Skip to content Skip to navigation

Glossary of Technical Terms

July 16, 2010

Compiled by HRIC

101 (error 101, HTTP 101): A standard error message indicating that the web browser was unable to communicate with the server.

403 (error 403, HTTP 403): A standard error message indicating that the server will not allow a user to access the resource requested.

404 (error 404, HTTP 404): A standard error message indicating that the web browser was able to communicate with the server, but did not find the file at the specified URL.

Anti-censorship software: Any software which can circumvent filtering or other censorship methods.

Bandwidth: The amount of resources available for the transfer of data in a given time.

Backdoor: A method of bypassing normal authentication or administrative control to remotely access a computer or obtain access to restricted information while avoiding detection by the user. A backdoor may be a self-contained program installed on the targeted computer (usually in the form of a trojan or other malware), or the backdoor may be purposefully written into a useful program by the original developers.

Block page: The page delivered to the user when a site has been filtered or blocked to prevent a user from viewing it. This may be done through a standard error page (e.g. a user could receive an error 101 message), or more details may be given regarding why the site has been blocked from viewing.

Bridge (also network bridge): A device which is used either to create a connection between two networks or to divide one network into two.

Brute-force attack: An attack designed to defeat an encryption mechanism by exhaustively trying all possibly allowable values of encryption keys.

Cache: A temporary storage area for files on a person’s computer which enables the quick and easy retrieval of a file upon a second request (e.g. on a web browser, the storage of large images within cache allows faster access of frequently-visited websites).

Circumvention: Resources or tools (e.g. web proxies) that allow users to bypass internet censorship from filters or blockades.

Content filtering: Examining the contents of data, often for keywords, and blocking transfer of that data when objectionable material is found.

Cryptography: The study and practice of deciphering codes, keys, and other ciphers. The act of converting regular data into a code is known as encryption.

Deep packet inspection: A type of computer network packet filtering that, instead of merely inspecting the header information, examines the content (and possibly the header) of the entire data packet as it passes through, searching for anomalies such as malware. Once a rule is matched, an action is taken on the packet base on the predefined rules, including allowing it to pass, denying it, rerouting it, or logging it.

Dictionary attack: An attack designed to defeat an encryption or authentication mechanism by guessing the password or key by trying all of the entries in a predefined list, known as the dictionary.

DNS: (domain name system) A hierarchical system for naming computers and servers connected to the Internet. The computers can be assigned unique names instead of hard-to-remember numeric IP addresses.

DNS tampering: A method of filtering communications and websites by preventing Internet domain names from resolving to their proper IP addresses. This effectively blocks access to the website.

DoS (denial of service) or DDoS (distributed denial of service) attack: An attempt to prevent users from accessing a computer resource. The most common DoS attack is for an attacker to flood a server with information, overloading the server with requests, and rendering it inaccessible to most users. In a DDoS attack, an attacker co-opts many users’ computers to implement a DoS attack on a server, generally without the users’ knowledge.

Firewall: A program, computer, or device that allows or denies information as it passes through it based on a set of rules defined by the network administrators.

Flash drive (USB drive, thumb drive): A portable data storage device.

HTTP (hypertext transfer protocol): A set of standards for web browsers and web servers to communicate and transmit information such as text, images, sound, and video.

ICP (Internet content provider): An online service provider responsible for creating or providing informational, educational, or entertainment content.

ICT (information and communication technology): Technologies that are designed for allowing users to find, analyze, manipulate, exchange, and communicate information to others.

Interface: What the regular user sees and uses to interact with a program or computer system.

IP address (Internet protocol address): A unique identifying number assigned to a computer or device connected to a network.

Malware (malicious software): A broad term for any software designed to do anything fraudulent on a user’s computer without the user’s consent.

Man-in-the-middle (MitM) attack: An attack in which communications between a client and server are intercepted by an attacker without the knowledge of either party.

News aggregator: A website which collects news from various sources and displays them on one central page.

Phishing: A form of fraud using email or other electronic communications that is designed to obtain personal information. Generally the email or message will appear to be from a trustworthy organization, such as a bank or email administrator, and include a link to a website which appears to be a legitimate website for that organization. The targeted user is expected to provide the sensitive information, whereupon it is sent to the phisher.

Spear phishing: A form of phishing that targets a specific group of individuals.


Intranet portal: A tool for providing unified access and sharing of data, applications, and information in a private computer network.

Web portal: An online service that allows users to access multiple applications and databases such as e-mail, news, stock prices, and entertainment on one unified page or site.

Proxy (also proxy server): A server or a program that acts as a middleman for clients to connect to other servers. A client may choose to connect using a proxy server to hide its identity or origin, or to connect to servers the client itself cannot connect to directly due to firewall or other kinds of blocking.

Public key encryption: An encryption method that uses a pair of asymmetric keys (a “private key” and a “public key”), rather than a single passphrase, to encrypt data. The public key is used for encrypting data and can be freely distributed. The private key is used for decrypting data and must be kept secret.

Rootkit: A software designed to gain administrator (or “root”)-level access to a computer whilst avoiding detection. Rootkits are not necessarily malware, as they are integral to systems monitoring by parents (“netnanny” programs) or corporations. Rootkits are difficult to detect because they modify and integrate themselves into the operating system and can conceal running programs and hide files from the system.

Spyware: A type of malware which obtains information from a user’s computer, such as browsing data or keystrokes, without his consent. Spyware often changes the user’s default homepage or search engine, installs unwanted browser toolbars, or causes unpredictable crashes.

TCP/IP (transmission control protocol/Internet protocol): The core communication standards for the Internet to deliver data. The TCP protocol controls how application programs on the network can use IP to create stable, reliable connections over the network. The IP protocol controls how computers are addressed using IP addresses, and how packets are routed through the network.

Trojan (or Trojan horse): A type of malware hidden in software that seems to have a useful function, but instead behaves maliciously, allowing backdoor access to a user’s computer. They are commonly spread through email attachments. Unlike viruses, trojans are self-contained applications and cannot infect other programs.

URL (uniform resource locator) or web address: A string of characters that specifies where an identified resource is available and the mechanism for retrieving it.

Virus: A type of malware that can replicate itself and infect other computers and programs. Its main aim is to reproduce itself and infect as many systems as it can. It may also function as spyware. A virus may infect another system on the network by attaching itself to shared files on the network or attacking the system directly by exploiting security holes in the operating system.

VoIP (voice over internet protocol): The transmission of voice communications over IP networks (i.e., the Internet).

VPN (virtual private network): A method of creating a private network between two computers or networks by creating a private, encrypted tunnel between the two. It enables computers to communicate securely over the underlying public network.

Weblog (also blog): A type of website consisting of entries, usually displayed in reverse chronological order and separated by tags or categories. Weblogs can range from personal journals to topic-specific news and commentary, or a combination thereof. A person who writes a weblog is known as a blogger. Individual entries are known as entries or posts.

Worm: A type of malware that can replicate itself, usually through the exploitation of an operating system’s security holes, to the point of overloading a user’s system. A worm’s main aim is to reproduce itself and, unlike the similarly self-replicating virus, it cannot attach itself to existing files or programs and generally does not have any other malicious functions.

Error | Human Rights in China 中国人权 | HRIC


The website encountered an unexpected error. Please try again later.