Comments (5)
On November 20, 2019, Twitter user MrdoorVPN posted (archived) a photo of an incomplete table that lists "the pilot cross-border VPN applications that have implemented security obligations". This post (archived) contains a photo of the complete table.
For documentation purposes, below is a transcription of the table:
试点中已落实安全义务的跨境VPN应用 (The pilot cross-border VPN applications that have implemented security obligations)
厂商 (Vendors) | 应用 (Applications) | 域名 (Domains) |
---|---|---|
任子行武汉分公司 | 网行国际浏览器 | netrunrnu.com |
福建紫讯信息科技有限公司 | 酷鸟浏览器 | kuniao.com |
上海昆奥网络科技有限公司 | 天行浏览器 | txvpnpro.com |
上海闪耀信息科技有限公司 | 风筝浏览器 | ssnm.xyz |
天津心云科技有限公司 | 星网冲浪 | wxvpn.com |
成都吉胜科技有限责任公司 | 云豹 | sppedol.CNN |
河北启天电子技术有限公司 | 视界通浏览器 | shijietong.keyten.net |
深圳市携网科技有限公司 | 天秤浏览器 | vpn.yxsurf.com |
北京博艺网讯科技有限公司 | 自由鲸浏览器 | bjbywx.com |
江苏萃起信息科技有限公司 | 腾讯浏览器 | gjvpn.com |
The only vendor for which we can find an official English name is: 任子行武汉分公司 (Surfilter Network Tech Wuhan Branch).
from bbs.
In Oct 2020, Qihoo 360 published multiple commercial censorship-circumvention apps under different names (绿光/SGreen, Tuber, etc.) shadowed by shell companies in several major Android app markets in China featuring direct access to Facebook, Youtube, Instagram and etc.
These apps work like typical mobile browsers with proxies (or other circumvention protocols) built-in. Users can try them for free after registering by phone number. I tested a few of them at that time, to find that the egress or ingress (not sure which since it was long ago) IP addresses are just of the CDN of Qihoo 360.
They appear to use similar keyword-based censorship tricks on a webpage basis. Since it is a browser instead of a generic proxy tool, the censorship can bypass protocol-layer security like HTTPS.
There were unverified rumors claiming that these apps were endorsed by the government. Due to the close tie between Qihoo 360 and the authority, I suppose it is not absolute nonsense. But just one or two weeks after the public exposure, they (were) shut down. Before that, they seem to be (relatively) widely known/used by some young netizens to access Instagram and other lifestyle/fashion SNS.
Media or SNS coverage:
https://webcache.googleusercontent.com/search?q=cache:sZxENY1MIEgJ:https://www.zaobao.com.sg/forum/zaodian/hai-qiang-xin-diao/story20201014-1092541
https://mobile.twitter.com/search?q=Tuber%E6%B5%8F%E8%A7%88%E5%99%A8
https://mobile.twitter.com/search?q=%E7%BB%BF%E5%85%89%E6%B5%8F%E8%A7%88%E5%99%A8
from bbs.
Checking some random Twitter threads, it seems there's an ss-local.exe in the installation, which suggests Shadowsocks. Testers say that the browser somehow filters searches on sites like Google, Wikipedia, and YouTube, even apparently replacing Google search results with Baidu search results.
- @Shirosaki_Mieru (archived)
-
试了一下这个所谓合法的酷鸟浏览器,F12控制台打不开,也没办法查看证书信息,默认不检查服务器证书状态,拦截证书风险,还自带和谐功能🤔
I tried this so-called legal cool bird browser, the F12 console could not be opened, and there was no way to view the certificate information. By default, the server certificate status was not checked, the certificate risk was intercepted, and the harmony function was also provided.🤔
安装后目录底下有一个words.dat文件,可能是关键词?试了一下wiki,***事件马上被阻断提示404,应该是没有通过云端检测,但是搜索天安事件可以看到搜索页结果,点进去因为URL里面包含敏感词,马上又被阻断。There is a words.dat file under the directory after installation, which may be a keyword? After trying the wiki, the Tiananmen incident was immediately blocked and prompted 404. It should not be detected by the cloud, but the search for the Tianan event can see the results of the search page. Clicking on it because the URL contains sensitive words is immediately blocked.
