Home » Blog » Berkman » How many people jump the Great Firewall?

How many people jump the Great Firewall?

My colleague Hal Roberts, I and friends at Berkman released a paper today that attempts to estimate usage of circumvention tools, tools used to evade internet filtering. We were specifically interested in trying to compare usage of different types of tools – sophisticated blocking-resistant tools like Tor and Ultrasurf, ad-supported web proxies like Proxeasy or HideMyAss, and VPN-based systems like Hotspot Shield and Relakks. Unlike in our previous study of some of these tools, we weren’t trying to compare the functionality of these very different tools, or evaluate their performance – we just wanted to answer the question, “How many people use this tool?”

That’s not an easy question to answer. For blocking resistant tools, we used estimates provided by the tool operators. (Tor is very good about publicly posting usage metrics, and Jacob Appelbaum points out that we’re able to access anonymized logs to conduct our own analysis. We could also, Appelbaum points out, run our own Tor node and extrapolate traffic from that node. I hope we’re able to do so in a later version of the research.) We did much the same for VPN operators, though here we sent a survey out to as many companies as we could find and tried to extrapolate from the responses we got to offer an estimate of tool usage for the whole space. Because web proxies are, at their heart, script-driven websites, we’re able to estimate their usage by building a catalog and using traffic statistics from Google Ad Planner to estimate usage.

There’s a lot of extrapolation in our findings, and we tried to make it clear that we were trying to calculate orders of magnitude of usage, not more granular numbers. With that caveat, the interesting finding were that total usage of the tools we studied was under 19 million users per month. That’s a pretty big number, in absolute terms, but surprisingly small given the large number of people accessing the Internet from countries where internet censorship is widespread. If that 19 million estimate (which represented the high end of our range of estimates) is correct, that number would represent 3% of the 562 million internet users in nations that filter the web aggressively.

Of course, not all proxy users are in nations like China or Iran – some are in an unfiltered country like Mexico, and using proxies to access content that’s been geographically restricted – television shows made available on Hulu.com, for instance. It’s very hard to estimate how many users are in highly censored countries, but it’s worth noting that the economics of simple web proxies (which represent 15 million users in that high-end estimate) mean that their operators prefer to serve American users trying to access Facebook within a filtered high school network rather than Iranian users (as they are more likely to click on English-language banner ads)… and many use geolocation software to prevent users from less-profitable nations from using the tools.

There are a couple of possible conclusions we could draw from these usage statistics. One is that people in censored countries either don’t know enough about these tools, why they might want them or how to find them. That’s the logic behind efforts like the Sesawe project, which is promoting tools, localizing them into appropriate languages and providing guides to circumventing censorship.

Another possibility is that there’s reasonably widespread knowledge of these tools, but less appetite for them than we might hope. While an unfiltered internet is critical for some users – academics, foreign policy experts, activists – for many, a censored internet is a stimulating and diverting space. David Talbot wrote an excellent piece for Technology Review on this phenomenon earlier this year, helping English-speaking readers get a sense for the dynamism and complexity of conversations on China’s heavily censored internet. When countries like China block access to social media sites like Twitter or YouTube, but provide alternatives – censored, but in local languages – those tools tend to gain traction quickly. I’ve seen estimates of Chinese Twitter users as between 50,000 and 100,000 users – Sina.com’s microblogging service claims 20 million users. Given that disparity – and the fact that microblogging is still an early adopter phenomenon – it’s worth asking whether those Sina microbloggers are ignorant of Twitter, or whether they made a decision to user the platform their friends are using rather than a “freer” platform. As Evgeny Morozov commented in a Technology Review piece on our new study, “nothing is irreplaceable online.”

I made the case some months back that circumvention can’t be the only pillar of a US government internet freedom strategy – not everyone wants or needs these tools. That observation – and this paper – aren’t meant to be a case against developing better circumvention tools or promoting these tools. Instead, it’s our way of trying to get more people thinking about the tough challenge we’ve been wrestling with – how do we think about internet censorship if it’s possible – maybe even likely – that many people aren’t interested in making an effort to access an uncensored internet?

12 thoughts on “How many people jump the Great Firewall?”

  1. Pingback: How many people jump the Great Firewall? | The Daily Bunch

  2. One key message is the importance of localisation and probably internationalisation. Having software in the local language is a key sweet spot for adoption of the local Chinese software.
    Thanks,
    GerardM

  3. To your first possible conclusion, it would be interesting to know how current users of circumvention tools in a restricted Internet climate find out about those tools. Knowledge of tools such as Tor is pretty low in open climates such as the United States (outside of techie circles,) so these tools already face a level of obscurity. Add on the impact of a state actively controlling what information is available via the Internet to its citizens and I would imagine the Internet is not a useful medium for distributing these tools. So how have these tools gotten into the hands of people using them? Is it trough a network of word-of-mouth and USB drives?

  4. Gerard, you’re certainly right that localization matters. The GIFC tools are available primarily in Chinese – when we look at adoption of those tools, you’re looking at adoption of the Chinese-language tools primarily in China.

