All the latest UK technology news, reviews and analysis


Swedish researchers uncover key to China's Tor-blocking system

03 Apr 2012
Great Wall of China

Swedish researchers have discovered that Chinese officials have updated the country's 'Great Firewall' to make it harder for citizens to use the Tor network that provides a means of surfing the web anonymously.

It has been long-known that the 'Great Firewall Wall of China' has attempted to block citizens from using the Tor network, by blocking access to some IP addresses or using HTTP header filters to weed out suspect traffic.

But Philipp Winter and Stefan Lindskog of Karlstad University in Sweden have discovered that Chinese authorities have recently increased the sophistication of their filtering tools, making it more difficult for citizens to browse the web freely, by blocking so-called Tor bridges.

Tor bridges serve as entry points to the Tor network – if these are unreachable, a user cannot access the Tor network. While many of these bridges were once published, making it relatively simple to block, users had started to use unpublished bridges.

Last December, Tim Wilde, of security group, Team Cymru, used virtual proxy servers in China to establish that these unpublished bridges were being blocked.

The Karlstad researchers have now established how that blocking is being done and suggested ways in which it may be circumvented.

They discovered that the firewall searches internet traffic that indicate a network connection as Tor and initiate a scan of the host. This scan effectively attempts to “speak Tor” to the host and if successful, the bridge is blocked.

"The scanners are mostly random IP addresses originating from address pools of ISPs. Therefore it is very hard for a bridge to differentiate between a legitimate user from China and a scanner," Winter told V3.

Tor fingerprinting and active scanning is effective for the firewall because Tor traffic can be distinguished from other forms of traffic, allowing the Chinese authorities to block Tor networks, the researchers said.

“Since Tor is being used more and more as censorship circumvention tool, it is crucial that this distinguishability is minimised,” added Winter.

Tools such as "obfsproxy" can help defeat the Great Firewall, he added. This obfuscates the Tor traffic between the user and the bridge, making it appear as Skype traffic, for example.

"Unfortunately, China is blocking the few publicly available obfsproxy bridges at the moment but non-public obfsproxy bridges work," said Winter.

The researchers were able to show that by using so-called packet fragmentation tools, which split TCP streams in to small segments, it is possible to disguise Tor traffic, making it harder to detect.

While Tor networks are commonly associated with hackers and groups such as Anonymous where internet users aim to mask their identity, the network has played a crucial role in promoting online freedoms in many countries.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
More on Internet
What do you think?
blog comments powered by Disqus
Poll

IT curriculum poll

With coding now compulsory in schools, how important are digital skills for the next generation of school leavers?
0%
20%
40%
40%

Popular Threads

Powered by Disqus
Galaxy S5 vs Galaxy Note 3 video review

Galaxy S5 vs Note 3 video review

We see how Samsung's latest flagship compares to its premier phablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Senior Automation Test Analyst, Leeds

The Opportunity Our client is a hugely successful...

Front-Office Developer (C#, .NET, Java,Artificial Intelligence)

Front-Office Developer (C#, .NET, Java, Artificial Intelligence...

Head of IT Projects

Head of IT Projects Annual Salary: Up to £48,153...

Assistant IT Director

Assistant IT Director Annual Salary: Up to £74,954...
To send to more than one email address, simply separate each address with a comma.