Google Runs Into Chinas Great Firewall – WSJ.com

This article reports on an outage experienced by Google users in China. At first Google thought it was due to a technical issue, but now think that it was an intentional outage caused by the Great Firewall of China. It seems likely that this was a retaliation to punish Google for its statements and actions.

From the Official Google Blog (follow link for the whole post):

So earlier today we stopped censoring our search services—Google Search, Google News, and Google Images—on Google.cn. Users visiting Google.cn are now being redirected to Google.com.hk, where we are offering uncensored search in simplified Chinese, specifically designed for users in mainland China and delivered via our servers in Hong Kong. Users in Hong Kong will continue to receive their existing uncensored, traditional Chinese service, also from Google.com.hk. Due to the increased load on our Hong Kong servers and the complicated nature of these changes, users may see some slowdown in service or find some products temporarily inaccessible as we switch everything over.

I would expect to see China censor Google.cn very quickly (which would prevent the re-direct to Google.hk). It will be interesting to see if China will then take the next step of censoring Google.hk and possibly other Google properties around the world. It would be easy for Google to set up any or all of them to return results in chinese if the browser is detected to be configured in that language.

Google and India Test the Limits of Liberty – WSJ.com

In this case, it is not the search engine, but their social networking site “Orkut” which is the issue. Google’s troubles stem less from their actions than the fact that they are the dominant social networking site in India, and so most of those issues happen on that site.

Google has been forced to take down a lot of content, and hand over the identities of many posters. If the examples in the article are to be believed, the threshold for censorship is not high.

At the risk of repeating myself, if you live in India and you want to say something that might push or cross the line, do it with robust anonymity technology. You might still have your post taken down, but they can’t come after you.

A long time customer recently sent in the following question. Since it should be of broad interest, I asked his permission to anonymous post and answer it here.

How do you know that subscribing to an anonymizer does not simply mark you for observation?

We all know the NSA is capable of intercepting any electronic communication, and with gajillions of electronic communications happening every second, how would the NSA (or the FBI or the CIA or whoever it is who watches us) know which of those communications to watch?

Seems like the people wanting anonymity would be the first on the list.

Surely they COULD, couldn’t they? That is, get the subscriber lists, which would enable them to intercept communications this side of the proxy – i.e., intercept on the way out, on the way TO the proxy, BEFORE it gets securely tunneled? And no, that would not be possible with the web, but it would with email. Supposedly.

This is what has been proposed to me. What do you think? Does it have any validity?

It is certainly the case that the government could, in principle, monitor your access to privacy services. As long as that access is over a strongly encrypted connection, the contents of your communication, what sites you are visiting or who you are communicating with would be protected. The strength of your anonymity is then largely determined by the number of other users of the same service with which your traffic is being mixed.

In the United States, the use of privacy tools is not restricted. Strict separation of intelligence from law enforcement functions should prevent drift net monitoring of your use of Anonymizer from leading to any kind of legal investigation. The huge number of Anonymizer subscribers would also make this difficult and highly visible.

Outside of the US it is another story. Many countries exercise much greater control over the Internet. Even if it were not blocked by the Iranian government, accessing the Anonymizer website from within Iran would be a risky activity. Once again, the key here is safety in numbers. We have run anti-censorship tools in Iran that supported over 100,000 users. With those numbers, it is awkward for the government to go after people simply for using the service. This is not to say that if you are already under observation for some other reason that it would not give them added ammunition. Privacy tools are generally very effective at keeping you below the radar, but can be much less effective once you are on the radar for whatever reason.

The reality is that there is no evidence of widespread Internet surveillance being used in the US to track users of privacy services. As long as the connection to the service is well encrypted, you should be fine.

YouTube Korea squelches uploads, comments | Digital Media – CNET News

I am very pleased that Google is taking a stand against Korean anti-privacy laws. The law in question requires large Internet services (like YouTube) to collect real name information about any user posting content or comments. In response, Google has completely cut off any posting or commenting through the Korean version of the site. The solution Google proposes is that users should simply log in to a non-Korean version of the site and post away. This way Google never  needs to capture identifying information.

It will be interesting to see if Korea responds by trying to block access to all non-Korean versions of YouTube. Obviously anonymity tools provide an excellent end run around this kind of restriction.

I find myself of two minds on how to feel about this action. On the one hand, it respects Korea’s right to set its own laws within its borders, without allowing any one country to dictate how the rest of the world will use such tools. On the other hand, I find such anti-privacy policies so repugnant, I would like to see companies simply refuse to comply and pull hardware out of that country while continuing to provide the service.