Join Now Recruiting Volunteer
  Forum FAQForum FAQ   SearchSearch   PreferencesPreferences  Watched TopicsWatched Topics  Watched ForumsWatched Forums
Log in to check your private messages Log in to check your private messages    Log inLog in   Ignored Users

Chinese Internet Surveillance. The Golden Sheild Project.

 Tags : property, business, travel, technology, nightlife, events, food, food, expat_services
Shanghai Expat Forum Index » Hot Topics Forums »  Technology Issues
Post new topic   Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
Author Message
KalanStarOffline
Reacher
Reacher


Joined: Oct 06, 2009
Posts: 238
Location: Shanghai
Status: Offline
Post 11Posted: Nov 07, 2009 - 12:08 PM  Reply with quote  Back to top
Post subject: Chinese Internet Surveillance. The Golden Sheild Project.
Copied this info from the OpenNet Initiative web page: http://opennet.net/ I thought some people might find it interesting.

The government has continued to refine Internet surveillance mechanisms to closely track individuals’ online activities.147 In November 2006 the Ministry of Public Security announced the completion of the essential tasks of constructing the first stage of its “Golden Shield” project, which is a digital national surveillance network with almost complete coverage across public security units nationwide.148 Despite the vagueness of public pronouncements on the implementation of the Golden Shield, the surveillance efforts of local governments, as well as organizations delegated responsibility for surveillance such as schools and ICPs, are clearly becoming more sophisticated. Since 2006, local governments have been developing “Safe City” surveillance and communications networks that connect police stations, through IP video surveillance, security cameras and back-end data management facilities, to specific locations including Internet cafés, financial centers, and entertainment areas.149 Private firms known as “censorship entrepreneurs” have also jumped into the fray, providing advanced text mining solutions to enable censors to monitor, forecast and “manage” online public opinion, thereby avoiding scandalous and damaging revelations such as the Internet post in June 2007 that exposed how children were kidnapped and forced into slave labor at illegal brick kilns in Shanxi province.150 One company featured by international media, TRS Information Technology, claims to be the “leading search and content management technology and software provider in China,” serving over 90 percent of the State Council ministries, 50 percent of newspaper press groups, and 300 universities and colleges.151 Although TRS disclosed that its high-end surveillance systems had been generally adopted by police – specifically that the company had installed data-mining systems at eight Shanghai police stations so that one Internet police officer could now do the work of ten – TRS does not list the Ministry of Public Security as one of its “famous customers.”152

Chinese law offers few viable protections for individual privacy, although clauses in most Internet laws and regulations do technically provide for the confidentiality of user information. The exceptions, however, are more important. For example, regulations on the management of e-mail services provide that e-mail service providers are duty-bound to keep personal information and e-mail addresses of users confidential, and may not disclose them except with user consent or when authorized for national security reasons or criminal investigations according to procedures stipulated by law.153 When required by law for reasons involving national security and in criminal investigations, most Internet regulations allow for disclosure of user information. However, they typically fail to specify what formal procedures are required or what evidentiary standards must be met for the disclosure of information. In practice, as has been demonstrated in a number of cases,154 all ISPs and ICPs must not only capitulate to Chinese government demands for censoring content, but are also required to assist the government in monitoring Internet users and recording their online activities. Requests to turn over personal data are often informal or provide little detail, and providers have no discretion to refuse turning over information to public security officials.155

Real-name registration
Registration requirements are often the first step to monitoring citizens’ online activities. Although this rule is not enforced, new subscribers to ISPs have been expected to register with their local police bureaus since 1996.156 In March 2005, as part of a CCP campaign to exercise tighter control over culture, education and media, all university BBS’ were ordered to block off-campus users and require users to re-register with their personal identifying information when going online, eliminating online anonymity.157 The city of Hangzhou was slated to become the first in China to require real-name web registration for users to participate in local chat rooms or online forums, but these regulations were put on hold in May 2009.158 The momentum for real-name systems might be stronger with cell phones, however. In January 2009, Beijing Mobile announced that it would begin requiring customers to show identification when purchasing its Easyown pre-paid SIM cards (which amount to 70 percent of the customers on China Mobile, the nation’s largest carrier) and limit purchases to three per person.159

