Slashdot Mirror
China Cracks Down On International VPN Usage (thestack.com)
An anonymous reader writes: China's government has announced a 14-month crackdown on the use of unauthorised Virtual Private Networks (VPNs), commonly used by visitors and native activists, amongst others, to communicate with the world beyond the Great Firewall of China. Sunday's announcement [Chinese] from the Ministry of Industry and Information Technology reiterated regulations first outlined in 2002, but which have since been subject to sparse, selective or lenient enforcement. The new announcement promises a 'clean up' regarding the VPN situation in China, beginning immediately and running until March of 2018.
Guess we'll have to switch to SSH and HTTPS tunnels instead of brazenly using IPSec and OpenVPN. Got the message loud and clear. :D
OpenVPN port tcp/443. How are you going to stop that? I have one of those for... reasons, I keep bandwidth usage low to avoid volume based detectors.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
When I used to go to China, I often found that access to sites I need to use to do my work were blocked in whole or in part. Without setting up a vpn, I can't do my work. And even then, it was always a cat and mouse game as the connections were randomly terminated.
So now I just avoid going there at all if I can help it.
A couple of years ago visiting China my TMobile phone's plan included unlimited data at 2G speeds. I got sites that were normally banned to Chinese users as if I were in the US, so I suspect it routed straight to TMobile somehow but never got the details. I wonder if this crackdown will stop that access?
Politicians in the West are also typically as dumb and just as threatened by technology.
By and large, politicians still don't like the Internet, regardless of location and political ideology. They think it takes power away from them. It's a generational issue - most politicians, when they reach national power, are my age, at least, and probably never actually touched a general-purpose computer themselves.
The quicker my generation dies, the better.
I'm OK with that.
--
BMO
I agree. It's almost as bad as going to the US.
Guess we'll have to switch to SSH and HTTPS tunnels
Yes, but you can't win that game.
If that would ever become popular, it too can be blocked. Also that is beyond the ability of the average person to do. If they "solve" the problem for 99.9% of the population, that's what matters.
The end game is bigger and bigger swaths of the open internet being blocked, until what's left is a white list of approved web destinations, with maybe some special exceptions being made for companies, exceptions not available to the average person.
The internet once held the promise of freedom for all. Now it holds the chains of oppression for all. With each passing year we have seen more and more control, monitoring, and lockdown, not just in China, but all over the world. Some of that was imposed externally, like from the Chinese government, and some we freely signed up for by re-centralizing the decentralized network handed to us by its creators. It is simply too succulent a target for those who would be your masters to ignore.
Governments want it for power over the population. Corporations want it so you are locked into their portals. People want it because in mass they are stupid and cheerfully walk into their own cages.
We are not winning the war on internet freedom. We are losing it, badly. It is more heavily censored, controlled, and monitored than at any time in its history, and that shows no signs of slowing down.
Captcha: prevails.
The quicker my generation dies, the better.
Dunno how you are, but I may be similar (late 57 here).
So yeah, most of our gen are technical ignoramuses, I'll agree with that. But I disagree it's any better among the younger folks, and in fact in some ways it's worse. Our generation built a free and open internet, on open standards and open protocols. You wanted to run your own IRC or XMPP server, go ahead. It was not a locked down internet. It took the younger set like Zuckerberg to destroy that ethos. And not just him, but masses of people have eschewed those open standards in favor of golden jails like Instagram and Facebook that facilitate centralized censorship and control.
In our generation there were two categories: technically literate people, and people who were not using technology so were not having adverse impact upon its evolution. In the current generation there are two categories: technically literate people, and people who are technically clueless but ARE having an adverse impact on its evolution. Sadly, in both generations the technically clueless outnumber the technically aware by magnitudes, but in our generation the clueless weren't changing the direction with their choices, since they weren't involved at all.
in southern south America, insulated from the troubles of the northern hemisphere
Hah! You're either ignorant or naive. Wait until your traveller's honeymoon period fades away & then your eyes'll be opened. Despite all of the problems in the West (TM), they ain't nothin' compared to the political & financial instability of the developing South American economies.