本地的ss-local会随机开放端口监听,访问网站都会与180.153.184.65这个地址建立TCP连接,查了一下是上海电信的IPThe local ss-local will randomly open the port listener. The access website will establish a TCP connection with the address 180.153.184.65. Check the IP address of Shanghai Telecom.
- @justsudo (archived)
-
不要使用 酷鸟翻墙浏览器,这个浏览器使用的是腾讯云线路,并且会篡改谷歌的搜索结果。测试方法,用酷鸟浏览器搜索**功,***等敏感词,酷鸟浏览器会篡改谷歌的搜索结果,隐藏掉敏感内容。
Don't use the Cool Birds Wall Browser, which uses Tencent Cloud and will tamper with Google's search results. Test method, use the cool bird browser to search for Falun Gong, Xi Jinping sensitive words, cool bird browser will tamper with Google's search results, hide sensitive content.
from bbs.
So don't believe there is an authorized circumvention tool.
The offcial website of Kuniao browser has been blocked by GFW, which may also suggest it is not state-authorized.
Greatfire tested kuniao.com
, www.kuniao.com
and ie.kuniao.com
and found, these keywords were censored by DNS poisoning on Nov 16, 2019 3:37 AM (UTC+8)
.
gfw.report has been testing GFW's censorship on www.kuniao.com
every 2 hours since May 12 2019, and found:
- DNS-based censorship on
www.kuniao.com
started from sometime betweenNov 15, 2019 11:00 AM (UTC+8)
andNov 15, 2019 1:00 PM(UTC+8)
. - SNI-based censorship on
www.kuniao.com
started from sometime betweenNov 15, 2019 4:00 AM (UTC+8)
andNov 24, 2019 9:35 PM (UTC+8)
. www.kuniao.com
is still under these two types of censorship as of todayMay 9, 2020
, although the entire Kuniao website is down.
from bbs.
In this Chinese blog post (archived), Yves X tested Kuniao browser and found:
- There was an encrypted file named
words.dat
which was suspected to be a keyword list. - The browser could not access a website when the URL contains certain keywords.
- The browser contained a private self-signed CA.
from bbs.
Related Issues (20)
- Possible Cloudflare blocking in Russia HOT 2
- EU.ORG got blocked by GFW recently HOT 15
- Anamorphic Encryption Covert Channels HOT 1
- Thinking about building a covert TCP proxy that's based on DPI. But is it possible? HOT 12
- کانفیگ برای v2ray / v2ray configuration HOT 4
- "Anti-fraud" (反诈) spyware apps, phone inspections in China HOT 12
- National Anti-Fraud Center based plugins allegedly found in residential FTTR modem in China. HOT 3
- PowerTunnel HOT 3
- CN4Iran 2.0
- China-Linked 'Muddling Meerkat' Conducts DNS Hijacking for Internet Mapping HOT 3
- REALITY servers in Iran being abused as sort-of SNI proxies HOT 2
- CensorWatch: On the Implementation of Online Censorship in India (FOCI 2023)
- Some IP addresses used for DNS censorship in India HOT 3
- Defense against AI-guided Traffic Analysis (DAITA)
- Blocking of fully encrypted protocols (Shadowsocks, VMess) in Russia, targeting HTTPS traffic fingerprints HOT 12
- Blocking of *.pages.dev in Russia HOT 4
- I have my own VPN application, and I published it in the app markets. What is the difference between LTE and Home internet? HOT 3
- Snowflake, a censorship circumvention system using temporary WebRTC proxies (USENIX Security 2024) HOT 1
- Bleeding Wall: A Hematologic Examination on the Great Firewall (FOCI 2024)
- Assistance Needed to Bypass Restrictions on Irancell Network HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bbs.