Pages

Saturday, March 31, 2018

PRC Court: Unauthorized Great Firewall Circumvention Services are Illegal Hacking Tools

According to a Henan court, during the summer of 2016, a man named Liu Bingyang started selling a VPN service based on software called "Shadowsocks" to people in China. The court found that Shadowsocks allowed users to "illegally access overseas websites, receive and view illegal videos, and receive and listen to illegal broadcasts." The court did not convict Liu of operating an unlicensed business or illegally operating a telecommunication service. Instead the Court sentenced Liu to three years imprisonment for violating Clause 3 of Article 285 of China's Criminal Law which provides:
Any person who provides programs or instruments used specially for penetrating into or illegally controlling computer information systems, or knowingly provides programs or instruments to another person for committing illegal or criminal acts of penetrating into or illegally controlling computer information systems shall, if the circumstances are serious, be punished in accordance with the provisions of the preceding paragraph.
The Court rejected Liu's defense that the service he provided only circumvented network monitoring programs, and that the services did not actually hack into or take control over any computer or server, and were not able to hack into the security of any computer information services.

The Court's judgement (original available on PRC Court website  here, translated below) made several references to "the monitoring of nation's Internet firewall" and "climbing the wall."


Criminal Judgment in the First Instance Trial of Liu Bingyang

People's Court of Xinye County, Henan Province

Criminal Judgment Document

(2017)Yu 1239 Criminal First No. 556

Public Prosecutorial Agency is the People's Procuratorate of Xinye County

Defendant Liu Bingyang, male, born April 13, 2993 in Xinye County, Henan Province, Han ethnicity, high school education, farmer, residing in Xinye County. Criminally detained by the Xinye County Public Security Bureau on March 30, 2016, and released on bail on April 1 of the same year. Bail was rescinded on October 13, 2017 following a decision by this Court. Currently at home.

Defense attorney Hai Fan of the Henan Sun Xiao Wei Law Firm.

On October 13, 2017 the People's Procuratorate of Xinye County filed an indictment with this Court pursuant to Public Indictment Document (2017) No. 324 charing the defendant Liu Bingyang with committing the crime of providing programs and tools to penetrate into and illegally control computer information systems. This Court accept the case on the same day, and formed a collegiate panel in accordance with the law, and convened public hearings in court. The People's Procuratorate of Xinye County assigned Procutorator Ma Shuhua to appear in court in support of the indictment, and the defendant Liu Bingyang and his defense attorney Hai Fan appeared in court to participate in the proceedings. Hearings have now concluded.

The Xinye County Public Procuratorate charged that during the summer of 2016, defendant Liu Bingyang utilized various websites including Ali Cloud, VULTR, RFCHOST, 50KVM, and SSCLOUD and used Alipay and Paypal to purchase and create proxy servers overseas and sold Great Firewall circumvention services to third parties. Defendant Liu Binyang used his a website of his own construction XX to distribute information about Shadowsocks software and download links, with users making payments to defendant Lin Bingyang through third party platforms such as Wechat and Alipay, Paypal, and UKOI. After users made purchases they could freely access foreign websites and videos. By the time this case was discovered, defendant Liu Bingyang had purchased and created a total of 55 overseas proxy servers, developed a total of 4,091 customers, and illegally obtained profits of 342,635 yuan (based on a conversion of rate of 6.90 yuan to the US dollar and 0.89 yuan to the Hong Kong dollar).

It has been determined that the "Shadowsocks" software and the services which the defendant illegally sold could circumvent the monitoring of our country's Internet firewall, and illegally access overseas websites, receive and view illegal videos, and receive and listen to illegal broadcasts.

The public prosecutorial agency provided evidence to this Court to prove the foregoing facts in the indictment. The public prosecutorial agency believes that defendant Liu Bingyang violated state regulations and provided programs for penetrating into  and illegally controlling computer information systems, that the circumstances are severe, and that his actions constitute the crime of providing programs and tools to penetrating into and illegally controlling computer information systems, and requests that he be punished in accordance with the law.

Defendant Liu Bingyang did not object to the crime charged in the indictment, but offered the defense that the software was downloaded from the Internet, and that all he was providing was a VPN network proxy service, and that the illegal gains included costs, and the purchase costs were 30-40,000 yuan.

Defendant Liu Bingyang's defense attorney maintains that the network service penetration that defendant Liu Bingyang provided was with respect to network monitoring programs, and that he did not intrude into or take control over any computer or server and was not able to penetrate into the security of computer information services, so his actions did not constitute the crime of providing programs and tools for penetrating and illegally controlling computer information systems. Further he actively cooperated with agencies in this case and exposed other criminals.

