Who Built China’s Great Firewall and Why?

“Who built the CCP’s Great Firewall?”

MR. YU (China Internet Observer): What really made the GFW possible were the efforts of a body of college students, who, in their 20s, were led by their experienced supervisors over 40. The Chinese regime disliked Tsinghua University, where students dreamed to study in American or Canadian universities. What the regime really worshiped was Communist Russia. Once at a crisis, it betrayed its gene of Russian communism. So, Harbin Institute of Technology became its best choice.       

“Who Built the Hardware of the Great Firewall?”

MR. YU (China Internet Observer): Fang Binxing gave the contracts of hardware equipment to three people: Li Guojie, Lu Xicheng, and Chen Zuoning.

“Who Does the CCP Truly Trust?”

MR. YU (China Internet Observer): The Chinese communist regime has never trusted anything but its “original hooligan base.” Many Chinese think highly of an education in Tsinghua University. In fact, intellectuals have never gained due social status.

Who Built China’s Great Firewall and Why?

MS. GAO: Welcome to Zooming In, I’m Simone Gao. In our last episode we discussed the origin of China’s Great Firewall (GFW). Today, we dig further. Which organizations and individuals are responsible for its research, development, and operations? We invited China Internet observer, Mr. Yu Chao, to help us understand this topic. First, there was a decisive step in building the GFW. What was it? Let’s reexamine history.

In the late ‘90s, free information flow in the emerging internet caused the Chinese Communist Party’s (CCP’s) fears. They were aware of the need to build an online wall to throttle information—preventing true, sensitive content from spreading into or from China. Only with this kind of wall could Beijing have a lasting sense of security. In 1998, then-CEO of Cisco, Mr. Chambers, visited the chief of the CCP, hoping to offer a powerful apparatus for China’s internet controls. The April 25th peaceful appeal of about ten thousand Falun Gong practitioners to Chinese authorities in 1999 reminded top CCP officials to improve this wall for the forthcoming crackdown on the group. However, what should the firewall and its functions be like? Should it be installed in every Chinese computer? Or should it serve only as a shield or as an agent to monitor and spy on those who are disobedient? For information to be blocked, what content priority should it have? Should it be absolutely inaccessible or less inaccessible? All these intentions had to be translated into workable requirements by specialized organizations—the CCP intelligence and security agencies.

MR. YU (China Internet Observer): The CCP intelligence system originated in the “Central Social Department” led by Kang Sheng and Li Kenong while in Yan’an, Shaanxi province. After the CCP came to power, it was divided into three parts: the Intelligence Directorate of State Council, the Intelligence Bureau of Operations Dept., and the General Intelligence Dept., both under the Central Military Commission. Until 1955, the above military intelligence organizations were transferred to the GSD, and the rest to the CCP Investigation Dept. After the Cultural Revolution ended, until 1983, the Investigation Dept. and the anti-intelligence agencies were merged into the State Security Dept. The 3rd Dept. of GSD and the 9th Bureau of the State Security Dept. joined the construction of the GFW. The former has a full name: the GSD Technical Reconnaissance Dept. And the latter has a full name: Internal Reconnaissance Bureau of State Security Ministry, responsible for counter-intelligence in foreign-related organizations, as well as spying on domestic “retrogressive organizations.” These are concerned intelligence and security entities.       

MS. GAO: How did those organizations carry out the CCP’s orders? How technically did they create workable intelligence and security requirements? To make it work, research institutes, universities, and companies had to help create the technology and products. They were essential in creating the Great Firewall. China’s biggest tech security institutions are Tsinghua University, CAS, and Shanghai Jiaotong University. Did the Chinese regime trust them?

MR. YU (China Internet Observer): Despite Chambers’ visit to China in 1998, the CCP doesn’t trust Americans. Ideology, communication, and information security are crucial to the survival of the ruling CCP. They are combined to block online and suppress Falun Gong. What the CCP really trusts is its own military agencies, e.g. research institutes and universities with strong military background. Included in the list are Harbin Institute of Technology, National University of Defense Technology, Xidian University, Beijing Electronics Science & Technology Institute.

MS. GAO: Information system development requires three main parts: hardware, application software, and algorithms. We’ll analyze how they fit into the Great Firewall, with China Internet observer, Yu Chao.

