How a Canadian cracked the Great Firewall of China

Forgotten password, creative hacking lead Toronto-based researcher to stumble onto surveillance network tracking Chinese dissidents

By MATT HARTLEY
The Globe and Mail, October 02, 2008

http://www.theglobeandmail.com/servlet/story/LAC.20081003.RSKYPE03/TPStory/International

When Nart Villeneuve couldn't remember the password to his Chinese MySpace page, the industrious Canadian hacker began examining China's version of Skype, and in the process, unlocked the inner workings of an Internet surveillance network tracking thousands of political activists in the world's most populous nation.

From his tiny research lab at the University of Toronto, Mr. Villeneuve uncovered a system of servers containing the archived communications and personal information of thousands of dissidents and ordinary citizens using the popular online messaging service Skype.

"You can see that they've been tracking people who have been using Skype as a platform to promote freedom of expression and to criticize the communist party in China," Mr. Villeneuve said.

"We don't know who they gave access to those logs."

Researchers say more than 30,000 state-employed watchdogs keep a close eye on all Web traffic flowing in and out of China. During the Beijing Olympics, Chinese officials faced harsh criticism for restricting online access for foreign journalists, shuttering them behind the "Great Firewall of China."

Mr. Villeneuve was working at the U of T's Citizen Lab - a research group that tracks how countries engage in censorship and surveillance on the Internet - and turned his attention to China.

When he couldn't remember the password to his Chinese MySpace account he decided to take a look at Skype.

(Skype is a free communications tool whose software allows users to carry on voice or text conversations over the Internet. In China, eBay is a minority partner in TOM-Skype, a joint venture with a Chinese telecommunications company.)

Using a TOM-Skype account on one computer and a regular Skype account on a nearby laptop, Mr. Villeneuve would type a word into one computer and see if the other computer received the message, to see what information would be filtered out by the service's censorship tools. When he typed in a common four-letter expletive and hit send, it didn't show up on the other computer. But he noticed something else.

Mr. Villeneuve was also running a program called Wireshark, which monitors the information packets being sent through a computer's network card - think of it as putting a phone wiretap on Internet data. Whenever he punched in that swear word, the TOM-Skype software would intercept the data and transmit it to another server.

Someone was spying on him and creating a record of his conversation.

He quickly discovered the messages were flowing to eight servers that, upon closer inspection, were found to contain 166,766 censored messages from 44,254 users, as well as their personal information.

When he started combing through the data, patterns began to emerge. Messages containing phrases such as "Taiwan independence," "Falun Gong," and "Tiananmen Square" were common.

After he contacted Skype on Wednesday to inform them of the breach, the company moved quickly to plug the holes in the TOM-Skype servers, Mr. Villeneuve said.

"TOM, like every other communications service provider operating in China, has an obligation to be compliant if they are to be able to operate in China at all," Skype president Josh Silverman wrote in an apology to users that was posted on the company's website.

Mr. Villeneuve admits that there is no way to know if the Chinese government ever saw the contents of the TOM-Skype servers, but he hopes that his research encourages companies to think twice about the human-rights impact of their business decisions when entering the Chinese market.

"Just because a company has a good brand reputation outside of a repressive country, that doesn't mean that they're not going to hand over your information when asked," he said.

*****

*****

A group of computer security experts say the Chinese partner of the Skype online text messaging service has spied on Skype users in China.

Number of captured messages containing sensitive keywords:

Communist

15,156

Tibet

269

Tiananmen

78

Communist Party

12,446

Democracy

270

Skype

1,952

Falun

6,744

Hu Jintao

3,331

Taiwan independence

2,363

Jiang Zemin

955

Wen Jiabao

1,356

Olympic Games

664

Li Hongzhi

485

Circumvention

224

Nine Commentaries

609

SARS

9

Earthquake

458

Deng Xiaoping

217

Voice of America

4

Milk powder

60

June 4

748

Quit the party

1,121

Mao Zedong

252

Diaoyu Islands

177

Kuomintang

105

KATHRYN TAM/THE GLOBE AND MAIL

SOURCE: CITIZEN LAB