In April, the police came for Li Gang.
It was a visit he had been dreading for almost six months, since he began working on a tool to help Chinese Internet users get around the vast censorship apparatus known as the Great Firewall.
Crowded inside his apartment in a northern Chinese city, Li says the officers ordered him to stop work on the tool and remove all traces of it from the web.
He did what they said, posting a message online to explain why he was taking the tool down. He says the police came again and ordered him to delete the message.
Li Gang is a pseudonym.
He has asked that his real name not be used, out of fear of arrest, because he says he was the latest target of an ongoing crackdown by China’s reinvigorated Internet censors, who, activists say, have dramatically ramped up their war on the open web in the past year, shutting down tools that enable people to access blocked content and pressuring or threatening their developers, both in an out of the country.
“It’s getting worse and worse, more and more websites have been blocked,” Li told CNN.
Since China began controlling its citizens’ Internet access in the mid-1990s, the censors have been engaged in an arms race with activists and developers to block tools that helped people jump over the Firewall and close loopholes that popped up.
Experts warn that as Beijing dedicates more and more money and effort to the fight, it may become increasingly one-sided.
“In the long run, people shouldn’t think that there might always be a technical solution to bypass censorship,” said Robert Knapp, chief executive and co-founder of Romania-based CyberGhost VPN, which, among other things, makes tools that assist people in bypassing internet controls.
Earlier this year, China’s legislature, the National People’s Congress, published a draft cybersecurity law that would cement government control over the internet and online activity. The measure is still under review.
Officials maintain that it would protect the personal data of Chinese users and “safeguard national cyberspace sovereignty, security and development.”
Chinese author and anti-censorship advocate Murong Xuecun echoes many critics when he says: “The [Great Firewall] fences in a Chinese information prison where ignorance fosters ideologies of hatred and aggression. If the firewall exists indefinitely, China will eventually revert to what it once was: a sealed off, narrow-minded, belligerent, rogue state.”
The Cyberspace Administration of China didn’t respond to multiple CNN requests for comment.
Beijing’s attempts to control the ‘net were once written off as misguided and doomed to fail. Former U.S. President Bill Clinton memorably likened it to an attempt to “nail Jell-o to a wall.”
Like the Chinese Communist Party itself however, the Great Firewall has not only outlasted any and all predictions of its imminent demise, but thrived and grown both in size and sophistication. According to researchers at the Berkman Center for Internet and Society at Harvard University, only about 1 to 3% of Chinese Internet users regularly jump the Firewall to browse the open Internet.
Some of the more enthusiastic and unlikely jumpers have been state media employees and propaganda officials, who most recently used Facebook and Twitter to promote President Xi Jinping’s visit to the U.S.
The harmonized web
Part of Beijing’s success is undoubtedly down to the accomplishments of the country’s homegrown tech industry, which has long cloned popular blocked services, creating Chinese versions that are as good if not better than their inspiration.
Instead of Google, Chinese users have Baidu; instead of Twitter, they have Weibo; and instead of Facebook, there’s WeChat; and for the majority of Chinese people, that appears to be enough. WeChat alone has more than 600 million monthly active users, bringing in billions of dollars in revenue.
However, as many researchers have shown, while these services are popular, they are also heavily filtered and censored, shutting down discussion on everything from the Tiananmen Square protests of 1989 to gossip about officials’ extra-marital affairs.
Here come the censors
An accurate estimation of the cost and size of the Great Firewall is impossible to come by, as much of the censorship happens in secret, but one indication of the sheer scale of the operation was given this year by the Chinese state media, which reported that more than two million censors are employed around the country, backed up by an incredibly sophisticated technological platform capable of analyzing web traffic and blocking tools designed to subvert it.
As the Great Firewall developed, so did tools to fight it. Over the years, activists and developers have adapted as fast, if not faster than the censors, moving from simple browser-based tools to sophisticated tunneling software and dedicated mobile apps.
“When faced with outright and obvious censorship, Chinese internet users don’t just give up — they push the limits,” said Charlie Smith, the co-founder of anti-censorship organization GreatFire.org.
