Data breach uncovers files utilized by China's Great Firewall for international content suppression, compromising 500GB of information.
In a groundbreaking development, a massive leak of internal documents, source code, work logs, and communication records has exposed the inner workings of China's internet censorship system, known as 'Tiangou'. This leak, originating from Geedge Networks, a company linked to Fang Binxing, often referred to as the 'father' of China's Great Firewall, offers an unprecedented look at how China's censorship is engineered.
The leak reveals that Geedge's censorship technology product, 'Tiangou', has been exported to Burma (now Myanmar), Pakistan, Ethiopia, and Kazakhstan. In Myanmar, the systems were operated by the state-run telecom company and were directly integrated into the country's internet exchange points, allowing authorities to block or filter internet traffic on a massive scale.
The documents detail how Geedge's system can intercept unencrypted HTTP sessions, adding another layer of control by allowing operators to see exactly what users are doing online. Much of the material focuses on VPN detection, SSL fingerprinting, and full-session logging.
Researchers found code modules that mention detecting and slowing down specific circumvention tools. The systems were often deployed alongside lawful intercept platforms, which allow real-time surveillance of communications.
In Pakistan, Geedge's technology is reportedly part of a larger surveillance program called WMS 2.0, capable of monitoring mobile networks in real time. In Ethiopia and Kazakhstan, the extent of the system's deployment and operation is still unclear.
The leak comes with potential risks for anyone downloading the files. Researchers recommend using isolated environments, such as air-gapped virtual machines, to minimize these risks. Much of the source code remains unevaluated, and the full scope of the operations remains to be seen.
The Great Firewall Report, a research group, has verified the material and describes a commercial platform called 'Tiangou' as a turnkey 'Great Firewall in a box'. Early versions of Tiangou reportedly ran on HP and Dell servers before switching to Chinese-made hardware in response to sanctions.
Additional files are traced back to the MESA lab at the Institute of Information Engineering, a branch of the Chinese Academy of Sciences. The system was installed across 26 data centers in Myanmar and supported live dashboards monitoring 81 million simultaneous TCP connections.
This leak provides a significant insight into the global reach and capabilities of China's internet censorship system. As more is uncovered, the implications for internet freedom and privacy around the world will continue to be a subject of discussion and concern.
Read also:
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Microsoft's Patch Tuesday essential fixes: 12 critical vulnerabilities alongside a Remote Code Execution flaw in SharePoint
- Russia intends to manufacture approximately 79,000 Shahed drones by the year 2025, according to Ukraine's intelligence.
- Dynamic interplay of power and communication channels set the course for the network's new era
