Open main menu

Wikipedia β

The Golden Shield Project (Chinese: 金盾工程; pinyin: jīndùn gōngchéng), also named National Public Security Work Informational Project (Chinese: 全国公安工作信息化工程), is the Chinese nationwide network-security fundamental constructional project by the e-government of the People's Republic of China. This project includes security management information system (治安管理信息系统), criminal information system (刑事案件信息系统), exit and entry administration information system (出入境管理信息系统), supervisor information system (监管人员信息系统) and traffic management information system (交通管理信息系统), etc.[1]

The Golden Shield Project is one of the 12 important "golden" projects. The other "golden" projects are: Golden Bridges (金桥, for public economic information), Golden Customs (金关, for foreign trades), Golden Card (金卡, for electronic currencies), Golden Finance (金财, for financial management), Golden Agriculture (金农, for agricultural information), Golden Taxation (金税, for taxation), Golden Water (金水, for water conservancy information), Golden Quality (金质, for quality supervision), etc.[2]

The Golden Shield Project also manages the Bureau of Public Information and Network Security Supervision (公共信息网络安全监察局, or 网监局 for short), which is a bureau that is widely believed, though not officially claimed, to operate a subproject called the Great Firewall of China[3] (GFW, Chinese: 防火长城; pinyin: fánghuǒ chángchéng), which is a censorship and surveillance project that blocks politically inconvenient incoming data from foreign countries. It is operated by the Ministry of Public Security (MPS) of the government of China. This subproject was initiated in 1998 and began operations in November 2003.[4] It has also seemingly been used to attack international web sites using Man-on-the-side DDoS, for example GitHub on 2015/03/28.[5]

Contents

HistoryEdit

The political and ideological background of the Golden Shield Project is considered to be one of Deng Xiaoping’s favorite sayings in the early 1980s: "If you open the window for fresh air, you have to expect some flies to blow in." (Chinese: 打开窗户,新鲜空气和苍蝇就会一起进来。; pinyin: Dǎkāi chuānghù, xīnxiān kōngqì hé cāngying jiù huì yìqǐ jìnlái.[nb 1]) The saying is related to a period of the economic reform of China that became known as the "socialist market economy". Superseding the political ideologies of the Cultural Revolution, the reform led China towards a market economy and opened up the market for foreign investors. Nonetheless, despite the economic freedom, values and political ideas of the Communist Party of China have had to be protected by "swatting flies" of other unwanted ideologies.[6]

The Internet in China arrived in 1994,[7] as the inevitable consequence of and supporting tool for the "socialist market economy". Gradually, while Internet availability has been increasing, the Internet has become a common communication platform and tool for trading information.

The Ministry of Public Security took initial steps to control Internet use in 1997, when it issued comprehensive regulations governing its use. The key sections, Articles 4-6, are:

Individuals are prohibited from using the Internet to: harm national security; disclose state secrets; or injure the interests of the state or society. Users are prohibited from using the Internet to create, replicate, retrieve, or transmit information that incites resistance to the PRC Constitution, laws, or administrative regulations; promotes the overthrow of the government or socialist system; undermines national unification; distorts the truth, spreads rumors, or destroys social order; or provides sexually suggestive material or encourages gambling, violence, or murder. Users are prohibited from engaging in activities that harm the security of computer information networks and from using networks or changing network resources without prior approval.[8]

In 1998, the Communist Party of China feared that the China Democracy Party (CDP) would breed a powerful new network that the party elites might not be able to control.[9] The CDP was immediately banned, followed by arrests and imprisonment.[10] That same year, the Golden Shield project was started. The first part of the project lasted eight years and was completed in 2006. The second part began in 2006 and ended in 2008. On 6 December 2002, 300 people in charge of the Golden Shield project from 31 provinces and cities throughout China participated in a four-day inaugural "Comprehensive Exhibition on Chinese Information System".[11] At the exhibition, many western high-tech products, including Internet security, video monitoring and human face recognition were purchased. It is estimated that around 30,000-50,000 police are employed in this gigantic project.[12]

