[Joint House and Senate Hearing, 107 Congress] [From the U.S. Government Publishing Office] CHINA'S CYBER-WALL: CAN TECHNOLOGY BREAK THROUGH? ======================================================================= ROUNDTABLE before the CONGRESSIONAL-EXECUTIVE COMMISSION ON CHINA ONE HUNDRED SEVENTH CONGRESS SECOND SESSION __________ NOVEMBER 4, 2002 __________ Printed for the use of the Congressional-Executive Commission on China Available via the World Wide Web: http://www.cecc.gov U.S. GOVERNMENT PRINTING OFFICE 83-512 WASHINGTON : 2003 ____________________________________________________________________________ For Sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512-1800 Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001 CONGRESSIONAL-EXECUTIVE COMMISSION ON CHINA LEGISLATIVE BRANCH COMMISSIONERS Senate House MAX BAUCUS, Montana, Chairman DOUG BEREUTER, Nebraska, Co- CARL LEVIN, Michigan Chairman DIANNE FEINSTEIN, California JIM LEACH, Iowa BYRON DORGAN, North Dakota DAVID DREIER, California EVAN BAYH, Indiana FRANK WOLF, Virginia CHUCK HAGEL, Nebraska JOE PITTS, Pennsylvania BOB SMITH, New Hampshire SANDER LEVIN, Michigan SAM BROWNBACK, Kansas MARCY KAPTUR, Ohio TIM HUTCHINSON, Arkansas SHERROD BROWN, Ohio JIM DAVIS, Florida EXECUTIVE BRANCH COMMISSIONERS PAULA DOBRIANSKY, Department of State GRANT ALDONAS, Department of Commerce D. CAMERON FINDLAY, Department of Labor LORNE CRANER, Department of State JAMES KELLY, Department of State Ira Wolf, Staff Director John Foarde, Deputy Staff Director (ii) C O N T E N T S ---------- Page STATEMENTS Rubin, Aviel, co-founder, Publius Web Publishing System, West Caldwell, NJ................................................... 1 Xia, Bill, president, Dynamic Internet Technology, Inc., Cary, NC 5 Lin, Hai, computer scientist, Shanghai, China.................... 7 Baranowski, Paul, chief architect, Peekabooty Project, Toronto, ON, Canada..................................................... 9 APPENDIX Prepared Statements Rubin, Aviel..................................................... 28 Xia, Bill........................................................ 29 Baranowski, Paul................................................. 31 CHINA'S CYBER-WALL: CAN TECHNOLOGY BREAK THROUGH? ---------- MONDAY, NOVEMBER 4, 2002 Congressional-Executive Commission on China, Washington, DC. The roundtable was convened, pursuant to notice, at 2:30 p.m. in room SD-215, Dirksen Senate Office Building, Ira Wolf (staff director) presiding. Also present: William Farris, senior specialist on Internet issues and commercial rule of law; Keith Hand, senior counsel; Holly Vineyard, U.S. Department of Commerce; and Dr. Jay Sailey, interpreter, Silver Spring, MD. Mr. Wolf. I would like to welcome everyone here to today's roundtable on China's Cyber-Wall: Can Technology Break Through? This is actually our second roundtable this year dealing with Internet issues in China. The first dealt more with policy issues, and today we are going to get more into the technology side. Next to me is William Farris, who is on the Commission staff and is in charge of Internet issues. Holly Vineyard works at the U.S. Department of Commerce for our Commissioner, Under Secretary of Commerce Grant Aldonas, and Keith Hand is one of our senior legal counsels on the Commission staff. I am Ira Wolf, staff director of the Commission. John Foarde, who is the deputy staff director and normally would be here, is in China. We have four panelists. Avi Rubin is co-founder of Publius; Bill Xia, president of Dynamic Internet Technology; Lin Hai, a computer scientist from Shanghai; and Paul Baranowski, chief architect for the Peekabooty project. We also have Jay Sailey, who will be helping with interpretation. Jay, it is good to always have you back again. Thanks. Avi, why do we not start with you? STATEMENT OF AVIEL RUBIN, CO-FOUNDER, PUBLIUS WEB PUBLISHING SYSTEM, WEST CALDWELL, NJ Mr. Rubin. Let me give a little more of an introduction of myself. I want to give you an idea of the kinds of questions I am hoping to get and the kinds that I will defer to my other panelists. I am a researcher at AT&T Labs, a computer science background. I am here explicitly not as a representative of AT&T, but as a computer scientist. In January, I will be starting to work in a faculty position as an associate professor at Johns Hopkins, and the technical director of their Information Security Institute. The reason that I am here is that some of my research in the past that focuses on computer security and networking has been on systems that resist censorship. One of them called ``Crowds'' was designed for browsing the Web anonymously so that end users and other users of the system cannot tell who is accessing what. The other system, called ``Publius,'' which has won a censorship resistance award and is a little better known, was designed to publish information on a large network like the Internet in such a way that it is very difficult for anyone to forcibly remove the content. I am not an expert on China and I would rather answer general questions, such as, ``Is this possible? Is that possible? Why or why not? '' So let me talk a little bit about censorship. I think it is important to make a distinction between censorship within a network or within an organization or a country and censorship between users who are on the inside trying to access something that is on the outside where an adversary controls the interface between the inside and the outside, which is the kind of model that we are looking at here. The censor can prevent access to content on the outside through several means. One of them is simply by routing, looking at the Internet Protocol [IP] addresses of the destination of a request, and if it is on the outside, perhaps blocking that or filtering it some other way, or making a decision about how to treat that traffic differently. Another way would be through use of the domain name system. For those of you that do not know, the domain name system is the service that translates names like www.google.com into an IP address that networks need in order to get the packets where they need to go. So one thing that a censor could do, and I believe in a lot of cases this happens not only for censorship but for other purposes, is if the organization controls the domain name service [DNS]--and a powerful government can control the domain name service, or at least control those that control it--you can return false information, so when someone asks for google.com you can return an IP address. This will all be transparent to the users. That is an IP address to a computer under your own control, which could then simulate Google, giving the user the experience that they think they are at Google, but they are actually at some other, mirroring network. This would be a censorship technique that could be employed, or could simply drop the traffic or do whatever they want with it. Finally, you could do something called application level filtering. Instead of doing the censorship at the routing level or the domain name service level, what you could do is allow all traffic through. But, if it is destined for port 80, which is the World Wide Web port, then you could treat it differently. You could make filtering decisions and you could run it through software that looks for particular destinations, compare it to a blacklist and say, well, we are not going to allow that, or worse, we are going to substitute something for that in the reply, spoofing the reply. So, this has had to do with blocking the access of an individual within an organization to sites that are outside the organization. Another type of censorship is prohibiting the posting of content. I am an individual and I have something that I wish to have people access. Maybe I have some agenda that I want to publicize, or I want to be critical of the government, or whatever. A censor may wish to block the ability of somebody to post the content. One way to do that would be to monitor sites carefully using search engines or hot lists, and see if content that is objectionable is there, and then to go make the people remove it if the content is on the inside. Another, is through informants or spies who could infiltrate organizations that may wish to publish something that they would find offensive, and then finding out that it is there and doing the same thing. Again, if you control the connectivity, you can prevent someone inside your organization, your country, or China from being able to publish something that is in a site that is outside by simply blocking the connectivity or making the decision not to allow that. So what I have discussed up to this point is a one-to-many censorship. Somebody publishes something on the Web, say, and you either block their ability to publish that or you block people's ability to retrieve that information. Another type of censorship would be one-to-one communication. Someone may want to monitor e-mail messages that are going from one individual to another, and there are various ways of doing that. The FBI has a system called ``Carnivore'' that can be deployed at an Internet service provider [ISP]. What it does is it searches e-mails coming in and out for certain key words, looking perhaps for terrorist activity. The Chinese Government could deploy similar things at ISPs. In fact, they probably have more control over what the ISPs are doing, and look for whatever it is that they are interested in blocking. Then they can take whatever actions they want. They could block those e-mail messages. They could try to trace the owners of the accounts who sent or received those. Another thing that could happen to e-mail is, again, an application-level way of censoring. At the network level, what we call the IP layer, you could sniff. Network sniffers are programs that will look at packets coming in and out and make the same kind of decisions that were made at the application level about the e-mail by just looking at raw IP packets. It is a bit harder to do, but there are tools out there to do it. You take a bit of a performance hit when you do it that way, but the advantage for the censoring party in doing it that way is that it is completely passive. The ISP does not need to know that this kind of sniffing is taking place. Nobody can detect that it is happening. Another way to censor the one-to-one communication is to forbid encryption. If encryption is not allowed, then something like Carnivore or network sniffing is very effective. What sort of enforcement could take place if censorship were to detect that somebody had offensive content posted somewhere? When something is published, it resides in a physical place. It is on a computer. If that computer is under the domain of the censor, the censor can apply pressure to the administrator, or sanctions to the administrator of that computer and say, ``take that content down.'' Finally, a way of censoring content might be to mandate a custom client. Instead of a Netscape or Internet Explorer browser, a government could say, ``We require you to use this program to browse the net,'' and that program could be some sort of scaled-down version that can only access certain approved sites. So up until now I have talked to you about ways of censoring. Let me speak, for my remaining time, about types of circumvention that you might have. One, is called steganography. The idea behind steganography is to hide content in other content. Briefly, imagine a photograph of your cat encoded as a JPEG image on a computer. There are tools out there for you to take a letter, an ASCII text letter, and encode the content of that letter in the picture of the cat, which still will look like a cat. And the only people that could extract that information, the letter from this picture, would be someone who knew the key, say, that you had shared with them. In fact, there are techniques where two photographs are indistinguishable relative to whether or not they contain content to anyone except the holder of the key. So, this might be a valuable technique to use if encryption is outlawed and you are worried about sanctions. On the other hand, if someone does discover the key through force or through some other means, then you could be in a lot of trouble, because once they extract the letter that could not have been coincidental. Another way is to disperse content widely. If you want to publish something and you have an automated