Does IPv6 make censorship efforts like China's big firewall more complicated?

I guess so, but you will want to use SSH, IPsec and whatever technologies that are truly secure to make sure. I have visited China in July and I was so surprised that all of the stuffs written down on Wikipedia are true -- all http traffic are sucked by squid and access controlled (maybe logged). I wonder how big is the squid box.

And what about firewalls and NIDS?

Yes, for those devices it will be very difficult. My take is that we should secure hosts rather than network borders. These days, we have a lot of laptops coming in and out of organization networks, and means to connect to organization internal from outside like IPsec VPN. So virus infection does not come from the outside network, they will be from the internal by virus-infected laptop carried by your boss.

Fragmentation and reassembly in IPv4 has been used to build attacks against TCP/IP stacks and bypass NIDS inspection, how is it going to change with IPv6?

No changes. They are equally difficult for NIDS.

How do you suggest auditing an IPv6 stack?

Not sure about what other OpenBSD project members are using, but for me, the greatest tools are grep(1), awk(1), perl(1) and vi(1). There are certain patterns in vulnerable code, such as the use of sprintf(3) instead of snprintf(3). Also the point to look at is pointer manipulations, structure/union definitions, critical sections such as splx(9) or splnet(9). Also, both from efficiency and security reasons, the cost of operations such as O(n^2) or O(n log n) is important, as more computation cost is equal to more possibility for denial-of-service vulnerabilities. Boundary conditions, such as when variable is 8 bits and the value is either 255 or 0, is also important. There is higher likelihood for overflow (or) underflow.

Open-source or closed-source, well, I have been trying very hard to spend more time on open-source projects so I'm not too sure. The principle should be the same. With closed-source you just have fewer eyes to look for holes, that's all.

Today the world is switching from "knowledge domination" to "knowledge sharing" -- see all activities coming out from blog and YouTube. If you open up some of (or all of) your ideas, more people will get interested and we all can have some very good outcome. In computer industry, BSD, Linux, Apache, Mozilla, and other free software projects have already made it very clear.