Architect of China's Great Firewall Embarrassed After Needing To Use VPN

An anonymous reader writes: Fan Binxing, architect of the China's infamous Great Firewall, was put in the embarrassing position of having to use a VPN in front of a live audience when trying to access a blocked web page. Fang Binxing was giving a speech on internet safety at his alma mater, the Harbin Institute Technology. During the speech, he presented a defense for internet sovereignty and used North Korea's own version of the system as a talking point. Things got awkward really fast, however, when he attempted to access blocked web pages hosted in South Korea to demonstrate his point. From there his speech went from being a defense of the Firewall to a demonstration of its stupidity. Unable to access the websites he needed to continue his speech, Fang somewhat unexpectedly resorted to the same illicit tool which all expats in China are all familiar with: the beloved VPN. This raises one question: Is China's Great Firewall that easy to circumvent, or are members of the government treated differently than normal citizens?

Raises one question....

I believe that's two questions....however, there is only one answer.

Re:Raises one question....

[jellomizer]

When you have a government VPN catering to about 1/2 of the world's population. You cannot sufficiently lock it down to an ideal settings, as even if you have 1% of the population deserving and exception that is 30 million people who you need to modify. Because of this, it is very easy to find a flaw, as there is a lot of holes to take advantage of.

Also the problem with communism is the idea in order for it to function the entire population will need to be onboard with the communal living. That just can't happen, so we have groups of people who are more connected to the party who gain more advantages and leeway, while others who are not part of the solution receive harsher treatment, as a way to get them to follow the party method.

Re:Raises one question....

[peragrin]

Yep the answers is both. The ruling party gets special treatment and China's great firewall is mostly that easy to bypass. China does keep blocking various vpns which makes it a moving goal.

Re:Raises one question....

[wiggles]

When I was there, it was definitely not easy to circumvent. I tried multiple VPNs, dns tricks, all kinds of things, but my internet coverage was spotty at best. If I tried to go to any western news site for any reason, I'd find my phone either throttled to nothing or completely offline for hours or days.

They seemed to be cracking down on VPN usage via deep packet inspection and/or whack-a-mole with overseas endpoints.

I was there in November of 2014, so I can't imagine things have gotten much better.

Re:Raises one question....

[MightyMartian]

It really is the same psychological trick that the Communist regimes have been using since the beginning. They've never been able to censor information completely, even in the pre-Internet age it was an impossible technical problem to fully solve. So you play a psychological warfare game instead. So long as the citizens think you have the ability, and that if they read a forbidden book or a forbidden website, that somewhere the vast colossus of state security, a light will flash and a klaxon will go off, and very serious men will appear at your doorstep and you won't be seen again. You reinforce that by making the odd citizen disappear here and there, to build up society's paranoia. The whole point is to make people police themselves.

That's why the Great Firewall, and the versions that other countries, even some so-called "liberal" democracies are creating, are as much a form of security theater as an actual control on reading forbidden content. These firewalls are like a polygraph test, they are effective because people believe they are effective, so they don't need to actually get anywhere near 100% success rate in blocking content and recording attempts. Heck, I doubt they even have to approach 50%.

Re:Raises one question....

"'Communism doesn't work because people like to own stuff." - Frank Zappa

"Under Capitalism, man exploits man. Under Communism, it's just the opposite. - J. K. Galbraith

Re:Raises one question....

[ShanghaiBill]

Blocking 99% is good enough. China is not trying to totally block outside information. They are just trying to keep a lid on organized dissent. Western news publications are commonly available at newsstands, although an occasional story on Tibet, or Xinjiang, or Xi Jinping's offshore bank accounts, will be torn out. Most urban Chinese are better informed about what is going on in the world than typical Americans. China is actually more worried about social networks, where people can organize outside of party control. So Facebook is blocked, and instead they have WeChat and QQ, which are monitored and controlled.

Also, the Chinese Firewall is not "stupid". It may be evil, but it is not stupid. It is very effective at accomplishing its goals.

