster? i am hungry and got some bolognese sauce.... it's communion time!...LOL
You will also need pirate regalia for that.
On that note... (Score:2)
I'll be playing a fantasy game, or reading a novel, with priests and churches and angels and demons, and it hits me that 90% of America fervently believes stuff that seems cheesy in a video game.
...I'll line-camp for whichever religion is the first to grant me giant swords, the superhuman strength required to wield them, and laws-of-physics-defying agility!
Re: (Score:2)
Re: (Score:3, Interesting)
Tsk, tsk. This is an important cultural and religious phenomenon that you really should be aware of. Know then that John 6:49 goes something like this. Jesus is getting off the "dividing the loaves and fishes" episode and was evacuating across the lake; the crowd followed him anyway and now they're asking him for a miraculous sign so they can believe in him. They suggest the old manna-in-the-desert trick as an example. Many of them may be operating off of the popular "revolutionary messiah" premise, believi
Re: (Score:2)
We getting rather off topic here. Where are the moderator's with troll and off-topics?
China's censor is designed for Chinese who live in China. I see no problem with that unless you are part of a resistance movement who want to attempt a coup against the Chinese government.
Re: (Score:2)
You have a point. To support bypassing the censors is to support Chinese who break their country's laws. Someone who believes that countries should be left alone in governing their people should not support the flouting of its laws. Many here believe, however, that free speech and access to public information are human rights that cannot be justifiably taken by any government from its populace.
Re: (Score:2)
Li Hongzhi slipped Falun Gong into China with US support.
The CPC knows its history
Re:Falun Gong (Score:4, Informative)
It's probably not a cult group, but more resembles a hate group where I see them in Toronto.
They don't seem to practise what they were supposed to believe and preach (which is "Truth, Compassion, Tolerance"). Everyday they set up a booth and spread hate message about the Chinese Communist Party.
Let's put aside our judgement towards CCC itself, which must not be very positive anyway - they way Falun Gong people act just seem to totally contradict "Compassion" and "Tolerance" and it seems more and more like they're preaching "an eye for an eye".
I would not let my children go anywhere near this "religion".
Re:Falun Gong (Score:4, Insightful)
Well pretty much any new religious movement is going to be absolutely insane. It makes sense for a communist government to suppress Falun Gong.. the problem is that they do it by treating practitioners as criminals instead of as victims.
The controversy really doesn't have anything to do with the psychological issues though.. it's that they're imprisoning people, torturing people, and harvesting organs.. not cool for any reason
Re:Falun Gong (Score:4, Informative)
Everyday they set up a booth and spread hate message about the Chinese Communist Party. Let's put aside our judgement towards CCC itself,....
They don't seem to be preaching violent revolution against the chinese communist party, merely saying that it sucks, and people should not support them. So our opinion of the CCC matters quite a bit in how we judge what they say (and lets face it, for the most part, the CCC does suck)...
they way Falun Gong people act just seem to totally contradict "Compassion" and "Tolerance" and it seems more and more like they're preaching "an eye
I would not let my children go anywhere near this "religion".
for an eye".
the CCC quite happily kills and imprisons all those who resist or complain about its rule, and even those it suspects of resisting, or those who merely defend the rights of others to do so. Falun Gong has certainly been on the receiving end of such persecution. If Falun Gong were guilty of "eye for an eye" thinking, they'd be advocating similar actions against the CCC; but as far as I've seen, they're not, not even close. Though they certainly go to great lengths to demonize the CCC (to the extent they can be kinda annoying), every action I've seen Falun Gong advocate has been non-violent, and non-oppressive (mostly calling for individual chinese to disown the communist party).
So really I don't know what you're talking about....
Re: (Score:2)
From the tone of their pitch, I'm sure if they have the mean for violence, they would.
It is the right thing to do to point out what the CCP does wrongly (and there are tons of examples). However, if you skip elaborating things and instead just put up posters and handing out fliers that say "MAY THE HEAVEN DESTROY CCP!!" and unnecessarily exaggerate your message, it would totally contradict their message of "Truth, Tolerance".
The FLG people I see, while they may not be a representative of all FLG practition
Re: (Score:2)
From the tone of their pitch, I'm sure if they have the mean for violence, they would.
Er, your being "sure" isn't enough. If they advocate people (not "heaven") commiting violence against the CC, where?
It is the right thing to do to point out what the CCP does wrongly (and there are tons of examples). However, if you skip elaborating things
They do spend a huge amount of time pointing all the horrid things the CCP does -- in fact, almost all public speech by Falun Gong I've seen consists of reports of that. [In other words, "elaborating things"]
and instead just put up posters and handing out fliers that say "MAY THE HEAVEN DESTROY CCP!!"
That's the equivalent of saying "god damn the CCP" -- it's hyperbole and maybe a bit childish, but it isn't the same thing as advocating violence.
* A hate group is an organized group or movement that advocates physical or verbal aggression toward or refusal to interact with persons on the ...
Oh please; a silly and excessively hand-
Re: (Score:2)
Everyone's view point is by definition subjective and thus "skewed". I repeatedly stated that it's *MY VIEW* that they appear more like a hate group *TO ME*, so I have clearly demonstrated what I'm claiming.
If you cling to the notion that physical violence is a necessity of being a hate group and any other definition is "skewed", then we'll just need to agree to disagree here. For anyone in the GTA, go near Chinatown and see for yourselves and you'll know what I mean by "consumed by hate".
Re: (Score:2)
> To tie peaceful activists to terrorists and genocidaires that would target select ethnic groups, genders, etc to violence out of hatred
A group can be a hate group without violence. CCC sucks, but watching what Falun Gong people does is also very disgusting, because it's quite obvious that the tone of their pitch *is* out of hatred, whether it's violent or not.
I know a lot of group protest with peaceful messages, and annoying passers-by with flyers with a hateful tone written all over it is not one of
Re: (Score:2)
Re: (Score:2)
"They're a nutty cult like Heaven's Gate"
This looks like a Microsoft bashing post to me.....
Re: (Score:2)
So any programming produced during your "spare time" will be claimed by your employer as "work for hire"? I suggest that you renegotiate your employment contracts.
Re: (Score:2)
I know, the contrast with the Operation TIPS thing is fucking hilarious. Ah, Republicans.
Re: (Score:1, Informative)
A) Not everyone complaining about Obama is a conservative.
B) Not everyone complaining about Obama liked Bush.
I hate them both for what they've done to our freedoms.
Re: (Score:3, Informative)
This isn't free software. There is no source available anywhere.
There's a difference between free software and open source software.
Re: (Score:1)