A subsystem of the Golden Shield has been nicknamed "the Great Firewall" (防火长城) (a term that first appeared in a Wired magazine article in 1997)[13] in reference to its role as a network firewall and to the ancient Great Wall of China. This part of the project includes the ability to block content by preventing IP addresses from being routed through and consists of standard firewalls and proxy servers at the six[14] Internet gateways. The system also selectively engages in DNS cache poisoning when particular sites are requested. The government does not appear to be systematically examining Internet content, as this appears to be technically impractical.[15] Because of its disconnection from the larger world of IP routing protocols, the network contained within the Great Firewall has been described as "the Chinese autonomous routing domain".[16]

During the 2008 Summer Olympics, Chinese officials told Internet providers to prepare to unblock access from certain Internet cafés, access jacks in hotel rooms and conference centers where foreigners were expected to work or stay.[17]

Actions and purposeEdit

The Golden Shield Project contains an integrated, multi-layered system, involving technical, administrative, public security, national security, publicity and many other departments. This project was planning to finish within five years, separated into two phases.

Phase IEdit

The first phase of the project focused on the construction of the first-level, second-level, and the third-level information communication network, application database, shared platform, etc. The period was three years.

According to the Xinhua News Agency, since September 2003, the Public Security department of China has recorded 96% of the population information of mainland China into the database. In other words, the information of 1.25 billion out of 1.3 billion people has recorded in the information database of the Public Security department of China.[18] Within three years, phase I project has finished the first-level, second-level, and the third-level backbone network and access network This network has covered public security organs at all levels. The grass-roots teams of public security organs have accessed to the backbone network with the coverage rate 90%, that is to say, every 100 police officers have 40 computers connected to the network of the phase I project. The Ministry of Public Security of the People's Republic of China said that the phase I project had significantly enhanced the combat effectiveness of public security.

Members participated in the phase I project include Tsinghua University from China, and some high-tech companies from the United States of America, the United Kingdom, Israel, etc. Cisco Systems from the United States of America has provided massive hardware devices for this project, and therefore was criticized by some members of the United States Congress.[19]

According to China Central Television, phase I cost 6.4 billion yuan. On 6 December 2002, there came the "2002 China Large Institutions Informationization Exhibition", 300 leaders from the Ministry of Public Security of the People's Republic of China and from other public security bureaus of 31 provinces or municipalities attended the exhibition. There were many western high-tech products, including network security, video surveillance and face recognition.[20] It was estimated that about 30000 police officers have been employed to maintain the system. There was a multi-level system to track netizens violating the provisions. Netizens who want to use the internet in a cybercafé requires to show their Resident Identity Cards. If some violating event happened, the owner of the cybercafé can send the personal information to the police through the internet. It is called a public security automation system, but it is actually an integrated, multi-layered, internet blocking and monitoring system, involving the technical, administrative, public security, national security, publicity, etc. The features are known as: readable, listenable, and thinkable.

Phase IIEdit

The phase II project started in 2006. The main task was to enhance the terminal construction, and the public security business application system, trying to informatize of the public security work. The period was two years.[21]

Based on the phase I project, phase II project expanded the information application types of public security business, and informationized further public security information. The key points of this project included application system construction, system integration, the expansion of information centre, and information construction in central and western provinces. The system of was planning to strengthen the integration, to share and analysis of information. It would greatly enhance the information for the public security work support.[21]

Censored contentEdit

Mainland Chinese Internet censorship programs have censored Web sites that include (among other things):

Blocked Web sites are indexed to a lesser degree, if at all, by some Chinese search engines. This sometimes has considerable impact on search results.[23]

According to The New York Times, Google has set up computer systems inside China that try to access Web sites outside the country. If a site is inaccessible, then it is added to Google China's blacklist.[24] However, once unblocked, the Web sites will be reindexed. Referring to Google's first-hand experience of the great firewall, there is some hope in the international community that it will reveal some of its secrets. Simon Davies, founder of London-based pressure group Privacy International, is now challenging Google to reveal the technology it once used at China's behest. "That way, we can understand the nature of the beast and, perhaps, develop circumvention measures so there can be an opening up of communications." "That would be a dossier of extraordinary importance to human rights," Davies says. Google has yet to respond to his call.[25]

BypassingEdit

Because the Great Firewall blocks destination IP addresses and domain names and inspects the data being sent or received, a basic censorship circumvention strategy is to use proxy nodes and encrypt the data. Most circumvention tools combine these two mechanisms.[26]