Harbin Institute of Technology: A Military and Research Organization

MR. YU (China Internet Observer): The principal GFW founder and chief engineer is Fang Binxing from Harbin Institute of Technology. This is quite meaningful because the strongest academic agencies in cyberspace and information security are Tsinghua University and Shanghai Jiaotong University. Then, why was Harbin Institute of Technology singled out? What really made the GFW possible were the efforts of a body of college students, who, in their 20s, were led by their experienced supervisors over 40. The Chinese regime disliked Tsinghua University, where students dreamed to study in American or Canadian universities. Since Shanghai had long been influenced by the West, Shanghai Jiaotong University had too many southerners who were well-informed and hard to control. After the end of World War II in 1945, Harbin Institute of Technology was jointly administered by China and the Soviet Union. In 1958, its programs underwent a significant change at the orders of Deng Xiaoping. Until 1962 it completed its transformation, beginning to serve the national defense since then. Though the CCP called itself a Marxist party, what it really worshiped was communist Russia in terms of ruling practices and organizational structure. What the regime really worshiped was communist Russia. Once at crisis, it betrayed its gene of Russian communism. So, Harbin Institute of Technology became its best choice.

The 30th Research Institute of CETC

MR. YU (China Internet Observer): Founded in 1965, this institute is headquartered in the city of Chengdu under CETC, one of the ten biggest groups serving the military industry. Over decades, the institute has been committed to research on military encrypting machines and passwords in the education sector. As Internet services have become common in China, information security has been its primary focus ever since 1998.

The 56th Research Institute of the PLA General Staff Directorate

MR. YU (China Internet Observer): Created in June 1951, the 56th Research Institute is located by Lake Tai, Wuxi, Jiangsu province. It’s also known as South China Institute of Computing Technology for outsiders. Actually, it is a military computer institute, focusing on both hardware and software, as if computing and software institutes are combined in Chinese Academy of Sciences. National University of Defense Technology, Xidian University, and The PLA Information Engineering University are important institutions of learning for China’s Communist army.

National University of Defense Technology

MR. YU (China Internet Observer): This university originated in the PLA Military Institute of Engineering, established in Nangang, Harbin in 1953, with the CCP General Chen Geng as its first president. After rounds of organizational changes, it came under direct administration of the Central Military Commission, also dubbed “the Tsinghua University in the Army.” Incidentally, The PLA Engineering Academy of Armed Forces also derived from the PLA Military Institute of Engineering.      

Xidian University

MR. YU (China Internet Observer): Xidian University, like the University of Electronic Science and Technology of China, and Beijing University of Posts and Telecommunications, is very important to China’s posts and telecommunications circle. However, Xidian University was rooted deep into the early rebelling period of Chinese communists while they established a so-called Soviet Republic in Ruijin, Jiangxi province. Then, it was a radio school—the first engineering technology school created by the CCP military commission. In the following cross-province military escape, it was honored by top CCP officials as the military commission’s “eyes that see objects 1000 miles away” and “ears that learn intelligence just by listening to the wind” (even now the logos of the CCP army can be found in the Xidian badge). It was renamed as the Central Military Commission Radio Telecommunications School, Telecommunications Team of The Third Bureau of Central Military Commission. In 1958, it moved to Xi’an, and was renamed as the PLA Telecommunications Troops’ College. In 1960, it got a new name again: the PLA Military Telecommunication Engineering Institute.          

The PLA Information Engineering University

MR. YU (China Internet Observer): Let’s come to the PLA Information Engineering University. In January 1931, while the Chinese communist rebels occupied Ruijin as an extralegal local government, a radio messaging training class was opened in No.1 Red Army under the Order of Assigning Students to Learn Radio, jointly released by Mao Zedong and Zhu De. This was the origin of the PLA Information Engineering University, which is now under the Training Management Department, Central Military Commission. In 2008, the Chinese regime attempted to install Green Dam-Youth Protecting Software in elementary and middle schools across China to strengthen information blockades in the name of “protecting the youth.” And the Ministry of Information and Industry issued a document requiring that all PCs produced and sold within China, including foreign brands like Dell and Toshiba, be installed with such software beginning in July of 2009. The program met with stout resistance at home and abroad, ending up abortive. Behind the scenes was the Li Zhoucheng-led technical strength of The PLA Information Engineering University. In February 2013, Newsweek released an investigative report into Zhang Changhe, a communist military hacker and teacher from the PLA Information Engineering University. Besides the institutions we mentioned, there’s another ordinary-looking school.

