[dis-sys]

That is not true. It is a well know fact that the Great Fire wall does deep packet inspection since early 2000s, e.g. when google was still available in China, your connection got stopped for a few minutes every time when you search for some undesirable keywords.

[nie]

I'm afraid your follow-up is even more inaccurate.

We developed shadowsocks for the exact purpose of battling machine learned DPI head on.

The real challenge is the (poor) quality of the networks and the topology of censorship body all around China. The Blackbox nature of such state system made each improvement feel like experiment at best, simulated annealing at worst.

[dis-sys]

The claims I was referring to are highly inaccurate:

1. shadowsocks is a good example that certain vpn/proxy can survive after becoming popular. 2. GFW blocks sites/pages/connections based on content, it has been doing this for more than a decade. whether shadowsocks can fool GFW or not doesn't change the nature of GFW.

[thyrix]

I don't know how GFW work exactly, but I think it's not blocking based on content, which means to check every page. What China gov want to do is just prevent those naive people from being deceived by some vicious foreigners, and they don't really care about normal college students or programmers(we don't care about politics too). Indeed, en.wikipedia is unblocked at all, and we can get all academic resource(including history, most universities bought them). So if you know English, you can get everything about, e.g., 64 event. Even the gov is more anxious about contemporary politics, clever guys can get some information by just refer a politician as "big tiger".

So, 1. Chinese gov don't care about those who just want to paste a photo on twitter, they blocked website such as twitter because it's known by even some Chinese farmers or workers. They are supposed to be susceptible, which means, danger.

2. It is said that China will block by whitelist instead of blacklist(maybe like North Korea), but they didn't do that.

3. Usually, someone who can buy and setup a server for himself is clever enough to distinguish between lie by terrorists and the truth.

[thyrix]

There is block based on content now, but not by check package by gov themselves(is it possible?). Search engine in China must follow the instructions by gov to block some content, which is the reason that google exit China. What I've learned told me if you have encrypted, it's impossible to get what you sent without a key. If it's possible, clearly it's in use in CIA too, not just GFW.