Slashdot Mirror
Ask Slashdot: Ideas and Tools To Get Around the Great Firewall?
New submitter J0n45 writes "I will soon be traveling to mainland China. While I'm only a tourist, I will still be working freelance for a company back home. I know for a fact that a large amount of the websites I need to have access to on a daily basis for business reasons are censored by the Great Firewall of China. I have been using the Tor Browser for a while now for personal purposes. However Tor has been blocked by China. I was wondering if a personal proxy (connected to a computer back home) would do the trick. Would I be too easily traceable? Basically, I'm wondering if I need to try random public proxies until I find one that works or if there are any other options. What does Slashdot think?"
- While I'm only a tourist, I will still be working freelance for a company back home.
- are censored by the Great Firewall of China
What does Slashdot think?
That you are
1) Breaking immigration laws by working while on a tourist visa.
2) Breaking laws by trying to get around the web censors and doing something not allowed.
Honestly, if you are just going to China to break their laws, why not just stay at home? If you still want to continue then don't break immigration and other laws in the country you are visiting. It's not only illegal but greatly distasteful towards the host country. They are welcoming you as a visitor and yet you are just going to be breaking laws.
Let's be real - China is a Communist dictatorship, period. Yes, they furnish most of our consumer (and soon industrial) products, but at the end of the day they are a totalitarian dictatorship and if you plan on going there, keep that foremost in your mind. Unlike even the RIAA, they will shoot you dead if you screw with them.
Just ssh into a box back home, and tunnel all your traffic through that. Easy, I doubt they are blocking port 22.
You can google it yourself hopefully.
Sounds like the Great Firewall engineers are looking for some free security pointers from the rest of the world. Any idea we come up with will be blocked before this schmuck gets over there.
But seriously, you should just take a real vacation and not work. Or cancel the vacation and stay at home, working. Better to play it safe and not end up in Chinese gulag for the next 30 years.
sudo make me a sandwich
I hear that the Chinese won't stop you from SSHing to a system outside of the country. You can turn SSH into an ad-hoc VPN if you'd like:
https://help.ubuntu.com/community/SSH_VPN
Palm trees and 8
More like an oligarchy.
I am by no means an expert in this but the question has been asked before here and I agreed with the overall sentiment: Don't break the law.
The Chinese government will ensure that you regret being caught.
And although I will be going as a tourist, I still need to be able to regularly import large quantities of heroin and cocaine. However, this isn't allowed according to US law, so can anyone suggest how I can circumvent this law largely because I don't accept it and want to carry on with my massive heroin and cocaine habits while there...
Local laws, whether you believe they are right or not, follow them if you want to stay out of jail.
We'll miss you and we'll all be sure to write a petition to get you free.
Hopefully that will only take a few years.
I don't know the legal issues at hand, nor do I know the laws of China, but if what you are planing to do is a violation of those laws you should be prepared for an extended stay as a guest of the Chinese government.
While you might not believe that what they do is correct, moral, or defensible, it is non the less their country. Just as you would expect foreign visitors to your own country to respect the local laws, you should respect the laws of a country that you visit. If you find the laws so personally distasteful that can not abide by them, don't go.
Yeah I know you're going to think I'm a tinfoil hat guy but basically anything you bring to China should be considered as compromised. iPod, tablet, computer, phone, etc. If you don't use burners, you should definitely at the very least wipe them and start over when you get back into the states. Anything you leave alone in your hotel room probably won't be left alone. Put removable tape over your cameras on these devices.
Also, if you're going to encrypt your traffic, keep in mind that most encryption standards will be broken so if you can set your encryption and you have a speedy machine then set it as high as possible. Basically, you can assume that any sensitive stuff and all of your stuff you send over anything will simply be recorded and written to disc. It's not a question of if they break the encryption. It's a question of when. Make sure none of it matters and you're dead and buried by the time they can break that. The Chinese government is in it for the long game. They are not above corporate espionage.
