Thanks for the overview of your thoughts on this. It's my intuition that there's gotta be a way to get around this, even without resorting to any special client configuration. If enough people work together maybe we can at least get it working some large percentage of the time. I mean, short of going to a whitelist configuration I don't see how the Chinese government can keep up (the insecurity of the DNS system gives them a big advantage, though).
I have some other ideas, but someone must have thought of these already, and this is really beyond the scope of this mailing list anyway. Reading http://www.post-gazette.com/pg/06045/654754.stm, I think I've found some places to look for more information.
Anthony
On 5/12/06, Tim Starling t.starling@physics.unimelb.edu.au wrote:
Anthony DiPierro wrote:
If anyone has any ideas as to what we can do to help get the real Wikipedia to the masses in China (no client-side setup required), I'd love to help. Maybe some sort of network of distributed servers providing https access through dynamically rotating IP addresses.
I don't think there's any solution left which will work without client configuration, except for a number of loopholes that the Chinese Government hasn't gotten around to closing yet. The foremost among these is our own SSL gateway:
https://secure.wikimedia.org/wikipedia/zh/wiki/
There are various unblocked HTTP proxies, although all unencrypted traffic is sampled, so any popular proxy will be rapidly blocked.
Traffic within China isn't subject to the Great Firewall, which is why a proxy like wikipedia.cnblog.org worked. More proxies like that could be set up, but our recent experience suggests that the Government is watching for such things, and you can fully expect a knock on your door if you set one up.
Periodically changing the IPs returned by a specific DNS entry almost certainly won't work. They have the ability to poll DNS.
So that leaves client configuration. The Tor network is still not blocked, but that might be only a matter of time. And the downside is that it has no system for dealing with abuse.
Having numerous SSL tunnel servers would be useful, along the lines of Anthony's suggestion. However, you need to have some way to distribute the server IPs to the users without letting the Government find them out. I can't think of any way to do this with a public protocol without leading to a very high rate of compromise of IP addresses, assuming the authorities are on the ball. A simple HTTPS gateway like secure.wikimedia.org could be compromised automatically by simply connecting to it and downloading the index page.
We can go on exploiting known holes in the firewall for the time being, but it will certainly become increasingly difficult for people inside China to access Wikipedia, especially for those who are non-technical or not especially motivated.
If Baidupedia does take off, I hope they will license locally generated content under GFDL, to allow for a continuing exchange of content between Wikipedia and Baidupedia.
-- Tim Starling
WikiEN-l mailing list WikiEN-l@Wikipedia.org To unsubscribe from this mailing list, visit: http://mail.wikipedia.org/mailman/listinfo/wikien-l