The chinese government imposes controls on citizens that I've never thought possible. Thus they have completely surprised me with the notion that the Chinese state might centrally control every computer in China. Their Green Dam firewall software obviously has social control purposes but I did not make the step Schneier makes in this article of assuming military purposes as well.
There are difficulties in defending against a botnet of this type, even though you might think it would be simple to block all Chinese traffic. There are many properties the Chinese government can buy all over the world to act as redirectors for Chinese internet traffic. If the time came to coordinate attacks against foreign computer services, there would be no one internet road to blockade. It would be impossible for, for example, Amazon, to determine if the packet arriving from New Jersey via Scotland originated in Scotland or is a proxy for a request made in China. If they can't filter out the overload they will essentially go offline.
I can imagine an argument for implausibility: "oh that won't happen", another argument for over-complexity: "they'll never pull that off, it's too hard", or an argument akin to 9/11 saying: "oh sure, it will work once but thereafter no one will connect to China", but in truth, I can see flaws in each of these.
One thing is for sure. Even if you could shut China "off" so to speak so that they can only communicate with Chinese internet properties, if you came to depend on them for anything, you'd lose access to that too.
I want to believe they'll have to behave equitably to participate in the internet world community, but as their power grows, perhaps we'll see a foreign influence imposed on much of the internet backed by the power of their botnet.
