- A 500 GB leak reveals that the “large firewall” of China “sold to four countries
- The key dpi kit in hand detects and blocks VPN traffic
- Citizens face stricter online restrictions, some VPNs find it difficult to get around the blocks
A massive violation of data has revealed that China sells the same technology for inspection of deep packets (DPI) which feeds its large firewall with four authoritarian regimes.
The leak of September 11, 2025 comes from Geedge Networks, a company linked to the development of the large Chinese firewall. More than 100,000 documents – and 500 GB of data – which reveal detailed plans of filtering and DPI technology that feeds the China Internet censorship system.
China’s decision marks a strategic transition from interior control to a commercial export model that monetizes censorship. He gives authoritarian governments a ready -to -use game book to eliminate foreign media, apply state accounts and suppress dissent, deeply impacting citizens and their digital freedoms.
Although the best VPN services help fight censorship, they face growing difficulties against increasingly strict restrictions.
A “large firewall in a box”
The Chinese government is sadly famous for using the large firewall to regulate all online activities inside its borders.
The firewall also uses the falsification of the DNS, the IP blocking, the filtering of keywords and the formatting of real-time traffic to create a complete barrier, blocking foreign news sites, social media platforms and any other content deemed politically insensitive, while recording the activity of users for state monitoring.
The great Chinese firewall (GFW) has known today the largest internal document leak in its history. More than 500 GB of source code, working newspapers and internal communications have been exposed, revealing details on the development and operation of the gfw.la the leak is from… Pic.twitter.com/dadddtkz7wSeptember 13, 2025
Geedge Networks, whose chief scientist Fang Binxing has been nicknamed “father of the great firewall”, produces the hardware, firmware and the owner’s secure gateway software that manages the DPI engine.
The MESA laboratory of the Institute of Information Information has brought algorithms that teach the great firewall to the tools used to bypass censorship, such as VPNs and proxy tools.
Trained together, they form a turnkey – a complete product and ready to use – that researchers from the big firewall report describe as a “large firewall in a box”.
Investigators reconstructed the export track by referencing three data sources: cargo manifests, data steps and code annotations.
Citizens are faced with new censorship obstacles while VPNs find it difficult to get around the blocks
The arrival of a large ready-to-employment firewall in countries already known for limited internet freedom changes daily internet life for millions.
Constant surveillance erodes privacy and can put citizens, in particular activists, journalists and whistles, in danger simply to speak freely.
Even the most robust virtual virtual network tools (VPN) are fighting against China’s layers in layers, such as depth learning classifiers that can identify obscuration protocols. The exported DPI engine inspects traffic in real time, recognizes the separate hand handles used by many commercial VPNs, and either speed transmission or blocks the connection.
However, users of affected locations can always bypass restrictions with the best VPNs for China, all of which use advanced VPN obfuscation tactics. Some, like NordVPN and Proton VPN, even introduced personalized stealth protocols to meet this challenge.
It is a classic cat and mouse game. As censorship becomes more sophisticated, VPN developers must continually evolve to stay a head start and help citizens access a free internet.
