On Wednesday, August 20, 2025, China’s vast internet censorship system, known as the Great Firewall (GFW), exhibited an unusual and disruptive behavior. For a period of approximately 74 minutes, from 00:34 to 01:48 Beijing Time, the GFW effectively severed much of China’s connectivity to the global internet. The disruption, identified by the activist group Great Firewall Report, was caused by the system “unconditionally injecting forged TCP RST+ACK packets” to block all connections on TCP port 443. This is the standard port used for carrying HTTPS traffic, which is essential for secure communication on the web.
This incident was a significant departure from the Great Firewall’s usual methods of censorship, which typically involve targeting specific websites or keywords. By blocking port 443, the GFW created a widespread outage that affected a huge range of services, including access to most websites hosted outside of China. This “unconditional” block meant that traffic was disrupted regardless of the destination, unlike the typical targeted censorship. The impact was not just on casual web browsing but also on operational services used by major companies like Apple and Tesla that rely on port 443 to communicate with servers outside the country.
The reasons behind the outage are not immediately clear. China often intensifies its censorship during politically sensitive events, but there was no obvious event that coincided with this particular disruption. This has led to speculation among experts and observers. The Great Firewall Report noted that the device responsible for the block did not have the “fingerprints” of any known GFW devices. This led them to believe the incident was either caused by a new device being tested or a known device that was misconfigured.
One theory suggests the incident was an intentional test. China’s government may have been gauging its ability to perform a widespread block of this nature, perhaps as a potential “useful capability” for future use. The disruption, while inconvenient, would have provided valuable data on the economic and social fallout of such an action. The fact that the incident was short-lived and seemingly resolved suggests that if it was a test, it was a controlled and deliberate one.
However, a simpler explanation could be a significant technical malfunction. The Great Firewall is a complex and often imperfect system, with a history of glitches and bureaucratic bungling. A misconfiguration on a new or updated piece of equipment could easily have led to the widespread disruption. This theory is supported by the fact that such a broad and indiscriminate block would be economically damaging, a consequence that Beijing would likely want to avoid unless absolutely necessary. The incident highlights the inherent vulnerabilities and risks associated with such a comprehensive and centralized censorship apparatus.
Reference:
