A mysterious glitch in China led to one of the biggest-ever Internet blackouts on Tuesday, forcing massive volumes of Chinese Web traffic to U.S. servers belonging to a firm with a long history of protesting the government in Beijing and evading its censors.
A mysterious glitch in China led to one of the biggest-ever Internet blackouts on Tuesday, forcing massive volumes of Chinese Web traffic to U.S. servers belonging to a firm with a long history of protesting the government in Beijing and evading its censors.
The disruption, which crippled service for most of China’s roughly 600 million Internet users, began around 3 p.m. in Beijing and lasted as long as eight hours, according to Compuware, a Detroit-based firm that monitors Web performance.
The official China Internet Network Information Center said the disruption was probably the result of a hacking attack, but Internet experts said that the cause appears to have been a flawed effort by Chinese Web censors — part of what is known as the Great Firewall of China — to block sites the government deems subversive.
But instead of censoring, the government appears to have momentarily shut down much of the country’s access to the Internet by mistakenly directing all of that Web traffic to servers controlled by Dynamic Internet Technology, a U.S. software company founded by anti-censorship activist Bill Xia.
Xia said in an email that the disruption, which crashed his servers, was caused by China’s “hijacking system,” which is “part of China’s Great Firewall.” Xia, who moved to the United States from China in the late 1990s, sells software and services to Voice of America, Radio Free Asia, the U.S.-based organization Human Rights in China and Epoch Times, a newspaper published by the Falun Gong religious group.
This incident “both communicates the fragility of the Chinese Internet but it also reminds us how robust and resilient their censorship has been,” said James Mulvenon, director of Defense Group’s center for intelligence research and analysis.
The Great Firewall works in myriad ways to control what Chinese Internet users can see online, from obstructing searches on sensitive topics such as the 1989 Tiananmen Square protests to blocking entire websites, such as social media sites Facebook and Twitter.
The Chinese government blocks sites by exploiting a weakness in the infrastructure of the Internet.
If a user is trying to reach a site by entering the domain name — for instance, Facebook.com — into a browser. Ordinarily, that request gets sent to what’s known as a DNS server, which matches the domain name to an IP address, a series of digits that computers can use to identify each other.
Internet experts say China’s Great Firewall works by redirecting traffic to erroneous or fake IP addresses. But in the case of Tuesday’s glitch, something seemed to go wrong.
A massive amount of traffic was diverted to 65.49.2.178, an IP address affiliated with Xia’s Dynamic Internet Technology, a group whose work is routinely censored by the Chinese government.
“The rule was supposed to be, ‘Block everything going to this IP address,’ ” said Nicholas Weaver, a researcher at the International Computer Science Institute, which is affiliated with the University of California at Berkeley. “Instead, they screwed up and probably wrote the rule as ‘Block everything by referring to this IP address.’”
Heiko Specht, who helps track website performance for Compuware, was sitting at his desk in Munich when a customer alerted him to some problems in China. Specht ran some tests — and saw that at least 80 percent of the common Web domains in China were not working.
“I almost fell from my chair,” he said.
Specht said that with sites such as PayPal down, it was impossible for many companies to conduct business. He estimates that between half and two-thirds of all active Internet users during this time were affected. China has the largest population of people online in the world, according to a report by the China Internet Network Information Center.
Under President Xi Jinping, the Chinese government has continued to clamp down on freedom of expression, both among intellectuals demanding political reform and among international news organizations reporting on allegations of corruption among the country’s leaders. This week the Washington-based International Consortium of Investigative Journalists issued a report detailing offshore tax havens used by relatives of the country’s top leaders, including Xi’s brother-in-law, and some of China’s wealthiest citizens.
Individuals in China and organizations outside the country have deployed a variety of strategies to circumvent the Chinese filters and censors. One free program called Freegate is produced by Xia’s firm. Once past the firewall, users in China can visit any blocked site.
“It’s just more of the cat-and-mouse game with the Chinese Internet,” said Mulvenon, the Defense Group director.
Xia rarely gives interviews. He is a practitioner of Falun Gong, which the Chinese government has been trying to stamp out for more than a decade.
Internet experts said the blackout this week should serve as a warning that efforts to weed out unwanted content can lead to a system-wide breakdown.
“The Great Firewall relies on humans to administer it,” said Jason Ng, author of the book “Blocked on Weibo.” “It might be a wake-up call to certain people who are in charge of this sort of thing.”
Collin Anderson, a Washington researcher on censorship who is affiliated with the University of Pennsylvania, says he has seen similar things happen in Iran.
“This is what happens when you try to break the Internet for censorship because things are going to go wrong and in catastrophic ways that bring down the Internet or make it unusable. This is censorship backfiring.”