Skip to content

An Internet Policeman’s Confession

It is not news that the Chinese regime routinely censors the Internet, though it remains opaque to many who want to learn how the government applies information management in an era with new technologies. The following anonymous story appeared at an overseas discussion board www.space.live.com, which is hosted by Microsoft, and tells a personal story of a Chinese Internet policeman. Although not published at a credible media (it is highly risky for a Chinese Internet policeman to tell his work to any journalist), we believe the accounts conform to the visible pattern of the Chinese regime’s control of the Internet. Thus, it is the reader’s decision whether to take it as a fiction or a report. [1]

It is not news that the Chinese regime routinely censors the Internet, though it remains opaque to many who want to learn how the government applies information management in an era with new technologies. The following anonymous story appeared at an overseas discussion board www.space.live.com, which is hosted by Microsoft, and tells a personal story of a Chinese Internet policeman. Although not published at a credible media (it is highly risky for a Chinese Internet policeman to tell his work to any journalist), we believe the accounts conform to the visible pattern of the Chinese regime’s control of the Internet. Thus, it is the reader’s decision whether to take it as a fiction or a report. [1]
Flickr was unfortunately blocked. I felt uneasy momentarily and thus wrote this following article. I hope that my personal space will not be blocked because of this article.

I am a policeman. However, my job is not to enforce the law in real life, but rather to find problems and solutions in a virtual world. Some people curse us, some hate us, and some constantly look for ways to go against us. But who really understands our difficulties and reluctances?

I have always loved computers and the Internet since I was a child. Nine years ago, with my good grades and test scores, I got into the computer science department of a famous university. There, I got to know more and more about the Internet. During my junior year, I found some of my classmates were using a program called “eDonkey.” They were using it to download some weird files. Finally, I figured out that they were “porn.” I was a pure and innocent young man back then and I could not bear those things that contaminate people’s minds. Since then, I was determined to study Internet techniques so that I could get rid of these unbearable things. The four years in college soon passed. With my university diploma, CISCO Internet engineering diploma, and Microsoft MVP diploma, etc., I walked into the door of the recruiting office of the city police department to apply for the Internet supervisor position.

