On the Chinese internet, a river crab isn’t just a crustacean. It’s code. River crab are Internet slang terms created by Chinese netizens in reference to the Internet censorship, or other kinds of censorship in mainland China. They need to do this because the Great Firewall of China censors and regulates everything that is posted online.
But increasingly, people are finding their way around this censorship; and it’s not just with river crabs.
A Wall with Teeth
The Great Firewall, or GFW, is more than a metaphor. It is a sprawling, ever-adapting surveillance and censorship system that monitors, filters, and blocks information flowing into and out of China’s internet. As the digital extension of the Chinese Communist Party’s (CCP) ideology, it is a cyber border wall built not of stone, but of DNS filters, deep packet inspections, and forged TCP resets.
The system’s stated purpose is “to safeguard national interests and maintain social stability,” including preventing access to content deemed threatening to the CCP’s authority—anything that might “undermine national unification,” “distort truth,” or incite dissent. If that sounds broad or vague, well, that’s the point. It gives authorities a hand in tackling everything they want to.
Most Chinese citizens cannot access Google, Twitter, YouTube or Facebook. Outlets like The New York Times are also banned. The rest of the world, in turn, often struggles to hear from voices inside China.
The firewall’s sophistication has increased dramatically since Xi Jinping rose to power. Under his leadership, censorship expanded beyond politics into discussions of history, economics, and even foreign affairs.
The system uses multiple layers of control:
- DNS Poisoning: The system intercepts domain name queries and returns false addresses, making blocked sites appear broken or nonexistent.
- IP Black-holing: Entire ranges of IP addresses are cut off from access.
- Deep Packet Inspection (DPI): Internet traffic is examined in real time, scanning for forbidden keywords or patterns associated with circumvention tools.
- TCP Reset Attacks: Connections to undesirable services are forcibly terminated by injecting false reset signals into the data stream.
- TLS Interception: Using Chinese certificate authorities, authorities can conduct man-in-the-middle attacks to decrypt secure communications.
The no wall is perfect, and this one isn’t either.
Back Doors and Tunnels
The intensity of this control has sparked an equally intense pushback. The more they build walls, the more tunnels start to appear. Those tunnels are VPNs.
Virtual Private Networks (VPNs) remain among the most common tools. They encrypt and reroute internet traffic through foreign servers, disguising a user’s location and enabling access to blocked content. But China has grown adept at detecting and throttling even encrypted traffic. In response, developers have built more advanced tools which mask traffic to resemble ordinary HTTPS connections.
But this has triggered a fierce arms race.
For a few years, VPNs seem to come out on top.
The firewall’s latest adaptation is chilling. Since late 2021, it has demonstrated the ability to passively identify and block fully encrypted proxies—without even sending active probes—by analyzing subtle statistical features like traffic entropy and ASCII patterns. In other words, even when data is scrambled, the system senses what feels off.
Tor, the anonymity network, has also come under siege. Public relays are blocked. Bridges, the hidden entry points, are constantly scanned and blacklisted. The developers respond by using ephemeral “snowflake” proxies or disguising traffic as Microsoft Azure connections. But for Chinese users, simply getting a Tor bridge address can be a risky proposition.
Some VPNs are still used with some success in China, but authorities are also having some success. For the most determined users, new strategies are emerging: TLS record fragmentation, which breaks encrypted messages into smaller pieces to confuse censors; peer-to-peer networks; and even steganographic techniques that embed forbidden messages inside innocuous-looking content. But these methods often require high technical literacy. The most effective tools are rarely the most user-friendly, your run-of-the-mill free VPN for Windows might not get the job done.
Cultural resistance
Yet not all resistance is technological. Many users fight censorship with culture.
“River crab” (河蟹, héxiè) became a euphemism for censorship—a pun on “harmony” (和谐, héxié), a Party slogan. “Grass-mud horse” (草泥马, cǎo ní mǎ) sounds suspiciously like an expletive and became a viral mascot of defiance. Logograms are subtly altered, phrases twisted into satire. One phrase for using VPNs? “Surfing the internet scientifically”.
These tricks are more than jokes. They are a folk cryptography, a way of encoding dissent in language and imagery. And they evolve constantly. What is understood today may become meaningless tomorrow as censors catch up and the lexicon shifts.
But this is very dangerous for users. China enforces its digital control through law as well as technology.
Even abroad, Chinese critics are not safe. Qiao Xinxin, founder of the BanGFW Movement, was allegedly detained in Laos and reappeared in Chinese custody. Other exiled dissidents report threats, interrogations of family members, or being “invited to tea”—a euphemism for state interrogation.
These pressures create a chilling effect. The boundaries of acceptable speech are ambiguous by design, causing many to self-censor out of caution. The fear is internalized one user told researchers. “You don’t know where the red line is until you cross it.”
The wall doesn’t look likely to fall anytime soon
The Great Firewall is not impenetrable. But it is deeply entrenched, meticulously maintained, and brutally enforced. Every new blockade spawns new tunnels; every new tactic spawns a counter-tactic. This is not a wall built once—it is rebuilt constantly, on both sides; and it’s been changing the internet landscape in China for over a decade.
And for millions of Chinese citizens, journalists, researchers, and developers, the cost of this invisible war is measured not just in bandwidth, but in freedom.