My personal option would to bring simple devices, treat them as burners and simply enjoy a vacation from work.
My work here is dung.
Personal viewpoints on censorship aside, I'd be hesitant to break any Chinese laws while in China. Why, my dad just returned from a 14-year stint in a red Chinese prison...
Use a VPN service. I've used a corporate VPN and one based out of India (to avoid U.S.-centric blocking issues) called SwitchVPN. While they both worked fine, this was a year ago. The best thing to do is look at the current VPN companies and see who is being blocked today and why. If several from one country are getting blocked, choose one based out of a different country that doesn't have close ties with that country. It changes all the time, but it doesn't turn on a dime. It seems like the blocking happens in fits and starts (a bunch blocked a couple months ago, a bunch of different ones blocked next month, etc.) One thing I've found is that corporate VPNs seem to almost never get blocked, so if you have access to one of those, it is a good backup.
Post this question at one of the many expat forums catering to those of us (well into the high 6 figures) who live in China.
What we'll tell you:
1) Sign up for a VPN before you get here.
2) Profit.
It really is that easy. Oh, and the bit about what you are doing being legal or not? here in China there's what's legal, and then there's what you are allowed to do. Sometimes they are even the same thing.
To go into a communist dictatorship with the intention of breaking their laws...
They don't play nice over there kid.
As long as you are not telling other Chinese people how to break through the firewall, I doubt that Chinese government will go after you. They do not need to add stress to their relationship with the USA, and they would probably prefer to sneak something onto your laptop so they can get some trade secrets than to stop you from using a corporate VPN. The purpose of the firewall is to control Chinese citizens, not to harass foreigners.
Palm trees and 8
visitors arrested for circumventing china firewall
oh, I guess there are no results.
Go right ahead!!
(IANAL, URIDIOT)
How long are you going to be there for? Because unless it's months and months, I would urge you to sort out your business affairs in advance and just not bother trying anything "clever" while you're out there. Because believe me, a bit of business inconvenience back home is nothing next to the world of hurt you will inflict upon yourself (albeit with some helpful assistance from others and their nice electrodes) in the admittedly fairly unlikely (but by no means impossible) scenario that you piss off the security side of what is still, despite a bit of spin and economic modernisation, a creepy totalitarian state apparatus.
Anyway... their country, their rules. When I travel to the USA, I'm generally struck by how stupidly low speed limits are, particularly given how well maintained, open and relatively quiet they are compared with ours here in the UK. But I don't plot and scheme for how I can drive at UK speeds - I follow the US speed limits. Now in the case of China, we're talking about rights that are rather more fundamental than "being allowed to drive fast" - but hey, you've chosen to go their on holiday (you've said you'll be a tourist) and you're a guest, so perhaps you should behave like on.
Besides, you'll get a lot more out of your holiday if you aren't constantly trying to work while you're out there. So as I said at the start, do whatever you can to organise things so you don't actually need to work while you're out there (or consider cancelling your trip and re-booking at a better time).
I traveled to China on vacation in late March this year for two weeks, staying in hotels and also using a shared MiFi-type cellular data connection on a Chinese cellular account. In all cases, I was successful by using Apple's built-in VPN, connecting to an Apple OS X server running at my US home. I was able to run iChat, Skype, and Google Chat voice as well. I ran everything through the VPN (including a Mac, a PC, an iPad, and an iPhone). I had no problems connecting with Facebook, Twitter, Gmail, the New York Times, and anywhere else I wanted to go. The speed was comparable to what others were getting connecting without a VPN to non-blocked US websites, so I didn't take any measurable penalty in speed.
I connected from Beijing, Xi'an, a Yangtzee River cruise boat (on the MiFi, a little slow but to be expected with a cellular connection), and Shanghai, all the time connecting to the same US OS X server. I never had a connection that was lost or cut off.
Tor was blocked by China. They've since added bridges intended to bypass the firewall. It's always been a cat and mouse game with China. Always will be. But right now, Tor works in China. Tomorrow, who knows.
