Hacking the Regime

September 3, 2009
By Eli Lake/The New Republic
Ayatollah Ali Khamenei and Mahmoud Ahmadinejad like to blame the uprising in Iran on outside influences. They particularly like to point their fingers at the British and the Americans, along with a requisite nod in the direction of the Zionists–a time-honored pretext for avoiding blame for discontent in their country. But, for all the phantom rabble-rousers, there’s one outside influence that has actually helped shape events: the Falun Gong.

To most metropolitan Americans, the Falun Gong are the yellow-shirt-wearing adherents of a Chinese religious sect who hand out flyers on street corners. Those flyers describe the group’s struggle against the Chinese government, which has banned the Falun Gong and subjected its members to organ-harvesting, electroshock therapy, and gulags. But, as the Chinese have escalated their efforts to stamp out the Falun Gong, the group has grown ever savvier in outwitting its oppressors. And it was the protestors in Iran who benefited from this savvy.

As the streets of Tehran erupted in the days following Mir Hossein Mousavi’s bizarrely lopsided defeat, the regime’s repressive apparatus kicked into full gear. Among its top priorities: shutting down access to the Internet. But, at this critical moment in the Islamic Republic’s history, some of the government’s Internet filters failed. Indeed, the most utopian proponents of the Internet’s liberating powers seemed vindicated–as social-networking sites organized mass demonstrations and YouTube videos documented the brutal truncheons of the basij and the making of martyrs.

When these dissident Iranians chatted with each other and the outside world, they likely had no idea that many of their missives were being guided and guarded by 50 Falun Gong programmers spread out across the United States. These programmers, who almost all have day jobs, have created programs called Freegate and Ultrasurf that allow users to fake out Internet censors. Freegate disguises the browsing of its users, rerouting traffic using proxy servers. To prevent the Iranian authorities from cracking their system, the programmers must constantly switch the servers, a painstaking process.

The Falun Gong has proselytized its software with more fervor than its spiritual practices. It distributes its programs for free through an organization called the Global Internet Freedom Consortium (GIFC), sending a downloadable version of the software in millions of e-mails and instant messages. In July 2008, it introduced a Farsi version of its circumvention tool.

While it is hardly the only group to offer such devices, the Falun Gong’s program is particularly popular thanks to its simplicity and relative speed. In fact, according to Shiyu Zhou, the deputy director of GIFC, the Farsi software was initially so popular that the group shut it down soon after introducing it. Iranians had simply swamped their servers, even outnumbering Freegate’s Chinese users. (Iranian Internet restrictions are more lax than the Chinese, allowing much heavier outbound traffic than the GIFC is accustomed to handling.)

But, on the day after the presidential election this past June, the engineers reopened Freegate to Iranians, as a gesture of solidarity. And, once again, they were overwhelmed. “From then on, it got out of control,” Zhou told me. Within 20 hours, the number of Freegate users doubled to an estimated one million. Zhou and his comrades were faced with a wrenching decision. They could continue helping the Iranians, which might flood and wipe out all of their operations. Or they could focus on trying to preserve lines of communication for their core users in China. “We had to restrict the traffic in Iran or else all of our servers would crash,” Zhou said.

During the cold war, the dominant metaphor for describing the repression of totalitarian regimes was The Berlin Wall. To update that metaphor, we should talk about The Firewall. (The Great Firewall is what they call it in China.) There’s a dream that the censors manning it will be overcome and the Internet will be used as a force of liberation–giving closed societies a tantalizing glimpse of the West, allowing repressed people to build social movements. And all that’s a distinct possibility. But the Web is not nearly the implacable force for freedom that some of its champions have portrayed. The world’s authoritarians have shown just as much aptitude for technology as their discontented citizens. Indeed, the race to beat the Internet censors is a central battle in the global struggle for democracy–a cat-and-mouse game where the fate of regimes could rest in no small measure on the work of the Falun Gong and others who write programs to circumvent Web censorship.

The Internet tactics of the Chinese and Iranian governments began innocently enough in American libraries. To meet federal preconditions for funding, libraries installed cyber-nanny software that blocked the ISP addresses of pornographic websites. This software developed by Silicon Valley companies like Macafee became widely available. And some repressive regimes like Iran simply repurposed it.