China has never even tried to implement a classless society. In fact, they did the opposite, by strengthening feudalism and binding the poor to the land. Everyone in China is issued a Hukou identification card at birth, that has their hereditary class printed on it. If you have the "wrong" class, as 80% of the population does, then you can be deprived of public education, housing, and even food. 99% of the 30 million people that starved to death during the Great Leap Forward had low class (rural) hukous. Today, about half the children in big cities like Beijing and Shanghai, have no right to attend public school, or go to a public hospital.

One reason that the Chinese and outsiders see the Tiananmen Square incident very differently, is that the protesters never called for reform of the Hukou system. Outsiders see the protesters as heroes standing against oppression. Many Chinese see them as spoiled offspring of the urban elite trying to preserve their privileges.

Re:Raises one question....

[AaronGabrielson]

I just got back from Beijing last week and used a VPN on my phone without much trouble. Mobile data was quite fast and reliable there. Combined with the VPN, it worked just fine. It was so easy to bypass, it almost makes me wonder why they bother.

Re:Raises one question....

[hackingbear]

somewhere the vast colossus of state security, a light will flash and a klaxon will go off, and very serious men will appear at your doorstep and you won't be seen again

What first hand stories do you have to support this?

As someone grew up in China in the 80's, we listened to Voice of America for 10 years and not a single serious man or woman ever appeared at our doorstep. What you said would be true in the Cultural Revolution period in the 70's, and I have first hand story too: when I, as a 5 year old, tried to fold a piece newspaper into a boat, my sister who was 5 years older stopped me because there was a picture of Chairman Mao.

Today, I also have friend there doing VPN every day for years and he's moving around freely still.

No, they don't care the shit what an individual sees or says. They care what the mass see or say in some cases.

Re:Raises one question....

[ShanghaiBill]

thanks. Learnt something today. I never realized this was the basis of effectively a new class system

The main reason you haven't heard more about it, is because 99% of Chinese that are able to obtain visas and travel to the West belong to the privileged class, and have no reason to criticize a system that benefits themselves and their families.

Re:Raises one question....

[shuying]

Today, about half the children in big cities like Beijing and Shanghai, have no right to attend public school, or go to a public hospital.

There are many problems with the hukou system and most people in China do not like it at all. But you are spreading LIES. It may be difficult for a rural hukou child to get public education in a big city, but certainly not impossible. A rural hukou person can get services at any public hospital without any problem. He just doesn't have health insurance to cover his expenses.

Everyone in China is issued a Hukou [wikipedia.org] identification card at birth, that has their hereditary class printed on it.

Saying that hukou is hereditary is misleading. Except for the two megacities (Beijing and Shanghai), it's trivial to get a city hukou if you have a college degree. Also things are changing now. In developed areas, a rural hukou may be more desirable than a city hukou because with a rual hukou you are entitled to many unique benefits provided by your village.

Re:Raises one question....

[shuying]

Their class has nothing to do with where they were born. It is inherited paternally. So their class is whatever is printed on their father's hukou (identity card). If they are illegitimate, and their father is not identified, then they are screwed, and have no rights to education or healthcare, regardless of their mother's social status.

Stop spreading misinformation. The hukou class of a child can follow either the mother's or the father's.

Re:Raises one question....

[ShanghaiBill]

The hukou class of a child can follow either the mother's or the father's.

Here is a citation that says you are wrong. A quick Google search turns up many more. Illegitimate children in China (heihaizi or "black children") are denied many basic rights of citizenship.

Re:Raises one question....

I was in shanghai, oct 2015 and feb 2016.. I used a VPN all the time. The problem is that you get about 1-2 days of it working, and then it completely stops. We had to VPN over strange ports to an ip in chicago, then to germany, and keep moving them around. We got through, but it burned the hell out of our phone batteries pretty quick.

Re:Raises one question....

[ShanghaiBill]

it's trivial to get a city hukou if you have a college degree.

Riiiight, because the son of a rice farmer, banned from public schools, should have no problem getting a college degree. And if the peasants don't have bread, let them eat cake!

Re:Raises one question....

[shuying]

it's trivial to get a city hukou if you have a college degree.

Riiiight, because the son of a rice farmer, banned from public schools, should have no problem getting a college degree. And if the peasants don't have bread, let them eat cake!

"banned from public schools"? What a joke! You're sickening. Any one who has been to China should know that you're just telling lies.

