Erik Moeller wrote:
On 5/15/06, Anthony DiPierro
So that brought me to my current working idea,
which is just a vmware
player virtual machine [*] which hosts a Chinese Wikipedia mirror on
Could be useful - then again, aggressively pushing SSL as a method to
circumvent censorship will likely lead to the authorities taking a
closer look at methods to block it.
If there is indeed a shortage of Chinese mirrors, generating a fresh
static HTML dump + free images and advertising it a bit would probably
lead to hundreds of copies within weeks.
HTTPS does not protect anonymity for editors. Neither does Tor.
Low-latency encryption methods suffer a common flaw: an attacker
can correlate timestamps and message lengths with the size and posting
time of an edit. With ordinary HTTPS you can also correlate the
destination address. You could almost say that encryption is useless for
sending data which will be public 200ms after it arrives.
The situation is better for reading, not least because judging by the
reports I've read, the Government is primarily interested in tracking
down and prosecuting content producers, not consumers. But I think
Wikipedia's strength is in its editability; that's how it maintains its
growth, neutrality and timeliness. I think it would be a great loss if
Wikipedia was only available in read-only form in mainland China.
Public HTTPS is vulnerable to blocking, almost as much as HTTP. HTTPS
websites can be spidered, indexed and checked for offensive keywords,
just like regular websites. Then they could be blocked at the firewall
by IP. You'd have to use a captcha or some similar means of
authentication to keep the bots out. But if it's not indexed by the
major search engines, then its utility will be limited.
The advantage of HTTPS is that it resists traffic sampling at the
firewall, which appears to be a mainstay of content filtering at the
moment. But I think it's important to note that it's not a magic bullet.
The point is, SSL isn't a good method to circumvent censorship, so the
authorities would be unlikely to block it as a whole, as Erik suggests.
Unfortunately there's a fundamental conflict between offerring a popular
service and offerring a covert service. There's only so much we can do.
That's not to say we shouldn't try, of course.
-- Tim Starling