Great Firewall of China



The Great Firewall of China is a name coined in 1997 to describe to the online censorship technologies of China. China blocks many sites operated by Western companies, such as Facebook, Google, and YouTube, as well as access to the technologies designed to bypass the firewall. Hell, the website you're currently reading this on is blocked by the firewall.

Why
The legal basis for the firewall derives from a document called the "Measures for the Administration of Internet Information Services" (互联网信息服务管理办法), which was issued by the Chinese State Council on September 20, 2000 (as well as a 2010 document ). Article 15 of the document lists 9 directives for internet providers: Providers of internet information services may not produce, assist in production of, issue, or broadcast any information: These directives are not just applied to blocking of IP addresses, but also to domestic censorship of search results (e.g., Baidu), and to social media posts (e.g., Weibo), but also the self-censorship and individual reporting of violations that result in increased social score. The online censorship system has accelerated under President Xi Jinping's rule.
 * 1) opposing the basic principles as they are confirmed in the Constitution;
 * 2) jeopardizing the security of the nation, divulging state secrets, subverting state power, or jeopardizing the integrity of the nation’s unity;
 * 3) harming the honor or the interests of the nation;
 * 4) inciting hatred against peoples, racism against peoples, or disrupting the solidarity of peoples ;
 * 5) disrupting national policies on religion, propagating evil cults and feudal superstitions;
 * 6) spreading rumors, disturbing social order or disrupting social stability;
 * 7) spreading obscenity, pornography, gambling, violence, murder, terror, or abetting the commission of a crime;
 * 8) insulting or defaming third parties, infringing on the legal rights and interests of third parties; and
 * 9) containing any other content prohibited by law or administrative rules.

How
While commonly called a firewall, it is a lot more than that.

This system can be divided in two parts, a more traditional firewall and a censorship system in domestic social media and search engines.

Firewall
This system sits in Chinese giving it the ability to listen to all traffic passing through them. It enforces block lists of IP addresses (such as the public list of Tor nodes and known VPNs used for circumvention) and sites that are added to it manually, but also performs throttling, blocks usage of encryption that China doesn't like (such as the Encrypted Client Hello proposal to TLS 1.3 ), and automatically watches out for usage of circumvention technologies (so it's like Big Brother, except this one is really always watching).

If there is a suspicion for a connection, such as it possibly being to a Tor bridge or a Shadowsocks server, for example, it will probe the suspected Tor bridge or Shadowsocks server in question to confirm that it really is one. If it returns positive, it will block it automatically.

The firewall can be easily bypassed by using a personal VPN with an IP address that changes regularly, though many VPNs are blocked by China.

Weibo
Sina Weibo (新浪微博) is the most important microblogging site in China. In the West it is usually just referred to as Weibo (weibo, 微博, meaning microblogging), but other such weibo sites exist in China. Often described as a Twitter clone in the West, it actually has substantially more features than Twitter. Social media platforms in China are privately owned, but are required by Chinese law to monitor and censor prohibited content. Websites do this in several ways: deleting individual posts, preventing searches on some keywords, returning zero results from some searches, and indirectly causing users to self-censor. The vagueness of the law (e.g., "harming the honor or the interests of the nation") encourages overreach by Weibo and self-censorship by users.

Unlike other parts of the Great Firewall, social media sites such as Weibo inform the user that something is prohibited. Blocked terms fall into several categories: names of people (primarily Communist Party members and dissidents), political terms (e.g., Tiananmen), sex and drugs, and scandals and disasters. The elaborate censorship has encouraged users to use an extensive repertoire of censorship evasions (puns, "slang, acronyms, memes, and images"), but censors eventually catch up.

China's ecosystem of censorship
While the firewall was all that was needed in the days of mostly unencrypted communications, where they could scan for things like mentions of the Tiananmen Square Massacre in search engine results or Wikipedia articles, with the widespread deployment of protocols like HTTPS and browsers showing warnings when accessing HTTP websites, they found themselves in need of more sophisticated solutions. One solution is to block foreign internet companies and offer  through domestic businesses which are subject to greater control.

Another solution is to threaten these foreign companies with cutting access to the Chinese market if they don't comply with censorship, letting their greed do the justification for complying.

Because of this, nowadays one of the main tasks of the firewall part is to block access to censorship-circumvention technologies and protocols, like Tor and Shadowsocks (which is quite popular in China).

In a nutshell
Starring courtesy of