#fuckbeta #iamslashdot #dicemustdie
I don't think he's breaking laws about the tourist visa. If he were going to China to work for a Chinese company while on a tourist visa, that's different from what he wrote ("for a company back home"). It's actually pretty typical for some people to do work during a vacation. I don't know why someone would *want* to do that, but it happens.
To answer the OP's question: temporarily buy a commercial proxy service if performance is important to you.
I always use ssh proxy (the -D option) and it works very well. Just don't forget to set your DNS to resolve using the proxy as well or it will fail otherwise.
It's completely OK to bypass the GFW.
An HTTP proxy is not enough. The URLs to be proxied is transfered to server side in plaintext, which is blockable.
VPN will be a good choice. Try some service providers like witopia and so on.
I was in Beijing and Shanghai for two weeks about a year ago and had no problem using LogMeIn to access my home computer and a VPN to access work machines. Let's see - I wasn't detained, tortured, arrested, followed, harassed or have anything else happen to me. But what do I know...
Set up your own VPN stateside, and work from there.
I think its the only real legimate way.
Using personal identifiable information through TOR to clearnet is a horrible idea, because of mallaicious exit nodes. TOR is great for anonymous browsing and research.
Setting up your own VPN stateside you exit to clearnet on a network you know is friendly. I think the chineese government will be less likely to mess with you this way. Given that many companies use VPNs this way, its should be very easy to explain this as business as usual.
We actually have a similar problem, not only do they mess with the DNS addresses for our website, but they packet latency is horrible. I recommend a 3rd party VPN client.
I wonder, but It may work at least for browsing https://www.torproject.org/projects/vidalia.html.en
I was in China last month and I just set up an OpenVPN server on my home machine and connected to that with no problems. It's noticeably slower, but worked just fine.
Note that it makes sense to use OpenVPN from just about anywhere.
-- Don't Tase me, bro!
It's high time we took back the internet. It's time to create new network(s) to exist alongside the Internet, that interface with the it but use different protocols. We need to create set of network protocols that are traffic and crypto analysis proof. The whole concept of "Internet access is what you buy from X" needs to be turned on its head. Network access should be something you get from 3 of your neighbors. To arms! The Fascists are here!
First, ignore everyone on their moral high horse - the Chinese gov't doesn't give a shit about foreigners bypassing the firewall.
The firewall mostly exists to:
a) Give Chinese companies a competitive advantage in the Chinese marketplace.
b) Stop the average farmer from figuring out just quite how shitty he's got it and why.
As far as bypassing it - that is trivial. Use a VPN and/or SSH tunnel... I've never had a problem doing this.
Comparing this to importing drugs is completely fucking ridiculous. Tons of Chinese citizens bypass the firewall also, especially in Shanghai area.
Knowingly, willingly, and recklessly violating the law in any foreign country is not a good idea, period. It is well known that China does not have the same due process laws and criminal procedure of the United States. You could be charged with a capital offense such as spying and there is very little anyone can do to help you. Your best bet is to take a vacation from work and enjoy your trip. That much said you could look at a tunneling service such as tunnelr which uses OpenVPN to encrypt your traffic and tunnel through a firewall but you do this at quite a bit of peril. What happens if a civil servant monitoring the Great Firewall "sees" a session with a lot of encrypted traffic and it is not going to one of the regular, acceptable locations? Tunnelr also offers SSH encrypted tunneling.
...they are seriously lacking in perspective.
Think about this, for a moment, from the perspective of the Chinese state. If a significant portion of their lower class (a group of people who have been shat on by the upper class for centuries) had free, unrestricted, unfiltered access to information about their oppressors, and a way to mobilize together, it would be an absolute DISASTER for the Chinese state, and probably the stability of Chinese society in general.