Data retention
ISPs and ICPs in China must fulfill data retention obligations. ISPs are required to record important data (such as identification, URLs visited, length of visit, and activities) about all of their users for at least sixty days and to ensure that no illegal content is being hosted on their servers.160 While 78 percent of users in China connect from home, 42 percent of users also use Internet cafés as a main access location.161 However, since 2002, Internet access through Internet cafés has heavily been regulated: all cafés are required to install filtering software, ban minors from entering, monitor the activities of their users, and record every user's identity and complete session logs for up to sixty days.162 In many cities, they are also connected by live video feed to local police stations. The providers of electronic bulletin services, including bulletin board services, online discussion forums, chat rooms, et cetera are required to monitor the contents of information released in their service system, time of release, URL or domain name, and keep it for sixty days.163

Owned by Tencent, QQ is China’s most popular instant messenger, and this service was found to have installed a keyword blocking program in their client software to monitor and record users’ online communication, offering it to the police if required.164

Filtering and surveillance are often complementary processes, especially when ISPs and ICPs that are liable for the activities of their users delegate human monitors to monitor and flag content for further review or deletion. Online communications via e-mail and instant messaging (such as QQ and Skype) are also examined and monitored by government.165 In October 2008, a joint report by the Information Warfare Monitor and ONI Asia provided a chilling example of the possibilities for surveillance conducted by non-state actors on a massive scale.166 TOM-Skype, the Chinese-marketed version of the chat and texting software Skype, kept over a million user records in seven types of log files, including IP addresses, usernames, and time and date stamps in all the log files that could be decrypted. All of these log files, along with the information required to decrypt these log ?les, were kept on publicly-accessible servers. For call information logs dating from August 2007, the username and phone number of the recipient was also logged, while content filter logs dating from August 2008 also contained full texts of chat messages (which themselves contained sensitive information such as e-mail addresses, passwords, and bank card numbers). Of the eight TOM-Skype surveillance servers traced by researcher Nart Villeneuve, one server hosted a special version designed for use in Internet cafés and contained log files and the censored keyword list, while another contained logs for TOM Online’s wireless services.

The TOM-Skype surveillance system was triggered when a TOM-Skype user sent or received messages containing a banned keyword listed in a keyfile, and those messages are then stored in log files on a TOM-Skype server. Within the content of these messages stored in the file logs, when filtered out to eliminate English language obscenities, almost 16 percent contain the word ‘communist,’ 7 percent the word ‘falun,’ and 2.5 percent contained ‘Taiwan independence.’ However, the logged messages also made reference to other content outside the range of these long-sensitive topics, such as earthquake and milk powder.167

Furthermore, the data also contained personal information of Skype users that interacted with TOM-Skype users. Users who attempt to access www.skype.com from China are redirected to skype.tom.com. While Skype claimed that TOM fixed the security breaches within twenty-four hours of the report’s publication,168 the report issued a warning for “groups engaging in political activism or promoting the use of censorship circumvention technology accessed through services provided by companies that have compromised on human rights.” From the information contained in the log files, it would be possible to conduct politically motivated surveillance by using simple social networking tools to identify the relationships between users.