Relying on my good communication and excellent technical skills, I was approved by the admission officials among more than ten applicants. After a series of training sessions, I quickly became an Internet police officer. My first job was to manage the ISP security log system of the city. My responsibility was to detect and stop Internet hackers. In the beginning, there were not many serious combat episodes. However, as SQL was having a vulnerability issue and more and more Windows vulnerabilities were exposed, it was no longer difficult to hack into systems even for rookies. Thus, we were getting busier and busier. More and more young people carelessly tried to hack into the websites of the government and big companies—which are the sites we watch most carefully—and they all paid for their actions due to our efforts. Since I was doing so well, I was well-recognized by the upper officials within a year, and I was promoted up to the provincial Internet supervision group. When Japan’s prime minister visited the Yasukuni Shrine, many indignant young “hackers” attacked Japanese websites and websites of Japanese companies located in China. I was not against this so-called nationalist fever. However, we then received an order to destroy these “people who destruct orderly Internet.” Once we got the order, we took vigorous efforts and obtained lots of evidence. We discovered many organized hacker groups. Cooperating with the local police, we captured all of them. I received the second-level award and was again promoted to the national Internet supervision bureau of the Ministry of Public Security.
{mospagebreak}
I had a totally different kind of work there. I was no longer doing things such as anti-hacker work. Instead, I was responsible for the biggest and most tedious work in the Internet supervision group. To the outside world, it was said that we “supervise international websites.” However, to the internal branches or our upper officials, we were responsible for the management and maintenance of the “Golden Shield Project”—a project of the Ministry of Public Security and State Security that the government had adopted from another country with a huge expense. Actually, I knew about it even before I went to college. Back then, the two most famous personal space providers, “Geocities” and “Tripod,” were the first two victims of this filter system. However, this system got really powerful when this “Golden Shield Project” was started. Our everyday work in the supervision group of the Ministry of Public Security was through our special Internet connection (we are on the “white list”) to collect information about overseas websites, then analyze them, and figure out which ones should be blocked. Our blocking system was on top of the national and several provincial’s ISP ports. It mainly includes two parts: data package port analysis and data package content analysis. We take turns to be on-call 24 hours a day and analyze countless numbers of websites and look for our targets. The most prioritized ones are obviously the anti-government organizations, such as Taiwan’s news and political groups, Democracy Movement groups, and Falun Gong organizations, and the three groups that try to get independency. For the websites of these groups, we not only have to constantly update their main servers’ names and IPs and put them into the blacklist, but more importantly, we have to constantly update the keywords of their websites and put them into the keyword blacklist. Our targets were determined by many factors. Some internal references were passed to us from the upper and lower branches, and others were based on our investigation results. For example, before Chairman Hu Jintao visited United States, we received the order of temporarily opening up access to part of the U.S. news websites. In the past years, there have been some disharmonious incidents in the local area. The local governments often block the information on the regional level and also turn in these internal references to the upper government branches including the security, political, and judicial branches. Also, some anti-government people often get arrested. Usually, the upper branch would tell us to put the keywords of this news into the blacklist. Many times the range of these keywords is extremely wide and thus would implicate some unrelated people. This includes people who are against false science—Fang Shimin and Si Manan and such, whom I really admire. As long as these websites have services that are used by the anti-government people, they will be immediately blocked. But we do not have a choice, because without an order from the upper branch, we have no power in deleting keywords from the blacklist. Every year the number of the overseas websites and servers that are on the blacklist increases. For example, only because it has something that we do not wish to see, Wikipedia—an ingenious invention of the Internet era—has all its servers on the blacklist, which are thus blocked. The Chinese Wikipedia’s domain names and some contents are also on the keywords blacklist. In the recent period, since the Internet is getting more and more complicated, our work is thus getting more and more intense. Many times we would also make small mistakes and would mistakenly block some websites that have not reached the danger-level standards set by the upper branches. Also many times, because a server of ours or the blocked ones have been upgraded, the data may not get updated quickly enough. So some websites that have been blocked for a long time would be temporarily unblocked. For instance, it happened to Wikipedia in the second half of last year. Recently it has been a very sensitive period and even our upper officials began to get nervous. They ordered us to adopt the policy that when in doubt, rather than missing one website and let it get away, we would prefer to block 1000 websites that are not supposed be blocked. Therefore, many overseas personal space services, online photo services that have long been famous, became useless inside China.
{mospagebreak}
There are many people who resent us, and it is not only limited to those who are anti-government. They sarcastically call our system the “Great Firewall,” or call us “Golden Shield”—the name of this security information project. They have all kinds of ways to get around our filter system and look at the things “outside the window.” These programs include “Freegate,” “Ultrareach,” “Garden,” and “Fire Phoenix.” Of course, there are also neutral and purely technical software for anonymously encrypting Internet systems, such as “Onion Routing Tor” and those overseas websites that provide anonymous browsing. In order to deal with these things, we have thought of many ideas. “Freegate” and “Ultrareach” are widely used encrypting systems. Their old versions of index servers have already been put into the blacklist. However, we have not found a good solution. For Tor, we have also studied it a lot since it is an open source program. We have tried to set the “TorNode” in China that is controlled by us, in order to supervise the Tor users, but we were never able to find the characteristics of the data packages that Tor sends, nor could we decrypt Tor’s Internet transmission data. If the TorNode we set is the final node and can pass around our system, then the Node will be exposed; if our final Node is within the domain supervised by our system, then we will not be able to obtain any interesting information we need, because the node has been filtered by our system. We are still doing research very intensively, but I think as for our current software and hardware, we cannot promise on always dealing with the encrypted information successfully. As for Internet transmission encrypted by HTTPS protocol, although filtering is virtually impossible (even for the Internet supervision branches of the CIA and FBI in the United States, which have countless supercomputers, it is very hard to achieve 100 percent success). However, through filtering the keywords in the HTML certifications, we can easily and effectively stop the links.

I am risking being charged with betraying confidential matters and sent this article out through encryption with Tor. It was just to let it off my mind a little bit. I also hope that those people will get to know that we are not the chief plotters. We only carry out actions. Actually many people who oppose us have already figured out the things I wrote, so they are not really secrets anymore. As for another point, my dream of many years—stopping Internet porn—we still cannot achieve at this point. “eDonkey” has become “eMule” and it is even harder to deal with.

Endnotes:
[1] http://yksoft1.spaces.live.com/blog/cns!66B9967EC9D22DD4!251.entry