YOU, as a westerner, are not the target of the Chinese state's censorship efforts. The Chinese state doesn't give a shit if you read about their human rights violations and the atrocities committed for the greater good. They especially don't give a shit if you visit Facebook or Youtube. You just need to make damn sure that you don't squawk about sensitive subjects while you are visiting. Attention to such issues is threatening to the Chinese state.
To all the fools saying "don't do it, you will be in another country, you are obligated to obey their laws, if you don't like it, don't go" - do you REALLY think that the upper class in China can't visit whatever websites they want? Give me a break. Internet censorship in China is designed to prevent the idiot ignorant lower class from shaking things up too much. Same reason you can't turn on a TV in the US and hear anyone having rigorous intellectual discussions about what is actually happening in the world. Doesn't mean the information isn't there, or isn't accessible in some way, or that people aren't talking about it. It just means that the average idiot probably needs to remain ignorant, in order to avert disaster.
To the OP, here are my recommendations.
I get a VPN service (called VyperVPN) thru my usenet provider (the well-known Giganews). It works fine in China. There are a variety of endpoints to pick from. One is in Hong Kong. Several in Europe and the US.
Works with PPTP, L2TP and OpenVPN. OpenVPN is probably the best (seems that some cheap networking gear does not support PPTP properly), although the most difficult to set up.
One thing to note is that DNS servers over there may lie to your machine. So having a list of the IP addresses of endpoints might be beneficial (you can probably write a script to resolve the domain names of all the endpoints and store the IPs in a file *while you are connected to the VPN*). Maybe put the right ones in your hosts file or something.
I used overplay.net's commercial OpenVPN. There's several competing services specifically tailored to bypassing the great firewall. Overplay in particular has a huge list of servers in different countries. Occasionally one would get blocked, but one of the others would always work.
Best $10/month I spent while I was there.
Regarding the locals laws, etc.. it's a definite gray area. The laws don't say you're not allowed to post or view certain things. The laws just say that the government is allowed to "normalize" (filter/censor).
I used a VPN for years and registered for my internet account using my passport. They knew who I was and could obviously see the VPN traffic. I never heard a word from anybody about it.
Do we really need all of these replies discussing the legality/morality? We get the point -- you're all a bunch of stand-up citizens.
This has been asked her many times. The whole reason I setup SSH & VPN on my router at home is for China. I give a few friends there longing for USA-net who live back there now, and for when I travel there. My IP will likely get blocked in time, but not that hard to change.
Where is this recent wave of Sinophelia coming from? Why would you want to go to that cesspool of human rights abuses?
I want to delete my account but Slashdot doesn't allow it.
Government change.
Focussing on technology,
Other than ssh
SSTP seems like a good candidate? Shame it's only for Windows unless I'm mistaken an alternative?
A blog I run for the wealth
RFC 1149
You are visiting a nation that does things like this: http://waznmentobe.com/odd/china-horror-villager-crushed-to-death-under-steam-roller-by-order-of-the-mayor.html (Warning: double plus terrible)
China does not want to keep Tor blocked eternally. They don't want people talking to each other about losing access to Tor; that would just inflate the number of Tor users in the country (see, for example, the increase in Tor use following Tor being blocked). The Chinese government blocks Tor when there is big news that they want to conceal until they get their own propaganda out. They keep techniques of blocking Tor on hand for just such an occasion.
Palm trees and 8
...Mitt Romney trolls! Beware!
The issue with VPNs is that they are real slow.
You want to be able to use the "normal" internet and a VPN connection at the same time and switch to the VPN access only when needed.
I use Chrome as my main browser and Firefox as the backup browser. Firefox can be easily configured for SOCKS and works like a charm when connected to a server in the west with SSH.
Works for several people I know. I have a set of Terminal servers setup at HE.net for some friends that do just that, running on a different port than usualy, but RDP was encrypted as well. In fact, I do that when I travel to most places.
Now, with all things, there are the legal risks that have already been mentioned, as if you get caught, they literally can just lock you up till you die, or just shoot you right there, but that's the risk of doing business or pleasure in that type of government environment. Then again, they can just lock you up till you die, or just shoot you right there even if you didn't circumvent the firewall.
