The Great Firewall of China (GFW) experienced the largest leak of internal documents in its history on Thursday September 11, 2025. Over 500 GB of source code, work logs, and internal communication records were leaked, revealing details of the GFW’s research, development, and operations.
The leak originated from a core technical force behind the GFW: Geedge Networks (whose chief scientist is Fang Binxing) and the MESA Lab at the Institute of Information Engineering, Chinese Academy of Sciences. The documents show that the company not only provides services to governments in places like Xinjiang, Jiangsu, and Fujian, but also exports censorship and surveillance technology to countries such as Myanmar, Pakistan, Ethiopia, Kazakhstan, and other unidentified country under the “Belt and Road” framework.
Some snippets by u/heinternets
TSG’s capabilities are extensive with surveillance and censorship capabilities through Deep Packet Inspection, the ability to identify and block VPNs and circumvention tools, throttle traffic, monitor, track, label and block individual internet users, and infect users with malware.
The system possesses the capability to maintain a reputation score for each subscriber, which is determined by their online activities and the extent of personal information the system has collected about them. Should a subscriber’s reputation score decline significantly, their internet service may be cut-off and they might be required to undergo photo ID and facial recognition verification to authenticate their identity and improve their score. Furthermore, the system can identify individual subscribers as known VPN users and then later track their Internet usage and categorize any future unknown high bandwidth traffic flows as suspicious. This individualized classification can lead to the identification and blocking of previously unidentified services when an internet user switches to a new VPN provider, potentially exposing this new VPN and implicating not only the identified internet user but also all other users of this service.