On Thu, Aug 16, 2012 at 05:15:49AM +0800, Eric S Johnson wrote: > > I'm not saying China doesn't do DPI. I'm just saying that, from my > own experience living in China for the past three years, DPI doesn’t > appear to be used to inspect the contents of web pages and dynamically > block undesirable content. > > I.e. it's easy to register a new domain (call it > TestChinaCyberFiltering.org) and put up onto it a handful of pages > which include every possible word and phrase which we know are > problematic to the Chinese censors. Start with the list of words which > trigger censorship and surveillance in TOM Skype (the wordlist's been > repeatedly cracked by researchers at, I think, Arizona). Add all the > content which the good folks at UC-Berkeley’s China Digital Times have > detected cause immediate censorship on Weibo (China’s Twitter-like > service). This should be a total of about 400 words and phrases > (almost all only in Chinese). > > Then access those pages from within China. > > As far as I can tell, access will be unimpeded. >
Two possibilities, not necessarily mutually exclusive, spring to mind. The first is that DPI could be occurring at border routers, so that traffic within China is not undergoing DPI scanning by default. If your hypothetical TestChinaCyberFiltering.org is hosted in China you might see different behaviour to if it were hosted in, say, the US. You might also expect to see hybrid filtering similar to what we have in the UK with BT's Cleanfeed. In that case, certain domains are added to a watch list, and only those domains are subjected to more sophisticated forms of filtering. This means that the filter doesn't have to expend the resources on DPI for all web traffic, only those that have been marked up on the list of problematic domains. This also gives the option to use cheap and easy DNS, or simple IP, filtering for some sites, and more subtle and costly filtering for other domains. That allows the filter to avoid unnecessary overblocking, whilst still retaining the ability to filter in a relatively fine-grained fashion. Of course, these two could be combined: it could be that all cross-border traffic is inspected, whereas internal traffic is only inspected if it's on the blacklist. Or vice versa, of course. There are other possibilities, but these are the ones that occur to me immediately from your description. Joss _______________________________________________ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