way of publishing it in a thousand places, it becomes a lot harder for a censor to remove it, especially if these are under different administrative domains and countries. The Publius system that I designed and built uses the last two techniques in tandem, along with several others. I am happy to cover it more during questions and answers. Two other mechanisms for circumventing the censorship to post something are covert channels. A quick example of a covert channel might be, let us say that I was to communicate a message to you. So what I do is send you an e-mail message every second, or I do not send you an e-mail message every second, and whether or not I send you a message encodes a zero or a one. That is just a very lightweight example of how I could communicate information to you where I am actually using a covert channel. The fact that I sent something or did not send it is the information, and whatever it is that I sent could be just innocuous. Finally, there is a technique called a homomorphic encryption. That is a mechanism whereby you can encrypt something so that it can be decrypted two different ways. So I send you an encrypted document. Of course, only a regime that allows encryption would support something like this. You can decrypt it and it is a picture of your cat, and you can decrypt it and it is a call to arms. It depends on how you decrypt. So, that might be useful. For retrieval. I am running out of time, so I will just enumerate the things you could use. Special proxies, the Crowd system, which I can talk more about in the questions and answers, or an anonymous location, a library, a cafe, something like that if the country supports these kinds of things. Finally, let me just say that I believe there is an arms race between censorship and censorship circumvention, because if you tell me what you are using to censor I can tell you what to do to get around it. But, once I do that, then I could come back and tell you what you could do to get around that. I think we are in the midst of this arms race. I believe that any technology to circumvent censorship, having had the experience of developing such a thing, is going to lead to a double-edged sword where you could be accused of providing mechanisms whereby bad people can also do things. [The prepared statement of Mr. Rubin appears in the appendix.] Mr. Wolf. Thank you very much. Bill Xia. STATEMENT OF BILL XIA, PRESIDENT, DYNAMIC INTERNET TECHNOLOGY, INC., CARY, NC Mr. Xia. Good afternoon, ladies and gentlemen. I would like to thank William Farris for inviting me to come here today. My name is Bill Xia. I am the president of Dynamic Internet Technology [DIT]. DIT conducts research regarding Internet censorship and provides service for anti-censorship technologies. Today I would like to share with you the experience of DynaWeb and ponder upon the role of technology in breaking through China's cyber-wall. DynaWeb was launched on March 12, 2002 as a proxy network that allows users to circumvent Internet censorship in China and to have secure and full access to the Internet. Users can use DynaWeb as an information Web or to go to other Web sites. Since the inception of DynaWeb, we have managed to stay ahead of the censorship by China most of the time. About 20,000 unique users gain regular, unblocked access to the Internet through us. DynaWeb has already played several rounds of the censorship and anti-censorship game in the past 8 months. Before I start, I would like to explain a few critical technical terms for understanding the DynaWeb experience. There are two ways to access a Web site through an Internet browser. One, is through typing the domain name, for example, google.com. The other way is through typing the IP address of the domain name. The IP address is the essential element from which the browser can fetch the Web site information for the user. However, a domain name is more user friendly. After a user types in a domain name, the Web browser will browse domain names to IP addresses and fetch the right information for the user. So this is essentially what Mr. Rubin explained about the DN system. The game started with an e-mail subscription service. At the beginning, DynaWeb e-mailed unblocked IP address updates to subscribers. After 2 weeks, the censor probably subscribed to our e-mail service as well because the very time window of DynaWeb IP addresses was reduced a range of a couple hours to a few days after release. Then our services expanded to the domain name with Dynamic IP addresses. However, censors started chasing the DynaWeb domain by automatically detecting the IP addresses that pointed to the domain name. This dramatically increased the need for back-up IP addresses, hence, increased costs of DynaWeb maintenance. Then DynaWeb adopted a new strategy so that censors had to manually verify the IP address before blocking it. Then automatic IP blockage stopped. Soon, in August, users started to have difficulty in accessing DynaWeb through https, even though the IP was not blocked. It was found out later on that the certificate DynaWeb used for secured access from the Internet browser was filtered. This can be achieved by package-level analysis of Internet traffic to find out the signature related to the certificate DynaWeb used. In response to this, DynaWeb started to change its certificates daily. No reports of certificate blocking have been found since then. Again, censors were frustrated with the resources required for daily updates of all related content filtering engines, and quit. At the end of September, DynaWeb domain names were hijacked to a fixed IP 64.33.88.161 in China, along with many other Web sites like www.voa.gov. DIT has published a detailed report about this hijacking and it can be independently verified from the United States. More study about this hijacking is still ongoing and will be released after we pass this stage. So what is next with the cyber-wall? As a first look, it is a technical question. If technology can break through China's cyber-wall, in fact, the process is a race of technology and time. As DynaWeb's experience has demonstrated, both parties can always implement new technologies to stay ahead and sustain the advantage. If the Internet breakthrough is defined as a pure technical issue, the future is brighter for censors because China purchases the most advanced censorship technologies from Western companies. China is also developing the ``Golden Shield'' project, a ``database-driven remote surveillance system.'' When the whole Beijing city is wired with a biometric sensor and camera network, no Internet-based anti-censorship can get around the surveillance system. Even now, during the 8 months of the technical race with DynaWeb, China has developed the largest and most sophisticated IP blocking and content filtering system in the world. The more anti-censorship techniques are developed, the more comprehensive censorship technology has become. This leaves less and less technical room for anti-censorship. So, it is critical to take full use of technologies to benefit as many people as possible before the door is closed. Second, it is a matter of available resources. China has 30,000 Internet police that specialize in Internet censorship, and ISPs are forced to perform self-censorship. The self- censorship is even adopted by foreign ISPs such as Yahoo. China has purchased top technology from Western companies. These technologies have been modified for China's particular censorship needs. Nortel, Sun Microsystems, Cisco, and many smaller companies contributed to building China's cyber-wall. Compared to China's investment in censorship and the cyber- wall, investment in breaking through this cyber-wall is next to nothing. There are very few groups developing technologies suitable for this wall. With more resources, DynaWeb can provide services to more people, develop better client software, and have closer monitoring of censors' new technologies, and respond faster. Third, people develop technology and technology serves people. The people factor is the most important factor, eventually. Recent increase of public awareness about China's Internet censorship both inside and outside of China is a great sign. We hope that this will help improve the current situation soon. Currently, companies contributing to China's cyber-wall bear little public pressure, not to mention any legislative limitation. Inside China, more and more harassment and arrests of dissidents and journalists are related to the Internet. Last year, there were more than 10 arrests in China for distributing forbidden information. This will create fear among the public. For the general public in China, they are now gradually realizing the existence of censorship consciously. More importantly, the government has adopted subtle mind control and propaganda to decrease the Chinese's interest in uncensored information. All major events outside of China are reported, with seemingly a variety of views, although all the different views are in fact the government's view. There is a fully developed online community inside China serviced by self- censoring ISPs. This strategy is an extension of China's cyber- wall, a wall in people's minds. The Internet, combined with TV, newspapers, and other information channels, now offer the Chinese people different types of information and different views on certain issues. It looks like full freedom of speech has been achieved. However, the government produces all the different views and types of information. The censors tried to use these to reduce people's interest in uncensored information. In summary, technology alone will not decide the future of China's cyber-wall, but people do. If all Chinese people would like to obtain uncensored information, the cyber-wall will be broken from the inside. Thank you. [The prepared statement of Mr. Xia appears in the appendix.] Mr. Wolf. Thank you very much. Lin Hai. STATEMENT OF LIN HAI, COMPUTER SCIENTIST, SHANGHAI, CHINA Mr. Lin. Ladies and gentlemen, good afternoon. My name is Lin Hai. I was born in Shanghai, China and graduated from Beijing's University of Aeronautics. I majored in computer science. After graduation, I worked as a software engineer, as well as sales marketing in some technology companies in Beijing for more than 5 years. At the end of 1995, I went back to my home town, Shanghai, and created a small Internet company with my partners. Our major business was to help other people to set up Web sites. Our major clients are joint ventures and foreign companies who are in business in Shanghai. As one of the first Internet users in China at that time, I was involved with the Internet Society, as well as technology because I, myself, was an Internet engineer. As was my interest, I did some technology research. For example, at that time I collected a lot of information on Chinese Internet users to see who was using the Internet, just for my own interest. Also, I was very excited about this new technology and expected some possible changes to the society by the new technology. I received a letter from a U.S.