Having done the same thing myself, I used a pretty simple method that worked 100% of the time and I never had any trouble with disconnects or anything. You don't need a VPN if you don't have access to an easy ability to set one up, just set up an SSH tunnel to some box you have any access to anywhere and use it as a SOCKS5 proxy for your machine. Get your browser (or your entire machine if you want) to forward all internet traffic to your SSH tunnel and you can browse wherever you want. You can even use TOR over the proxy if you want, it'd be the equivalent of running TOR on the machine you're SSH'd over to. I did it using PuTTY and ProxyCap most of the time, worked like a charm, never got blocked or interrupted.
I think its interesting that 90% of the comments are that its illegal to work on a tourist visa so a VPN back home is illegal.
In a minute or two I couldn't find the relevant legal defs for China, and that's all that really matters.
But in general, the extreme simplification has nothing to do with the claim.
Generally a business visa means you're there doing commerce with a local while not employed by a local... signing contracts, sales visits, demos. Unless your VPN back home is to download the sales pitch powerpoint to show to a local you're probably OK.
Generally a work visa means you're there working for a local as just another employee. From shoveling dirt to shoveling bits to pulling cable. The only way a VPN back home would matter would be getting accused of industrial espionage, or having two employers means a conflict of interest.
Generally journalists get a special visa solely so customs does not F with them as much resulting in bad PR, or if there's not many in the country, for internal security to track where outsiders are watching them (so.. machine gun the protesters in this city, but not that city where the journalists are, for example)
It would generally appear that generically fooling with a VPN back home for your back home employer has nothing to do with signing contracts with the locals, or working for a local, so a tourist visa generically would be OK for casual logins. Now a firewall violating VPN might be completely illegal, but it wouldn't be a violation of the visa. Since you're going to China and not "generic-land" you need to read their exact laws to make sure.
Generally visas are very interested in how you plan to interact with the locals. If, while sleepless laying in the hotel bed, you think of a new TPS report header for back home, even if you call home to tell people about your amazing new TPS header, as a general rule visas are not designed to care about that, as long as the locals have absolutely nothing to do with it.
Where visas get fuzzy is two foreigners meet at the hotel bar and start talking about a biz deal between two foreign firms, no locals involved... do they seriously expect the host country to enforce the local version of contract law for free? It can get messy.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
There is so much disinformation here. Just get yourself any standard $5/month VPN service. Set it up, and test it at home before you leave. Problem solved! Here's a great list:
http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs
Now about the other suggestions. Yes, the ALPHA tor correctly configured with bridges works today. But by the time you get there, China may have figured out how to block it again. As mentioned before, it's a cat and mouse game. Not to mention the fact that pages load about 10-20x slower over tor than they do over a regular VPN. This is only something I like to play with and your are nuts and a cheap bastard if you want to use it for your work.
The third option suggested here is to setup your own personal VPN. This is what I have done. I have one to my home computer and one running on Amazon EC2. They both work fine, but you have to know what your doing. If you haven't setup a dozen VPNs before and can't tell me what MTU is stay away.
Even in the major cities, Internet access in China is much slower than most places in America. The fastest Internet you get at home or high end hotels is 5Mbps/1Mbps with 1Mbps/128 the standard. Go into the rural countryside and even the 2 major Cell carriers may not offer Internet. Locals use dialup or deal without. Small towns are somewhere in the middle. Also note that you'll need a L2TP VPN for your smartphone since PPTP VPNs are blocked by cell carrier.
Man Crushed by Steamroller On Orders of Chinese Officials
I spent a week in China on business in June and I ended up using SideStep. It requires you have access to an SSH server somewhere outside the firewall, but it worked great. If your company has a VPN, that could work well too.
Tor pretty much gets around anything I can think of. It's specifically designed for this type of thing.
I was there for two months this year and I used (variously) a Witopia account, my corporate VPN and a VPN that comes with my ISP service.
