In a significant breach of cybersecurity, over 500 GB of internal documents, source code, and operational communications related to China’s Great Firewall have surfaced online. The leak, discovered last Thursday, reveals the inner workings of the country’s extensive internet censorship and surveillance system. These documents appear to originate from Geedge Networks, a company linked to Fang Binxing, who is widely recognized as the “father” of the Great Firewall.
The leaked materials expose Geedge Networks’ role in commercializing and exporting the censorship technology. The Great Firewall, known for its capability to filter internet traffic within China, has been packaged into a portable solution that includes both hardware and software components. This system, referred to as the Tiangou Secure Gateway (TSG), is designed to be scalable and can be installed in telecommunications data centers across entire countries.
Leaked Documents
Geedge Networks’ technology has been deployed in Kazakhstan, Ethiopia, Pakistan, and Myanmar, with potential expansion into other nations. The leaked documents detail the system’s ability to monitor over 81 million internet connections simultaneously in Myanmar alone, showcasing the technology’s expansive surveillance capabilities. Furthermore, the documents reveal that the system can target specific individuals based on their online activities, such as visiting certain websites or using VPNs.
The Great Firewall’s source code leak has raised alarms among human rights organizations like Amnesty International. Agnès Callamard, Amnesty International’s Secretary General, highlighted the dangers of such surveillance capabilities, stating they severely restrict privacy, freedom of expression, and peaceful assembly. The organization found that the technology used in Pakistan’s Web Monitoring System (WMS) 2.0 is a commercialized version of the Great Firewall, involving hardware from HP and Dell before shifting to Chinese manufacturers to evade sanctions.
The leak also underscores the global supply chain’s role in enabling mass surveillance and censorship. Companies from Germany, France, the United States, Canada, and the UAE have been implicated in providing components for these systems. Despite the international community’s awareness of the risks, there remains a lack of regulation and transparency in the export of such technologies.
Privacy Concerns and Targeted Surveillance
The leaked documents show that the system can intercept unencrypted internet traffic, including website content, passwords, and email attachments. Even for encrypted traffic, the system uses deep packet inspection and machine learning to determine if users are attempting to circumvent censorship using VPNs or other tools. If the system cannot identify the content, it may flag and block the traffic as suspicious.
In Pakistan, the WMS 2.0 is part of a larger surveillance framework, allowing authorities to monitor mobile networks in real time. The documents also mention a Lawful Intercept Management System (LIMS), which is mandated for installation across telecom networks, giving state agents access to consumer data, including phone calls and text messages.
Expansion of Digital Authoritarianism
Geedge Networks is not only exporting censorship technology but also learning from its overseas deployments to refine its systems within China. The company’s projects in Xinjiang, Fujian, and Jiangsu provinces indicate its intent to develop a distributed censorship model. This includes features like relationship graphs between users, geofencing, and a controversial “reputation score” system, which could restrict internet access based on personal authentication and behavior.
Experts advise caution when examining the leaked source code, suggesting the use of isolated systems like virtual machines to study the data. The potential for malware injection into users’ internet traffic is a significant concern, making it easier for governments to target individuals and restrict access to information.
This leak serves as a stark reminder of the extent to which digital authoritarianism has become a service, with capabilities that far exceed traditional lawful interception methods and infringe upon fundamental human rights globally.
Source: Canal Tech, GFW