Based on hearings and investigations it has been ascertained that during the summer of 2016, defendant Liu Bingyang utilized various websites including Ali Cloud, VULTR, RFCHOST, 50KVM, and SSCLOUD and used Alipay and Paypal to purchase and create proxy servers overseas and sold Great Firewall circumvention [lit. "wall climbing"] services to third parties. Defendant Liu Binyang used his a website of his own construction XX to distribute information about shadowsocks software and download links, with users making payments to defendant Lin Bingyang through third party platforms such as Wechat and Alipay, paypal, and UKOI. After users made purchases they could freely access foreign websites and videos. By the time this case was discovered, defendant Liu Bingyang had purchased and created a total of 55 overseas proxy servers, developed a total of 4,091 customers, and illegally obtained profits of 342,635 yuan (based on a conversion of rate of 6.90 yuan to the US dollar and 0.89 yuan to the Hong Kong dollar).

It has been determined that the "Shadowsocks" software and services which the defendant illegally sold could circumvent the monitoring of our nation's Internet firewall, and illegally access overseas websites, receive and view illegal videos, and receive and listen to illegal broadcasts.

It has been further determined that on April 1, 2017, defendant Liu Bingyang handed over 230,000 yuan in illegal gains to the public security bureau, and on November 6, 2017 defendant Liu Bingyang handed over 70,000 yuan in illegal gains to the public security bureau.

Neither defendant Liu Bingyang nor his defense attorney Hai Fan contested any of the foregoing facts during the court hearing process, and the veracity of said facts are sufficiently confirmed by evidence such as defendant Liu Bingyang's deposition, the testimony of witnesses Jin Xin, Li Mou 1, Wang Mou 1, Wang Mou 2, Li Mou 2, Gao Mou, Gu Mou, Wang Mou, Zhang Mou, Liu Mou, Wang Mou 3, Tian Mou, and others, a review of bank card customer transactions, a review of Alipay Zhifubao, cell phones, laptop computers, Alipay Zhifubao receipts, lists of seized and returned items, as well as in-court appearances and proofs of residency.

This Court finds that defendant Liu Bingyang violated state rules and provided programs for the intrusion and illegal control of computer information systems, that the circumstance are severe, and that his behavior constitutes the crime of providing programs and tools for the intrusion into and illegal control of computer information services, and shall be punished in accordance with the law.

An examination of the defenses proffered by defendant Liu Bingyang and his defense attorney shows that the services provided by defendant Liu Bingyang had not been authorized by the relevant government agencies, avoided or penetrated computer system security defense measures, circumvented the monitoring of our country's Internet firewall, illegally accessed overseas websites, viewed illegal videos, and listened to illegal broadcasts. This Court therefore does not accept the defense proffered by defendant Liu Bingyang and his defense attorney that the defendant's actions did not constitute the crime of providing programs and tools for the intrusion into and illegal control of computer information services.

There is documentation showing that defendant Liu Bingyang wrote exculpatory materials after answering the summons, but no government agency has any proof, and there is no evidence proving, the defense attorney's contention that the defendant has helped expose the crimes of other criminals. This court therefore does not accept it.

After answering the summons defendant Lin Bingyang was candid about his criminal activity, and proactively handed over his illegal gains, in court his attitude in admitting guild was relatively good, and these factors have all been taken into consideration during sentencing. 

In order to strike at crime and safeguard the security of computer information systems, in accordance with the provisions of Articles 285(3), 67(3), 72(1)(3), 73(2)(3), 52, 53, and 64 of the Criminal Law of the People's Republic of China, it is the judgment of this Court that:

1. Defendant Liu Bingyang provided  programs and tools for the intrusion into and illegal control of computer information services, and is sentenced to three years imprisonment, suspended for five years, and fined 10,000 yuan. (Suspended sentence probation period to commence from the day this judgment is confirmed. Fine to be paid within three days after this judgment becomes effective.)

2. Illegal gains of 300,000 yuan to be confiscated and turned over to the state treasury.

If he does not accept this judgment he may submit an appeal to this court or directly to the Nanyang Intermediate People's Court within 10 days after the day after receiving this judgment. Written appeals should be submitted with one original and five copies.

