“The Great Chinese Firewall” blocks 311,000 domains, and 41,000 of them – by mistake

A group of scientists from the University of Stonuni Brooke, Massachusetts University, University of California in Berkeley, and the University of Toronto in Canada tried to determine the scale of Chinese Internet censorship to explore the work of the “Great Chinese Firewall”.

The study lasted more than nine months, and experts created a system called Gfwatch, which appealed to domains inside and outside the Chinese Internet space, and then checked as the “Great Chinese Firewall” reacts to it and interferes with the connection at the DNS level (To prevent access to the domain from Chinese users or restricting access to the country’s internal sites).

With the help of GfWatch, researchers checked 534 million different domains, daily referring to about 411 million domains to fix, and then recheck, whether the blocking detected by them is constant. As a result, it was estimated that currently t the “Great Chinese Firewall” blocks about 311,000 domains, with about 270,000 locks that work as needed, and another 41,000 domains seem to be blocked by chance.

Errors arose due to the fact that the Chinese authorities tried to block domains using regular expressions for DNS filtering, but they did not take into account situations where a short domain is part of a longer domain name, and the lock affected other sites. For example, the country’s authorities have banned access to reddit.com, while accidentally blocking booksreddit.com, geareddit.com and 1087 other sites.

The research group created to a list of 311,000 blocked domains to determine which type of content Chinese authorities prohibit most often. Using Fortiguard services, researchers found out that about 40% of blocked sites are recently registered domains that the Chinese authorities usually block preventively until they get categorized and are referred to the white list.

As for other “prohibited” domains, they most often contain business content, pornography, or information related to IT. Also, the sites are also included on which the tools are located, allowing to bypass blocking, gambling resources, personal blogs, entertainment portals, news and media sites, as well as domains with malicious and fraudulent content.

It is also interesting that after the start of the coronavirus pandemic, many domains associated with COVID-19 were added to the locks. Among the “closed” domains were: covid19classaction.it, covid19song.info, covidcon.org, ccpcoronavirus.com, covidhaber.net and covid-19truth.info. Some of these sites contain materials that accuse China in the coronavirus pandemic.

For example, from a sample of 138,700 domains, only 1.3% of sites (about 1800) are among the 100,000 most popular sites on the Internet (according to TRANCO rating).

In addition, the researchers stated that they revealed cases when Chinese DNS locks, which usually imply a change in DNS records returned to Chinese users, accidentally spoiled DNS entries outside the Chinese Internet space, in some DNS providers networks. Such errors affected at least 77,000 sites.

Let me remind you that we wrote about the fact that China Officially Legalized The “Social Credit System”, and also that Chinase Authorities Use Tianfu Cup AS a Source of Exploits.