China’s recent upgrades to its content-blocking Great Firewall can be circumvented, according to the censorship fighters of the Great Firewall Report.
Members of the group last year published a paper [PDF] detailing how China had improved the firewall to detect the use of Shadowsocks, a tool for using SOCKS5 proxies outside the Middle Kingdom to avoid the nation’s internet blockades.
SOCKS5 is an IETF-approved protocol that can flow all sorts of network traffic through a proxy, not just regular HTTP.
Shadowsocks is an open-source tool that creates an encrypted SSH-like tunnel through the Great Firewall to compatible SOCKS5 proxy servers on the outside, and routes your connections through this gap to a proxy and out the wider internet. It’s designed specifically to ensure this encrypted traffic is difficult to detect and does not arouse suspicion.
That allows you to, in theory, browse the sites and services you want without the Great Firewall snooping on your activity and severing connections if you’re looking at forbidden stuff.
The Great Firewall Report team reckons Beijing is on top of this, and in 2019 tuned its national filter to detect Shadowsocks, using traffic analysis and network probing, and block its users.
US Department of Homeland Security warns American business not to use Chinese tech or let data behind the Great Firewall
The report’s authors now say recent versions of Shadowsocks – from 3.3.1 and up – are awake to China’s attempts to poke holes in users’ SOCKS and will allow netizens to sneak through the firewall undetected.
It’s not that easy, of course. The authors offer a long list of precautions that need to be taken to do this right, plus a procedure advising exactly how to build a suitable Shadowsocks-compatible proxy server.
The Great Firewall Report publishes its advice widely, which means that China’s national network administrators will already be aware of how their content-crimping efforts can be circumvented.
Game on. ®