It’s July 1, and in China the ominous deadline to implement the Green Dam/Youth Escort internet filtering software has been postponed, to much rejoicing by Internet users in the country.

To outsiders, this must seem quite puzzling. Why would China’s “totalitarian” system need to back down on this?

This should be seen as a case study on how the complexities of China’s decision system is much more nuanced than what a “Communist” regime would suggest, and the role of citizen deliberation in a new, upwardly mobile, aspirational, IT-savvy China.

While the outside world sees the PRC government in absolute control, in reality the heavy handed, top down authoritarian system rides on a delicate balance of, bottom up public consent that supports the state’s legitimacy.

Here’s why Green Dam illustrates this quite well.

China’s Internet filtering is by far the most advanced in the world in terms of precision and scale. But until now, it happened in the “cloud,” in far off intangible spaces through two main vehicles:

• One is through massive domestic Web site content regulation through revokable Internet Content Provider licenses (ICP). Operators have to self-censor through technical or human means to please the authorities regarding general guidelines on taboo topics. Keywords are banned and discussion topics are forbidden. In some cases, explicit timely edicts are required, such as for significant June anniversaries, sensitive political meetings (People’s Congress) or poor construction standards in Sichuan earthquake zones. Even with these, China’s netizens have come up with clever tricks and puns to get around many of these automated filtering systems.

• The other is the Great Firewall, the blocking of what foreign Web sites China users can surf. The implementation is clever, in that restrictions show up as technical errors (connection reset, site not found/unreachable) and curb behavior through uncertainty and doubt about a site’s reach-ability, rather than fear. You don’t know whether it’s the Internet acting flaky, or whether a site is actually being filtered. Tech-savvy users can trivially circumvent this.

But you don’t need perfect censorship to have effective censorship. Both these systems do quite well for the PRC government in keeping the 3T1F topics outside the mainstream, and ensuring that the government is not embarrassed by reporting on its incompetence.

The key, here is that both the domestic and international filtering activities happened in the cloud, the ether, the machines that comprise the Internet. It wasn’t in your home and it didn’t intrude beyond the cable to your desk.

Green Dam suddenly put the specter of restriction, surveillance and control in your home.

With that one stroke, which probably seemed like the next logical innocuous extension of the censorship regime for PRC bureaucrats, the government took the big miscalculation of crossing into the the private space, and the personal property of China’s citizens. And that’s where the outrage came.

This was the camel’s nose into the private tent of Internet users. A poll on China’s major sites (Sina, Netease, et al) all showed over 3/4 of respondents said Green Dam was not necessary or a bad idea.

(NB: China is not the first or the only government wanting to censor Internet traffic for content. Australia’s Clean Feed proposal to covertly filter out sites at the ISP level has been under fire from their netizens, and was unceremoniously put on hiatus as well. Most public schools and libraries in the United States implement content filtering at some level. This is not a uniquely China issue.)

What the authorities in China didn’t realize was how serious that breach of boundary would be.

I knew it was going to be a tough road for Green Dam when it appeared the MIIT initiative was not a unified effort. Before leaving for my travels, I did commentaries with the Associated Press, Deutsche Welle, Al Jazeera and others, making the point that even China’s official news outlets were openly questioning Green Dam’s legitimacy. The new Global Times newspaper, which has been rather frank about other issues, led off with serious questions about the software’s safety.

Then came the big one.

China Daily, the official mouthpiece of the government, was publishing criticisms of Green Dam shortly after it was announced, even publishing Photoshop’ed illustrations of netizens mocking the system. (”Outrage over bid to tame Web“, China Daily, June 18, 2009)

One picture it included with the article was a “Who Wants to be a Millionaire?” multiple choice question describing Green Dam as “spyware” with “systemic flaws” that could be “exploited by hackers.” Another cartoon shows a gray hand of censorship coming from the computer screen and stiff-arming a computer user in the face.

It was clear at this point, the Green Dam initiative was from a smaller portion of the PRC bureaucracy, and not from the highest levels. China Daily would have never published something so critical if it was of the highest-level of agenda pushing.

China’s netizens were speaking, and the media and government were taking notice (and with higher ups looking the other way). So while this was not democracy in action, it certainly was something in action.

