Fine-Grained Censorship Mapping

4,962 views

Published on

Presentation given at the Oxford Internet Institute lunchtime seminar series on fine-grained mapping of internet censorship. Some basic information on mapping using DNS servers, and some preliminary mapping visualizations of DNS-based censorship in China.

This presentation also focused on legal and ethical issues in researching internet censorship.

Published in: Technology, Spiritual
1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total views
4,962
On SlideShare
0
From Embeds
0
Number of Embeds
3,355
Actions
Shares
0
Downloads
20
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Fine-Grained Censorship Mapping

  1. 1. Introduction Information Sources Legality and Ethics Early Results Questions Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics Joss Wright joss.wright@oii.ox.ac.uk Oxford Internet Institute University of Oxford . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 1/32
  2. 2. Introduction Information Sources Legality and Ethics Early Results Questions 1 Introduction 2 Information Sources 3 Legality and Ethics 4 Early Results 5 Questions . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 2/32
  3. 3. Introduction Information Sources Legality and Ethics Early Results Questions Censorship Almost every country engages in some form of Internet filtering. China’s “Golden Shield” is the classic example. Saudi Arabia presents perhaps the most extreme filtering regime. (OpenNet Initiative) Many different technologies; many different filtering targets; many different rationales and justifications. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 3/32
  4. 4. Introduction Information Sources Legality and Ethics Early Results Questions Censorship Technologies We can classify filtering according to their focus: DNS Poisoning IP Header Filtering (address or protocol) IP Content Filtering (keyword or protocol) Proxy Filtering We can consider takedown, social pressure, legislation as filtering, but will focus on technology. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 4/32
  5. 5. Introduction Information Sources Legality and Ethics Early Results Questions Limitations A tradeoff between subtlety and computational requirements. Sophisticated methods require greater computational resources. At national scale, these can be severe. Centralization can cause problems, as seen with CleanFeed. Central management also raises administrative and organizational burdens. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 5/32
  6. 6. Introduction Information Sources Legality and Ethics Early Results Questions Localized Filtering We can observe localized filtering in response to local events. We therefore see filtering differ across a state, rather than homogeneity. We also expect filtering to vary over time. We may expect organizations to have one filtering regime, even across a state. This can reveal filtering tactics, methods, reasoning, limitations. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 6/32
  7. 7. Introduction Information Sources Legality and Ethics Early Results Questions Existing Work HERDICT: crowdsources filtering information from volunteer web users. OpenNet Initiative: use volunteers and direct means to examine filtering around the world. Both consider national-level filtering as homogeneous. Both also make judgements as to the nature of filtering. Political, religious, social . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 7/32
  8. 8. Introduction Information Sources Legality and Ethics Early Results Questions Existing Approaches HERDICT relies on users for information. Visitors to the website report sites that appear blocked. The website actively presents potentially blocked content, allowing users to verify if it is blocked. OpenNet Initiative’s methods vary, but include direct investigation and liason with volunteers in blocked regions. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 8/32
  9. 9. Introduction Information Sources Legality and Ethics Early Results Questions Fine-Grained Sources For fine-grained mapping we wish to combine data gathered at various locations with GeoIP data at the city level. GeoIP databases are increasingly cheap and accurate. The problem is to get readings from a wide geographical distribution. Ideally, not just blocking status but type of blocking. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 9/32
  10. 10. Introduction Information Sources Legality and Ethics Early Results Questions Limitations Crowdsourcing or using volunteers can be effective if the tool is sufficiently usable, but is limited: Undirected, inconsistent coverage. Direct investigation is expensive. Ideally we desire direct access to filtered internet connections. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 10/32
  11. 11. Introduction Information Sources Legality and Ethics Early Results Questions Direct Action Direct access to other connections is possible in some limited cases. Tor exit nodes, and similar services such as psiphon. VPN services or remote shells. Creatively-used public services – webservers, IRC, bittorrent... Access to DNS is very simple, and directly addresses one major type of filtering. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 11/32
  12. 12. Introduction Information Sources Legality and Ethics Early Results Questions Direct Action Problems Direct services are rare, especially in countries with interesting filtering regimes. No-one wants to run Tor-like services in filtered areas! VPN services are also rare. Remote shells are even more so. These services are typically offered to get past filtering, not get in. Creative misuse of open services seems the most fruitful option. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 12/32
  13. 13. Introduction Information Sources Legality and Ethics Early Results Questions Direct Action Mechanisms DNS is simple and effective for detecting DNS filtering, but is not very useful beyond that. Tor and Tor-like services are rare, but wonderful. BitTorrent seems a likely candidate, and we have been investigating it, but consent is a serious issue. If only we could... botnets. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 13/32