Re:Raises one question....

[Wycliffe]

One reason that the Chinese and outsiders see the Tiananmen Square incident very differently, is that the protesters never called for reform of the Hukou system. Outsiders see the protesters as heroes standing against oppression. Many Chinese see them as spoiled offspring of the urban elite trying to preserve their privileges.

The other reason is that Chinese school children are taught it never happened. I've actually had conversation with college aged kids from China who still don't believe it really ever happened.

I'm sure

[Big+Hairy+Ian]

He'll be introduced to "The Great Firing Squad of China"

He just happened to have one handy?

[KGIII]

So he just happened to have a VPN and an account all ready and set to go or is this a normal thing? I'm guessing it's the latter. I'm not sure why you'd be embarrassed about it. It's not like he just happened to notice while being shown live. He had one already there, installed, and an account configured.

By the way, I've been to China and, as near as I can tell, everyone that I met had a VPN - usually one of the 'free' ones that you load up in your browser as an extension. And no, they didn't seem embarrassed about it. Then again, they weren't live and the person who configured the firewall.

Re:He just happened to have one handy?

[decep]

Nobody is truly embarrassed by the porn like until they have to watch it in front of an audience.

It is one thing to do something privately and something entirely different to do the same publicly. Especially when there is a reasonable chance of a prison sentence for doing so.

Re:He just happened to have one handy?

[amRadioHed]

Or his personal computers where he works are outside the GFW, so he didn't realize the pages were blocked.

Re:He just happened to have one handy?

[KGIII]

I'm not sure it's really private - as in, I witnessed people using them as I walked through outdoor areas and could see browser extensions. I've also discussed them, specifically, because I found the concept weird. (I'll touch on that in a moment.)

So, I don't really think it's all that private. An AC mentioned an interesting point below - that he'd surely visited the pages in preparation for his talk. He should have already known. Then again, maybe he'd told someone to have it unblocked for him by the time he was doing his talk and someone dropped the ball? Who knows. We'll, quite likely, never find out.

Now... I found it odd, the whole censorship thing. They know they're being censored. It's sort of openly discussed. At least nobody had any problems talking with me about it. It's odd enough that I don't really know how to describe it. I've been all over the place and every culture there are many similarities but some are just so unusual that I didn't have time to adjust - it would probably take me years to do so.

Hmm... How do I try to explain it? Well... I'll try it this way.

They pretend to believe the government and the government pretends that the citizens believe them.

At least that's my impression. Keep in mind, I've only spent a total of about three months in China - ever. That's spread out over three separate visits with the longest one being two months where I'd hired a guide and we traveled around. We even flew up north. Beautiful area(s) by the way. Some of China is absolutely stunning.

But, the lack of time to really adjust and my being a foreigner means there's probably someone more qualified to speak about it. But that's what it seemed like to me. They seemed well aware of the censorship and propaganda. It was openly discussed with me on numerous occasions. Once you get out of the major metropolitan areas, it's almost like little fiefdoms anyhow. But that's just my impression. At any rate, once you get out of the cities and tourist areas, they seem to care more about the local government more than they do the national government.

I don't know if there's much oversight or not but it certainly seemed like local officials, in the smaller areas, carried some big sticks. (Figuratively.) I had the occasion to talk with two different folks and dine with another, which I'd liken to a mayor or maybe a city councilman, and they carry themselves aloof and "regular" citizens seemed to speak of them with greater "respect" or reverence than they did the State government. I'm not really sure what lines are drawn where or how to reference their politicians.

Like I said, there's probably someone here who is more adept at explaining it and more familiar with it than I. It was really unusual for me, almost eerie and almost creepy. The last two times that I visited were much different than the first time I visited. The first time was in the 1990s and the last two were just within the past six years. I was last there in 2012.

Then again, maybe it's "face" if you're an upper-crust and you have to use a VPN? They didn't appear to hide their use and I openly discussed it on more than on occasion with people. There were a surprising number of people with a little onion icon. ;-)

Re:He just happened to have one handy?

[KGIII]

That's a good point, by the way. I hadn't thought of that. The poster below adds to it as well... It's not like the usage was hidden so I'm not sure why anyone would be embarrassed. Ah well. Their culture's quite different as is their politics.