Beijing Electronics Science & Technology Institute

MR. YU (China Internet Observer): This school is little heard of. Its full name, actually, is College of Electronic Science and Technology of the General Office of the CCP Central Committee. Insiders call it “The 13th Bureau of General Office.” It is concerned with passwords, password communications, information security, office automation. And the so-called General Office is an agency responsible for internal CCP affairs in charge of password communications and passwords in the party and political system. It also manages research, production, sales, and uses the country’s commercial passwords.   

MR. YU (China Internet Observer): The above analysis shows the CCP has used all its “original hooligan base” to block the internet and persecute Falun Gong. The Chinese Communist regime has never trusted anything but its “original hooligan base.” Many Chinese think highly of an education in Tsinghua University. In fact, intellectuals, or Zhi Shi Fen Zi in Chinese, have never gained due social status. Never, until the suffix Fen Zi was removed some day. Why? In the Chinese language, workers are not called Gong Ren Fen Zi; farmers are not called Nong Min Fen Zi. Nor are armed policemen called Wu Jing Fen Zi. Then, why are intellectuals singled out to be called Zhi Shi Fen Zi? Why the suffix Fen Zi? A sign of heathens. That’s it. How does the CCP handle heathens in its eyes? I won’t bother to explain here. A look at the CCP history will tell you everything. So, even a graduate from Tsinghua University has no reason to be so self-important. Those Communist loyalists will win the CCP’s favor much more easily than you! If you are like an official serving an ancient dynasty, they are like an emperor’s immediate courtiers. Anyway, intellectuals can be of certain use to the CCP. Let’s turn to those organizations in CAS, which played a role in the GFW.

MR. YU (China Internet Observer): Basically, they are the Institute of Computing Technology, Software Institute, and Institute of High Energy Physics. We see the Institute of Computing Technology is responsible for hardware, and the Software Institute for software, of course. Then what is “Institute of High Energy Physics” responsible for? It is good at grid computing and high-performance computing. By nature, the GFW is committed to surveillance-blocking. Surveillance means watching what is deemed abnormal. Take Falun Gong as an example. The CCP hates the group, also called Falun Dafa, to the bone, swearing to block it completely online. Then how do you block the words, say, Dafa? Since they also appear in Bei Da Fa Xue Yuan or Ren Da Fa Xue Yuan (respectively short for College of Law, Peking University, and College of Law, Renmin University, in English), you can’t block them blindly. An indiscriminate blockade will be mocked “OUT,” though the CCP is almost 90 years old. So you have to extract what is truly related to Falun Gong from a myriad of information. Then, an advanced algorithm will be involved, say, Bayesian algorithm, forecast, semantic analysis. Tremendous computing will be needed in mathematical theoretical algorithms, particularly grid computing and parallel computing. Its hardware is a cluster of Sugon servers produced by the Institute of Computing Technology. Much of its algorithm was grid computing, which was invented by the Institute of High Energy Physics in its study of nuclear weaponry. Now the algorithm was to be used to repress Falun Gong. That’s why the Institute of High Energy Physics joined in, as well as a good number of other universities related to Projects 985 and 211.

NARRATION:  Though distrusted, China’s top R&D agencies were used to help build the GFW. More details coming with Yu Chao.

MS. GAO: The hardware would mainly depend on domestic products. But who would be responsible for R&D, production, and quality control? How should the GFW hardware be deployed? To put it plainly, who constructed China’s an internet prison? Yu Chao has more.

“Who constructed the internet prison?”

MR. YU (China Internet Observer): Now we’ll discuss the issue of equipment briefly because relevant technology is so specialized. Fang Binxing gave the contracts of hardware equipment to three people: Li Guojie, Lu Xicheng, and Chen Zuoning. We already talked about the last two organizations. Like Fang, they were all members of the Chinese Academy of Engineering (CAE). Sugon servers were the hardware for the GFW. Li was chief of the CAE Information Engineering Department, chief of the CAS Institute of Computing Technology, and chairman of Sugon. Fang gave the large machinery contracts required by the State Computer Network and Information Security Management Center to Lu and Chen. Fang was good at dealing with people. He let every participant gain their own interests. They were all happy with him, like CAS, CAE and military agencies. They were not expected to contribute much to the GFW; it was ok as long as they didn’t make additional trouble for him. Anyway, he was not spending his own money. Fang distributed his contracts as below. The main hardware of the GFW went to Sugon and Huawei. Very limited foreign equipment was used, like Cisco. The software was largely independently developed, as I mentioned above, because the GFW is vital to the CCP’s survival, involving ideology, communications, and information security. To quote their own words, “information security should be based on proprietary intellectual property rights.” The operating system and the database had always been the most vulnerable part for the CCP. What should it do? Of course, it distrusted Windows or IBM. Then, based on open-source code, Linux, it developed its so-called Red Flag Linux. Also, it had to use Oracle’s RAC parallel clustering for its database.

