Who is protecting the VPNs?

In recent days news has spread that China is cracking down on VPN use (Guardian, Global Voices). Chinese internet users, particularly those in universities, are finding it increasingly difficult to make use of VPNs to circumvent online censorship and access blocked websites. This seems to be a continuation of the increased censorship witnessed this year, including temporary blocks of GMail and LinkedIn.

While important, this development leaves an obvious question unanswered: Why do the authorities not block access to the main websites of the major VPN providers? Each serious provider offers access to a number of servers around the world and blocking actual usage of these is somewhat complicated. The main websites, however, could be blocked in an instant. After all, the Great Firewall has no problem constantly blocking other websites such as Youtube and Facebook.

There are three apparent possibilites. The first is incompetence. The authorities might simply not be aware of the VPN providers that are not blocked. This seems unlikely for two reasons. First, all it takes is a Google search of, say, "VPN China". Blocking the top 10 results would go a long way to making VPN access in China more difficult. Second, some providers, such as StrongVPN, are in fact temporarily blocked from time to time.

The second possibility is that blocking VPN use is not a priority. Paid VPNs may mostly be used by foreigners, and the censorship is more consistent when it comes to free solutions such as Tor and Witopia.

The third possibility is that some faction inside the regime is vetoing ideas of blocking VPN use altogether. This may be the most likely reason that major VPN provider websites remain unblocked, given how easy it would be to block them.

What do you think? We welcome your opinions.

Comments

More Blog Posts

Subscribe to our mailing list
Show content from Blog | Google+ | Twitter | All. Subscribe to our blog using RSS.

Sat, May 07, 2016

The New York Times vs. The Chinese Authorities

Could the New York Times be setting the best path forward for news organizations in China?

Thu, Feb 18, 2016

From the desk of Lu Wei: Apple, encryption and China

Lu Wei, Director of the Cyberspace Administration of China, offers some friendly help to FBI Director James Comey.

Thu, Sep 24, 2015

Apple blocked CNNIC CA months after MITM attacks

In March of this year, Google found unauthorized digital certificates for several Google domains. The root certificate authority for these domains was the China Internet Network Information Center (CNNIC). CNNIC was controlled by the Chinese government through the Ministry of Industry and Information Technology and is now under the management of the Cyberspace Administration of China (CAC). CNNIC was recognized by all major browsers as a trusted Certificate Authority. If CNNIC signs a fake certificate used in a man-in-the-middle attack, no browser will warn of any unusual activity unless the certificate is pinned.

Wed, Sep 23, 2015

Malicious Xcode could spread via download manager Xunlei

What’s at stake?

We reported last week that popular Chinese iOS apps were compromised in an unprecedented malware attack. We discovered that the source of the infection was compromised copies of Xcode hosted on Baidu Pan. Apple has published an article urging developers to download Xcode directly from the Mac App Store, or from the Apple Developer website and validate signatures. We’ve now discovered that even if a developer uses a download link seemingly from Apple, he might still be possible to obtain a compromised copy of Xcode.

Please note that we do not have evidence that such attacks has happened. But it is an easy attack that anyone can implement.

How does it work?

This compromise happened because of Xunlei. Xunlei is the most popular download manager in China. Much of its popularity is due to the fact they can accelerate download speeds by pulling resources from other Xunlei users as well as cached copies on the Xunlei server. All of this, however, is invisible to users. Users can simply enter a regular http download address into Xunlei  download manager and the download will start. Chinese developers were using direct download addresses such as http://adcdownload.apple.com/Developer_Tools/Xcode_7/Xcode_7.dmg to download Xcode.

Mon, Sep 21, 2015

中美互联网论坛回信

你们的公司有责任尊重人权,防止您的业务被侵犯。我们知道,中国是你们公司的一个重要市场,但恳请您在美国促进和保护人权的同时,也同样在中国致力于此。习主席的访问和美中互联网产业论坛是一个理想的机会,明确表示你的公司将会捍卫隐私权,反对成为监控同谋,将它们的强大在中国和美国一视同仁。
Subscribe to our blog using RSS.

Comments

Here are some reasons:
*All sites that would mention them as a way to get out of the firewall are blocked. So are most of the Google searches.
*They are trying to gain support from the West, and it is not a problem.
*People might be lazy to download it, instead use an online proxy so it is not a threat.
*They may have made a deal with VPN companies to ban all websites that China blocks.
I am baffled too.

They are blocked, they probably read this.

Been using VPNinja for a while now, it's pretty solid and for a decent price. Friends using strongVPN are forever complaining that it's blocked, but I never encounter problems like that

Another possibility is that the major VPNs have been penetrated by Chinese Intelligence who now have access to subscriber names and credit card details, thus linking subscriber details to all their traffic, sniffed and decrypted via Huawei routers installed in the major local Chinese Servers before arriving at the foreign VPN servers. A glorious harvest indeed, email passwords, skype messages, bank account information, postings, commercial secrets, personal profiels all matched to a name, credit card and finally a residence permit number.. Paranoia bites!

I am using Astrill paid VPN. As of last night Open VPN was completely blocked on all servers. I contacted their support and they said that China is cracking down during the leadership convention, and that it will be removed after.

I would bet there is an arrangement between Astrill and the government, since they can give this kind of answer. Furthermore my friends have reported that many of the other VPN solutions have also stopped working. Could it be the ones that refused?

I have also observed that my Vonage VOIP phone has been blocked since last night, and skype calls are severely bandwidth limited. Wonder when it will lighten up.

inspired a lot from this post am following this blog regularly and found very good for bookmarking thanks admin
happy new year 2015 sms
indian festivals 2015
public holidays 2015
new year 2015 quotes
happy new year 2015
new year 2015 quotes
new year 2015 greeting cards

this post is awesome, great msg for us, plz update ur blog for daily basis, i am regular visitor of this site, so keep posting for us,

click the below links to create backlink
best free backlink website
click here for msg movie

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.