The corporate VPN was the fastest and most relaible, I used that one to stream hockey games with my morning coffee.
My ISP VPN was reliable, but not that fast.
Witopia was slow and only about 1/3 to 1/2 of the (50+ access points) would connect at any given time, it does offer 4 or 5 different protocols though (OpenVPN, L2TP, PPTP, IPSec and some points offer a HTTPS proxy)
The point is to give yourself some options, get to know the different VPN protocols and maybe practice connecting to them from whatever OS you use before you leave. Smartphones can also use VPN which can be good if you get a SIM card there, my phone didn't have VPN capability but I was able to get to most places I wanted to (you'll definitely need a VPN to use Google maps though).
Good luck and enjoy the trip - there are beautiful places to visit and friendly people to meet.
How would you answer if someone from China planning to visit the US asked you that?
Most likely, you answer would be: "Don't even try". Not because you agree with the TSA, but because it is simply not worth the possible hassle for someone coming just for a short stay, and not aiming to make some political statement.
Simply deporting you would be enough to ruin your trip. I am not saying that would happen, but is the risk worth it? For the benefit of visiting a few sites for a couple weeks?
If you disagree, then tell me, how can I get around the TSA?
short answer: don't worry, get a VPN like Astrill and you're ok.
long answer: Many people, and many many corporations in China circumvent the GFW and it's no problem.
1) The GFW is aimed at Chinese users, not western ones. It predominantly blocks sites which has forbidden info in Chinese or allows Chinese citizens to communicate in a way the regime cannot control (e.g. Facebook, Wikipedia). Because of this you can easily see extremely anti China websites in e.g. German, French or Spanish with no problem inside China.
2) The GFW is not designed as a blocker but as a hurdle, to make it just inconvenient enough for a large mass to accept the censoring and not bother at circumventing it. What do you need to circumvent it? I non-Chinese credit card (most free VPNs get blocked/mangled/slowed down) and some technical knowledge. Most people in China lack either the one or the other. Plus the monthly prices for western VPNs aren't cheap for many people here.
3) If the Chinese authorities would prosecute any VPN users they would have to go after a lot of big time businesses, effectively driving them out of the country. In Chengdu the local party was even thinking of making a special foreign business zone where the GFW would be turned off by default.
4) Circumventing doesn't get you in trouble. Posting anti China stuff, calling for revolution, organizing protests, etc. will. Don't do that while you're in China.
I've been using VPNs for over 3 years now in China, and my company has been doing that even longer - we even develop apps for Facebook, which is banned - and had 0 problems so far.
If you use Stunnel on port 443 then the remote server looks like regular HTTPS, so that would be less likely to trigger an alarm. Then you run your VPN or SSH over the Stunnel tunnel to/from your localhost port to get all the services you want from your remote endpoint. A VPN might have different traffic patterns than typical HTTPS, but that probably wouldn't be detected by the current generation of firewall. Ideally you would have a static IP for your remote server, otherwise you would have to use something like a free DNS service and you would lose your connection every time your remote IP changed. Instead of DNS you might want to locate the remote server using some out-of-band method since a free DNS service could be a cue for a manual inspection. You should set up Stunnel so the server authenticates the client connection (using an X.509 client certificate), to prevent a man-in-the-middle attack. For secure out-of-band communications you could set up the remote server to PGP encrypt its IP and other information (logs are useful) and email them to a disposable email address. You could send commands to the remote server the same way. You should be aware that HTTPS is susceptible to certificate switching, so I wouldn't access my personal email account directly unless I could verify the connection certificate independently. Stunnel, GPG and OpenVPN are standard on many Linux & BSD distributions. With a few key parameters & an encrypted download from a free email site, you should be able to set up a client using a live distribution CD/DVD in a few minutes, just practice the process a few times before you go. You also want to take steps to ensure the remote server stays up. A stripped down headless config (perhaps a router distribution) with minimal logging, no extra services, and a daily reboot should do the trick. As long as you don't talk to any dissidents or Tibetans, the only think likely to happen to you are some polite questions from the local constabulary and you may end up on a watch list. Be prepared to demonstrate how you are "just accessing my work email and work web server, sir, it's how we do it...". Might be a good idea to have a buddy at work that will back you up when they call to check. YMMV of course...
