On September 11, China’s Great Firewall sprang a great leak, the biggest ever—some 500 gigabytes of code, communications, logs, and other documents. The material includes evidence of the PRC’s export of the Firewall setup to countries like Myanmar, Pakistan, Ethiopia, and Kazakhstan (Tom’s Hardware, September 13, 2025).
The files appear to originate from Geedge Networks, a company that has long been linked to Fang Binxing—widely described as the “father” of the Great Firewall—and from the MESA lab at the Institute of Information Engineering, a research arm of the Chinese Academy of Sciences….
Researchers at the Great Firewall Report, who first verified and indexed the material, say the documents outline the internal architecture of a commercial platform called Tiangou, which is designed for use by ISPs and border gateways. They describe it as a turnkey “Great Firewall in a box,” with initial deployments reportedly built on HP and Dell servers before shifting to Chinese-sourced hardware in response to sanctions.
A leaked deployment sheet reveals that the system was rolled out across 26 data centers in Myanmar, with live dashboards monitoring 81 million simultaneous TCP connections. The system was reportedly operated by Myanmar’s state-run telecoms company and integrated into core Internet exchange points, thereby enabling mass blocking and selective filtering.
Researchers are just starting to investigate the source code. But the sense is that having this kind of access to the code and other information about how the Great Firewall is constructed will help them to “identify protocol-level weaknesses or operational missteps that censorship circumvention tools may exploit.”
Be careful
The fact that the leaked materials are now mirrored by Enlace Hacktivista and others means that anyone can download and inspect the archive. The Great Firewall Report provides links to the Enlace access, instructions on using the files, David Fifield’s notes on media reports and technical writeups, and other resources.
If you want to look at the archive, be cautious. The Report says: “Due to the highly sensitive nature of these leaked materials, we strongly advise anyone who chooses to download and analyze them to take proper operational security precautions.” Accessing the files “in an insecure environment could expose you to surveillance or malware. Please consider analyzing these files only in an isolated (virtual) machine without internet access.”
Let us all beam encouraging thoughts at the researchers and programmers who will be putting the source code under a microscope and working to develop censorship circumvention tools.