-based student's organization. The organization publishes newsletters that promote democracy, freedom of information, and independent opinions, as well as news into Mainland China. I was so excited because it was the first time that people could have a media that is not censored by the central government. So, I did something to help the organization, especially to help them in collecting information on Chinese Internet users so they could promote their newsletters to more receivers. For that activity, I was arrested by the Chinese Government. The date was March 25, 1998. As reported, I was the first victim of China's censorship of the Internet. So, I thank this Commission for letting me have a chance to speak here to all of you nice people. After I was arrested, my case was reported online. Finally, the government closed the trial and sentenced me to 2 years for some political crime. Thanks to the media reporters and many other supporters from outside organizations, especially human rights organizations, the Government of China released me early, with only 6 months to go. So, actually, I stayed in jail for a total of 18 months. After I was released, I stayed at home and tried to find some chance to re-start my business or career. I failed to do that because China is still a Communist country. So, for reasons you can probably understand, I found that I had to leave the country to seek my opportunities. So, I came to the United States. Right now, I am working in a small Internet company in New York City doing similar jobs as I did before as an Internet engineer. That is all of my story. Right now, we are doing a project named ``Secure Email Proxy,'' an Internet proxy project. The background is that people in China try to get free information. The Web sites on democracy are all blocked by the Chinese Government. E-mail seems to be an option for receiving information. E- mail is a traditional application on the Internet, and they are still using it daily. It is proven to be easy to use and cost effective. People in China can receive information from those independent sources by subscribing to e-mail newsletters and some other organizations who send e-mails. It has worked in the past few years. Some months ago, something happened. As before, the Chinese Government has filters at almost all major IPs in China. Those filters check every e-mail that comes in to China, to check if there are any key words encoded in the e-mail. If they find more than, for example, 10 key words in an e-mail, they will block this e-mail and the people will not receive it. Furthermore, it may be dangerous to the receivers. So, clever Chinese people found that they can use free e- mail boxes such as Hotmail and Yahoo Mail, which are based in the United States. It is out of the control of the Chinese Government. They can subscribe to those sources with their free e-mail account. It worked for years. But several months ago, the Chinese Government developed new technology that not only filtered the e-mails themselves, but also filtered the normal Web pages. If people in China accessed an e-mail box, say, Hotmail, it really works like a normal Web page on the Hotmail Web server. The Chinese filters--they installed filters on the gateway, I think--if people access a Web page that contains key words, the whole Web page will be fed back as a blank page. The people in China can access their e-mail box, but they cannot read the e-mail content if this e-mail is so-called ``sensitive.'' So, the people are waiting for some new technology to stop this kind of trouble. Our project, called ``Secure Email Proxy,'' is aimed for this purpose. Our mission is to provide a midway platform between the Chinese users within the firewall and the outside world. The traditional way of encrypting information is to use software such as the popular PGP software. But the PGP software requires that both senders and receivers use the same software, so it limits the usage of such kind of software. Most e-mail senders in the United States do not use it because they do not need it. So, that could be a problem. With our platform, we will forward all e-mail to Chinese e- mail users who are interested in our system. Our function is to encrypt normal e-mail, then to send it back to Chinese users. It will help Chinese Internet users to have secure e-mail communication with outside people who do not use encryption software such as PGP. This will be very helpful. For example, in China, people subscribe to a mailing list from Voice of America, or Radio Free Asia. They can hardly receive the information, actually. We think, with our help, they can subscribe to the mailing list and the information can come to us at the e-mail proxy server, and we will encrypt it and send it back to the real receiver. So, this will help them to skip the firewalls of the Internet gateway. That is the solution, and we are doing it. That is all, thank you very much. Mr. Wolf. Thank you very much. Paul Baranowski. STATEMENT OF PAUL BARANOWSKI, CHIEF ARCHITECT, PEEKABOOTY PROJECT, TORONTO, ON, CANADA Mr. Baranowski. Good afternoon. I am the project leader for Peekabooty, a piece of software that is designed to get around state-sponsored Internet censorship at the national level. Peekabooty accomplishes this using peer-to-peer [PTP] technology. ``Peer-to-peer'' basically means that there is no central authority governing some part of the network system. The idea is that anyone using the peer-to-peer system also helps out other people in the system at the same time. Napster, Gnutella, and others are all examples of peer-to-peer networks. Peekabooty uses other nodes in the network to relay data around the firewall. It is kind of like a distributed proxy service. China has been working on its firewall since at least 1997, and we have seen its power growing over the years. Just about every other month we are seeing a new technology being deployed that makes it even more powerful. The Chinese authorities started blocking Web pages based on their Internet protocol addresses, which we have already talked about. People got around this initially by using open proxies, which are basically other computers that relay your requests for a Web page indirectly back to you. In early 2001, the Chinese Communist Party countered the use of open proxies by scanning the Internet for them and adding these proxies to the ban list. Another thing that some Web sites did-- apparently DynaWeb did as well--is that they changed their IP address every few days in order to try to prevent blocking of their Web site. But this is fairly ineffective. Safe Web and Voice of America set up a system that would send the IP addresses of available proxies to whoever requested them. Again, DynaWeb also tried this technique. However, it was not long before the Chinese authorities started requesting the proxy addresses and blocking them as well. There are two strategies that have not been effectively countered yet: bulk e-mail lists and freenet. Bulk e-mail still works because the origination of the e-mail is different every time. E-mail does, of course, has the drawback of being one-way communication, but at least that is something. Freenet is a peer-to-peer system that allows two-way communication. It still works because the only way to discover a new node in the Freenet system is through ``out-of-band'' means. This means you have to call up a friend, or your friend has to e-mail you an IP address of another domain network. You join the network and then you can get access to censored information. One of the main goals of Peekabooty is to eliminate this limitation, to create a method of discovery that automatically allows you to discover new nodes in the network without allowing you to discover all the nodes in the network, so that the Chinese authorities could not join the network and block everything. Some of the more recent developments of the Chinese firewall include selectively blocking out content within a Web site instead of blocking the entire site, denying Internet access for a certain amount of time to anyone searching for a band key word. So, for example, if you search for Falun Gong on Google, your Internet access would be denied. Suppressing dissident comments and chat rooms.--If you do type in some sort of dissident comments, a warning e-mail is sent to you telling you not to do that again. Finally, they are starting to log Google key word searches. So if you type in ``Falun Gong,'' they are going to remember who requested that. We can do something about all of this if we act now. The Chinese Government is already on its third generation of firewall technology, and we have not even started version one of a counter-strategy yet. If we do not do something soon, they may be able to close off the country completely and obtain absolute control of their net before we can do anything about it. A fair guess is that, by the Olympics in 2008, it will be much too late to act. Our window of opportunity is now, at this moment. The U.S. Government is the only organization that has the power to mount an effective counter against this type of censorship. Independent efforts, such as mine, by volunteer groups will be ad hoc and there will be no coordination between the releases of the various projects. A well-funded, centralized program could plan application releases so they occur at regular intervals in order to keep the Chinese authorities constantly scrambling to keep up. In other words, the U.S. agency in charge could coordinate and plan a global strategy that would be much more effective than the current ad hoc state of affairs. Centralizing this type of activity also allows for the possibility of inter- operation between the projects and allowing more advanced features in these projects, eliminating redundancy. There are few, if any, commercial possibilities for this type of software, which is why the government is the only organization with the power to fund this type of activity on the scale that is required. The amount of money proposed in the Global Internet Freedom Act could fund dozens of projects. There are so many aspects to this problem and so many ways to solve it, that this is the kind of depth we need. Research is just beginning on this subject and we have a long way to go. This panel here represents a sample of what is out there. There are perhaps a dozen grassroots efforts attempting to do something about this on a shoestring budget. They all rely on volunteers. However, this many projects is not as many as we need. Right now, development on all of them is extremely slow, due to the fact that there is little funding and they all rely on volunteers. The first thing that is dealing with funding, is development speed. The second thing, is usability. The third thing, is translation into various languages. Finally, every project that is funded should have a budget for marketing so that each project can be promoted appropriately. If the government does fund projects such as these, it should be done through credible organizations that are committed to developing open-source solutions. Open-source software is crucial due to the fear of software back doors that would allow remote monitoring of or tampering with a user's computer. Open-source software relieves these fears because the code can be vetted by outside experts. One of the most important things with many of the current projects, is that they use peer-to-peer technology. This means, in terms of costs, there is little cash that is needed to keep them running. Funds are mainly needed for the maintenance of the code and the addition of new features. Each project could be initially funded by only a few hundred thousand dollars a year, and even less for maintenance once they have been deployed. The current crop of anti-censorship projects that show promise and should be considered for funding include the following: Peekabooty, the Freenet/Freenet-China project, the Invisible IRC project, which allows anonymous chat, CryptoMail, which is a Web-based e-mail system similar to Yahoo which provides encryption of e-mail, and finally, plug-ins to e-mail clients such as PGP and GPG to make encryption of e-mail easier. It should be noted that the National Science Foundation [NSF] has started funding anti-censorship research at the academic level. What we need, though, is a system to transfer the research into real-world applications. One of the areas of research that has not yet been exploited is in the field of wireless networking. This type of technology could allow individual devices to route information on their own. This would allow those devices to bypass the Internet infrastructure completely and create basically a new wireless Internet that could not be filtered. Also, another area of research that should be considered is making e-mail encryption even easier to use and more transparent. Right now, it is a little bit too difficult for most people. Finally, to sum up, China's censorship technology is becoming more advanced every day. We can do something about it, but we must act now. The government should fund credible third party organizations to develop open-source anti-censorship technology. Multiple strategies should be developed and their release should be coordinated according to a centralized high-level strategy. If we do not act, there is no doubt the Chinese Communist Party will have more power over its populace than ever before in history instead of less. Thank you. [The prepared statement of Mr. Baranowski appears in the appendix.] Mr. Wolf. Thank you very much. Avi, you talked, first, about the arms race. You did not draw a conclusion. Is this arms race a winnable arms race on the circumvention side, or is it simply a continuing process of raising the costs at each