Like all other ICPs, most bulletin boards and chat rooms assign personnel to monitor the content of messages.169 Messages submitted by users are censored by human censors and filtering systems before appearing online.170 In order to enhance the surveillance on bulletin board systems, since 2005, the users of campus bulletin boards have been mandated to re-register with their real identifying information before posting messages online.171

In recent years, serious concerns have been raised about the ability of the Chinese government to spy on the country’s 624 million cell phone subscribers: in 2008, one Chinese state-run cell phone company revealed that it had unlimited access to the personal data of their customers and hands the date over to Chinese security officials upon request.172 Since 2004, the Chinese government has been drafting legislation to regulate personal mobile phone communication, which would require all cell phone subscribers to register for mobile phone service with their real name and identification card.173 In addition, Chinese police have installed filtering and surveillance systems for mobile and short message service providers to block and monitor “harmful” short message communications.174 Anyone who distributes “harmful” message or rumors via short message service of mobile phones can be arrested and convicted.175

# 147. Forbes, “Who will be watching you in Beijing?” http://www.forbes.com/travel/2008/07/08/olympics-security-privacy-forb es..., July 08, 2008.
# 148. Ministry of Public Security, “National Development and Reform Commission issues national approval for the ‘Golden Shield’ construction project at management conference,” (guojia fazgaiwei zhuchi zhaokai dahui tongguo “jindun gongcheng” jianshe xiangmu guojia yanshou) ?????????????“????”????????), November 17, 2006, http://www.mps.gov.cn/cenweb/brjlCenweb/jsp/common/article.jsp?infoid= AB.... See Greg Walton, China's Golden Shield: Corporations and the Development of Surveillance Technology in the People's Republic of China, a Rights and Democracy Report, October 2001, http://www.ichrdd.ca/english/commdoc/publications/globalization/golden Sh....
# 149. “Safe-City Project Home For New Chinese IP Video Surveillance Technology,” China Tech News, March 11, 2008, http://www.chinatechnews.com/2008/03/11/6475-safe-city-project-home-fo r-... “China Security & Surveillance Announces Additional Safe City Project Win in Yinchuan City,” Reutuers, June 30, 2008, http://www.reuters.com/article/pressRelease/idUS125704+30-Jun-2008+PRN 20....
# 150. Kathrin Hille, “China bolsters internet censors' scrutiny,” Financial Times, January 5 2009, http://www.ft.com/cms/s/0/f858f9aa-dac8-11dd-8c28-000077b07658,dwp_uui d=....
# 151. TRS Information Technology, http://www.trs.com.cn/en/TRS/about/.
# 152. TRS Information Technology, http://www.trs.com.cn/en/TRS/about/.
# 153. Article 3, Measures for the Management of Email Services (huliangwang dianzi youjian fuwu guanli banfa), issued by the Ministry of Information Industry on November 7, 2005, effective March 30, 2006.
# 154. Chinese cyber-dissidents and activists, such as the journalist Shi Tao, have been convicted in part because of some email service providers’ disclosure of their users’ personal information to the Chinese police. Reporters Without Borders, Press Release, “Cyber-dissident convicted on Yahoo! information is freed after four years,” November 9, 2006, http://www.rsf.org/article.php3?id_article=8453. See also Human Rights in China Case Highlight, Shi Tao and Yahoo, at http://hrichina.org/public/highlight/index.html.
# 155. See Dui Hua News Blog, “Police Document Sheds Additional Light on Shi Tao Case,” July 25, 2007,
http://www.duihua.org/2007/07/police-document-sheds-additional-light.h tm....
# 156. Human Rights Watch Backgrounder, Freedom of Expression and the Internet in China, http://www.hrw.org/backgrounder/asia/china-bck-0701.htm; Alfred Hermida, “Behind China's Internet red firewall,” BBC News Online, September 3, 2002, http://news.bbc.co.uk/1/low/technology/2234154.stm.
# 157. Washington Post, “Chinese Crack Down On Student Web Sites”, March 24, 2005, http://www.washingtonpost.com/ac2/wp-dyn/A61334-2005Mar23?language=pri nt....
# 158. Xinhua News Agency, “Internet real-name registration system: Why so difficult to implement? An Investigation into the implementation of the Hangzhou Regulations for Network Security Protection,” May 19, 2009, http://news.xinhuanet.com/newscenter/2009-05/19/content_11399392.htm; David Bandurski, “Xinhua: Hangzhou’s “real-name Web registration system” is “on the shelf”,” China Media Project, May 20, 2009, http://cmp.hku.hk/2009/05/20/1632/.