    Bill, there’s been quite a bit of work done by groups like Sesawe to make these tools more usable in different languages. Word of mouth is important, but there are organized efforts as well. Vietnamese dissident organization Viet Tan, for instance, has been releasing information on these tools in Vietnamese at nofirewall.net

  5. Pingback: The Great Firewall and Other Musings « The Electric Brain

  6. Hi Ethan, thank you for the nice post. As I am living in China, maybe I can offer some insights from inside China:

    1. most Chinese netizens do NOT bother jumping the Firewall, many of them didn’t even know the existence of such a wall, as many Chinese do not understand English.

    2. for people who know they are surfing behind a Firewall, only a small fraction would attempt to circumvent that. Often using some sort of software, the most popular one might be Freegate.

    3. some tech-savvy Internet users would use VPN/SSH to circumvent the Firewall, and there are even people selling VPN/SSH accounts on Taobao.com, a Chinese eBay, at a very reasonable price. For as little as $2, you can get an SSH account for 3 months, and browse sites like YouTube or Facebook without worry.

    4. There’s a clear rift between people behind the Firewall and people who jump the Firewall. Their perception of the world could be radically different. It would be so much better if people here could surf the web freely, explore on their own, and to learn about the full possibilities of the Internet.

    So unless the gov opens up its mind, there would be a long and continuing zig-zag battle between the curious netizens and the grand nannies who watch us all the time.

  7. One thing that I’ve noticed is that anti-circumvention technology really hasn’t thought through the legal and political context of what the Chinese government is trying to do.

    It is not illegal under Chinese law to bypass the firewall and as far as I know, no one has every been sentenced to prison for bypassing the firewall. The strategy of the Chinese government is less to control people *receiving* information than to control the ability of people to either broadcast or organize via the internet. The main purpose of the firewall is to let people know that big brother is watching so that people start being careful about what they say and who they talk to, and so that big brother can shut things down when it appears that there is any sort of organization occurring.

    If you look at things this way, then the anti-circumvention technology doesn’t work from a social viewpoint. If you are passively reading web content, then the technology is too much. It is difficult to use, and even the process of using it makes you realize that you are doing something out of the ordinary which increases the tendency to self-censor.

    If you are doing something really subversive that could land you in jail, then the anti-circumvention technology is not enough. If the Chinese government really wants to get you, they can monitor networks, grab internet logs, and generally use the power of the state is ways that would negate any usefulness of anti-circumvention. If you start trying to organize people for a demonstration, and it turns out that you were the only one in the internet cafe using a VPN proxy server, then you are doomed.

    The other thing is that this is extremely brittle. If you start using a lot of high technology anti-circumvention software, and the next day you just get a phone call from the PSB asking about it, then your choice at this point is to become a professional dissident, in which case, anonymity is useless, or you stop whatever you were doing. It also doesn’t help that a lot of the technology is complex, and prone to fail in non-obvious ways.

    And that gets at the biggest problem with these tools. Most people in China simply are not interested in becoming a political dissident. There is political repression in China, but the government realizes that too much repression can be counterproductive, and so keeps the level of repression low enough so that the costs of becoming a political dissident far outweigh the benefits for most people. Also every internet service that exists outside of China has a politically sanitized version within China.

    Also, if you do want to become a political dissident, then anti-circumvention tools tend to be useless since if you really do want to challenge the Chinese state, the last thing that you want is to be anonymous.

    One final thing is that it would be interesting to see how people how have exposure to Western media change their attitudes, but it’s not clear to me that just reading the New York Times will make anyone in China into an anti-government dissident. I personally know of people that have a lot of exposure to Western media, and it’s very common for Chinese that do actively read Western media to conclude that Western media is heavily biased against China, and that reading it actually increases their support for the Chinese government.

  8. Malcolm Gladwell’s recent article on how the revolution will not be twittered is important in this context.

    One other thing that makes me skeptical about technological means for circumventing censorship, is that it is far, far better to know that you are being watched than to assume incorrectly that you are not being watched.

    Something that has happened with the internet is that there have been some high profile cases in which people have gotten into trouble for assuming that there is security that is not there.

    One nightmare scenario which can easily happen is that you have some security package with a bug or misconfiguration, which lets the Ministry for State Security read your e-mail. Of course, if they can read your e-mail, they aren’t going to let you know that.

    Also, even if everything works, how do you know that you have the real software. It wouldn’t be that difficult for someone to produce software that looks and feels like some anti-censorship software but periodically send an e-mail dump to the Ministry of State Security.

  9. Probably worthwhile to consider how the combination of internal-only publication of many Chinese laws and the unpredictable/asynchronous/scatter-shot enforcement mechanisms employed in this domain are likely to affect confidence levels among the users of such technologies. Even repeated (apparently) successful use of such technologies may provide only limited assurance that one is truly communicating undetectably — and no reassurance at all that the hammer won’t fall heavy the next time someone in the SC is offended enough to order an industry-wide crackdown.

    Uncertainty (or rather the cultivated certainty of rough and unpredictable consequences) is often enough to induce enough self-censorship and self-directed behavioral adjustment to obviate any need for more draconian mechanisms (c.f., HK news outlets post-1997).

  10. Pingback: Washington Post: Time to reboot our push for global Internet freedom « Center for Innovation News Study

  11. Pingback: China: How netizens evade censorship-Ethan Zuckerman « FACT – Freedom Against Censorship Thailand

Comments are closed.