level? Mr. Rubin. I, unfortunately, do not think there is a straightforward answer to that, because there are several different axes that I drew for censorship. If you are talking about the censorship between the inside of China to sites that are outside of China, it is pretty clear where the end of the arms race is, which is that they cutoff all connectivity. Then, short of going through a satellite, or phone lines, or some other way, there is really no way anyone could get out. However, there are a lot of other things. For example, if you look at people within China trying to communicate with other people within China, and maybe posting content where things are not going through the firewall, then I think there is an interesting arms race. It is not clear who the winner is, because I think the technology has only advanced so far at present. We need new research. I support the comments that were made about funding new research. You could imagine a technology developed whereby Internet traffic becomes untraceable, so the next thing that happens is that the government mandates router manufacturers to put something in each packet so that they can trace it. That is another step in the arms race. We have got to go back to the drawing table and figure out how to get around that, and I do not see where that kind of an arms race terminates. Mr. Wolf. Anyone else want to comment on that? Mr. Xia. I would. Mr. Wolf. Yes, please. Mr. Xia. I would like to make a little comment. Technically, you can comment on technology if it can be censored or it cannot, how hard it is. Another factor is if the user will use it. Like, for the Freenet China project, there are people sending e-mails and saying, I am a peasant, I only went to elementary school, so tell me how to use it in two sentences, something like this. So, even if technology works, there is the matter of, first, how can you overcome the first barrier, if you can convince the user to use the software and learn how to use it. Mr. Wolf. Thank you. Mr. Baranowski. I have a comment. Mr. Wolf. Go ahead. Mr. Baranowski. I think, if we do nothing, then eventually we will not be able to do anything. But if we do something soon, then the arms race will continue, and continue on indefinitely until whenever. But there is a point that, if we do nothing now, we will not be able to do anything eventually because they would have cracked down too much at that point and there would be no way to get anything in or out. Mr. Wolf. Is there a point in this arms race where the cost to China is too high, in the sense that the measures the government would have to take would so negatively impact on the use of the Internet, and on Chinese businesses' ability to use the Internet to be internationally competitive? Mr. Rubin. I think you have put your finger on it right there. If China were willing to isolate themselves from the rest of the world, then they could censor in a way that we probably could not overcome. But as long as there are forces within China that want to have, for the sake of their own businesses, like you said, connectivity, then I think that there is something we can do. I also see the door closing if nothing is done, but maybe not as fast. The thing that will push them to the next level in censoring is when circumvention technologies start to move. If they stagnate, then I do not see them having a need to respond. Mr. Xia. I am also thinking of another possibility, that Western companies collaborate in doing censorship even outside of China. Then they can collaborate with censorship technology so it will not affect, like e-commerce communication, inside and outside of China. One technical example I can think of, is content filtering of any Web site--for example, Google--so if you are searching for key words, you are kicked out. However, it is actually easy to resolve this. Google can just implement https so your requests will be encrypted. I am not sure if Google is willing to do that. It is obvious that Google will be confronting China's content filtering engine. Mr. Lin. I might comment. I think those who do censorship and who did anti-censorship, they actually use similar technologies. The result is people or companies do something for profit. So that is why we see that the Chinese Government can create a firewall. I think some U.S. companies are heavily involved with it, say, especially some companies in California. The backbone, the technology, and the core equipment are developed and manufactured by the United States, especially California companies. So we do not have exact evidence, but we can reasonably conclude that the American companies are helping the Chinese Government to build the censorship firewalls. So that is why the same technology can result very differently for different sides. For people who are doing anti-censorship, like Paul, he is just doing it for the ideals, not for profit. I think the two sides are not even. So, the result is, we can expect who will win the war. I do not think, in any small part, that we will win the war. That is the reality, so I am worried about it. So, I think it is my duty to speak here to help many people to understand the situation. Mr. Baranowski. Can I answer that as well? Mr. Wolf. Sure. Mr. Baranowski. You raised a good point about the commerce and tying this anti-censorship technology to commerce. This is the only way I think that these technologies will work. For example, using SSL [Secure Sockets Layer] encryption for secure communication. SSL is also used in e-commerce to buy things over the Web, so they cannot outlaw, for example, that type of encryption. So, this opens a whole lot of China which they cannot really block unless they want to block all of e- commerce. The second thing I want to talk about is the stagnation of censorship technology that Avi mentioned. I do not think this would happen at all, because they are plowing forward as fast as they can to implement more and more technology. For example, the Golden Shield project. They are trying to use as much technology as possible to control their population. I do not think it is going to stagnate anytime soon. Mr. Wolf. All right. Thanks. Holly. Ms. Vineyard. I would like to follow up on Ira's point there. I would first direct this toward Paul. It is open for anyone else who would like to answer. As technologists, how would you characterize the economic cost of censorship? I am interested in this as an approach for, how do we engage the Chinese to see the true economic potential of the Internet if it is left unfettered? Mr. Baranowski. Obviously it is costing them a lot of money to employ this many people to constantly be looking at Web sites and trying to filter them. So that's the obvious, up- front cost, as well as buying the right type of hardware equipment that they need. Another economic cost that might be borne by them is the fact that they might be blocking sites that are not supposed to be blocked which are e-commerce sites, so if people cannot get to those sites, they will not be able to buy goods and services through those sites. That is just off the top of my head. Maybe someone else can answer that as well. Mr. Rubin. Well, I am not certain how much commerce there is from China to e-commerce sites in the United States, and I think that is something that should be looked at to figure out. That was used as a motivation for why they are not likely to block SSL, but blocking SSL is trivial. It is 443. They just turn it off and say, we do not have SSL through our firewall. If it is not the case that people in China can purchase things on e-commerce sites in the United States, then that point is pretty meaningless. I do not know. Maybe somebody knows about that. Ms. Vineyard. Does anyone know if there is much in the way of e-commerce going the other way? Mr. Rubin. People in the United States purchasing things in China? I do not know, either. I would be surprised. Mr. Xia. I do not think many people are buying things outside of China from inside China. Mr. Baranowski. Maybe not consumers, but maybe businesses. Of course, I do not think any of us have any data on this whatsoever. We are just making the best guesses that we can. Mr. Xia. When China blocked Google, there was a big cry inside China and more people are complaining. They want to do research or just common activity and they are blocked. Mr. Baranowski. That is a good point. I believe it was businesses eventually that complained so much that Google was blocked that they had to unblock it. Mr. Wolf. Let me just jump in here. Rather than e-commerce and individual e-commerce, as Chinese industry continues to develop and become more sophisticated, they are going to have global sourcing strategies that require fairly sophisticated use of the Internet, whether it is sourcing, inventory controls, and so on. That is what I was getting at. Not so much individual e- commerce so much as, does additional effort by China to monitor, block, and control the Internet raise the costs, ultimately, of a joint venture auto manufacturer that is involved in global logistics? Mr. Rubin. Definitely. I mean, the way that I would envision that this would happen would be if they do not want to allow unfettered access to the SSL port, which someone serious about censoring would not because a lot of circumvention technologies could be built on it. They could perhaps require any company or any entity that wants to do that to clear it with them, and then they would provide a special port and maybe some encryption keys that they know that they allow them to use, and then they could monitor it carefully. That would all be very expensive. It would require a lot of databases to keep track of which keys are used for which communications, and then all of the monitoring equipment. So, they are raising the bar on themselves to some extent by making it more expensive to allow those business-type communications that they want to allow while preventing general use. Mr. Xia. I think this is true right now for e-mail service. If you are running e-mail service in China, you have to put in all the filtering software. For the Chinese ISPs, many of them have very sophisticated e-mail filtering software which will delay users receiving e-mails. Also, many people will lose their e-mails. It is quite different from here. I can call you and say I just sent you an e-mail, but in China you cannot rely on this. Ms. Vineyard. Thank you. Mr. Farris. I am wondering if any of you could speculate on what sort of attributes any anti-censorship or censorship circumvention software or project would have to have in order to be successful. For example, I think issues like deniability on the user end, the receiver end, would be important. But perhaps Bill or Lin Hai can speak to whether or not they think that is really an important issue in China. Other issues like user interface, I think you mentioned, or translations into Chinese. How important is it to the Chinese people at the user end that this be in the Chinese language, or does the average Internet user have an English level sufficient to use these programs? If any of you have any speculation on what a good censorship circumvention program would possess. Mr. Rubin. I can tell you what we did with Publius and some of the lessons that we learned in that regard. In terms of user interface, I think the best way to distribute client software is as a plug-in to a browser. We experimented with client-side proxies. Those require someone who knows how to run a compiler in order to get them running, unless you want to write something native, but then people use many different operating systems. The one common denominator seems to be a browser. So, a client-side plug-in would have the advantage of being able to have general-purpose functionality. You could build your whole protocol into it, whatever that might be. Users would be able to not know necessarily exactly what it is doing and just have content displayed for them. So, as far as user interface goes, I think that is the way to do it. That will not work in a cyber cafe, for example, where you do not have access to installing a plug-in. In that case, you need to go with raw html, and it is a lot harder because if you need to do any decryption or decoding or anything like that in the software, then the only way you might do that would be via a Java applet. The Java applet would come from some well-known site, and that could easily be