Presiding Judge: Lu Qingwei
Judge: Zhao Qin
People's Assessor: Bao Hanju

November 9, 2017

Clerk: Liu Haizhou

刘冰洋一审刑事判决书
  
河南省新野县人民法院

刑 事 判 决 书

(2017)豫1329刑初556号

公诉机关新野县人民检察院。
被告人刘冰洋,男,1993年4月13日出生于河南省新野县,汉族,高中文化,农民,住新野县。因涉嫌犯非法经营罪于2016年3月30日被新野县公安局刑事拘留,同年4月1日转取保候审。经本院决定于2017年10月13日被取保候审。现在家。

辩护人海凡,河南孙晓伟律师事务所律师。

新野县人民检察院被以新检公诉刑诉(2017)324号起诉书指控被告人刘冰洋犯提供侵入、非法控制计算机信息系统程序、工具罪,于2017年10月13日向本院提起公诉。本院于同日立案,并依法组成合议庭,公开开庭审理了本案。新野县人民检察院指派检察员马书华出庭支持公诉,被告人刘冰洋及其辩护人海凡均到庭参加诉讼。现已审理终结。

新野县人民检察院指控,2016年夏,被告人刘冰洋通过互联网在阿里云、VULTR、RFCHOST、50KVM、SSCLOUD等网站,用支付宝和PAYPAL购买并搭建境外代理服务器向他人售卖翻墙代理服务。被告人刘冰洋利用自己建设的网站××发布shadowsocks软件信息及下载链接,用户购买时通过微信和支付宝、paypal、UKOI第三方平台向被告人刘冰洋付款,用户购买后可以自由查看境外网站和视频。截至案发,被告人刘冰洋共购买、搭建境外代理服务器55个,发展客户共计4091个,非法获利342635元(其中,美元汇率按6.90元、港币汇率按0.89元折算)。

经认定,被告人非法出售的“Shadowsocks”软件及服务,可以绕开我国互联网防火墙的监管,非法访问境外互联网站,收看非法电视、收听非法广播。

对指控的以上事实,公诉机关向本院提交了相应的证据予以证实。
公诉机关认为,被告人刘冰洋违反国家规定,提供侵入、非法控制计算机信息系统的程序,情节特别严重,其行为已构成提供侵入、非法控制计算机信息系统程序、工具罪,提请依法惩处。

被告人刘冰洋对起诉书指控的罪名均无异议,辩称软件是网上下载的,自己仅提供VPN网络代理服务,非法获利的数额还有成本在内,购买成本约三、四万元。

被告人刘冰洋的辩护人辩护认为,被告人刘冰洋提供的网络服务侵犯的是网络监管秩序,没有侵入或控制任何一台计算机及服务器,不能侵犯计算机信息系统的安全,其行为不构成提供侵入、非法控制计算机信息系统程序、工具罪;另外其积极配合办案机关,揭发其他犯罪分子。

经审理查明,2016年夏,被告人刘冰洋通过互联网在阿里云、VULTR、RFCHOST、50KVM、SSCLOUD等网站,用支付宝和PAYPAL购买并搭建境外代理服务器向他人售卖翻墙代理服务。被告人刘冰洋利用自己建设的网站××发布shadowsocks软件信息及下载链接,用户购买时通过微信和支付宝、paypal、UKOI第三方平台向被告人刘冰洋付款,用户购买后可以自由查看境外网站和视频。截至案发,被告人刘冰洋共购买、搭建境外代理服务器55个,发展客户共计4091个,非法获利30余万元(其中,美元汇率按6.90元、港币汇率按0.89元折算)。

经认定,被告人非法出售的“Shadowsocks”软件及服务,可以绕开我国互联网防火墙的监管,非法访问境外互联网站,收看非法电视、收听非法广播。

另查明,2017年4月1日,被告人刘冰洋向公安机关缴纳非法所得230000元,2017年11月6日被告人刘冰洋缴纳非法所得70000元。

上述事实,被告人刘冰洋及其辩护人海凡在开庭审理过程中均无异议,并有被告人刘冰洋的供述,证人金鑫、李某1、王某1、王某2、李某2、高某、贾某、汪某、张某、刘某、王某3、田某同等人的证言,银行卡客户交易查询、支付宝查询、手机、笔记本、支付宝截图、扣押、发还清单、到案经过及户籍证明等证据予以证实,足以认定。