# 159. “Beijing Mobile’s Plan for Real Name Registration for Easyown Cell Phone Numbers,” China Digital Times, http://chinadigitaltimes.net/2008/01/beijing-mobiles-plan-for-real-nam e-....
# 160. Article 14, Measures for Managing Internet Information Services (Hulianwang xinxi fuwu guanli banfa), issued by the State Council on September 25, 2000, effective October 1, 2000.
# 161. China Internet Network Information Center, “Twenty-third Statistical Survey Report on the Internet Development in China,” issued March 23, 2009, p. 27 (Chinese version).
# 162. Articles 19, 21, 23, Regulations on the Administration of Business Sites Providing Internet Services (Hulianwang shangwang fuwu guanye changsuo guanli tiaolie), issued by the State Council on September 29, 2002, effective November 15, 2002.
# 163. Article 14, Rules on the Management of Internet Electronic Bulletin Services (Hulianwang dianzi gonggao fuwu guanli guiding), issued by the Ministry of Information Industry on October 7, 2000, effective.
# 164. Chinese Human Rights Defender, “How does government monitor our online communication?” (Zhengfu Ruhe Jiankong Women De Dianzi Wangluo Tongxu), http://crd-net.org/Article/Class1/200803/20080324093843_8168.html.
# 165. Chinese Human Rights Defender, “How does government monitor our online communication?” (Zhengfu Ruhe Jiankong Women De Dianzi Wangluo Tongxu), http://crd-net.org/Article/Class1/200803/20080324093843_8168.html.
# 166. Nart Villeneuve, BREACHING TRUST: An analysis of surveillance and security practices on China’s TOM-Skype platform, Information Warfare Monitor and ONI Asia Joint Report, October 1, 2008, http://www.infowar-monitor.net/breachingtrust/.
# 167. John Markoff, “Surveillance of Skype Messages Found in China,” The New York Times, October 1, 2008, http://www.nytimes.com/2008/10/02/technology/internet/02skype.html?pag ew....
# 168. Sky Canaves, “Skype Responds to China Surveillance Report,” The Wall Street Journal Blogs-China Journal, October 2, 2008, http://blogs.wsj.com/chinajournal/2008/10/02/skype-response-on-china-s ur....
# 169. Sumner Lemon, “China tightens surveillance of Internet forums,” The Standard, March, 2005, http://archive.thestandard.com/internetnews/002807.php.
# 170. Reporters Without Borders, “Living dangerously on the Net,” May, 2003, http://www.rsf.org/article.php3?id_article=6793.
# 171. Washington Post, “Chinese crack down on student web sites”, March 24, 2005, http://www.washingtonpost.com/ac2/wp-dyn/A61334-2005Mar23?language=pri nt....
# 172. Australia Broadcasting Corporation, “China's mobile network: a big brother surveillance tool?,” January 28, 2008, http://www.abc.net.au/news/stories/2008/01/28/2147712.htm.
# 173. China Business Daily, “Regulation on the Management of Short Message Service will soon come into being,” (Tongxin Duanxiaoxi Fuwu Guanli Guiding Jijiang Chutai), March 27, 2008, http://www.txxxb.com/news/article.php?id=7544; Australia Broadcasting Corporation, “China's mobile network: a big brother surveillance tool?,” Jan 28, 2008, http://www.abc.net.au/news/stories/2008/01/28/2147712.htm; Also see Chinese Human Rights Defenders, “How does government monitor our online communication?” (Zhengfu Ruhe Jiankong Women De Dianzi Wangluo Tongxu), http://crd-net.org/Article/Class1/200803/20080324093843_8168.html.
# 174. China Business Daily, “Regulation on the Management of Short Message Service will soon come into being,” (Tongxin Duanxiaoxi Fuwu Guanli Guiding Jijiang Chutai), March 27, 2008, http://www.txxxb.com/news/article.php?id=7544; Australia Broadcasting Corporation, “China's mobile network: a big brother surveillance tool?,” Jan 28, 2008, http://www.abc.net.au/news/stories/2008/01/28/2147712.htm; Also see Chinese Human Rights Defenders, “How does government monitor our online communication?” (Zhengfu Ruhe Jiankong Women De Dianzi Wangluo Tongxu), http://crd-net.org/Article/Class1/200803/20080324093843_8168.html.
# 175. China Business Daily, “Regulation on the Management of Short Message Service will soon come into being,” (Tongxin Duanxiaoxi Fuwu Guanli Guiding Jijiang Chutai), March 27, 2008, http://www.txxxb.com/news/article.php?id=7544; Australia Broadcasting Corporation, “China's mobile network: a big brother surveillance tool?,” Jan 28, 2008, http://www.abc.net.au/news/stories/2008/01/28/2147712.htm; Also see Chinese Human Rights Defenders, “How does government monitor our online communication?” (Zhengfu Ruhe Jiankong Women De Dianzi Wangluo Tongxu), http://crd-net.org/Article/Class1/200803/20080324093843_8168.html.