blocked. So, after looking at all the different alternatives, I think a browser plug-in is the way to go. You mentioned deniability. In the Publius project, what we did was take the content that somebody wanted to publish and break it up into many, many little pieces. Those things had transformations performed on them so that you needed some subset of them to reconstruct the content. So, here's an example. Take a piece of Web content, whether it is an image or a document, and break it up into 100 pieces such that any 4 of them can reconstruct it, but any fewer than 4 is meaningless and more than that is redundant. The idea here, is then you store those pieces on 100 different servers all over the world. We had a bunch of servers up and running in seven countries. This was a research prototype. The sites that would host the content, they see this 1 piece out of 100 and they do not know what it is. So, there is deniability from the host server. Without three other pieces they do not know what it is and they do not necessarily have that information on where the other pieces are. So it was a system for publishing something. It got dispersed throughout the Net. Nobody knew exactly what the individual pieces meant. Then somebody to retrieve it would get a special URL, or they could get a link through something, and by running a proxy on their machine that their browser talked to, could go out and get four pieces, do a cryptographic check- sum on them, verify that they had not changed, and then load the image into the browser or the document without the user having to be aware that all this happened behind closed doors. Mr. Baranowski. May I answer that as well? Mr. Wolf. Please. Mr. Baranowski. As far as user interface, I think a variety of methods should be used depending on the individual user. Something different should be in an Internet cafe versus someone from a home computer, versus someone at a business, which is what I was getting at before in my speech. I was saying we should have multiple projects going on at once using a variety of methods. As far as deniability, the only thing I can say is that this does exist in Peekabooty. The connections to the Web server are anonymous. No one can tell who is fetching which Web page. As far as English level proficiency, I just read a report last week that said 20 percent of Web pages viewed from China are in English. So, definitely the minority. That is all. Mr. Lin. May I comment? There are some informal technologies used by the Chinese Internet guys. They can always find some secret way to access the outside world. But the problem is, it is not public technology. So, the public needs to use most widely used technologies, say, for Web access. I think if we can offset technology to let people use a normal browser to access the outside world, the effect or the result will be very limited. So, that is a problem. Not all people are educated in technology. They are just normal users. Mr. Xia. I think the answer, a lot, depends on how many users you are targeting. For the most computer-capable people, many of them can read English. They will find ways themselves. They do not quite need your help. Like, DynaWeb has reached the level of tens of thousands. So at this level, you need something really easy. We got complaints, in the beginning, about DynaWeb using the domain name, or just visiting a Web site. I cannot say anything easier than that. But, still, some people do not like the pop-up windows, https, because it is not certified, or something like that. Or we do some technology that makes the domain name look weird, and then some users say, should I click it, or something like this. So, even at this level of users there are lots of questions that arise. But if you are working on something like a plug-in or a program, people need to download a Chinese interface. That is important. Like for the Freenet China project, it has software and it reaches a user level of 10,000. So at this level of user base, you do need the Chinese interface, and a very easy-to- understand interface. Another factor we tried to compile, is we want to put the program below 1.44 megabytes so people can carry it around with a floppy. Then people do not have to leave that program on their computer's hard drive, they can, every time, download it and delete it. But this is getting harder because in the Internet cafe situation, it is really bad. In many of those registered Internet cafes, you cannot download and there is no floppy drive. I think for some software, the administrator can remotely look at your screen at any moment. I think for this specific environment, it is almost like the door is closed. There is hardly anything to do with it. Mr. Rubin. Just one other point. In a country where it is illegal to do certain activity, you could conceive that if there were such a plug-in or proxy program, the fact that that thing is on your machine could be a liability. Mr. Farris. So just a follow-up. In terms of the state-of- the-art right now, is it possible for there to be a system that has complete deniability, something that would not have to be downloaded, that would not involve any obvious encryption that would tip off the authorities? Mr. Rubin. It depends on your threat model. If you have a threat model that the authorities are sniffing your line, then the answer is, without encryption, no. If they do not allow encryption, then there is nothing you can do. If you have authorities that are, with some probability, sniffing your line, then maybe you can play some games and adjust or tune your risk factor and say, I will get caught with this probability, and that may be able to be small enough that it would be worth it for people. But if the adversary can view the line going into your house and you do not allow encryption, then I do not see how there is anything you could do. Mr. Baranowski. Since China still does allow encryption, what you could do is if you are in China and you have a friend in the United States, you could download a program such as PGP Net, I believe, and encrypt all your data between the two computers, he sets it up on his computer and his computer is on all the time, and you just route everything through him. So, it has to be more of a personal connection to someone who is going to help you out in another country, and then you could quite easily get around it. As far as an automatic system, there is no way right now to--sorry. Could you repeat the question real quick? Mr. Farris. I guess I am trying to see if it is possible to have complete deniability. Mr. Baranowski. Oh, complete deniability. Mr. Farris. So nothing needs to be installed in the computer. Mr. Baranowski. Nothing that is automatic. Right. Mr. Farris. Yes. Mr. Xia. Technically, I think it is probably impossible to achieve that. But right now, I think the closest is DynaWeb. You only need a domain name to visit a Web site, and then you can clean your history with your Internet browser. But still, if someone is looking through your computer, still you can be caught. Here, just now what Paul mentioned, I think, we can put in a social background. Right now, downloading and using PTP will not get you into prison. But there are people arrested, and PTP is used as site evidence. So, just using PTP is fine, but if you are doing something else along with PTP then it is something else. I think this is an important point. In the last 20 years, China has changed a lot. During the Cultural Revolution, all the requirements were really harsh. If you were listening to the VOA radio at midnight, you could be caught and sent to prison. But now the government, instead of arresting you, is only trying to jam VOA radio. Mr. Wolf. Thanks. Keith. Mr. Hand. I wanted to get back to this arms race issue for a minute. I was curious what the typical timeframe is in terms of the cycle of technology and counter technology. Then maybe you could follow it up with another point. There has been some concern expressed that, as these new technologies are developed, there could be a false sense of security among users in China as to the degree of protection that they have. I was wondering if you could comment on that risk and whether, in your experience, people understand it or whether they feel like they are completely protected from monitoring when a new technology is introduced. Mr. Xia. From my experience, they correct that mistake pretty quickly, like 1 day after. If they mistakenly block their own sites or something like that, they will correct that pretty quickly since they only need to release what they did with that technology. But to develop brand-new technology, from our recent experience, it is more like months. But for security concerns, I think you have to foresee it to be compromised. Mr. Rubin. To answer the other part of your question, it is interesting. When we came out with Publius, I got approached by somebody who wanted to use it for very sensitive--they did not tell me what--activities and they said they were really worried, and how much would I vouch for the software. It is interesting, because normally if there is a bug in a program that I write, something crashes. But the responsibility of potentially putting someone in harm's way by a bug in the software was too much. So we disclaimed it and said, this is a research prototype. We did open-source it. I agree that open-source is an important component of anything like this. If you are going to use a program that could get you thrown in jail if it does not behave properly, that is a pretty scary notion. I mean, the way they measure the number of bugs in a program, the metric in software engineering, is by the number of lines of code. You ask a software engineer, how many bugs does a program have, they say, well, how many lines of code? And then you know how many bugs it has, or a minimum, anyway. So for something to be that reliable that you are going to risk your freedom to use it, I think it is tough and I am not sure that I would want to take that chance, myself. Mr. Hand. Thank you. Mr. Wolf. Paul, if you had a different hat, let us say as a representative of a U.S. intelligence agency, and you were sitting here as the fifth person on this panel, and you heard Paul Baranowski talk about the need to develop open-source software for countermeasures, what would you say to us in response? Mr. Baranowski. In response to what? Mr. Wolf. Regarding the technology required for countermeasures, what concern would the intelligence community have that obviously bad people would put this to bad use? Mr. Rubin. The double-edged sword. Mr. Baranowski. Oh, yes. All right. I have been asked this question before. Yes, I would have concerns about whether bad people could use this technology for bad things. My response to that is I have tried to think of ways that, especially Peekabooty, could be used to do bad things and I am hard pressed to come up with something that is not already done better using the different programs specifically designed to do bad things. There are plenty of programs out there in the Internet area that do bad things, like denial of service attacks, viruses. All this, you can get easily. So, something that simply makes your Web browsing anonymous, it is somewhat difficult to think of scenarios that you could use it to do evil with. Mr. Lin. I might comment. I think no one can prevent some people from doing bad things with some technologies. So, based on this theory, to make any policy to limit people using technology, you will not really reach your goal. For example, the PGP software. To my understanding, it is still banned for people outside of the United States to download the PGP software from U.S. Web sites. It is the United States law. So how do they do it? They just publish the PGP software, soft code, and carry it to Norway, and then retype it into the computer at the Web site in Norway at PGPI.com, or something like that. So that other part of the world--outside of the United States--can download the same program. That is just an example. The United States making some kind of policy to try to limit the people using technology, it does not work. That is my opinion. Mr. Rubin. Getting back to your question for a minute, when Publius came out we took a lot of criticism from people who came up with the example, imagine somebody came up with child pornography or some other kind of offense-to-pretty-much- everybody image and posted it to a