My wife and I spent 6 months backpacking thru china last year.
a) most ex-pat's we met used a VPN service to get around any firewall issues. This also enables you come privacy as the connection is encrypted.
b) Most backpacker hotels aren't firewalled. It really seems the great firewall of china is mainly directed at citizens. The government doesn't really care that white people get around it. The higher ended hotels or hotels marketed more towards Chinese did appear to be firewalled.
On my last visit to China, Teamviewer (teamviewer.com) had no problems accessing my computers at home from China.
You'll need to setup a VPN or subscribe to one. Proxy servers won't do the job from China, at least not in the two years I've lived and worked [legally] in China for two years now. Plug - check out shanghaifakemarket.com site if you're going to do some shopping there.
OpenSSH VPN and mixed socks5. Use a password protected key based authentication system you'll turn off after the trip. Possibly set up a local account with a shell of nologin.
Run sshd on 22,53,80,443. Any decent browser, IM, and email client will be capable of being configured to use a local socks5 proxy available via "ssh -D".
Since you can't trust the DNS, you need to run a local bind service pointed through your ssh tunnel -- the only host you should be resolving is your ssh service (you have a static IP, right?).
You *may* need an alternative mode to deal with captive gateways if you can't read the HTTP requests yourself well enough to figure out what's up...
Be sure you have the ascii art of your server and public key and check it regularly. Keep a copy on a printout inside a book to check if you ever leave your system unattended for even a minute.
Also recommend you set up your own HTTPS certificates pointing to "mail.yourdomain.com" even if you don't host your own email. Put up a copy of anybody's login page. You want to save some checksums and keep them on QR codes printed on bookmarks, or unsuspicious printouts.
These are to check and validate -- if your traffic is being MITM'd via chinese CA ownership. If you write a program to check this, be sure the user agent and timinings match your browser of choice.
Many places also recommend you weigh your power supply, battery, and laptop individually and separately before leaving the country and when you return -- in addition to a good bios password.
Where are those brave folks, who'd say: Nope, if you're not "Free," then you don't get Me!
If -enough- folks made it -clear- that they won't support restrictions, just maybe it may help.
Another thought I had was: These "Help my data jump over the Great Firewall" articles
-may- be "plants" to help draw out any remaining workarounds to the latest version of
Great Firewall controls.
By answering, we may by listing any of the remaining workarounds, we're helping the ones,
who maintain TGF to close yet another door...?
If I were trying to undermine state control of information, I would not use the internet...
1. buy a big printer, like an old b/w laserjet...then stock up on toners and paper
2. burn dvds
3. hand them out in person, like the guys with tables of bootlegs in front of dollar stores.
You want to go to thailand to get ladyboys you fucking faggot OP.
I don't get why dumbfuck westerners insists on shoving inanimate objects up their ass by patronizing the great evil empire.
Do nitwits like yourself not subscribe to the endless propaganda from our governments that the Chinks are depraved and evil?
Why not go tour India, which will be the world's next superpower (according to western government propaganda)? They are the world's largest democracy, and always mentioned in the same breath as China in every western government propaganda releases.
A personal VPN worked fine when I was in Shanghai last year. From what I understand, the censorship of the internet is mainly for the local chinese. They turn a blind eye to foreigners (for more than just internet censorship.) Be warned however, while you may get through the dns blocks, unless it's encrypted there is probably someone reading your emails. Just don't try to sow political dissent or talk about how awesome democracy is and you'll be just fine.
