Background

China’s Great Firewall relies on a deep‑packet‑inspection (DPI) engine that examines every data packet passing through an ISP. The system matches traffic against constantly updated lists of banned keywords, IP addresses and protocol signatures, then decides whether to allow, throttle, or drop the connection. It also employs DNS tampering, IP blocking, keyword filtering and real‑time traffic shaping to create a comprehensive barrier against foreign news sites, social media platforms and other content deemed politically sensitive.

The Leak

Researchers uncovered a leak of more than 100,000 documents and 500 GB of data originating from Geedge Networks, a company linked to the development of China’s firewall. The leak includes source code, work logs and internal communications that reveal detailed blueprints of the filtering and DPI technology. Geedge’s chief scientist, Fang Binxing, is described as the “Father of the Great Firewall.” The MESA Lab at the Institute of Information Engineering contributed algorithms designed to detect and block VPN and proxy tools.

Export to Authoritarian Regimes

Analysis of the leaked material shows that the same hardware and software have been sold to at least four overseas clients: Ethiopia, Myanmar, Kazakhstan and Pakistan. Researchers traced the export trail through cargo manifests, data‑center footprints and code annotations, confirming that a turnkey “Great Firewall in a box” is being marketed abroad. This commercial export model monetizes censorship and provides authoritarian governments with a ready‑made solution for shutting out foreign media, enforcing state narratives and suppressing dissent.

Implications for Users

The imported DPI kits can instantly block news articles, mute messaging apps or drop video calls, dramatically restricting everyday internet activity for millions of citizens. Constant surveillance erodes privacy and puts activists, journalists and whistle‑blowers at heightened risk for speaking freely. Even the most robust virtual private network (VPN) services encounter growing difficulties as the DPI engine identifies the handshakes used by many commercial VPNs and either throttles speeds or blocks connections outright.

Response from VPN Providers

VPN companies such as NordVPN and Proton VPN have introduced custom stealth protocols and advanced obfuscation tactics to counter the new filters. These measures aim to keep users connected despite the layered defenses, but the situation remains a classic cat‑and‑mouse game as censorship technologies continue to evolve.

Usado: News Factory APP - descubrimiento de noticias y automatización - ChatGPT para Empresas