Comment by miohtama
2 days ago
Some analysis and discussion here:
https://github.com/net4people/bbs/issues/519
> After its founding in 2018, one of Geedge's first clients was the government of Kazakhstan, to whom the company sold its flagship Tiangou Secure Gateway (TSG), which provides functions similar to China's own Great Firewall, monitoring and filtering all web traffic that passes through it, as well as attempts to bypass such censorship.
> The same tool has been rolled out in Ethiopia and Myanmar, where it has been instrumental in enabling that country's military junta to enforce a ban on VPNs. In many cases, Geedge works with other private companies, including internet service providers (ISPs) such as Safaricom in Ethiopia, or Frontiir and Ooredoo in Myanmar, to enact government censorship, the documents show. No ISPs that have partnered with Geedge responded to a request for comment.
> The leaks show employees at the company working to reverse-engineer many popular tools and find means of blocking them. One set of documents lists nine commercial VPNs as "resolved," and provides various means of identifying and filtering traffic to them. Similar capabilities have long been demonstrated by the Great Firewall, with most commercial VPNs inaccessible from within China and many dedicated anti-censorship tools also hard to access.
> At least one Jira support ticket shows evidence of plaintext capture of email
I bet that the recent wave of VPN bans implemented in Russia also uses this tech. For example the mechanism of how suspicious websocket endpoints are being "knocked" by the firewall itself or how suspiciously traffic heavy ssh connections are being dropped suggests that Russian govt simply bought the entire stack from China.
From 2016:
>The strategy is being developed in close cooperation with China after a string of high-level meetings in Beijing and Moscow this year. At their first cybersecurity forum, in April, top Chinese officials and their Russian counterparts gathered in Moscow for the talks. Delegates included Lu Wei, the head of China’s state internet information office, Fang Binxing, the so-called father of the Great Firewall and Igor Shchyogolev, President Vladimir Putin’s assistant on internet issues and former minister of communications.
>“The principal agreement to have a forum was reached by Igor Shchyogolev and Fang Binxing at a meeting in December 2015 in Beijing,” said Denis Davydov, the executive director of the misleadingly named League of Safe Internet, a government-affiliated group that has drafted internet-filtering legislation and recruited teams of volunteers to patrol the web for “harmful content”.
https://www.theguardian.com/world/2016/nov/29/putin-china-in...
the bans are probably a consequence of this leak.
they are in a better safe (from the people, heh) than sorry mode.
Russia tests it all in Belarus first. In 2020 they blocked almost all Internet, including VPNs, Tor etc (but left some areas connected, like banking). It's somewhat easier in Belarus, as they have a legal monopoly on cross-border Internet.
> At least one Jira support ticket shows evidence of plaintext capture of email
I would be surprised if western governments didn't do the same, and folks should act accordingly.
The NSA was storing bulk plaintext emails from (at least) Microsoft, as of the time of the Snowden leaks. Microsoft actively assisted them.
https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-... ("Microsoft handed the NSA access to encrypted messages")
> "Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;"
> "The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;"
In general none of the disclosures of what GFW is doing g should be seen as evidence that western governments do not do the same thing. Hope nobody is drawing that conclusion.
Western governments do not routinely block VPNs.
6 replies →
We don't need to guess, we know they do. That was one of Snowden's big reveals.
The US has been doing this for a long time (1997), on a targeted basis.
https://en.wikipedia.org/wiki/Carnivore_(software)
[dead]