Re:He just happened to have one handy?

[Solandri]

Any software designer worth his salt creating a firewall will also keep up to date on methods to bypass that firewall. So I'm not at all surprised he had a VPN all set up and handy.

The real point of the firewall is probably like the driving code in the U.S. With regular law, what you do is legal unless explicitly stated to be illegal. But by loading up the books with thousands of little laws that everyone occasionally violates in the course of their everyday lives, you invert that situation. The government can just ignore enforcement of the law for 99.9% of people, but if you raise their ire they can arrest you and cite you for violating all those little laws that everyone else breaks every day. You are guilty as a byproduct of living, the government just picks and chooses which of the guilty need to be punished.

Re:He just happened to have one handy?

[magarity]

So he just happened to have a VPN and an account all ready and set to go

If you were the boss of such a firewall system wouldn't you have that all set up?

The real question here all Chinese people should be asking is, what VPN service does this guy use and how does on sign up?

Re:He just happened to have one handy?

[whoever57]

I think that blocking by the GFoC is inconsistent. I don't know the factors, but I suspect that source IP address may affect what sites are blocked.

The GFoC changes all the time, but when I was there a small number of years ago, OpenVPN was being blocked. It appeared at the time that the system had some heuristics to detect encrypted streams. I read shortly after that playing with the MTU values would allow the OpenVPN-based VPN to connect. I found that SSH was not being blocked, so I just used that.

In this case, he might have been able to see the sites from his house or office, but not at the speech.

Re:He just happened to have one handy?

[zedaroca]

Freegate. It used to work pretty well, at least until 2012, and you didn't have to install it. I used to carry it around on a usb stick. So yes, people just happen to have one handy. It probably still works the same, but I'm not in China to tell.

Re:He just happened to have one handy?

[The_Revelation]

I think your post may have missed the point. Its a bit embarrassing because the guy who created the firewall, was being blocked by the firewall, while attempting to retrieve technical information about firewalls which firstly demonstrates that the firewall is blocking legitimate web content on a country-wide level.

Secondarily, in order to defeat the technological measures that he himself had created in order to protect China's 'innocence', hes fired up an extremely standard tool to bypass the blocking measures, while at the same time demonstrating to others how to bypass the blocking measures, all the while attempting to explain how the blocking measures are a good thing.

Its the technological equivalent demonstrating how to break an 'unbreakable plate' while demonstrating the virtues of said 'unbreakable plate'

Re:He just happened to have one handy?

[Maxo-Texas]

Ain't cognitive dissonance grand?

Re:He just happened to have one handy?

[KGIII]

Yup. I'd think he'd be as matter-of-fact about it as the rest of 'em.

Though, now that you mention it... The chances (two of them) that I had to interact with people who were fairly high-level government officials do bring that phrase to mind. I'd called it "role playing" to my traveling companion on multiple occasions but cognitive dissonance might be more accurate.

The answer is in the question

[Teun]

The answer is in the question.
I would go one step further, the Chinese are supplying 'approved' VPN IP's for their government people, IP's that are probably green listed in the firewall.

Answer...

[Lumpy]

Yes and Yes.

Yes it's that easy to circumvent, and yes they are treated differently.

Re:Answer...

[arth1]

I'd have to say "Yes" and "Maybe".

The second question doesn't make sense as it is written.
Should it be "... different from ...", or should it be "... differentlier than ..."?
I'd say Yes to the first of those, but No to the second, as I believe the Chinese government is too big to have individual rules for all the apparatchiks.

If Only There Was a Website to Answer That!

[eldavojohn]

This raises one question: Is China's Great Firewall that easy to circumvent, or are members of the government treated differently than normal citizens?

If only we had a website the covered this sort of stuff ... oh right, we do! New VPN IP addresses probably take a while for them to identify the traffic on and block. But there are plenty of services like HMA that constantly roll out new ip addresses. So as long as you're a mouse willing to play whackamole with your cat overlords ... Annoying, yes, but that's the definition of the internet in China.

