Obama speaks out against censorship and "I #39;m offended by that" culture.
It #39;s now very common to hear people say, #39;I #39;m rather offended by that. #39; As if that gives them certain rights. It #39;s actually nothing more... than a whine. #39;I find that offensive. #39; It has...
By: Red Falcon
Read the original post:
Obama speaks out against censorship and "I'm offended by that" culture. - Video
China has moved beyond censoring Internet content seen by its own citizens to using a new cyberweapon researchers have dubbed"the Great Cannon" to silence critics around the world, according to a report released Friday.
The first use of this capability was a weeks-long attack against Web sites that offer tools to help users evade Chinese censorship.By sending crippling amounts of Web traffic, the attacks attempted to knock offline the anti-censorship site GreatFire aswell as GitHub, a San Francisco-based Web service that is popular with programmers.
"This is very much an escalation," said Bill Marczak, one of the authors of the report by the Citizen Lab at the University of Toronto's Munk School of Global Affairs. While China long has used the Great Firewall - as its censorship system is called- to block users within the country from accessing news stories or other information it deems inappropriate, the recent attackreached beyond international borders and effectively blocked a wide range of content for Web users around the world.
China took control of millions of Web browsers and used them to send a flood of traffic to GreatFire, according to an earlier report from the non-profit, and later to GitHub.
But the type of assault used against the sites, known as a distributed denial of service attack or DDoS, represents only a small fraction of the possible uses of this tool, according to the Citizen Lab. The Great Cannon likely could also be used to deliver malicious code to any computer visiting a Web site based in China that does not use encryption to protect the privacyof its users.
China has become more brazen about attempting to block what its citizens see online under President Xi Jinping, who is tryingto promote domestic stability, according to Center for Strategic and International Studies senior fellow James A. Lewis. "Gettingcontrol over the Internet and information is a big priority for the Chinese - they're going after things they used to tolerate,and you're seeing a general clampdown," he said.
The recent attacks against GreatFire and GitHub appear to show that the country is willing to put ideological control over other goals such as the economic success of its tech sector, which could be damaged by censorship efforts, said Sarah McKune,another of the report authors.
The U.S. government has expressed concern about the recent attacks. "Malicious cyber actors who target critical infrastructure,U.S. companies, and U.S. consumers are a threat to the national security and the economy of the United States, and we areparticularly concerned about activity that is intended to restrict the ability of users around the world to access information,"State Department spokesman Alec Gerlach said in a statement.
"In this case, the attackers appeared to have leveraged Internet infrastructure located in China to overwhelm Web sites in the United States," Gerlach said. U.S. officials have asked China to investigate the incidents, he said.
The Chinese Embassy did not directly respond to questions about the Citizen Lab report or the attacks on GreatFire and GitHub.China supports the development of "Internet news communications" and "at the same time guarantees the citizens' freedom ofspeech," Embassy spokesman Zhu Haiquan said in a statement.
Here is the original post:
China deploys new weapon for online censorship in form of Great Cannon
China is deploying a tool that can be used to launch huge distributed denial-of-service (DDoS) attacks to enforce censorship. Researchers have dubbed it the Great Cannon.
The first time the tool was seen in action was during the massive DDoS attacks that hit software development platform GitHub last month. The attack sent large amounts of traffic to the site, targeting Chinese anti-censorship projects hosted there. It was the largest attack the site has endured in its history.
That attack was first thought to have been orchestrated using Chinas Great Firewall, a sophisticated ring of networking equipment and filtering software used by the government to exert strict control over Internet access in the country. The firewall is used to block sites like Facebook and Twitter as well as several media outlets.
However, while the Great Cannon infrastructure is co-located with the Great Firewall, it is a separate, offensive system, with different capabilities and design, said researchers at the University of California, Berkeley, and the University of Toronto on Friday.
The Great Cannon is not simply an extension of the Great Firewall, but rather a distinct tool that hijacks traffic to individual IP addresses, and can arbitrarily replace unencrypted content by sitting between the Web server and end usera method known as a man-in-the-middle attack. The system is used to manipulate the traffic of systems outside of China, silently programming browsers to create a massive DDoS attack, the researchers said.
The attack method deployed against Github injected malicious Javascript into browsers connecting to the Chinese search engine Baidu. When the Great Cannon sees a request for certain Javascript files on one of Baidus infrastructure servers that host commonly used analytics, social, or advertising scripts, it appears to take one of two actions. It either passes the request to Baidus servers, which has happened over 98 percent of the time, or it drops the request before it reaches Baidu and instead sends a malicious script back to the requesting user, which has happened about 1.75 percent of the time, the report said.
In the latter case, the requesting user would be an individual outside China browsing a website making use of a Baidu infrastructure server, such as sites with ads served by Baidus ad network. In the DDos attack against GitHub, the malicious script was used to enlist the requesting user as an unwitting participant, the report said.
These findings are in line with an analysis by the Electronic Frontier Foundation (EFF) that described the attack method used last week. According to the EFF, the attack was obviously orchestrated by people who had access to backbone routers in China and was only possible because the Baidu analytics script that is included on sites does not use encryption by default. A wider use of HTTPS could have prevented the attack, it found.
The Berkeley and Toronto researchers confirmed the suspicions about the origin of the attack, saying they believe there is compelling evidence that the Chinese government operates the cannon. They tested two international Internet links into China belonging to two different Chinese ISPs, and found that in both cases the Great Cannon was co-located with the Great Firewall. This strongly suggests a government actor, they said.
While DDoS attacks are quite crude, the Great Cannon can also be used in more sophisticated ways. A technically simple configuration change, switching the system to operating on traffic from a specific IP address rather than to a specific address, would allow Beijing to deliver malware to any computer outside of China that communicates with any Chinese server not employing cryptographic protections, they said.
More here:
China's 'Great Cannon' DDoS tool enforces Internet censorship
17 hours ago by Rob Lever China has expanded its Internet censorship efforts beyond its borders with a new strategy that attacks websites across the globe, researchers say
China has expanded its Internet censorship efforts beyond its borders with a new strategy that attacks websites across the globe, researchers said Friday.
The new strategy, dubbed "Great Cannon," seeks to shut down websites and services aimed at helping the Chinese circumvent the "Great Firewall," according to a report by the Citizen Lab at the University of Toronto.
"While the attack infrastructure is co-located with the Great Firewall, the attack was carried out by a separate offensive system, with different capabilities and design, that we term the 'Great Cannon,'" the report said.
"The Great Cannon is not simply an extension of the Great Firewall, but a distinct attack tool that hijacks traffic to (or presumably from) individual IP addresses."
The report supports claims by the activist organization GreatFire, which last month claimed China was seeking to shut down its websites that offer "mirrored" content from blocked websites like those of the New York Times and others.
The technique involves hijacking Internet traffic to the big Chinese search engine Baidu and using that in "denial of service" attacks which flood a website in an effort to knock it offline.
The report authors said the new tool represents "a significant escalation in state-level information control" by using "an attack tool to enforce censorship by weaponizing users."
The Great Cannon manipulates the traffic of "bystander" systems including "any foreign computer that communicates with any China-based website not fully utilizing (encryption)."
'Puzzling' openness
Link:
'Great Cannon' is widening China censorship, say researchers (Update)