I have lived in China for some time, and I have found using a ssh tunnel as a socks proxy works wonders. Don't expect it to be fast but that is a problem when connecting to any hosts outside China. You will risk them throttling your speed if you use it all the time with excessive amounts of traffic. Remember some website are blocked through dns so that means you need to configure your browser to resolve this via proxy as well
That you are a dumb-ass.
Realistically, you can use VPN or remote desktop and probably get away with whatever you want. I know Chinese people who do, but...
1. Can't you deal without internet for a few days/weeks while in an exciting foreign country? It's not even like you would be completely without internet, just somewhat restricted from some sites. You *need* to have Picasa and Facebook while in China? You won't have anything better to do?
2. As much as Chinese people can be punished by the Chinese government, you can be punished much worse - and you're going to be more suspicious from the beginning by virtue of being foreign. You probably won't get caught, but if you do, you could be: a. Deported, b. Heavily Fined, c. Have your belongings confiscated, d. Denied any future entry to China (ever), d. Imprisoned, e. Worse. The Chinese government has the right to do all of these, and more to you when you are on their soil, and the US (or wherever you're from) can't do shit about it - especially if the Chinese government could present evidence that you willfully broke their laws on purpose.
Let's say the risk is 1% - Is it worth it? I seriously doubt it. Check what you can do normally at internet cafes, and if you have to do something on a site that's blocked, just do it when you get back.
I go to China quite often for work and usually stay for months. It is very hard to get by without being able to get around the Firewall, because most of the sites you'd visit are cut off. I use one of our servers in Japan as a VPN endpoint for regular surfing and it is quite stable. A server in Hong Kong would be fine as well, just make sure it is somewhere in Asia. The same goes for commercial VPN providers, which are a great option if you don't wanna fiddle around with setting up your own box.
I wouldn't worry much about breaking the law. Most young people I know in China (locals) are doing the same and all the expats who live there use VPNs. The government couldn't care less about it. I've never heard of any expat who got into serious trouble with the authorities, even if they did something stupid. If it's really bad, they usually just ask you to leave the country and not come back for a couple of years. They certainly wouldn't do that for downloading porn or watching YouTube, though.
As far as freelancing goes, if you are not working for a Chinese company, it is perfectly fine. If you do want to work for local companies, with which you'd likely make far less money than doing it for businesses overseas, you can always set up a consulting company in China and get a work visa through that.
Don't believe the trolls, life in China can be a lot of fun, once you get the hang of it.
You obviously don't like the Great Firewall, and presumably don't support China's totalitarian government. So, don't support China's economy and government by visiting China.
There are many other methods, all slowing down your Internet connection substantially, so I'm not going to recommend here.
Was all over China for about a month last year in both urban and rural areas. I used a mifi hotspot with unlimited data (a rental from XCOM) and ExpressVPN. Absolutely no connection issues anywhere in China and all web sites / internet resources were available. I used a separate mifi box from XCOM for Hong Kong.
with all the free movies available, you won't have time
And hope you don't get caught and sent to prison.
---- Booth was a patriot ----
ultrasurf from ultrasurf.us
http://en.wikipedia.org/wiki/Ultrasurf
came across it while surfing the web recently,
wiki explains why it was created
What I did after I went to china for the first time was to setup an openVPN server on a free AWS VM.
If you know how to use the Linux command line, this is probably the cheapest way to get around any censorship, insecure wifi and other things. Steps (not very detailed):
1. Get an AWS account (you need a credit card, but it will not be charged until you get over 15GB traffic and then it's 0.12$/GB) (here)
2. Set up a micro VM of your choice (I prefer debian-based OSs)
3. Install openVPN and configure it according to the HOWTO
4. Install the client software on the computer you will be taking there (everything except iOS is supported)
5. Test it
You may want to set up a dynamic DNS for your server so the address doesn't change after restarts.
As a bonus, the location of your AWS server is the exit point, so you can choose where you want your VPN to exit based on what is censored where at which time (I currently have it exiting in the USA because in Germany almost all music on Youtube is blocked).