At TEDxShanghai last month, I described the phenomenon of Wikipedia and Twitter forming the basis of a new online commons where global netizens come to share and reinforce memes across geographic and social boundaries (SlideShare presentation). For years, enthusiastic faith-based technology enthusiasts hoped the Internet would bring democracy to any place it touched. This has been spectacularly elusive. On the flipside, some viewed the new Web 2.0 social revolution as “socialist”, “collectivist” and at worst, Maoist. That’s been inaccurate as well.

Instead, I describe the new borderless, socially agile, activist associations that crop up on the Internet as a new system of ‘deliberative adhocracy’. Alvin Toffler, and later Cory Doctorow, used adhocracy to describe a new form of rule based ephemeral associations that “capture opportunities, solve problems, and get results.” (Waterman)

Whether it’s as massive as #IranElection to bring global awareness to its politics, or as small as #MotrinMoms to discuss outrage at an insulting advertisement, we now have an online information commons (Twitter) and knowledge commons (Wikipedia) that supports a space for the new distributed Zeitgeist. In China, obviously there are other analogs (Twitter clone Fanfou, Baidu Baike, BBS forums, et al.) but the effect is the same. To see deliberative adhocracy in action look no further than the Human Flesh Search Engine that metes out social justice in the absence of a strong rule of law in China.

Readers familiar with my book will know I described how a Wikipedia Revolution changed forever how we deal with free access to knowledge and its production. I will however, be quite Burke-ian in my pronouncement about the Internet’s effect on China.

Revolutions are sudden overthrows and disruptive repudiations of the status quo. China has a terrible modern history with revolutions, with more of them going bad than good. The rule law is sometimes described as when “reason trumps politics.” To China’s authorities, the Internet is being used in a deliberative process that fulfills that role. It is not perfect, nor prevalent enough to ensure social justice on a large scale. However, it is a huge step forward for a country that is convinced that after a century of turmoil, that any step must take safety and efficiency into account.

The hiatus for Green Dam, is the standard face-saving way for the government to back down. There is a good possibility it may come back in another form, watered down or otherwise. But for now, China’s netizens are having their day.

John Markoff has a weekend story in the New York Times titled “Do We Need a New Internet?”

He provides anecdotes from influential security and Internet experts, but it comes off as a disconnected set of observations about IP addressing, security, privacy, botnet infection. Unfortunately, i’s a story with grand ambitions but without a logical thread.

From the very first sentence, the premise is problematic. He introduces us to the  Morris Internet worm (though oddly doesn’t mention it by name) which clogged the fledgling Internet in 1988.

Markoff concludes, “Since then things have gotten much, much worse.”

I was rather surprised by this. Some estimate the Morris worm affected 10% of computers then, but its impact was much greater since those machines were the hubs of timesharing and e-mail activity at coporations and college campuses in an age before laptops and cheap client computers.

I was working at the university computer labs in 1988, and since then I haven’t seen anything as massively disruptive as the Morris worm was in proportion to the user community. It had nearly every college system administrator scrambling during that time. The homogeneity of computer systems (UNIX systems running a variant of the BSD distribution) meant the worm’s job of infecting and propagating was rather simple, as it exploded out of control to jam computers and networks. Today, we have a wide variety of hardware and operating system software that has changed the nature of the risk so that an Internet-wide threat on that scale isn’t likely. Yes, on today’s Internet there are many more hosts and a wide array of threats. But characterizing today’s situation as “much, much worse,” than that massive Internet outage of the 80s is an odd claim.

One commenter in the geek ghetto of Slashdot said, the majority of the problems Markoff talks about “are almost entirely a Windows phenomenon” hooked up to always on broadband connections. Yet, Markoff doesn’t even mention this and only mentions Microsoft once in passing. More relevant would be explaining to readers how MS had been shipping insecure, dangerous Internet Explorer configurations for years out of the box by allowing ActiveX controls to be downloaded and executed off the net, no questions asked. Even in recent years, the firm’s reaction to known security holes has been sluggish (as has been the case with Markoff’s example, Conficker). One could also argue Microsoft’s new Genuine Advantage system makes things even worse by withholding system updates unless Microsoft can verify a Windows installation as a legit purchase. What this means is pirated Windows installations serve as persistent infected zombie bot-net computers. (Anyone concerned about these issues must listen to the Security Now podcast with Leo Laporte and Steve Gibson. They do a great job explaining all these issues.)

When it comes to solutions to the problem Markoff has posited, it gets no better.