本院认为,被告人刘冰洋违反国家规定,提供侵入、非法控制计算机信息系统的程序,情节特别严重,其行为已构成提供侵入、非法控制计算机信息系统程序、工具罪,依法应当受到惩罚。新野县人民检察院的指控成立,依法予以支持。被告人刘冰洋的辩护人的辩护意见,经查,被告人刘冰洋提供的服务,未经相关部门授权,具有避开或者突破计算机信息系统安全保护措施,绕开我国互联网防火墙的监管,非法访问境外互联网站,收看非法电视、收听非法广播,故对被告人刘冰洋辩护人辩护认为被告人行为不构成提供侵入、非法控制计算机信息系统程序、工具罪的辩护意见依法不予采信;在卷显示被告人刘冰洋到案后书写了揭发材料,但任何机关均未出具任何证明,无证据证实,故对辩护人认为被告人具有揭发其他犯罪分子的辩护意见依法不予采信。被告人刘冰洋到案后坦白犯罪事实,积极退缴违法所得,庭审中认罪态度较好,在量刑时均酌情予以考虑。为了打击犯罪,维护计算机信息系统的安全,依照《中华人民共和国刑法》第二百八十五条第三款、第六十七条第三款、第七十二条第一、三款、第七十三条二、三款、第五十二条、第五十三条、第六十四条之规定,判决如下:

一、被告人刘冰洋犯提供侵入、非法控制计算机信息系统程序、工具罪,判处有期徒刑三年,缓刑五年,并处罚金100000元。
(缓刑考验期自判决确定之日起计算。罚金限判决生效后三日内缴清。)

二、违法所得30万元予以没收,由收缴单位上缴国库。
如不服本判决,可在接到判决书的第二日起十日内,通过本院或直接向河南省南阳市中级人民法院提出上诉。书面上诉的,应当提交上诉状正本一份,副本五份。

审 判 长  芦清伟
审 判 员  赵 钦
人民陪审员  鲍汉举

二〇一七年十一月九日

书 记 员  刘海洲

Related Provisions from the Criminal Law of the People's Republic of China

Article 285.   Whoever violates state regulations and penetrate into computer systems with information concerning state affairs, construction of defense facilities, and sophisticated science and technology is be sentenced to not more than three years of fixed-term imprisonment or criminal detention.

Any person who, in violation of State regulations, penetrates into computer information systems other than the systems prescribed in the preceding paragraph, or uses other technological means to obtain data stored in, or processed or transmitted by that computer information system, or conducts illegal control of that computer information system shall, if the circumstances are serious, be sentenced to a fixed term of imprisonment of not more than three years or criminal detention and be concurrently imposed with a fine, or shall be imposed with a fine alone; if the circumstances are especially serious, such person shall be sentenced to a fixed term of imprisonment of not less than three years but not more than seven years and be concurrently imposed with a fine.

Any person who provides programs or instruments used specially for penetrating into or illegally controlling computer information systems, or knowingly provides programs or instruments to another person for committing illegal or criminal acts of intruding into or illegally controlling computer information systems shall, if the circumstances are serious, be punished in accordance with the provisions of the preceding paragraph.

Article 286.   Whoever violates states regulations and deletes, alters, adds, and interferes in computer information systems, causing abnormal operations of the systems and grave consequences, is to be sentenced to not more than five years of fixed-term imprisonment or criminal detention; when the consequences are particularly serious, the sentence is to be not less than five years of fixed-term imprisonment.

Whoever violates state regulations and deletes, alters, or adds the data or application programs installed in or processed and transmitted by the computer systems, and causes grave consequences, is to be punished according to the preceding paragraph.

Whoever deliberately creates and propagates computer virus and other programs which sabotage the normal operation of the computer system and cause grave consequences is to be punished according to the first paragraph.

第二百八十五条 【非法侵入计算机信息系统罪;非法获取计算机信息系统数据、非法控制计算机信息系统罪;提供侵入、非法控制计算机信息系统程序、工具罪】违反国家规定,侵入国家事务、国防建设、尖端科学技术领域的计算机信息系统的,处三年以下有期徒刑或者拘役。

违反国家规定,侵入前款规定以外的计算机信息系统或者采用其他技术手段,获取该计算机信息系统中存储、处理或者传输的数据,或者对该计算机信息系统实施非法控制,情节严重的,处三年以下有期徒刑或者拘役,并处或者单处罚金;情节特别严重的,处三年以上七年以下有期徒刑,并处罚金。
  
提供专门用于侵入、非法控制计算机信息系统的程序、工具,或者明知他人实施侵入、非法控制计算机信息系统的违法犯罪行为而为其提供程序、工具,情节严重的,依照前款的规定处罚。

第二百八十六条 【破坏计算机信息系统罪】违反国家规定,对计算机信息系统功能进行删除、修改、增加、干扰,造成计算机信息系统不能正常运行,后果严重的,处五年以下有期徒刑或者拘役;后果特别严重的,处五年以上有期徒刑。

违反国家规定,对计算机信息系统中存储、处理或者传输的数据和应用程序进行删除、修改、增加的操作,后果严重的,依照前款的规定处罚。
  
故意制作、传播计算机病毒等破坏性程序,影响计算机系统正常运行,后果严重的,依照第一款的规定处罚。