China, however, had a keener understanding of how technologically sophisticated youth might find their way around such filters and set out to create a more stalwart firewall. According to Chinese dissident Harry Wu, the state spent $800 million and enlisted the help of U.S. tech giants like Nortel and Cisco Systems to develop an initiative called the Golden Shield. This was a massive effort to harness technology to control and monitor the citizenry, leading to the creation of digital identification cards containing a microchip that stores a person’s vital statistics (age, name, address, etc.) and a database that gives the state the capacity to recognize the voices and faces of its 1.3 billion people.

From the start, the Golden Shield was positioned to build an impenetrable firewall. That’s because China’s Internet traffic enters the country in fiber optic cables at only three locations. At these chokepoints, filters block many sites that have been flagged as unacceptable and scan unfamiliar sites for keywords (like “falun gong”) that suggest subversiveness. Robert Guerra, the project director for Freedom House’s Internet Freedom Initiative, compared China’s Internet infrastructure to a national highway system that is riddled with potholes and speed traps. “Even if you drove a Porsche on that highway, you would never be able to drive the car to its full capacity.”

Success doesn’t merely depend on technology. A large bureaucracy is deployed to fine-tune and enhance the filters–giving the Chinese the capacity to allow users to read The New York Times while denying them articles in the Times that the regime deems dangerous. And that full-time bureaucracy is supplemented by hundreds of thousands of nationalistic part-timers who are paid to post pro-government comments on blogs and to drown out dissenting voices in Web forums. These bloggers are called the Fifty Cent Army, indicating that Chinese Web labor is cheap.

The Golden Shield has become the envy of the authoritarian world. China has exported its technology to countries like Cuba and Belarus, according to Reporters Without Borders. And others, such as Iran, have studied their model. The Iranian Revolutionary Guard, for instance, has gotten into the game of Web censorship as part of a new initiative to counter what the regime dubs “soft revolution.”

For all the success of the Golden Shield, there are still gaps that it can’t fill. Censors have struggled to squash homegrown blogs, which can’t be blocked at inbound chokepoints (although newfangled local Internet providers have censored these sites). The Falun Gong understands the gaps. It has probed for them and then rushed through them.

The Chinese assault on the Falun Gong has been ruthless. Since 1999, when the government outlawed the group, hundreds of its practitioners and most of the group’s leading figures have been arrested and then abused. A January 2002 Human Rights Watch report on the crackdown said, “[S]erious human rights violations–including restrictions on freedom of thought, belief, and expression, wrongful detention, unfair trials, torture, and deaths in custody–have accompanied the Chinese government response to Falun Gong.” Unlike many international human rights groups, whose sites will sporadically load, the Falun Gong pages have been comprehensively blocked.

For the Falun Gong, whose members are treated like terrorists, the Web is the only vehicle for connecting its underground to the world. Following the July 1999 crackdowns, the Internet also became the only venue for the group to counter the Chinese government’s propaganda campaign against it.

The Falun Gong does not keep records of its membership in the United States or around the world. Nor does the group have a formal hierarchy. The closest thing the organization has to a leader is Li Hongzhi, whom practitioners call “Teacher” and who currently resides in New York state. Falun Gong’s practitioners happen to include a number of talented engineers employed by tech companies like Microsoft and Google, as well as by government agencies like NASA. And, in the face of the crackdown, and at the height of the dot-com bubble, the Falun Gong launched its own tech division, the GIFC.

For all their cleverness, members found themselves constantly outmaneuvered. They would devise a strategy that would break past China’s filtering tools, only to find their new sites quickly hacked or stymied. In 2002, though, they had their Freegate breakthrough. According to David Tian, a programmer with the GIFC and a research scientist at NASA, Freegate was unique because it not only disguised the ISP addresses, or Web destinations, but also cloaked the traffic signatures, or the ways in which the Chinese filters determined whether a Web user was sending an e-mail, navigating a website, sending an instant message, or using Skype. “In the beginning, Freegate was rudimentary, then the communists analyzed the software, they tried to figure out how we beat them. They started to block Freegate. But then, we started hiding the traffic signature,” says Mr. Tian. “They have not been able to stop it since.”

Even in the United States, this is risky work. In 2006, one of the GIFC’s chief engineers, Peter Li , was attacked in his suburban home outside of Atlanta by three or four Asian men pretending to deliver water. He was bound and beaten, and two of his laptops were stolen. There’s no way to prove this was not a random attack. But there was good reason to believe that the Falun Gong had managed to significantly irk its adversary.

This has led GIFC to keep their work under wraps. Their code is a tightly held secret, according to Shiyu Zhou. “The Chinese will constantly have people block you, reverse-engineer the tool, sabotage the tool,” he says.

The Falun Gong was hardly alone in developing this kind of software. In fact, there’s a Coke-Pepsi rivalry between Freegate and the other main program for skirting the censors: The Onion Router, or TOR. Although TOR was developed by the U.S. Navy–to protect Internet communication among its vessels–it has become a darling of the libertarian left. The TOR project was originally bankrolled, in part, by the Electronic Frontier Foundation (EFF), the group that first sued the U.S. government for warrantless wiretapping. Many libertarians are drawn to TOR because they see it as a way for citizens to shield themselves from the prying eyes of government.

TOR uses an algorithm to route traffic randomly across three different proxy servers. This makes it slow but extremely secure–so secure that both the FBI and international criminal gangs have been known to use it. Unlike the Falun Gong, the TOR programmers have a fetish for making their code available to anyone.

There’s an irony in the EFF’s embrace of TOR, since the project also receives significant funding from the government. The Voice of America has contributed money so that its broadcasts can be heard via the Internet in countries that have blocked their site, a point of envy for the GIFC. For the past four years, the Falun Gong has also been urging the U.S. government to back Freegate financially, going so far as to enlist activists such as Michael Horowitz, a Reagan administration veteran, and Mark Palmer, a former ambassador to Hungary, to press Congress. (Neither was paid for his work.) But, when the two finally persuaded Congress to spend $15 million on anti-censorship software last year, the money was redirected to a program for training journalists. Both Palmer and Horowitz concluded that the State Department despised the idea of funding the Falun Gong.

That’s a reasonable conclusion. The Chinese government views the Falun Gong almost the way the United States views Al Qaeda. As Richard Bush, a China expert at the Brookings Institution, puts it, “An effort to use U.S. government resources in support of a Falun Gong project would be read in the worst possible way by the Chinese government.”

 

Still, there will no doubt be renewed pressure to direct money to the likes of the GIFC and TOR. In the wake of the Iran demonstrations, three bills to fund anti-censorship software are rocketing through Congress, with wide support. Tom Malinowski, the Washington director for Human Rights Watch, argues that such software “is to human rights work today what smuggling mimeograph machines was back in the 1970s, except it reaches millions more people.”

In the brief history of the Internet, there’s been an assumption that the little guy (the blogger, Apple, Firefox) has an advantage over the slow-footed giants of the world. With Web circumvention tools, the little guys might ultimately prevail, too. When the Iranian regime deliberately slowed down the speed of its Internet and deployed its full resources to squash traffic, it made it very difficult to upload video to social networking sites–but those videos have still trickled through.

The authoritarian regimes of the world, however, understand their new vulnerabilities. Many aren’t exactly known as technology leaders. Yet countries like Russia have pioneered cyber-warfare–and can devastate a website if they desire. A key component in Russia’s battle plans against Georgia last summer was a swift denial-of-service attack on government computers in Tbilisi. Even North Korea has developed an offensive cyber-warfare capability, according to U.S. intelligence.

And, while the Falun Gong has managed to win the upper hand in its battle with the Chinese government, it has reason to be less sanguine about the future. The Chinese have returned to the cyber-nanny model that U.S. libraries have deployed. This notorious project is called the Green Dam, or, more precisely, the Green Dam Youth Escort. Under the Green Dam, every new Chinese computer is required to come with a stringent filter pre-installed and, therefore, nearly impossible to remove. As the filter collects data on users, it relies on a government database to block sites. If anything, the Green Dam is too comprehensive. In its initial run, the software gummed up computers, crashing browsers and prohibiting virtually every Web search. In August, Beijing announced that it would delay the project indefinitely. Still, China had revealed a model that could, in theory, defeat nearly every Web-circumvention tool.

When I asked David Tian, the GIFC programmer, about Green Dam, he spoke about it with a mix of pride and horror. The pride comes from the fact that the GIFC’s successes have placed the Chinese on the defensive. “One of the reasons they started this Green Dam business and moved the filter to the computer is because they cannot stop our products with the current filters,” he said. But he conceded that Green Dam will render Freegate useless.

In the world of product development–and freedom fighting–you innovate or die. The Falun Gong is determined not to go the way of the Commodore 64 into technological irrelevance. It has released a beta version of a new piece of software to overcome the Green Dam. Without a real chance to test it, it’s hard to tell whether it will work. But it has overcome the first hurdle of product development. It has marketed its product with a name that captures the swagger of the enterprise. It is called Green Tsunami.Eli Lake is a contributing editor at The New Republic and a national security correspondent for The Washington Times.

http://www.tnr.com/article/politics/hacking-the-regime