I my experience, it is everyone under 30 using a VPN, at least in the cities.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
Dear fellow netizen. This is one of the greatest posts I have seen in these pages in a long time. It sums up the essence of everything that is at stake. Kudos.
40s here. I may have been late to the party, but I came to an Internet run by open protocols, IRC, telnet NNTP, SMTP. Want to run NFS across the Net? You could mount wuarchive.wustl.edu/archive read-only (make sure to do a soft mount.)
What have the people like Zuc brought to the ecosystem? Spying, logging, telemetry, centralization. The hacker ethos was replaced by the ka-ching sound of anything goes if you get money for it. There has been nothing brought new by the post-2000 commercial dot-coms that wasn't usable beforehand, with the exception of the BitTorrent protocol. Everything else? just trying to capitalize for the short term, focusing on sucking data and slinging ads, above actual infrastructure building.
Yep, get used to it. Because there isn't anything you can do about it. Sure the 0.0001% may be free to use what they want, (That 0.0001% being the people who can mess with ASM, and do hardware glitching to meet their own ends.) but the vast 99.9998% of people just made a new master for them to bow down to. Even better is what happens when we get hard AI that will ensure continuous monitoring and oppression.
So why the grim future? Well because as history shows, people don't give a fuck about something until it bites them hard enough in the ass, and by then it takes a monumental effort to even try to correct the problem. Sadly, that "we don't give a fuck" attitude may very well usher in a new dark ages this time.
You won't get people to care before then. They want it to be cheap, easy to use and forget about, and not to need to use that 10lbs of dead weight that they keep in their skulls while messing with it. That combination (Ignorance, Arrogance, and Apthy) will always result in being taken advantage of, being coerced, and being used. People just don't look out for their own safety when using the damn things. So they are blind and death to attempts to protect them as well as attempts to do them harm.
We have no-one to blame but ourselves. We allowed them to use the things without a care in the world. We allowed them to goof off and not learn how to do basic maintenance, or even basic concepts. We gave them the fish instead of teaching them how to fish. Now we have no choice. Now we must bear the consequences of our actions and our inaction.
A few of the better VPN providers might not have as many issues.
Due to skill and cash flow they can try to avoid deep packet inspection.
The deep packet inspection is looking for any use of an encrypted VPN protocol.
Deep packet inspection is the result of a few vendors that sell into China. Deep packet inspection can be understood.
Any quality VPN provider could look at what deep packet inspection is sold to China and then protect its VPN users.
Domestic spying is now "Benign Information Gathering"
This is great. Many more people in China are now aware of the problem, due to the public announcement. So many more people are questioning "why?" and signing up for overseas VPN services. In any case, we have adapted technology already to avoid their DPI and more countermeasures are ready for the next escalation. The more you tighten your grip, the more star systems will slip through ..
Are you sure? I am Chinese and lived in Shenzhen for the last few months. I can tell that you are wrong on so many counts.
1. VPN has become inaccessible 90% of the time. No hope there.
2. Most Chinese do not know what's outside. They only read Chinese.
3. There is now a sufficient amount of nationalism among the Chinese, since Huawei phones are kicking asses everywhere, and China has many things that the others don't, such as ubiquitous micro-payments with WeChat and Alipay.
4. The remaining freedom-loving Chinese are hoping that America would invade and free them from this mess (one of the reasons that they supported Trump). But they won't tell you.
This us why thousands of us have moved to New Hampshire with the Free State Project
Guess we'll have to switch to SSH and HTTPS tunnels instead of brazenly using IPSec and OpenVPN. Got the message loud and clear. :D
ISPs appear to throttle TCP connections to outside the GFW to 50kB/s. Since SSH runs over a single TCP connection, you will be accessing the internet at 0.4MBit. SSH connections are also long lived and easy to identify.
Shadowsocks to a server in Hong Kong with good peering (say Microsoft Azure East Asia datacenter) works well. Cheap VPS providers in HK have lousy connections to China with significant package loss.