In response to the second part, that is always true regardless of the answer to the first part. Not only are members of the government are treated differently but also their families. The "party" class enjoys many many perks. Unmonitored VPN connections would be laughable compared to their insider trading, disregard for the law and instant attack dogs they routinely utilize.

While you're accepting suggestions, why isn't my aforementioned article linked in the "You may like to read:" section of this page? Those stories seem to have nothing to do with China's firewall yet a simple google search shows a whole slew of those stories on Slashdot. I think you could get timothy's family to help you track that stuff if you would return his body to them. They only want closure, it doesn't matter if it has to be a closed casket funeral!

Demonstration of whose stupidity?

[wvmarle]

Was it a demonstration of the "stupidity" of a firewall doing it's job (why he had to access those sites is not clear from TFS to me, nor what he tried to achieve with it), or the human stupidity of someone not properly preparing a presentation?

Study about the use

[jovius]

Here's perhaps a useful study about circumvention tools and usage, and what are the most common reasons to use them: https://www.openitp.org/pdfs/C... It's from 2013 though. Anyway, from all the bit over 1000 respondents only 2 had never used any tool.

It is that easy

American with a Chinese wife here, I was in China last year. I set up vpn service before I left, installed the android app, and it worked in china just fine. You won't have as much luck with TOR, it will be slow or unavailable a lot of the time (tried that too just for giggles when I was there). A large number of foreign born Chinese that are there for tourism or business use VPNs, usually with exit nodes in hong kong, korea, or japan. Several people there including at least one Chinese born one happily explained to me what apps to install and what vpn service to get if I wanted facebook, twitter and google. I don't know what the theoretical legal ramifications for using these services are, but enforcement is near zero. I assume the CCP is happy enough that the less tech savvy aren't accidentally exposed to what they see as subversive material through western media, Wikipedia, and twitter. Those that are tech savvy enough to seek it out likely have contacts in other countries and travel abroad anyway.

Ethics

[JustNiz]

Seriously as engineers we need to have enough balls to say no and stand up to requests from employers to design/implement anything who's ultimate use is to do something immoral, such as suppressing individual freedom.

http://www.globaltimes.cn/cont...

Giiven the indisputable evidence that he actually did circumvent the Chinese firewall, I would love it if the Chinese arrested this joker. If I was Chinese I would have already filed a complaint against him.

Re:Ethics

[quote]Seriously as engineers we need to have enough balls to say no and stand up to requests from employers to design/implement anything who's ultimate use is to do something immoral, such as suppressing individual freedom.[/quote]

I'm sure some of the engineers in China do have enough balls to do that. Or they did, before the government made them disappear...

As long as they allow SSH, they're screwed

[Indy1]

as long as you have shell access (doesn't even need to be root level) to an outside unix box running ssh, the great firewall is doomed. Its so easy to use putty to tunnel HTTP traffic, that almost anyone can do it.

http://www.techrepublic.com/bl...

Didn't need VPN...

[Kenja]

Coulda just connected to any of the various wifi hot-spots all the hotels etc have over there with built in VPN!

All citizens are equal...

[RobinH]

"... but some are more equal than others."

Anyone can

[SumDog]

In graduate school, I asked a Chinese student about this. He said that anyone can get past the filters in China. He did it all the time. He also said, no one cared. The Chinese government didn't care if you did, but they cared if you talked about it. If you start posting things, blocked links or discussing politics in public forums in China, you can expect a knock on your door, fines, jail or worse. But as long as you don't talk about it, you can view whatever the fuck you want.

Re:Anyone can

[Zontar_Thing_From_Ve]

But as long as you don't talk about it, you can view whatever the fuck you want.

I wouldn't go quite that far. While I'm sure that there are subjects they will let you look at without talking to you, I wouldn't interpret to mean that there's not anything you can view on your own without having to, ahem, talk to the local authorities about. The CCP is still off the charts opposed to Falun Gong and nobody but the upper levels of the party itself seems to know exactly why this is. I've read several completely different explanations for this and they can't really be reconciled. My ex-girlfriend was born and raised in southern China and she told me a story of how when she was in college, she and her dormmates were all taken out once and interrogated pretty roughly by the police because one of the girls had family members who followed Falun Gong. None of the other girls, including my ex-girlfriend, had any knowledge of this. I doubt that normal Chinese people can go to websites supporting Falun Gong without the authorities becoming interested.