system where it was published where it could not easily be removed. That is something that was not possible before. Or instructions on how to make a bomb, or something like that. You sort of take a step back when you suddenly think about uses of your technologies. There are several different ways to look at it. One is an example I go back to. When the automobile was first introduced, law enforcement was afraid to allow these things to be mass produced because they were worried bad guys would be able to get away more easily. Yet, we see all the good that has come out of the automobile. The same thing could be said for the Internet. A more constructive answer, though, is to say that you can build censorship-resisting technologies with dials in them and let society set the dial. So in the United States, for example, we all believe pretty much--we should believe--in freedom of speech and the right to do certain things. Then there are certain acts which pretty much are the norm in society that that is unacceptable, certain things like child pornography that there is just no debate about. So, perhaps we can build a censorship system so that if almost all the users in the system do not want something, then that thing can be censored, but it requires a communal effort of almost everybody. That is just some thoughts on how to do it. You have got to be very careful that you do not enable, accidentally, ways of censoring that are more easy than before. Mr. Wolf. Let me turn to United States suppliers of technology, equipment and software for China's backbone. Lin Hai was talking about California companies. Others have talked about the need to license or restrict United States export of technology to China that can be used for censorship and control. I wonder if you could comment on what you think should or could be done regarding control of United States exports of Internet technology to China, or whether it is something you believe is a road that we should not go down. Mr. Lin. I think that it is not easy to make any kind of policy like that because people can find some ways, any ways, for profit. So my suggestion is, do some reverse policies to encourage companies, and individuals, and organizations to develop any other technologies against censorship. This is the way to work, I think. For example, set up some funds to sponsor people like Paul, to develop anti-censorship technologies. That is the right way. Mr. Baranowski. I would say to ask the companies themselves to have them issue a statement saying we do not support censorship and surveillance. We do not take part in it. For them to come out and publicly say that, I think, would be a very good first step in that process. There is a precedent for regulating this type of technology, and that is with encryption. Just a few years ago, you had to first submit any encryption product to some agency to have it checked out before it was exported, so you could not export anything that encrypted above a certain level. This could also be done with censorship technology. That would be a more extreme thing to do, but there is precedent for it. Mr. Rubin. Yes. I pretty much would oppose any idea of regulating what Internet companies can and cannot sell abroad. While I agree with the goal, I think that such export restriction attempts have fallen flat on their face before, as we have seen with the encryption. Mr. Wolf. Bill, do you have a comment on this? Mr. Xia. I think it is kind of analogous to export arms so that arms can be used for good things or bad things. So, there can be restrictions on what kind of technology you can export and where you can export. They cannot just say, I am sending the technology, I do not know or I do not care what they are doing with it. Especially for China, in the past years, it has been demonstrated, what are they going to do with content filtering technologies. So, I think there can be regulations on some specific cases. Mr. Rubin. I would worry that China would start buying their backbone technologies from other countries that have equally developed products, and that we would be hurting our business without actually helping fight censorship. Mr. Wolf. Holly. Ms. Vineyard. If China has such effective cyber-walls, in your opinion, why is it these cyber-walls are not being used to stop piracy as well? In the recent regulations, copyright piracy was not identified specifically as an illegal purpose. How do you recommend we go about raising this? I mean, we would be asking the Chinese to provide additional policing to a medium that we essentially want to be free, but we still want to protect the rights of copyright holders. Mr. Xia. I think Internet censorship has become a very essential policy of the Chinese Government. This year, the head of the Public Bureau of Security commented that there is a conspiracy about anti-China forces trying to distribute subversive information through the Internet. I think for the Chinese Government, the Internet Freedom Act can potentially endanger their current authority, so it is a pretty high priority, not just economics. Ms. Vineyard. But my question was really trying to get at the protection of intellectual property rights, especially copyrighted material. If any of you have any experience with how that is being protected or not protected on the Chinese Internet, I would appreciate your views. Mr. Rubin. I think that it is really a different security technology that protects or prevents traffic from flowing freely and that guards intellectual property. It is almost like guarding the information in the other direction. So, if something that is a particularly valuable intellectual property gets inside China and can get replicated very easily, the fact that it went through a firewall when it got through is meaningless at that point. Intellectual property protection technologies are somewhat limited in their capabilities. If there is something that you have in software, you can replicate it. Hardware assistance is expensive. It is difficult to distribute things when you require people to have a particular kind of player. Intel and Microsoft are taking steps to provide intellectual property protection in the platform that people have in their homes. At that point, if that works, it will be successful in China as well. But I do not think that the censorship technologies are designed, nor can they very easily protect, intellectual property of something once it has gone through the firewall. Mr. Lin. To my understanding, this is more consistent with the law. In China and in the United States, they seem to have similar copyright laws, but they actually deal with them very differently. In China, on the big Web sites, they understand the copyright law, but individual users do not care. The government also does not care about the individuals who use free copies of copyrighted materials. So, the censorship through technology will not help to protect the copyright, but it should be done by something like how to develop the law and how to actually do something under the law. Mr. Baranowski. Actually, one of the scary things is that if China does get this DRM technology, which is Digital Rights Management, which allows you to protect your intellectual property, if that goes to China, it actually gives China more power to censor their people because you could use that same technology to say, you can only run this program on your computer, or this set of programs on your computer, and nothing else that is not approved by the Chinese Government. Thus, no program that we could write, any anti-censorship program we could write, could ever bypass that sort of control. Mr. Rubin. And that is not limited to China. A lot of people worry that DRM technology in the United States could greatly restrict fair use of all kinds of things. Ms. Vineyard. Thank you. Mr. Farris. I would like to stay on that point for a moment. I think at least Publius, and maybe also Peekabooty, were not specifically designed with China in mind, and there may be a concern about other countries as well. Do any of you have a view on where China fits in the spectrum of censorship compared with, say, even the United States or other countries? Is China the worst offender? Do you see the United States moving in a similar direction? Mr. Baranowski. China is the worst offender, possibly tied with Saudi Arabia. The other countries that are censored are Burma, Cuba, and even Australia. There are about 20 or 21 countries that censor their Internet the last time I checked. You are right that this type of technology could work in any country. It is not just limited to China, which is, in my opinion, a good thing. Mr. Farris. Thank you. Mr. Wolf. Keith. Mr. Hand. I wanted to get at Ira's question from a slightly different angle. There was a lot of controversy over the Yahoo China pledge earlier this year. Some argued that even operating under some restrictions, there is still an advantage to having a company like Yahoo operating in China, delivering information and pushing the limits of the controls there where they can. I was wondering if you could comment on that and give us your sense of where you think the line should be drawn between working within the system and struggling within it for change, and where you end up colluding with the government on these censorship issues. Mr. Rubin. I think that anything that encourages the openness, the connectivity between China and the rest of the world, opens up avenues for other censorship-defeating technologies to piggy-back on the existence of that network. So, from that sense I think it is a good thing. Mr. Baranowski. It seems to me that companies going into China are playing right into their hands. China basically stops any company from coming in unless they obey their rules. So, basically it does not seem like any Western thought is getting into China through these corporations. For example, the Norton Antivirus software. They gave China virus software before they could get into China. Cisco built special routers for them. All these companies are playing right into their hands and basically doing whatever the Chinese Government says so they can get into this imaginary market, in my opinion, that is not quite as big as they made it out to be. Mr. Xia. I agree with what Paul said, especially in the case of Yahoo. They have openly signed a self-censorship agreement. In the case of Yahoo, it actually helped China to create a kind of Chinese Internet and make it look like people can stay there and get everything. Mr. Wolf. Paul, you just said Cisco provided special routers. Are you saying that the Chinese Internet censors provided specifications to Cisco to provide some unique equipment, or are we talking about equipment that they provided that have multiple uses? Mr. Baranowski. The reports are that they asked for specific features in these routers, and Cisco made it for them. Mr. Wolf. Is it your assumption that those features are unique? Mr. Baranowski. Unique to China. Mr. Wolf. Unique to censorship functionality as compared to some other functionality? Mr. Baranowski. To censorship technology. Mr. Wolf. But that is a guess, right? Mr. Baranowski. These are reports from interviews of people that worked on the project, so I do not have direct experience with that. Mr. Wolf. As you develop circumvention technologies, is the target user the average Internet user in China, or is the target someone who has a fair amount of sophisticated knowledge? In other words, is the beneficiary someone who has a PC at home, does not know much about the technology but knows how to sign onto his ISP? Mr. Baranowski. Are you saying, for Peekabooty, is that the main target market? Mr. Wolf. Yes. Mr. Baranowski. Yes. Yes. For my project, Peekabooty, that is the target market, the personal home computer or any computer you can actually install software on. Mr. Wolf. And a user who is not particularly sophisticated. Mr. Baranowski. Yes, and a user that has no special knowledge of Internet technology. Mr. Wolf. Avi. Mr. Rubin. Since it was a research prototype, we never got it to that phase. But the design was made with that as one of the original main constraints, is that it should be usable by anyone. Mr. Wolf. Bill. Mr. Xia. From the response I got, there are people who really have little computer technology. They ask me, you gave me the URL. What should I do? So I have to tell them, please copy the URL to the address of