Consider this buzzword-heavy, information-light paragraph about a project called Clean Slate:

That has not discouraged the Stanford engineers who say they are on a mission to “reinvent the Internet.” They argue that their new strategy is intended to allow new ideas to emerge in an evolutionary fashion, making it possible to move data traffic seamlessly to a new networking world. Like the existing Internet, the new network will almost certainly have no one central point of control and no one organization will run it. It is most likely to emerge as new hardware and software are built in to the router computers that run today’s network and are adopted as Internet standards.

Confused? I’ve read these lines five times over, and still don’t understand what the explanation is about. This is perhaps my general lament about the NY Times’s technology reporting. Too often, when trying to simplify their points for the layperson, they strip out so much information that it flummoxes both novices and experts.

There is a legitimate debate about the future of the Internet in terms of privacy and safety, but it is  more robust than this 1300 word story conveys. (See books like The Future of the Internet by Jonathan Zittrain.) Markoff touches on issues all along the OSI stack, from application level issues to low-level network architecture problems. But it’s not a cohesive argument for a “New Internet” per se.

An ominous message showed up early Sunday on the Web site of The Sports Network (TSN), one of the more popular sports news destinations in the US:

Please Note

The Sports Network website and other major news sites have been hacked by a political entity from China, and as a result are temporarily unavailable. We apologize for any inconvenience and hope to be back up and running as soon as possible. Thank you for your patience and understanding.

Sports Network Management

Reached by phone at TSN’s main office in Pennsylvania, statistician Bob Nelson said the site was hacked “by a group out of China” early Sunday morning around 2 a.m. EST. It was after the Mets-Phillies game where the public site and the data TSN sends to clients were affected.

Staff took down the public website after it had been vandalized with the message, “Tibet was, is and always will be a part of China.” It’s not clear what “political entity” the site outage message refers to.
TSN was working to get the site back up sometime Monday.

For a snapshot of The Sports Network site in normal operation, please see the Google cache.

I have never been a political animal and have purposely steered clear of cheerleading in that arena. But when the very core of civil liberties in my ‘homeland’ of the US are being flushed down the toilet, it’s not politics but an absolute imperative to wake people up.

This is the case with telecom immunity, the move by Bush and every single Republican senator to give blanket immunity to whatever actions the telcos took to assist the US government to tap phones or monitor conversations (with or without a warrant) since Sepember 11, 2001. What’s even more disgraceful is the “opposition” party — voted in as a check to the corporate friendly Republicans — has been splintered and cannot even fight this provision.

So let’s just take a look at the big three candidates left, all senators, on this issue. Their vote on Feb 12.

• Bill: S 2248
• Vote description: Dodd Amdt. No. 3907; To strike the provisions providing immunity from civil liability to electronic communication service providers for certain assistance provided to the Government.

• McCain: no
• Obama: yes
• Clinton: no vote

That by itself makes up my mind, unequivocally, who should be America’s Next Top Leader.

For folks who frequently travel, news about a decline in U.S. tourism is not a surprise given the frustrations of security searches, tiny small bottles, rude immigration officers and an infuriating visa process. The stats are discouraging.

The number of foreign visitors to the United States has plummeted since the September 11, 2001 attacks on New York and Washington because foreigners don’t feel welcome, tourism professionals said Thursday.

“Since September 11, 2001, the United States has experienced a 17 percent decline in overseas travel, costing America 94 billion dollars in lost visitor spending, nearly 200,000 jobs and 16 billion dollars in lost tax revenue,” the Discover America advocacy campaign said in a statement. [link]

Interestingly, at the same time the process of travelling to China has improved greatly. The immigration and security checks at the China border are faster and more courteous. At the metal detectors, all the body frisking is done by young female security officers. Female travellers appreciate that, and as for male travellers, (cough) it’s the highlight of their trip.

Compared to the US passport check, they’ve actually inverted the model when it comes to customer service. Every immigration official at the Beijing airport immigration has a “rate this officer” box so you can punch one of four buttons to give your satisfaction score. Since it’s been installed, the lines move considerably faster.

I can’t imagine United States DHS doing this any time soon.

Rate your Chinese immigration officer

This week, Citizen Lab released the Psiphon tool for surfing the Net “freely and securely” by having trusted friends and family members run a special version of a personal p-r-o-x-y server via SSL. Its biggest advantage is that it does not require any client software whatsoever.
I’ll post a full rundown of the tool this week. It’s an impressive accomplishment that, while not the magic silver bullet, is another excellent utility for the tool chest.