  • Proxy servers outside China can be used, although using just a simple open proxy (HTTP or SOCKS) without also using an encrypted tunnel (such as HTTPS) does little to circumvent the sophisticated censors.[26]
  • Companies can establish regional Web sites within China. This prevents their content from going through the Great Firewall of China; however, it requires companies to apply for local ICP licenses.
  • Onion routing, such as I2P or Tor, can be used.[26]
  • Freegate, Ultrasurf, and Psiphon are free programs that circumvent the China firewall using multiple open proxies, but still behave as though the user is in China.[26]
  • VPNs (virtual private network) and SSH (secure shell) are the powerful and stable tools for bypassing surveillance technologies. They use the same basic approaches, proxies and encrypted channels, used by other circumvention tools, but depend on a private host, a virtual host, or an account outside of China, rather than open, free proxies.[26]
  • Open application programming interface (API) used by Twitter which enables to post and retrieve tweets on sites other than Twitter. "The idea is that coders elsewhere get to Twitter, and offer up feeds at their own URLs—which the government has to chase down one by one." says Jonathan Zittrain, co-director of Harvard's Berkman Center for Internet and Society.[27]
  • Reconfiguration at the end points of communication, encryption, discarding reset packets according to the TTL value (time to live) by distinguishing those resets generated by the Firewall and those made by end user, not routing any further packets to sites that have triggered blocking behavior.[28]

UnblockingEdit

Certain sites have begun to be partially unblocked, including:

  • The English-language BBC website (but not the Chinese language website).[29]
  • Wikipedia (wikipedia.org), HTTPS version is not blocked (As of December 2013, excluding Chinese Wikipedia). However, if one uses HTTP, many wikis are blocked.[30][citation needed]

Exporting technologyEdit

Reporters Without Borders suspects that countries such as Cuba, Vietnam, Zimbabwe and Belarus have obtained surveillance technology from China although the censorships in these countries are not much in comparing to China.[31]

Differences from the Great FirewallEdit

The Golden Shield Project is distinct from the Great Firewall (GFW), which has a different mission. The differences are listed below:

Politically,

  1. The GFW is a tool for the propaganda system, whereas the Golden Shield Project is a tool for the public security system.
  2. The original requirements of the GFW are from the 610 office, whereas the original requirements of the Golden Shield Project are from the public security department.
  3. The GFW is a national gateway for filtering foreign websites, whereas the Golden Shield Project is for monitoring the domestic internet.

Technically,

  1. The GFW is attached to the three national internet exchange centres, and then spread to some of the ISPs to implement the blocking effect, whereas the Golden Shield Project stations in the most exchange centres and data centres.
  2. The GFW is very powerful in scientific research, including many information security scientists, such as people from Harbin Institute of Technology, Chinese Academy of Sciences, and Beijing University of Posts and Telecommunications, whereas the Golden Shield Project is less powerful in scientific research.
  3. The GFW is built by Fang Binxing, whereas the Golden Shield Project is built by Shen Changxiang.[32]

See alsoEdit

NotesEdit

  1. ^ There are several variants of this saying in Chinese, including "如果你打开窗户换新鲜空气,就得想到苍蝇也会飞进来。" and "打开窗户,新鲜空气进来了,苍蝇也飞进来了。". Their meanings are the same.