your Internet browser and return. You will see the Web interface, blah, blah, blah. Mr. Wolf. All right. Mr. Lin. I think nobody can get benefits from a virus. If the government, for some purpose, makes some special virus that is very dangerous and powerful, you can understand because most of the users are uneducated in special technology. They will not find anything special. All information can be collected by the central government. It is very easy and effective and could happen. We have not had any reports that it has already happened, but it is just a technical possibility. Mr. Rubin. It is actually pretty bad. There is a program out there for Windows, which is the most popular platform, called Back Orifice. It is a spoof on the name Back Office. What this program does, is it can be installed on a computer in stealth mode, meaning that you cannot really tell that it is running on your computer, and it provides a remote terminal to whoever installed it there where they would have a window on their screen that was exactly your desktop, whatever you saw there. They could control it with mouse clicks and keyboard events that would be sent from their computer to the target computer, and anything that was done on that target computer would be visible, and any keystroke, any password that was typed in, would be visible. So in the extreme where the government wishes to install this kind of a virus, or even to require vendors to install this on the computer when they sell them, they could pretty much see exactly what was going on on every single computer any time they wanted. Big brother. Turn the switch on this house and watch what is going on on that computer. That is not just technically feasible, that has already been done. That software is out there. Mr. Wolf. I have one last question. Bill, the figure of 30,000 Internet police. Where does that come from? Mr. Xia. I think it is originally from some report from China, and then everybody is quoting it. Mr. Lin. There is a specific Web site. They publish a lot of information related to the Web site, at dfn.org, Digital Freedom Network. That is my recommendation. You can find some information related to it. Mr. Wolf. All right. Well, I would like to thank you all very much for coming today. This has been helpful in our understanding of the Internet technology issues. I appreciate the fact that, although you are all technologists, you talk about it in a way that non-technologists can understand. So, thank you all very much for spending the time, and thank you all for your commitment to this. [Whereupon, at 4:13 p.m. the roundtable was concluded.] A P P E N D I X ======================================================================= Prepared Statements ------ Prepared Statement of Avi Rubin november 4, 2002 While I am a researcher at AT&T Labs, I am participating in this round table as an individual, representing only my personal beliefs and opinions. I have been researching computer security issues since 1991. Much of my work has focused on privacy, anonymity, and censorship resistance. The purpose of my statement is to discuss technical issues related to censorship. I will discuss the techniques that a network administrator, including a large company or a country, could use to censor access and content to and from its network, and I will discuss techniques that could be used to circumvent this censorship. For the remainder of this paper, I will refer to the party controlling the network as the Censor, and to the party wishing to circumvent censorship as the User. Censorship is somewhat of a broad term. It can refer to the blocking of access to web sites. It can refer to blocking all connectivity outside of the domain of the Censor, and censorship can refer to the limitation of access to certain content. Censorship can also involve forceful removal of content from the Web, by applying pressure to the publisher and/or the web hosting party. The latter is the type of censorship that the Publius system was designed to circumvent. In this statement, I do not discuss censorship within the domain of the Censor, but rather, the censorship of content available from outside of the domain for people whose network is under the control of the Censor. I also focus on the User as the receiving party of information and not the publishing party. I will be happy to discuss issues related to the latter in the question and answer period. There are three principle techniques that can be employed by the Censor. 1. Routing filters: The Censor is in a position to control how traffic from the User reaches the rest of the Internet. The Censor can refuse to route Internet packets from the User that are destined for particular locations. Thus, the Censor can use the destination address of the packets to make a censorship decision. In the extreme, the Censor can prevent all traffic from all of its users from reaching any network outside of its control. This is easy to do, and any Censor can accomplish this without the need to purchase any new hardware or software. The functionality is built into all off the shelf routing equipment that sites use to connect to the Internet. 2. DNS tricks: The Censor can exert some control on which external sites users can communicate with by virtue of its control over the Domain Name Servers (DNS) within its administrative boundary. The DNS is the service that maps computer addresses (IP addresses) to names. For example, wow.avirubin.com has the address 207.140.168.155. Computers communicate using such numerical address, but people enter readable names into web browsers. The DNS translates these names into numbers. Since the Censor controls its own DNS service, it can translate requests from the User to addresses under its own control. For example, if the User attempts to connect to www.avirubin.com, the Censor can program its DNS to return 10.10.32.1 when the User's machine tries to figure out the IP address of the machine, and this address can be that of a machine controlled by the Censor. Thus, DNS provides the Censor with the ability to control which computers the User can connect to. 3. Application level filtering: The previous censorship techniques dealt specifically with connectivity issues. Application level filtering, on the other hand, is a mechanism for controlling the content, even if the User can connect to a server. The most likely type of application level filter that the Censor would use is an HTTP proxy. This is a program that intercepts requests sent to Web servers and the responses returned to the User. The Censor can inspect the content, and a decision can be made, as to whether or not to block the information from reaching the User. A Censor using an HTTP proxy might focus its attention on popular search engines. The first type of censorship, based on routing filters, is difficult to circumvent. If the routers do not allow packets in and out of the network, then there is no way to get around that. The best one could do is to dial up to an external ISP. Of course, this could get expensive if the Censor is a country. Also, a very strict and powerful censor could monitor the phone network for data dial-up connections and disconnect them, as well as sanction the User. The second type of censorship, based on DNS spoofing, can be circumvented by users who know the IP address of the server with which they wish to communicate. Instead of referring to the server by name, they could connect using the IP address directly. However, IP addresses change frequently, and it may not always be possible for users under the control of the Censor to know the IP address of a server. In general, this is not a very effective technique. The third type of censorship, based on application level filtering, is perhaps the easiest to circumvent. Encrypted content is difficult to censor, but a very strict Censor can maintain a policy of blocking all content that it cannot interpret for the purposes of filtering. Perhaps the easiest way to bypass HTTP proxies is to proxy web content over a different port. Port numbers are used on the Internet to identify the type of service for packets between hosts. For example, Web traffic uses port 80. HTTP proxies process packets that are marked with port 80. A User wishing to circumvent this monitoring could cooperate with someone on the outside of the Censor's administrative control. They could set up two proxies. The inside one would translate port 80 packets into ones that use, say, port 14500. The outside one would translate port 14500 back to port 80 and send them to the server. Thus, the User could browse the Web without the Censor detecting it. However, a strict censor could block all ports except 80, and then filter on port 80. There is little that could be done by the User in that case. It should be noted that researchers have succeeded in identifying services by their traffic patterns, independent of port numbers. The bottom line is that there is an arms race in censorship. An extreme Censor can win every time, but at the expense of completely disconnecting all users. The more tolerant a Censor, the more avenues there will be for circumvention of the censorship that is in place. ______ Prepared Statement of Bill Xia november 4, 2002 DynaWeb was launched on March 12, 2002. It is a proxy network that allows users to circumvent the Internet censorship in China and to have secure and full access to the Internet. Users use DynaWeb as an information web portal to all other web sites. Since the inception of DynaWeb, we have managed to stay ahead of the censorship by China most of the time. 20,000 unique users gained regular unblocked access to the Internet through us. DynaWeb has already played several rounds of the censorship and anti-censorship game in the past 8 months. Before I start, I would like to explain a few critical technical terms for understanding DynaWeb experience. There are two ways to access a web site through an Internet browser. One is to type in the domain name, for example, www.google.com. The other way is to type in the IP address of the domain name. The IP address is the essential place the browser will fetch the web site information for the user. However, domain name is more user-friendly. After a user types in a domain name, web browser will resolve domain names to IP addresses and fetch the right information for the user. The game started with e-mail subscription service. DynaWeb e-mailed unblocked IP address updates to subscribers. After 2 weeks, the censors probably subscribed to our e-mail service too because the valid time window of DynaWeb IP addresses reduced to a range from a couple of hours to a few days after release. Then our services expanded to domain names with dynamic IP addresses. However, censors started chasing DynaWeb domain by automatically detecting the IP addresses that pointed to the domain name. This dramatically increased the needs for back-up IP addresses, hence increased the cost of DynaWeb maintenance. DynaWeb adopted new strategy so that censors had to manually verify the IP addresses before blocking it. Then automatic IP blockage stopped. Soon in August, users started to have difficulty of accessing DynaWeb through https even the IP was not blocked. It was found out later on that the certificate DynaWeb used for secured access from the Internet browser was filtered. This can be achieved by package level analysis of Internet traffic to find out signature related to the certificate DynaWeb used. In response to this, DynaWeb started to change its certificate daily. No reports of certificate blocking have been found since then. Again, censors were frustrated with the resource required for daily updates of all related content filtering engine, and quit. At the end of September, DynaWeb domain names were hijacked to a fixed IP 64.33.88.161 in China, along with many other web sites like www.voa.gov. DIT has published a detailed report about this hijacking (http://www.dit-inc.us/report/hj.htm), and it can be independently verified from the U.S. More study about this hijacking is still undergoing and will be released after we pass this stage. So, what is next with the Cyber-wall? At the first look, it is a technical question if technology can break through China's Cyber-wall. In fact it is not. This process is a race of technology and time. As DynaWeb's experience has demonstrated, both parties can always implement new technologies to stay ahead and sustain the advantage. If Internet breakthrough is defined as a pure technical issue, the future is brighter for censors because China purchases the most advanced censorship technology from western companies. China is also developing the Golden Shield project, a ``data base- driven remote surveillance system.'' When the whole Beijing city is wired with biometric sensor and camera network, no Internet based anti- censorship can get around the surveillance system. Even now, during the 8 months of technical race with DynaWeb, China has developed the largest and most sophisticated IP blocking and content filtering system in the world. The more anti-censorship technique is deployed, the more comprehensive censorship technology has become. This leaves less and less technical room for anti-censorship. It is critical to take full use of technologies to benefit as many people as possible before the door is closed. Second, it is a matter of available resources. China has 30,000 Internet police specialized on Internet censorship, and ISPs are forced to perform self-censorship. The self-censorship is even adopted by foreign ISPs such as Yahoo. China has purchased top technology from western companies. These technologies have even been modified for China's particular censorship needs. Nortel, Sun Microsystems, Cisco and many smaller companies contributed to building China's Cyber- wall.