Smith is a long-time activist. He uses the pseudonym Charlie Smith because he fears retaliation from the government.
The anti-censorship industry
It is impossible to gauge just how many Chinese would be interested in going beyond the Great Firewall to access the wider web, but Smith points out, the sheer size of China’s online population — 649 million at the end of 2014 — means that if even 1% jump the Firewall, then millions of people are gaining access to information Beijing would rather restrict.
The easiest and most-widely used method of jumping the Firewall is to use a virtual private network, or VPN, which tunnels traffic to a server outside of China with unfiltered Internet.
“Other solutions have gained some traction, but it’s a drop in the bucket compare to VPNs,” said Smith. Expats in China, in particular, are fond of VPNs, allowing them to ignore the restrictions of the Chinese Internet and browse as if they were at home.
“I never turn mine off,” said Erik Crouch, an American living in Shanghai, who pays around $120 a year for a VPN connection that he shares with his girlfriend.
“Without it, I would be cut off from most of what the world outside China considers to be ‘the Internet’.”
A small industry has sprung up to cater to those wanting to jump the Firewall, with almost 200 companies—based outside of China, beyond the country’s legal reach—competing to offer access to Facebook, Twitter, and other blocked sites.
An online counter-insurgency
Unsurprisingly, Beijing isn’t too fond of these commercial censorship fighters.
There have been regular clampdowns on VPN usage in China, such as earlier this year, when the Firewall underwent an “upgrade for cyberspace sovereignty”, according to the People’s Daily.
Igor Bidenko, chief information officer at U.S.-based Keep Solid VPN, said that the company’s website and services are “often blocked in China,” where around 15% of its customers are based.
“It’s frustrating, it takes a lot of manpower,” said CyberGhost’s Knapp. Most companies like his do not make the majority of their revenues from China, and the cost-per-user runs far higher for those from countries with censored Internet.
While it might not be their main priority, and can even cost them money, Knapp said that whenever the Chinese authorities introduce new blocking techniques, his team set about working around them.
“For the engineers, sometimes they see it as a fun challenge, a game to find new ways to unblock the service again,” he said.
Alongside VPNs, a host of other tools and services have sprung up, built by activists and developers and published online for free.
“The freedom aspect appeals to the politics of many people in the computer security field, as well as the real technical challenges [of beating the censors],” said Rob Johnson, a researcher at Stony Brook University and one of the developers of anti-censorship technology, The Castle.
Critics say the censors have sought to shut down as many of these tools as possible, targeting developers within China like Li and pressuring them to delete their apps. For those outside of the country, drastic measures are needed.
GitHub, a hugely popular U.S.-based service that hosts code and open source software, was hit with a huge distributed denial-of-service (DDoS) attack earlier this year, that overwhelmed its servers and forced it offline.
Cybersecurity researchers linked the attack to China, with the presumed purpose being to block access to tools hosted on GitHub, such as the anti-censorship group GreatFire and The Castle, which tunnels traffic through the firewall via online video games.
In a news conference shortly after the attack, a Chinese Foreign Ministry spokeswoman addressed claims about Chinese involvement saying, “It is quite odd that every time a website in the U.S. or any other country is under attack, there will be speculation that Chinese hackers are behind it…We have been underlining that China hopes to work with the International community to speed up the making of international rules and jointly keep the cyberspace peaceful, secure, open and cooperative.”
Knapp warned that the day may soon come where commercial VPN providers are simply outgunned by Beijing, leaving only activists and volunteers to take on China’s huge censorship apparatus.
“Governments have unlimited resources to build this technology and they’re getting better and better at doing it, at some point there will be no way to bypass a perfect firewall.”
This doesn’t deter GreatFire’s Smith however, who says the government’s heavy-handed measures may even be counter-effective.
“The more the authorities censor, the more likely information about circumvention tools gets disseminated,” he said.
Li Gang, who says he put his freedom on the line to help Chinese Internet users access the open web, maintains he is still hopeful.
While he isn’t working on the project anymore, he says the authorities were not successful in taking it offline, and there are now “more developers working on it than it ever had before.”