Huh?

[DNS-and-BIND]

How is this "evidence of its stupidity"? How does that even follow? If anything, it is evidence of its effectiveness. The website was deemed harmful to the citizens by the government, and it was blocked. Even the creator couldn't access it. I'd say, job well done.

Are members of the government treated differently from normal citizens? How is this even a question? Of course Communist governments think that intelligent people like Party members should be treated differently from the Great Unwashed and the laws they pass don't apply to them. Hell, that attitude has practically 100% acceptance in Washington DC among Democrats and Republicans alike.

Re:Huh?

[linuxrocks123]

How is this "evidence of its stupidity"? How does that even follow? If anything, it is evidence of its effectiveness. The website was deemed harmful to the citizens by the government, and it was blocked. Even the creator couldn't access it. I'd say, job well done.

Except for the part where he then proceeded to trivially circumvent the filter and access the website anyway, using a technique any Chinese citizen could use to do the same, and which many do use to do the same.

Yes

[WillAffleckUW]

There is only one answer, and offshore trust funds for China's Ruling Elites are the method to arrive at that answer.

Incorrect summary

[thegarbz]

Fang somewhat unexpectedly resorted to the same illicit tool which all expats in China are all familiar with: the beloved VPN.

No he didn't. He just used a VPN. VPNs are not illegal, they are not banned, people don't get in trouble for using them, and every multinational corporation doing business in China inadvertently bypasses the great firewall anyway. What is illegal is to view certain types of content but this does not include things that the wall blanket bans. Likewise China's VPN administrators attempt to counteract circumvention by blocking known VPN providers that exist for the purpose of bypassing the great wall, yet no one to my knowledge has ever been prosecuted for running a VPN. Also it's not just expats that are familiar with VPNs. They are a big part of the internet experience for the common Chinese person too with many providers actually accepting payment services from China and having websites only in Chinese.

This raises one question: Is China's Great Firewall that easy to circumvent, or are members of the government treated differently than normal citizens?

Not a question at all. The firewall captures the uncaring denomination. It is trivial to bypass, though you jump through various hoops depending on if they block your host, also they seem to randomly boot some connections after they are running for an extended period of time but a simple reconnect fixes that. Bypassing the great wall is trivial for the common man and doesn't even require any kind of expert skills.

Re:Incorrect summary

[ukoda]

I worked for a foreign (New Zealand/USA) company in China that used a VPN to connect back to our offices outside China. We were advised that the government would be needing to install monitoring equipment to our LAN. It had not happened at time I left that company but it sounded like it was simply a case of when not if.

Re:Incorrect summary

[thegarbz]

The Chinese government is not one for blanket regulation of businesses. They are very careful of who and how they approach businesses. This is purely conjecture but I would put some money on the fact that wanting to monitor your VPN has nothing to do with keeping citizens uninformed about the outside world, and more to do with the fact that you're a foreign company and there's a potential to gain access to some information you have.

Industrial espionage is so much easier when you're welcomed in the front door.

Re:Incorrect summary

[ukoda]

You may well be right. It didn't actually happen while I was there, but may have since then. My recommendation was to set up a Linux server spoffing the traffic for a mythical LAN and have it monitor that.

The power of the state

[Dorianny]

The fear of the Communist Government is public unrest and subversion of state power. As long as you are being a good citizen and keeping the unwanted Western truth and ideology to yourself then you are really no threat to them. To identify these inciters China mostly relies on the human intelligence gathering capabilities of its vast Security Services. Although lately not even China seems to be able to resist the Big Data cool-aid

Why either/or?

[HalAtWork]

"This raises one question: Is China's Great Firewall that easy to circumvent, or are members of the government treated differently than normal citizens?"
 
Why is this an either/or thing?

Car analogy

[Zibodiz]

This is like Chevrolet giving a public demonstration to show off how their trucks are better off-road than any other brand, then getting it stuck on live TV, and having to call a Ford truck to pull them out.
Golf clap, China.