\1\ --------------------------------------------------------------------------- \1\ China's Golden Shield: Corporations and the Development of Surveillance Technology in the People's Republic of China, by Greg Walton, International Centre for Human Rights and Democratic Development http://www.ichrdd.ca/ english/commdoc/publications/globalization/goldenShieldEng.html --------------------------------------------------------------------------- Comparing to China's investment in censorship and cyber wall, investment in breaking through this Cyber-wall is next to nothing. There are very few groups developing technologies suitable for this Wall. With more resources, DynaWeb can provide services to more people, develop better client software, have closer monitoring of censors' new technologies and respond faster. Third, people develop technology and technology serves people. People factor is the most important factor eventually. Recent increase of public awareness about China's Internet censorship both inside and outside of China is a great sign. We hope that this will help improve the current situation soon. Currently companies contributing to China's Cyber-wall bear little public pressure, not mention any legislative limitation. Inside China, more and more harassment and arrests of dissidents and journalists are related to the Internet. Last year, there are more than ten arrests in China for distributing forbidden information. This will create fear among the public. For the general public in China, they are now gradually realizing the existence of censorship consciously. More importantly, government has adopted subtler mind control and propaganda to decrease Chinese's interests in uncensored information. All major events outside of China are reported, with seemingly a variety of views, although all the different views are in fact the government's view. There is a fully developed online community inside China serviced by self-censoring ISPs. This strategy is an extension of China's Cyber-wall, a wall in people's mind. Internet, combined with TV, newspaper and other information channels now offers Chinese people different types of information and different views on certain issues. It looks like that full freedom of speech has been achieved. However, the government produces all the different views and types of information. The censors try to use this to reduce people's interest in uncensored information. In summary, technology along won't decide the future of China's Cyber-wall. But people do. If all Chinese people would like to obtain uncensored information, the Cyber-wall will be broken, from the inside. Prepared Statement of Paul Baranowski november 4, 2002 I am the project leader of Peekabooty, a piece of software that is designed to get around state-sponsored Internet censorship at the national level. Peekabooty accomplishes this using peer-to-peer technology. Peer-to-peer (P2P) basically means that there is no central authority governing some part of a networked system. The idea is that anyone that uses a P2P system also helps out others. Napster, Gnutella, Morpheus, and Kazaa are all examples of peer-to-peer networks. Peekabooty uses other nodes in the network to relay data around the firewall, kind of like a distributed proxy service. China has been working on its firewall since before 1997, and we have seen its power growing over the years. Just about every other month now we see another story of a new technology being implemented in order to more effectively filter information. The Chinese authorities started by blocking web pages based on their Internet Protocol (IP) address. Citizens of China initially worked around this by using ``open proxies''--that is, other computers on the Internet that indirectly fetch web pages for the user. In early 2001, the Chinese Communist Party countered the use of open proxies by scanning the Internet for them, and adding the proxies to their banned list. Web sites have also responded by changing their IP addresses. However, they can only change their IP addresses every few days and this costs money, so this is fairly ineffective. SafeWeb and Voice of America (VOA) set up a system that would send the IP addresses of available proxies to whoever requested them. However, it wasn't long until the Computer Monitoring and Supervision Bureau of the Ministry of Public Security started requesting the proxy addresses and simply banned any IP addresses it received. There are two strategies that have not been effectively countered yet: bulk email lists (where email is sent out to an enormous number of people) and Freenet. Bulk email still works because the origination of the email is different every time. However, email has the drawback of being one-way communication. Freenet is a peer-to-peer system that allows two-way communication, and it still works because the only way to find another Freenet node is through ``out-of-band'' means. This means there is no automatic way to discover all the nodes in the network. The only way to find another node is, for example, by calling up a friend of yours that is running Freenet and getting his IP address or having an IP address personally sent to you in an email. One of the main goals of Peekabooty is to overcome this limitation: to create a method of discovery that is automatic yet never allows anyone to discover all the nodes in the network. I am currently developing a simulation of a system that shows great promise in this regard. More recent developments of the Chinese firewall include:Selectively blocking out content within a web site instead of blocking the entire site Denying Internet access for a certain amount of time to anyone searching for a banned keyword Suppressing dissident comments in chat rooms, followed by a warning email to the user who made the comments Logging Google keyword searches We can do something about this if we act now. The Chinese Government is already on its third generation of firewall technology, and we haven't even started version one of our counter-strategy yet. If we do not do something soon, they may be able to close off the country completely and obtain absolute monitoring and control of their net before we can do anything about it. A fair guess is that by 2008, when the Olympics go to Beijing, it will be much too late to act. Our window of opportunity is now, at this moment. The U.S. Government is the only organization that has the power to mount an effective counter against this type of censorship. Independent efforts by volunteer groups will be ad-hoc, and there will be no coordination between the releases of the various projects. A well- funded, centralized program could plan application releases so that they occur at regular intervals in order to keep the Chinese authorities constantly scrambling to keep up. In other words, the U.S. agency in charge could coordinate and plan a global strategy that would be much more effective than the current ad-hoc state of affairs. Centralizing this type of activity also allows for the possibility of interoperation between the projects, allowing more advanced features in each product and eliminating redundancy. There are few, if any, commercial possibilities for this type of software, which is why the government is the only organization with the power to fund this kind of activity on the scale that is required. The amount of money proposed in the Global Internet Freedom Act has the possibility to fund dozens of projects. There are so many aspects to this problem and so many ways to solve it that this is the kind of depth we need. Research is just beginning on this subject and we have a long way to go. This panel represents a sample of what is out there-- there are, perhaps, on the high end, a dozen grass-roots efforts attempting to do something about this on a shoestring budget. However, this is not as many as we need. Right now development on all of them is extremely slow due to the fact that they all rely on volunteers, usually only one or two per project. The first thing that is gained with funding is development speed. With a full-time staff working on each project we would see rapid improvements in the technology. The second thing that we gain is usability. For your average consumer, the user interface is everything. For developers, this usually comes last. With appropriate funding, experts can be hired to solve the usability problem. Third, the interface for each program must be translated into various languages, most importantly Chinese. With funding this becomes possible. Finally, marketing the applications to their intended audience is critical. Some part of the funding for each project should be spent on promotion. If the U.S. Government does fund projects such as these, it should be done through credible organizations that are committed to developing open-source solutions. Open-source software is crucial, due to fear of software backdoors that would allow remote monitoring or tampering of a user's computer. Open-source software relieves these fears because the code can be vetted by outside experts. One of the important things about many of the current projects is that they use peer-to-peer technology. In terms of cost, this means that they do not need large amounts of cash to keep them running. Funds are mainly needed for maintenance of the code and the addition of features. Each project could be initially funded by only a few hundred thousand dollars a year, and even less for maintenance once they have been deployed. The current crop of anti-censorship projects that show promise and should be considered for funding include the following: Peekabooty, Freenet/Freenet-China; the Invisible IRC project (IIRC) which allows anonymous chat; CryptoMail, a web-based email system like Yahoo that provides automatic encryption of email; and Pretty Good Privacy(PGP) and Gnu Privacy Guard(GPG) plug-ins to email clients (examples of such plug-ins are enigmail and Kmail). It should be noted that the National Science Foundation (NSF) has started funding anti-censorship research at the academic level. What we need is a system to transfer the research into real world applications. One of the areas of research that has not yet been exploited is in the field of wireless networking. This technology would allow wireless devices to route information on their own. If there was an application that did this, and enough wireless devices, it would create a new Internet infrastructure which could not be filtered. I also think there should be work done to make email encryption easier to use and more transparent. China's censorship technology is becoming more advanced every day. We can do something about it, but we must act now. The government should fund credible third-party organizations to develop open-source anti-censorship technology. Multiple strategies should be developed and their release should be coordinated according to a centralized high- level strategy. If we do not act, there is no doubt the Chinese Communist Party will have more power over its populace than ever before in history. -