Tests reveal Line and Kakao disruptions in China mirror the government’s block on Facebook


Line Bangkok Office

One week ago, internet users in China started to report malfunctions on popular foreign services Line, KakaoTalk, Flickr, and OneDrive. The disruptions have yet to subside at the time of writing. Media organizations including Tech in Asia have run their own unscientific tests and found that some users in the mainland cannot access or use these services. GreatFire.org, an anonymous organization that monitors online censorship in China, claimed that that these services have indeed been “blocked” by Chinese authorities.

But today, The Citizen Lab at the Munk School of Global Affairs, (University of Toronto) has released the first transparent, academic-leaning report on Line and KakaoTalk’s accessibility in China.

The result? Definitely blocked in some places, no evidence of blockage in others.

The bulk of report focuses on test results from access points on servers in Hangzhou, China. After conducting these tests, the team concluded that Line and KakaoTalk had been subject to DNS tampering in a manner consistent with other websites banned from the mainland.

“We are confident the blocking we observed is from a central internet authority in China,” Jakub Dalek, researcher at The Citizen Lab, tells Tech in Asia. “The filtering mechanisms we observed do not appear accidental and follow how the Great Firewall typically blocks the Internet.”

Laying down the line

According to the report, nearly all functions on Line – including messaging, access to sticker markets, retrieving contacts lists – are conducted via access through HTTP requests to Naver servers within the domain space line.naver.jp. Simply put, any time you send “hello” to a friend in the chat room, you’re typing in a url with the “line.naver.jp” domain in an invisible address bar.

As part of their testing, The Citizen Lab obtained the URL for a specific, public message sent through Line that contained an image of Pikachu. Requesting the URL through a Canadian server brought up the image properly. But requesting the URL through a Chinese server in Hangzhou led to a bogus IP address.

All other subdomains of line.naver.jp (like dl.stickershop.line.naver.jp), including made up ones (insert.fakesubdomain.line.naver.jp) returned a fake IP address when requested through the Hangzhou-based server. In some cases, The Citizen Lab identified the phony IP addresses as exactly the same phony IP addresses returned in China for facebook.com, which is also blocked in China.

What about KakaoTalk, Flickr, and OneDrive?

KakaoTalk representatives told Tech in Asia that users in China could still chat person-to-person, but other functions remained unusable. Casual observers might find this unusual – how come you can chat in Kakao but not in Line?

The Citizen Lab believes this discrepancy might lie in the different ways each app processes private chat data. Whereas all chat messages on Line constitute data sent through the line.naver.jp domain, chat messages on Kakao pass through its own “custom LOCO communications protocol on a different port (5228) than other account functions.” Functions that request the kakao.com domain name (like adding new friends) return a phony IP address, indicating that authorities have implemented the same DNS tampering on Kakao as they have on Line. But since Kakao’s LOCO servers identify chat data through IP and not domain, person-to-person messaging remains unaffected.

As for Flickr and OneDrive, The Citizen Lab team determined that the domains for both websites had been subject to a similar form of DNS tampering, rendering them inaccessible.

All of these cases – Line, Kakao, OneDrive, and Flickr – are discussed in more depth inside the full report.

Not everyone is stuck

It’s worth highlighting that these results come from tests run on Hangzhou servers only. The Citizen Lab ran similar tests on a server based in Hefei, but found no evidence of disruption.

Unfortunately, the team has no explanation for this discrepancy in results. “It’s a bit of an open question,” says Masashi Crete-Nishihata, research manager at The Citizen Lab.

The inconsistency of the team’s results mirrors that of our own unscientific tests at Tech in Asia. Paul Bischoff, our Beijing-based writer, has been using Line without issue for the past week after installing the latest update from Wandoujia. But another contact in the same city says the outage hasn’t subsided for him on iOS.

Therefore, much like how anecdotal evidence points to an “incomplete” disruption, some Hangzhou Line users might have no trouble signing on, and some Hefei users might be stuck.

“It’s very difficult to make these kinds of assessments on a geographic level,” Dalek tells Tech in Asia. “Given the small sample size that we’re talking about, we can’t really say anything because there are a lot of other dimensions to being on a network – what type of network it is, for example, or how it gets uplink.”

Given China’s tendency to shutter foreign internet services, it seems likely that the outage affects the majority of Line users. But that’s not scientific. How many more Paul’s are out there, really?

“We won’t be able to confidently say that everyone in China or on networks in China will be able to access Line or not,” says Nishihata. “We’re scratching our heads about it too.”

Check out the full report from The Citizen Lab here.

Editing by Terence Lee
(And yes, we're serious about ethics and transparency. More information here.)

Read More