AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Friendly Debate (18+ please)  <--  <--- Return to Home Page
   Networked Database  Friendly Debate (18+ please)   [1985 / 2005] RSS
 From   To   Subject   Date/Time 
Message   Mike Powell    All   China tried to upgrade th   August 5, 2025
 9:08 AM *   

China tried to upgrade the Great Firewall but may have left it vulnerable to
attack

Date:
Mon, 04 Aug 2025 15:59:00 +0000

Description:
Flawed traffic censoring attempts have exposed the Firewall.

FULL STORY

Upgrades to Chinas Great Firewall (GFW) have not gone as planned, and the
resulting critical flaw reduces the effectiveness of the firewall in
moderating traffic loads, researchers have found. Attempts by China to censor
a specific type of internet traffic in the country have left the state at 
risk and vulnerable to attack; 

We [..] demonstrate that this censorship mechanism can be weaponized to block
UDP traffic between arbitrary hosts in China and the rest of the world. We
collaborate with various open-source communities to integrate circumvention
strategies into Mozilla Firefox, the quic-go library, and all major 
QUIC-based circumvention tools. 

 The paper was written by researchers from activist group Great Firewall
Report, as well as Stanford University, University of Massachusetts Amherst,
and the University of Colorado Boulder - and is titled Exposing and
Circumventing SNI-based QUIC Censorship of the Great Firewall of China.

Internet censorship 

The vulnerabilities stem from Chinas attempts to block Quick UDP Internet
Connections (QUIC) - a transport layer network protocol that is designed to
replace Transmission Control Protocol (TCP) because of its built in security,
flexibility, and fewer performance issues. 

QUIC was invented by workers at Google back in 2012, and at least 10% of 
sites use the protocol - with many Google and Meta sites included. Both of
these organizations are blocked by the GFW, so blocking QUIC connections 
seems to be an extension of this, although researchers note that not all QUIC
traffic is blocked successfully. 

The mechanism used to block QUIC connections is vulnerable to attacks that
could block all open or root DNS resolvers outside of China from access from
within the state, resulting in widespread DNS failures; 

Defending against this attack while still censoring is difficult due to the
stateless nature and ease of spoofing UDP packets, the paper explains. 
Careful engineering will be needed to allow censors to apply targeted blocks
in QUIC, while simultaneously preventing availability attacks. 

 Via; The Register

======================================================================
Link to news story:
https://www.techradar.com/pro/security/china-...
ll-but-may-have-left-it-vulnerable-to-attack

$$
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)
  Show ANSI Codes | Hide BBCodes | Show Color Codes | Hide Encoding | Hide HTML Tags | Show Routing
Previous Message | Next Message | Back to Friendly Debate (18+ please)  <--  <--- Return to Home Page
VADV-PHP
Execution Time: 0.0176 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2025 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
 v2.1.250224