NARRATION: People often mention “the Golden Shield Project” and “the Great Firewall.” Is there a difference? Let’s listen to Yu Chao’s opinion.

MS. GAO: The Golden Shield Project is the nation’s infrastructure for Internet security. “Golden Shield,” as its name suggests, mainly serves as a blocking tool and, functionally, sounds quite similar to the GFW. However, the former is more destructive in blocking information flow.

“The difference between the GFW and the Golden Shield”

MR. YU (China Internet Observer): People often hear of the GFW and the Golden Shield Project. Are there any similarities or differences between them? In fact, any kind of project is designed to accomplish certain goals for an individual or an organization. We shall explore the topic from two perspectives: organizational intention and technology concerns. From the angle of intentions, the GFW represents the will of the top CCP, a level of the standing CCP politburo, as we discussed.

MR. YU (China Internet Observer): But the Golden Shield is a business system at the level of the Ministry of Public Security. Functionally or technically, the GFW targets surveillance-blocking. Once an abnormal incident is detected, the link involved will be cut off. Everything centers around this aim. And independently developed or produced equipment is preferred. It started with network building. Its Phase I was to establish an interconnected network, with a great number of Cisco products or solutions, and a database. To build the database, both hardware and software were needed. The former used IBM servers, and the latter, Oracle solutions, which were completed in Phase II of the Golden Shield Project. Afterwards, on the basis of this, were developed application systems. Strictly speaking, the Golden Shield Project is an internal business system within the Ministry of Public Security. Under the ministry are subordinate bureaus, including about 27 numbered ones and about 3 unnumbered ones, which engage in a variety of operations. For example, The First Bureau, whose full name is Domestic Security Bureau, has been mainly responsible for persecuting Falun Gong over the past 18 years, occasionally rights lawyers and dissidents. Another example is the Third Bureau, which is called the Security Administration. It has a wide-ranging authority over specialized sectors, migrating population, tourism and hotels, waste recycling. Why does it manage hotels? It wants to know who stays in any Chinese hotels. Its target may be a foreign journalist, an official attempting escape, or a director of a local public security bureau who stays in a Guizhou hotel with his mistress with false names, and plans to escape China from Yunnan Province. All the information comes from the security administration. Such operational needs point to a corresponding application system to serve all the systems within the administration. For instance, there’s a very important system–the China Crime Information Center (CCIC). If I work in this center, all prisoners or those deserving attention are in this CCIC database. Then, based on demographic database, it also has a facial recognition system. Again, based on the existing database and application systems, they conduct further big data, big intelligence, and data mining, which were focused on while Zhou Yongkang stayed in office. The reason why people are confused with the Golden Shield Project and the GFW is that part of the former involves online surveillance, for which the Eleventh Bureau was responsible, now called the Cyberspace Security Administration. So certain functional overlap occurs between this business and online surveillance. Both of them try to detect online what the CCP dislikes. But they differ in what actions to follow. The GFW will mislead you with a wrong address or cut off your link. However, this cyberspace security administration may send police to arrest you or conduct content-based opinion analysis or take actions. This stresses generating actionable intelligence based on information available; any action you take must not be blind but be intelligence-based. To sum up, the GFW and the Golden Shield Project differ in intentions and levels concerned as well as in technical orientations: one is for surveillance and blocking, the other for business systems based on different business bureaus.    

MS. GAO: The GFW and the Golden Shield Project were both launched when the Chinese Communist regime started the persecution of Falun Gong. It’s hard to estimate how much money the Chinese regime has spent on the two projects. Over the years, luckily, the Falun Gong website www.minghui.org has never been successfully blocked. The Chinese people have tried everything to bypass the GFW for access to truthful information. That’s all for today. Thank’s for watching, and see you next week.

Hot Videos