[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Firewall USA to Firewall China



> This would hose 93% of the subversive stuff on the 'net.

I guess I've gotten turned around on this -- last week I was arguing your 
position.

But:  China's problem is internal, not external, and it's political, not 
sexual.  Let's assume that they can build a successful firewall -- 
despite the fact that the people here on this list who design and install 
such firewalls for a living don't believe that the Chineese plan is 
feasible.  Let's assume that they can prevent people from grabbing photos 
from playboy.com.  So what?

Who's in a position to formulate devastating criticisms of China's
government?  Americans?  Or people who live under the system and
understand it?  And what's subversive, anyway?  Breasts enhanced with
silicon and airbrushing, or plain honest talk about liberty and
government? 

Any net that lets the Chineese people publish and talk to one another is 
going to create problems for the government.

On top of that, the firewall isn't even going to keep out foreign traffic. 
The firewall model doesn't work for internal security -- it assumes that
the people on the inside are trustworthy, and it focuses on protecting the
internal net from people on the outside.  The Chineese have to deal with 
people on the inside trying to subvert the wall by building illicit links 
via telephone lines or satellite channels.

Let's put it another way.  Suppose a company has a strong firewall 
installed by a first rate security consultant.  If an employee who has 
access to the internal net puts a modem on his machine and lets anyone 
who wants to dial in and connect to the internal net, what good does the 
firewall do?  You can't come in over the Internet, but you can come in 
over a pots line.  Either way, you've got your access.

For what it's worth, I have a friend who just got a job with Apple's
operation in China.  According to him, Hong Kong is fully wired, but
mainland China only has about 5,000 net accounts outside of government or
acadamia.  All 5,000 of those accounts seem to be served by a single 64kbs
connection to the outside world, which suggests that they're email only.