brimstoneSalad wrote: ↑
Wed Aug 14, 2019 12:06 am
teo123 wrote: ↑
Fri Aug 02, 2019 3:23 am
Doesn't it seem to you by orders of magnitude more likely that NSA knows which programs the US citizens have on their mobile phones
My perception of the U.S. government is general incompetence and partisan drama that prevents much from being done. Very different from China. You may have a different perception.
I don't think China has been trying very hard to stop even simple proxies. They care more about dissidents than people viewing porn. Speculation: Perhaps they allow this obvious and non-encrypted traffic to blocked sites through simple proxies to provide a false sense of security for dissidents, so that they can still track them if necessary. Also, it's easier to implement.
Anyway, this is all wild speculation at this point, so I'll leave it at that. Interesting conversation.
As far as I understand, Chinese Internet censorship is there primarily so that Tecnet and Baidu have more users for their services. They want to limit the efectiveness of Viber, WhatsApp, FaceBook messenger and so on, so that Tecnet's WeChat has more users, and therefore more revenue. And if it doesn't make it more and more difficult over time for proxy servers and similar stuff to be used to use Viber, WhatsApp and FaceBook, those apps are going to start using proxy servers by default (like Telegram did in Russia). It's basically the same nonsense anti-globalization beliefs Donald Trump preaches, and which Croatian economics textbooks teach, just put in action.
Does China do that to spy on its citizens? Well, I seriously doubt it. While WeChat doesn't implement proper end-to-end encryption, it's important to note that Viber and WhatsApp, in most cases, don't either (yet they make the user think they do). Also, any such modern app is way more secure than SMS is. It's possible for a modern computer to decypher an SMS just by intercepting it in the air, without knowing the key. To feasibly decypher a WeChat message, one needs to know the key stored on the Tecnet's server, and the same goes, unless the end-to-end encryption is activated (and it's possible only if the users happen to have the same version of the app, and some other conditions need to be met), for Viber and WhatsApp. So, if the Chinese government wants it to be easy to spy on the messages of its citizens, why doesn't it force people to use SMS?
Implementing a proper end-to-end encryption might, as far as I understand, even make things worse, because there are other problems to be solved. First, nobody would be able to read the old messages if the mobile phone is broken and the user gets a new one. Second, there is a problem with identification here. How can you know the mobile phone you have established an end-to-end encryption to is the mobile phone you think it is? You can't use HTTPS certificates on millions of mobile phones. Sending an SMS with a code every time a connection is established really isn't a solution either.
The way to actually ensure nobody except the person you want can read your messages is to use something like Firefox Send, where the files are cyphered by an open-source program on your computer in a way that the server the file is uploaded to can't decypher it. It's inconvenient because you need to send the secret key to that person by some other means, and because the file gets deleted as soon as it's downloaded, but that's the price of security.
Does the Chinese government believe it prevents political dissidents and criminals? Well, it probably does, but I am certain that's wrong. Look, criminals don't care about speed and convenience. They are going to use TOR, or some even more secure and less convenient tool. And banning people from social networks for expressing unacceptable opinions is simply pushing those people into darker corners of the Internet where they don't hear counter-arguments.
Chinese government, wanting it to be possible for their informatic firms to operate, doesn't want to do collateral damage. That's why it hasn't blocked GitHub, despite it not banning people for expressing politically incorrect opinions, because its firms are relying on it. And that's why it blocks TOR relays (if you try to send some data to an IP of a publicly known TOR relay, there is no other explanation for that than that you are connecting to TOR), TOR bridges using flawed protocols (obfs3 is easy to detect by your server establishing a connection to it, and FTE is, if you know what to look for, even easier to detect than unmasked TOR traffic), but it doesn't block suspected obfs4 bridges (since it's hard to confirm that it's actually a TOR bridge, and blocking all suspected obfs4 bridges would interfere with all connections in unknown protocols) or meek bridges (since it's hard to reliably distinguish between somebody using the business-critical services hosted on Microsoft Azure and somebody using meek-azure, and you can't really do much with meek since it's slow and adds a lot of bandwidth).
One of the things that have really struck me while studying Chinese Internet is that Baidu Baike has quite a long article about the Great Leap Forward Famine and a relatively long article about TOR, while Zhihu even contains instructions
on how to set up TOR. It makes me wonder if the Chinese government actually cares about restricting freedom of speech.