Re:Car analogy

[mdm-adph]

Not quite -- it's more like Chevrolet giving a public demonstration about how easy it is to get out of their cars in an accident, and then the person doing the demonstration gets stuck in the seat belt. Then, to finish the demonstration, they have to perform it again while not wearing a seatbelt.

It really is just that easy

[Giant+Electronic+Bra]

For example, you can freely SSH from inside China to anywhere outside, except maybe some completely blocked IP address ranges. Certainly things work fine if you SSH to any of the AWS locations.

So, fire up a nano instance before you go to China, and run a proxy server on it. I think I used squid last time, but there are a billion choices. Then simply port forward localhost port whatever to your proxy, and tell the browser to find the proxy at localhost on that port. My advice is to set your proxy up to listen on 2 or 3 ports, and set up a couple of nano instances with different elastic IPs, just in case one gets blocked (this seems to randomly happen once in a while for a short time period).

I had no problem at all using this setup. It was usually reasonably snappy too, though YMMV depending on where you go, etc.

Obviously you can resort to more elaborate schemes like Tor, but frankly I wasn't interested in being that obtuse. DO remember, the Chinese govt employs many fine hackers. I know for a fact they cotton to these kinds of things and while they may or may not bother to probe your systems, they DO sometimes break in and play various games. This is another reason to use an AWS instance, its utterly disposable. If you use a machine on your own network, you're just inviting in unwelcome guests who can be rather hard to get rid of.

Re:Question

[Archangel+Michael]

are members of the government treated differently than normal citizens

Name me country where this is not so?

Or, asked a different way, do you REALLY think Hillary is going to prison? Even if convicted?

VPN must for technical research in China

[SvvS]

A VPN is a must living in China for technical research. Even Baidu's Chinese language result list is bad. I know they have the same information as google,( I see the bot searching my sites), but the order is terrible. Most of the world advance research in computers is in English. but Baidu English sorting algorithm is very much like the funny Chinglish signs. For an engineer and other professionals to have access to the full internet will be required for China to advance and integrate into today's world, BUT.

I do understand why there is the firewall. From Men in Black, Kay:" A person is smart. People are dumb, panicky dangerous animals and you know it." Social order is very important. The amount of people in China is unbelievable until you live there. There is a different between rural and city education. A VPN is like a test, If a person is smart enough to setup a a VPN they are smart enough to handle information for the "outside", The 2015 riots in Baltimore caused hundreds of millions of dollars in damage. The population density in China is many times that of Baltimore. so any large scale social unrest would cause billions of dollar the amount of problems.

Even with Chinese characteristic, I believe knowledge and information is required for making wise decisions and to progress humankind. That is why I rented a Linux Virtual Private Sever(VPS) in Hong Kong and used that as my VPN.

Obligatory Orwell quote

[Rick+Zeman]

"...or are members of the government treated differently than normal citizens?"

All animals are equal but some animals are more equal than others

Not fun making the Internet work there

[ukoda]

A couple of years ago I spent a couple of years working in China leading a technical team and dealing with the Great Firewall of China. It drove me nuts. Yes you can VPN around it, kind of, for while. I set up private VPNs to servers I ran outside China and I paid for commercial VPN services. They work, but not reliably for any length of time. Every week or two they would stop working and I would have to change my set up. It was just a ongoing PIA. I was so happy to be back home where the Internet just worked.

It grinds you down. A lot of technical people just put up with it and relied on Baidu. Chinese developers are at a significant disadvantage to developers outside China, it feels as if the government just doesn't care how unproductive it makes their developers. I guess they still have too much focus on manufacturing and don't see the value of innovation and development.

Given the size and density of the population in China you can see why the Government wants to control the Internet but the reality of it is depressing when you live with it every day.

Easy to circumvent

[hengist]

I spent four weeks teaching at two Chinese universities in 2014. All of the students were using VPN to circumvent the Great Firewall, and they all were using Facebook and Twitter. They were doing this openly in class. Circumvention is easy, well-known and seems to be fairly well-tolerated. I think it is tolerated with the students because they are using services like Facebook and Twitter for social activities. I expect there are Chinese government monitors watching what they say,and if they said the wrong thing (like how the president is hiding his money overseas) then there would be a crackdown.

Comment removed

[account_deleted]

Comment removed based on user account deletion