EFF’s co-founder John Gilmore talks to CIOL, a tech publisher in India, about the latest India blocks. One particularly interesting quote from the article:

Do you think, as a trend, Internet censorship is increasing over the past few years?
People who wish to control what other people are allowed to read or think have not given up those wishes. I think that Internet censorship is increasing, but I think it is increasing less than the growth of the Internet. Thus, the Internet is pulling ahead of the censors despite their efforts.

I think there are many folks who disagree, finding that the Great Firewall in China is doing quite an effective job of filtering. As Nart Villeneuve of Citizen Lab said recently:

Filtering does not have to be technically foolproof, the reality is that *most* people won’t even try to access banned content let alone attempt to circumvent filtering.

That is, imperfect “leaky” censorship is still very effective at restricting general access to critical content.

In terms of user experience, the circumvention tools often require some tech knowhow to install and maintain. Even those with the best tools need to go through the hassle of firing up the resources in each particular instance of blocking. Even then, there is often a big performance hit in response time or download speed. Each obstable dissuades another set of folks, to the point where even with the clear technical means to avoid a block, the user has lost interest or determines it’s not worth the effort. (It is the tech equivalent of demoralizing the opponent.)

It is perhaps a bitter compliment, but the GFW has scaled up quite well so far.

technorati tags:china, censorship, blocking, internet, eff, gilmore

A favorite topic for Asia watchers is to debate India vs. China – who to put your money on, and who will succeed? I say it’s not either-or. Both will work together and be powerhouses.
But I was surprised by this headline in Boingboing.net:

Report: Indian gov blocks Blogspot, Typepad, Geocities blogs

So it seems India has followed in China’s footsteps (for now) and blocked popular blog sites like Blogger.com and Typepad.com. Reports are rolling in that it is indeed true, with “fighting terrorism” being the justification and no announcement about when it will end.

For those in India, welcome to the life behind the Great Firewall. Essential reading:

• http://www.opennetinitiative.org/ – Documenting censorship
• http://ice.citizenlab.org/ – Nart’s blog about censorship
• http://www.boingboing.net/censorroute.html – list of anti-censor tools
• http://tor.eff.org/ – anonymous onion routing

We hope your stay will not not be long.

Boingboing has a story about how some newsrooms in the United States have restricted Internet access using filtering such as Smartfilter or Surfcontrol. Among the newsrooms mentioned – LA Times and CBC (Canada). Goes to show you – tools for getting around censorship are not just for folks in China, Pakistan, Saudi Arabia or Tunisia. I gave a talk earlier this year at the Foreign Correspondents Club about practical security tools, and I emphasized it even then – these are tools for all journalists, not just for those working in locales that are non-democratic or have a weak rule of law.

There is a reason why medical, legal and journalistic work are clinical professions – practitioners require complete access to “direct observation” of evidence to perform their jobs.

A doctor needs access to view unclothed patients without being labeled a sexual pervert; a lawyer needs to consult with a client without being called an accessory to the crime; and a journalist needs an unfiltered information feed, without being called a loafer, slacker or prurient observer.

Ironically, there are likely sites that can be seen from the newsroom of China Daily, but not from the LA Times.

In Beijing, it’s June 5, but the Google inaccessibility seems to persist. Even more, the unavailability of www.google.com on my DSL connection (and it seems, most CNC connections) has dribbled over to affect Google Mail in secure mode.

To recap – on May 28, I documented how to use Gmail in https secure mode. Then starting just before the fourth of this month, I reported on the widespread outage of www.google.com and a hack to get around it by using the naked IP address of Google’s US servers.

Now, the inaccessibility of www.google.com does not affect accessing Gmail in normal http mode (http://mail.google.com), but it does mess it up in https mode (https://mail.google.com/mail). It seems a redirect or some other URL during secure mode hits www.google.com, and when that’s not accessible, the whole thing fails.

The solution is to employ the hack described in the post on May 31. To recap:

Put an entry like this:
216.239.37.104 www.google.com

into the appropriate place in your operating system. See the following directions: for Windows and Mac.

Since most folks use Windows, edit this file, make the mod above, save, quit:
c:\windows\system32\drivers\etc\hosts

For now, that will work around this problem for Google searches and using Google in secure mode.