  14. 14. Introduction Information Sources Legality and Ethics Early Results Questions Legality and Ethics Is it legal to access blocked websites? Is it ethical to ask someone else to access blocked websites? Consent for automated tools. Is it legal to creatively abuse a service, with or without malicious intent? Is it ethical to open a service operator to repercussions based around such misuse? . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 14/32
  15. 15. Introduction Information Sources Legality and Ethics Early Results Questions Legal Concerns HERDICT Legal FAQ: ”Rules vary by country, but we know of no nation where it is illegal for you to report information about sites you cannot access.” . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 15/32
  16. 16. Introduction Information Sources Legality and Ethics Early Results Questions Legal Concerns Sites are sometimes blocked for serious legal or societal reasons: Pornography, homosexuality, lèse majesté, insult to religion Reporting sites as blocked may well be legal, but detection attempts may cause legal or social consequences. When is the risk too small, and how can we judge this against arbitrary cultural contexts? . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 16/32
  17. 17. Introduction Information Sources Legality and Ethics Early Results Questions Current Work Retrieved a list of 278 DNS servers across China from the APNIC WHOIS database. Selected the top 80 reported blocked websites according to HERDICT. Performed a DNS query for each site to each server. We have code to scan China for DNS servers, but have not deemed it necessary at this point. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 17/32
  18. 18. Introduction Information Sources Legality and Ethics Early Results Questions Early Observations Initial observations: Many blocked sites are listed as non-existent in the majority of DNS servers tested. Several servers return no result for most blocked sites, but occasionally redirect requests to other DNS servers before doing so. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 18/32
  19. 19. Introduction Information Sources Legality and Ethics Early Results Questions Early Observations DNS poisoning is rife: wujie.net 161 servers returned a response to wujie.net directed to only 9 separate IPs – none of which offer services, and are unrelated to wujie.net. Many blocked sites do get genuine DNS responses. In many cases we simply get no result, or a timeout. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 19/32
  20. 20. Next slide: map of China showing cities for which we have data. . . . . . .
  21. 21. Harbin Changchun Chaoyang Shenyang Baotou Beijing Hebei TianjinXining Jinan Qingdao Zhengzhou Xian Hefei Nanjing Shanghai Chengdu Wuhan Chongqing Ningbo Changsha Guiyang Fuzhou Xiamen GuangzhouHeyuan Dongguan Nanning Zhongshan Shenzhen . . . . . .
  22. 22. Next slide: zoomed map of China showing cities for which we havedata. . . . . . .
  23. 23. Harbin Changchun Shenyang Chaoyang Baotou Beijing Tianjin HebeiXining Jinan Qingdao Zhengzhou Xian Nanjing Hefei Shanghai Chengdu Wuhan Ningbo Chongqing Changsha Guiyang Fuzhou Xiamen Guangzhou Heyuan Dongguan Nanning Zhongshan Shenzhen . . . . . .
  24. 24. Next slide: Relative likelihood that the DNS server will return ‘noresult’ when asked for a censored website. Larger and redder dots aremore likely not to return a result.Note that if a result is given, it is not necessarily correct. (See nextmap.) . . . . . .
  25. 25. Harbin Changchun Shenyang Chaoyang Baotou Beijing Tianjin HebeiXining Jinan Qingdao Zhengzhou Xian Hefei Nanjing Shanghai Chengdu Wuhan Ningbo Chongqing Changsha Guiyang Fuzhou Xiamen Guangzhou Heyuan Dongguan Nanning Zhongshan Shenzhen . . . . . .
  26. 26. Next slide: Relative likelihood that, if a DNS result is returned for agiven site, that it is a ‘lie’. Specifically, that the returned IP address doesnot point to the requested domain or a related domain. Typically, thesefalse results point to a small number of IP addresses in Beijing. . . . . . .
  27. 27. Harbin Changchun Shenyang Chaoyang Baotou Beijing Tianjin HebeiXining Jinan Qingdao Zhengzhou Xian Hefei Nanjing Shanghai Chengdu Wuhan Ningbo Chongqing Changsha Guiyang Fuzhou Xiamen Guangzhou Heyuan Dongguan Nanning Zhongshan Shenzhen . . . . . .
  28. 28. Introduction Information Sources Legality and Ethics Early Results Questions Results of Visualization We can clearly verify that filtering is heterogeneous across China. Some cities show little DNS filtering, some return no results, some return poisoned results, some do both! Chengdu, Shenzhen, Shanghai are notable “tech” cities, and have little filtering. Beijing is, perhaps surprisingly, relatively permissive. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 28/32
  29. 29. Introduction Information Sources Legality and Ethics Early Results Questions Caveats Restricted list of DNS servers. I can get more, but will have to portscan China for them. DNS server in a city does not represent where the users originate. These maps do not show how many DNS servers were in each city, or give any distinction between them. 78 DNS servers in Beijing, only 1 in Xiamen. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 29/32
  30. 30. Introduction Information Sources Legality and Ethics Early Results Questions Questions What are the legal and, importantly, ethical limits to what we can do in this area? What good services exist from which to “bounce” connections? Specifically, public services rather than individual services. Can we intelligently split on organizational as well as geographical lines. . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 30/32
  31. 31. Introduction Information Sources Legality and Ethics Early Results Questions Questions How can we best represent this information? What will we learn when we repeat experiments over time looking for patterns? What questions would anyone like to ask? . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 31/32
  32. 32. Introduction Information Sources Legality and Ethics Early Results Questions The End . . . . . .Joss Wright Fine-Grained Censorship Mapping - Information Sources, Legality and Ethics: 32/32

×