ReferencesEdit

  1. ^ "金盾工程". 中国网--网上中国. 
  2. ^ "何谓"两网一站四库十二金"?". 中国网--网上中国. 
  3. ^ Norris, Pippa; World Bank Staff (2009). Public Sentinel: News Media and Governance Reform. World Bank Publications. p. 360. ISBN 978-0-8213-8200-4. Retrieved 11 January 2011. 
  4. ^ "How China's Internet Police Control Speech on the Internet". Radio Free Asia. Retrieved 11 June 2013. China’s police authorities spent the three years between 2003 and 2006 completing the massive “Golden Shield Project.” Not only did over 50 percent of China’s policing agencies get on the Internet, there is also an agency called the Public Information Network Security and Monitoring Bureau, which oversees a large number network police. These are all the direct products of the Golden Shield Project. 
  5. ^ "China's Man-on-the-Side Attack on GitHub". 
  6. ^ R. MacKinnon "Flatter world and thicker walls? Blogs, censorship and civic discourse in China" Public Choice (2008) 134: p. 31–46, Springer
  7. ^ "中国接入互联网". chinanews.com. Retrieved 28 August 2013. 
  8. ^ "China and the Internet.", International Debates, 15420345, Apr2010, Vol. 8, Issue 4
  9. ^ Goldman, Merle Goldman. Gu, Edward X. [2004] (2004). Chinese Intellectuals between State and Market. Routledge publishing. ISBN 0415325978
  10. ^ Goldsmith, Jack L.; Wu, Tim (2006). Who Controls the Internet?: Illusions of a Borderless World. New York: Oxford University Press. p. 91. ISBN 0-19-515266-2. 
  11. ^ 首屆「2002年中國大型機構信息化展覽會」全國31省市金盾工程領導雲集 (in Chinese)
  12. ^ "What is internet censorship?". Amnesty International Australia. 28 March 2008. Archived from the original on 27 April 2015. Retrieved 21 February 2011. 
  13. ^ https://www.economist.com/news/special-report/21574631-chinese-screening-online-material-abroad-becoming-ever-more-sophisticated
  14. ^ http://www.nbcnews.com/technology/welcome-wyoming-how-chinas-great-firewall-could-have-sent-web-2D11970733
  15. ^ Watts, Jonathan (20 February 2006). "War of the words". The Guardian. Retrieved 3 May 2010. 
  16. ^ "Costs and Benefits of Running a National ARD" (PDF). Archived from the original (PDF) on 6 July 2006. 
  17. ^ Fallows, James (March 2008). "The Connection Has Been Reset". The Atlantic. Retrieved 22 May 2011. 
  18. ^ "金盾工程数据库包括12亿多中国人的信息". 博讯 (in Chinese). 2006-04-09. Archived from the original on 2016-03-05. 
  19. ^ "中国"金盾工程"一期工程通过国家验收". Radio Free Asia (in Chinese). 
  20. ^ "首屆「2002年中國大型機構信息化展覽會」全國31省市金盾工程領導雲集". The Adsale Group. 2002-12-19. Archived from the original on 2010-03-04. 
  21. ^ a b "金盾二期工程将以信息整合应用为建设重点". 计世资讯 (in Chinese). Archived from the original on 2009-05-31. 
  22. ^ Marquand, Robert (24 February 2006). "China's media censorship rattling world image". The Christian Science Monitor. Retrieved 22 May 2011. 
  23. ^ "controlling information: you can't get there from here -- filtering searches". The tank man. Frontline (pbs.org). 
  24. ^ Thompson, Clive (23 April 2006). "Google's China Problem (and China's Google Problem)". The New York Times. p. 8. Retrieved 22 May 2011. 
  25. ^ Will Google's help breach the great firewall of China? By: Marks, Paul, New Scientist, 02624079, 4/3/2010, Vol. 205, Issue 2754
  26. ^ a b c d e "Splinternet Behind the Great Firewall of China: The Fight Against GFW", Daniel Anderson, Queue, Association for Computing Machinery (ACM), Vol. 10, No. 11 (29 November 2012), doi:10.1145/2390756.2405036. Retrieved 11 October 2013.
  27. ^ "Leaping the Great Firewall of China ", Emily Parker, Wall Street Journal, 24 March 2010. Retrieved 11 October 2013.
  28. ^ "Ignoring the Great Firewall of China", Richard Clayton, Steven J. Murdoch, and Robert N. M. Watson, PET'06: Proceedings of the 6th international conference on Privacy Enhancing Technologies, Springer-Verlag (2006), pages 20-35, ISBN 3-540-68790-4, doi:10.1007/11957454_2. Retrieved 11 October 2013.
  29. ^ "BBC website 'unblocked in China'". BBC News. 25 March 2008. Retrieved 22 May 2011. 
  30. ^ (Chinese) 如何访问维基百科#当前情况
  31. ^ "Going online in Cuba: Internet under surveillance" (PDF). Reporters Without Borders. 2006. Archived from the original (PDF) on 3 March 2009. 
  32. ^ 自曲主编 (30 August 2009). "阅后即焚:GFW". 自曲新闻 (in Chinese). Archived from the original on 4 January 2010. Retrieved 30 August 2009. 

External linksEdit