In the last week I came across a most interesting cross fertilization of American ingenuity and capitalism that took advantage of the situation in China.
A rather large global anonymization service - claiming subscribers in the millions - and owned and operated in the United States - was exclusively using hosting services in China.
What I found was that this United States based company was routing all their anonymized traffic through Chinese IPs. And let us be clear - this was not merely one little IP range that they were using.
Instead, this United States based anonymiser company was routing all of their paid subscriber's Internet traffic through a full range of IPs that were assigned to China. They had blocks of random IPs that appear to be a deliberate attempt to disperse as widely as possible throughout the IP ranges that are assigned and traceable to China.
Originally, this first came to my attention when I noticed a significant amount of malicious traffic coming at my web sites from China. On closer investigation I located the US based service that all this traffic had in common. That made it possible to start following the trail to all the Chinese IPs that they were using to route their subscriber's traffic. I was amazed by the diversity of IP ranges that they were using - but they all were within China.
It struck me as a bit odd that all the IPs traced back to hosted servers in China. Why not Russia, Thailand, Korea, Vietnam... why not share the wealth of this obviously successful enterprise ? Why exclusively Chinese IPs ? I will make a giant leap for the purposes of speculation, but I have to assume the princiiples involve in this company must be quite capable in written and spoken Chinese due to their extensive and exclusive use of a great number of Chinese based web hosting companies... But I digressed and went off on a tanget... so back to our tale...
I could explain the flaw in their system that makes their 'anonymous' service so easy to identify and block - but I have no desire to help them find a way to circumvent their flaw.
So... isn't that beautiful ? These million's of paid subscribers to this 'anonymizer' service are all showing up in web server logs as originating from China - when in fact that user might be in Russia, Spain or even the neighbor who lives down the street from you.
BUT what IP or country is going to get the blame for any malicious tricks or antics done by the subscribers to this anonymizer service ? Yup... China will get the blame - since that is where the anonymiser's trail leads you to. And from a review of our logs, it appears that this 'anonymiser' company doesn't appear to care about the type or volume of traffic that their subscribers pump through their service.
As I was formulating in my mind a way to explain this interesting revelation it struck me that people using this 'anonymiser' service probably have no idea that their Internet surfing was being routed through China exclusively.
And that raised a bit of a security flag in my mind. We all know that China routinely monitors all Internet traffic travelling through their country. And so that leads us to wonder if Johnny US Citizen has any idea that his 'supposedly' anonymous traffic is being routinely examined and monitored by the Chinese government ?
It's all kind of funny in a way when you carefully look at what I stumbled on...
a ) an American - for profit - anonymous surfing company is routing all their 'anonymous' subscribers through China
b ) Chinese IPs are taking the blame for any malicious antics carried out by any of the claimed 'millions of subscribers' using this this anonymiser service.
c ) Global surfers trying to 'be anonymous' are having their Internet surfing and messaging being under the microscope of the Chinese government authorities. Gee I hope they aren't trying to be anonymous while posting messages about some internal corporate secrets. They might as well have sent their message directly to the Chinese spy agency.
All in all... it was a rather interesting discovery that, up until now, I have not heard anyone mention or even be slightly aware of.
In a way, I have to give a tip of the hat to the clever US based capitalist behind this venture.
They appear to be raking in significant dollars from their subscribers while they are incurring wrath against the Chinese IPs or Chinese hosting companies that they have engaged in this venture.
But it does leave me wondering if the anonymiser company are also knowingly piping user traffic through China so that it can be monitored by the Chinese government authorities. Maybe that is where the seed money came from to start this rather large anonymiser company ? ?
I wonder how many months or years it will take before the 'experts' start sharing their revelations about this anomaly of an anonymiser service and its exclusive use of IPs assigned to China ?