_________________
Image
View user's profile
KalanStarOffline
Reacher
Reacher


Joined: Oct 06, 2009
Posts: 238
Location: Shanghai
Status: Offline
Post  Posted: Nov 07, 2009 - 12:18 PM  Reply with quote  Back to top
This is how the system operates:

The ‘great firewall of China’ uses a variety of overlapping techniques for blocking content containing a wide range of material considered politically sensitive by the Chinese government. While China employs filtering techniques used by many other countries, including DNS (domain name system) tampering and IP (internet protocol) blocking, it is unique in the world for its system of Internet connections when triggered by a list of banned keywords. Known as a TCP reset, this content filtering by keyword targets content regardless of where it is hosted.

TCP reset filtering is based on inspecting the content of IP packets for keywords that would trigger blocking, either in the header or the content of the message. When a router in the Great Firewall identifies a bad keyword, it sends reset packets to both the source and destination IP addresses in the packet, breaking the connection.

China employs targeted yet extensive filtering of information that could have a potential impact on the Party’s control over social stability, and is therefore predominantly focused on Chinese-language content relating to China-specific issues. For the government, information constituting a threat to public order extends well beyond well-publicized sensitive topics, such as the June 1989 military crackdown, the t¡betan rights movement, and the fah1on g0ng spiritual organization (all of which are methodically blocked), and includes independent media and dissenting voices, as well as content on human rights, political reform, sovereignty issues, and circumvention tools.

_________________
Image
View user's profile
Display posts from previous:     
Jump to:  
All times are GMT + 8 Hours
Post new topic   Reply to topic
View previous topic Printable version Log in to check your private messages View next topic
 Shanghai Expat Forum Index » Hot Topics Forums »  Technology Issues
Powered by MDForum 2.0.7© 2003-2007 MAXdev Team
Credits

Welcome Guest

Username
Password
Remember me
Register Here!
Join the Shanghai Expat News in the Mail
Email:

Latest Newsletters
Events in Shanghai
November 17, 2009

Members
October 27, 2009

Discounts
October 29, 2009

Web ShanghaiExpat

Welcome Guest
Join Us!

Register, it's free!
 Create an account
Members: Online
Members: Members:62
Guests: Guests:672
Total: Total:734

    Home    Sitemap    Terms of Service    Privacy Policy     Contact Us    Advertising 

All logos and trademarks on this site are property of their respective owner. The comments and forum posts are property of their posters, all the rest copyright 1999-2008 by Max Intermedia LTD.

Powered by MD-Pro