New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Bad news for people from China
Just came across this article, China wants to "block" VPN's
HONG KONG — China appears to have reinforced its Internet firewall in recent days, blocking some of the leading services that allow people on the mainland to access forbidden sites like Twitter, Facebook and YouTube. International business transactions also are being affected, Internet analysts said. The Chinese-language edition of The New York Times remains 100 percent blocked. At least three foreign companies — Astrill, WiTopia and StrongVPN — have apologized to customers whose virtual private networks, or VPNs, have been slowed or disabled. VPNs are used to circumvent the Communist government’s firewall. The companies, meanwhile, were suggesting some work-arounds. The daily newspaper Global Times, affiliated with the Communist Party, acknowledged the firewall had been “upgraded,” but it also warned that foreign providers of VPN services were operating illegally. China blocks online searches of politically sensitive terms, smothers embarrassing news events, blocks online messages from dissidents and simply deletes any microblog posts that it dislikes. The firewall also blocks countless Web sites that are openly available to users elsewhere around the world — from pornography sites and commercial come-ons to news reporting, political activism and religious proselytizing. Users on the mainland thus have to use VPNs to reach the banned sites. Liu Xiao Ming, the Chinese ambassador to Britain, told the BBC on Friday that there was “a misconception about the Internet and development in China.” “In fact, the Chinese are very much open in terms of the Internet,” he said, quoted in an article in The South China Morning Post. “In fact, we have the most number of Internet users in China today.” An estimated 600 million Chinese have access to the Internet. Foreign businesses also use VPNs not only to safeguard their transactions but also to keep government censors and rival companies from seeing their corporate communications. Global Times quoted an anonymous executive at a foreign technology company operating in China who said the lack of a VPN would damage the firm’s operations. Josh Ong, China editor of the tech monitoring site The Next Web, said in an interview with the Voice of America that international companies were reporting disruptions in their corporate VPN services. “A lot of companies have a general policy that they must use their own proxy network in order to transfer data, especially into and out of China,” Mr. Ong said. “So you are looking at banks or e-commerce companies, anyone who is transferring very sensitive information, a lot of them use corporate VPNs.” Mr. Ong suggested that the tightening of the firewall could be tied to the recent leadership change in the Chinese Communist Party. “It is certainly possible that some of it is just a general flexing of might, kind of coming in with a strong arm to really show who’s in control,” he said. “But there is definitely something intentional happening when these VPN services are being restricted.” As Bill Bishop wrote recently on DealBook, China’s management of the Internet “has not been encouraging for those who want to believe the leadership will push reforms.” “I have lived in Beijing since 2005, and these have been the most draconian few days of Internet restrictions I have experienced,” he said last month. “Indiscriminate blocking of major parts of the global Internet is not going to help China in its quest to internationalize the renminbi and make it a reserve currency,” Bill said. “Internet controls at the level of the last few days may also deter foreign firms from moving their regional headquarters to China.”
I got this from: http://rendezvous.blogs.nytimes.com/2012/12/23/adding-more-bricks-to-the-great-firewall-of-china/
Comments
= Good news for VPS providers in the West coast of America. Unless they started blocking VPS providers too?
I'd assume it would be illegal to use a VPN in China.
It's already done. Most protocols are now getting interrupted.
Should be bad news for them as well. Self-hosted VPNs are also affected this time.
Interesting if they block the VPNs by port number or by IP address (known ranges of VPN / VPN providers) or by deep packet inspection.
what about use VPN on port 443? it will detected as VPN or regular https traffic?
YES, Our country China has achieved pollution SSH and VPN.
fuck politics
@Pzea ssh is blocked too ??? What about ssh on different port?
@rds100
Change the port can not be fully resolved.
The blocking is not based on port number; changing port numbers does not work. It's highly possible that the recent firewall in China is based on packet classification using machine learning. Even if packets are encrypted, it can still recognize VPN/SSH traffic and block it.
Search "machine learning based packet classification" on Google and you will find some papers on this topic.
One solution is protocol obfuscation, which has already been used in emule to help against situations where the eMule Protocol is blocked from a network by identifying its packets. Obfsproxy, an obfuscation tool developed by TOR project, will be quite useful for users in China. However, currently it only supports TCP connections; running OpenVPN over an obfuscated udp channel is not possible right now.
https://www.torproject.org/projects/obfsproxy.html.en
Gotta love the Chinese government
Almost as funny as the North Korean
If China really blocks all VPN and ssh traffic then it is a big game changer for the VPS business. Especially for the companies that concentrate on offering services off the USA west coast.
i am Chinese and i must access the Internet via ssh everyday...
I do not think the Beijing government is going to block all VPN traffic, though.
HTTP Proxy+stunnel is the best relaying solution to me for now.
I have a fellow friend in China who used to use VPNs. I gave him limited shell access to get a SSH tunnel up and it worked.
So SSH seems ok.
HTTP Proxy+stunnel is the best relaying solution to me for now.
STunnel is great! You can also OpenVPN over STunnel. It's pretty much a one-time setup for server/client and then you connect to OpenVPN as you normally would.
It is likely to be a new upgrade of the GFW.
By port at first, and after you change the port for several times, the IP. Detecting a new port needs only up to few days to GFW. That means the IP is not seems to be live longer than a month, if consist using it as VPN.
According to some discussions I read these days, it filters ALL the encrypted traffic, tries to figure out what kind of protocol you are really use (they are not able to see the content, but the really can know if you are using HTTP/P2P, etc. inside an encrypted link, such as SSH and L2TP/PPTP/OpenVPN, some said Cisco IPSec can also been detected but no reliable report shown), everything recognized to be a tunnel will be banned.
By my own experience, eMule and Tor are both dead here.
No, not all, indeed.
Take SSH as the example, if you use SSH to admin a server, everything is okay, but if you use it as a tunnel to fuck GFW, you connection will be reset randomly first, then your port will be banned, then after you changed port for few times, you IP will be blocked.
But, there are more unknown about the GFW, it might be detecting proxies/tunnels by somehow the traffic usage. That means personal proxies/tunnels/VPNs with very low traffic sometimes could live longer than those public or widely used.
fuck politics
If not for politics, how would you prefer the world being ruled?
Now only ssh tunnel and vnc work.pptp and openvpn will disconnect several mins after you establish connection.I am very proud to announce the GFW is developed by the university where I graduated from.
how about Tunneling from ICMP protocol?
have you ever try that?
This makes the assumption the world should be "ruled".
The headmaster should be honored with Nobel Peace Prize.
There's is no good way to make those Chinese people aware of that.
No, but the VPN companies can.
Somone has to make rules.
Wow..
Bad people do bad things, and until stealing, killing and other harmful things done by people ends, there needs to some order.
Yes, indeed, someone has to make rules. But there are good rules and bad ones.
I don't think making it no freedom to get information that is only possibly unsafe for a government in pure politic reasons is a good rule.
@kousinnryou
You are proud of that? Proud of taking away parts of people's freedom? Sicko.
I, for one, love to stick it to these kind of governments. The people of China will always find an ally here, the government will not. Interested to see where this goes.
You probably misinterpreted his comment, i'm sure it was meant sarcastically/ironically.