A new web technology being championed by China is allowing a short-term gap in its so-called “Great Firewall,” which blocks Chinese Internet users from sites blacklisted by the government in Beijing. Experts say how the gap is closed could have ramifications for the entire world.
The gap exists because of IPv6, the next generation of Internet protocol designed to replace IPv4. The change is needed because the old system is about to run out of IP addresses, the combination of numbers that identify your computer over the Internet. IPv6 will offer a nearly infinite number of IP addresses.
The lack of new IPv4 addresses is being felt most acutely in China, which was allotted a relatively small share of IPv4 addresses when they were doled out in the 1980s. At the time, some four billion IP addresses seemed like enough for the entire world. But with the proliferation of networkable devices, IP addresses are becoming a scarce commodity.
Exactly when IPv4 addresses will become exhausted is debatable, but it’s likely to happen sometime in the next few years, according to the Internet Corporation for Assigned Names and Numbers (ICANN), which is responsible for managing IP address around the globe.
To answer the shortage, China has been a leader in rolling out IPv6. But it’s only available to a small slice of the population, mainly in the big cities and around large universities. At least some of these users seem to be able to surf without blocking or filtering.
“We have been testing IPv6 connectivity to China for the past year, and so far, it seems like the Chinese government is not paying attention to it at all,” said Andrew Lewman, the executive director of the TOR Project, an open network that helps people protect their identity online.
Lewman’s observation seems to be borne out on the ground in China, at least anecdotally.
“Many people (including me) are using IPv6 related tricks,” e-mailed one Chinese Web surfer and engineer, who wished to remain anonymous.
“Yes, I have used IPv6 to go around the firewall,” user “Dxing” told VOA on Google +. “For now, the firewall cannot deal with IPv6,” said user “Brain,” a student in Heifei on Google +.
China has more Internet users than any other country, with more than 450 million surfers, 66 percent of whom access the Internet using cell phones.
“For China to be fully on the Internet, in its full glory moving into the 21st century, it needs more phone numbers, or essentially more Internet addresses,” said David Gewirtz, an Internet expert at the U.S. Strategic Perspectives Institute.
Lewman said the number of people using IPv6 is probably in the “tens of thousands,” but he expects China to start paying attention as soon as those numbers reach a critical mass.
Another reason there’s no IPv6 firewall is the hardware is not plentiful.
“There are just not enough vendors selling the equipment to use on an IPv6 Great Firewall,” Lewman said. “Basically [the Chinese government] just has to say to vendors that there are billions of dollars to be made here.”
Once this happens, things could get very interesting.
Hal Roberts, a fellow at the Berkman Center for Internet & Society at Harvard University and an expert on Internet filtering circumvention and Internet surveillance, said IPv6 could present a double-edged sword.
On one hand, the creation of a nearly infinite number of new IP addresses could be a boon to anonymity, which largely relies on the ability of an anonymous surfer to quickly change IP addresses on the fly to avoid detection.
On the other hand, Roberts said there’s a movement, pushed largely by U.S. law enforcement agencies and the Recording Industry Association of America to build a strong association between hardware and IP addresses.
In other words, since there would be so many IPv6 addresses, it would be possible to hardwire every computer, cell phone or any other type of hardware that connects to the Internet with an IP address, making anonymity virtually impossible.
“That’s a debate that’s still happening,” said Roberts. “We don’t know which way that will go.”
Roberts added that the hardwired route could have implications far beyond China.
“It’s more likely that this would be a policy that the whole world would share. That’s the bigger risk in my mind. The bigger threat is that industry and law enforcement folks are going to convince the U.S. and everyone else that this is the best way for the Internet to be run.”