Is the great firewall of Thailand in place?

[reduxionist]

Seem to recall that all International traffic is routed through a CAT server!

Traceroute confirms that!

Maybe I'm wrong!

Happy to report that you're right about being wrong. Although traceroute shows you that your traffic is going through CAT to get out to the world, that's just an artefact of your current ISP's network, it's not true for all Thai traffic. There are 10 international gateway providers in Thailand, and CAT only operates one of those (albeit the largest).

We have a total of six different upstream providers to our office branches, and only two go through CAT to get international.

We also co-locate servers at 13 different hosting facilities in Bangkok, of these 5 prefer go through CAT (i.e. that's their default route) but all have the ability to use alternate international routing if required.

Single gateway is scary but unlikely (has been defeated in the past, would be very bad for business and international investment) and even if implemented there are (expensive) workarounds to avoid it.

[hawker9000]

The government was building the firewall using state-owned CAT.

But all internet traffic has not been required to be routed through it as yet; just CAT users I suspect.

When CAT starts expanding its storage capacity fivefold or more beyond its current needs, that may signal the government's readiness to move all internet traffic through the Wall.

Once the gateway firewall is required, VPN will not circumvent the wall. Likely the government will then require registration of VPN users including user ID and password so that it can check content. You'll be told that you can trust the government to keep your personal and corporate information safe.

That's not to say a hypothetical Wall can't be jumped. Requires a smart phone. Plenty of discussions on the internet for that process.

'Not really how encrypted tunnels work. Having your username & password might allow them to start up a VPN session/bring up a tunnel in your name, but not sniff a session in progress. That's done with a key exchange which would take more than just having your username and password to invade. Admittedly though, VPN protocols are not all created equally in terms of confidentiality and the means & robustness of its implementation. Bottom line though, I don't think the claim this is going to happen is an informed one. Even if it were somehow achievable, it would be terminally disruptive.

I have seen backdoors in code for a VPN client/server. Supply username, password the key exchange was transparent and would suffice for logging traffic.

Not really relevant since we're talking about the possible implementation of an automated Thai national gateway, not a Chinese hacker attack lab.

[SpaceKadet]

There have been definitive routing problems faced by what seems to be all ISP's here. Really funny... I have sometimes problem accessing Thai websites, but TPB is very responsive. Sometimes Google mail barfs, sometimes it works. All since 2-3 weeks. There are many other anomalies. Difficult to PD, and I'm not really that interested.

One thing I am sure, there is no great firewall of Thailand in place. If there was, you would know. For sure....