Archive for the ‘GFW’ Category

  • Adding Some Key Facts In’s China’s Internet ‘Wall’ Hits Business Article

    Date: 2013.02.15 | Category: Astrill, China, filtering, GFW, VPN News & Updates, Witopia, WSJ | Response: 0

    VPNs are useful for creating a private connection online. Most users around the world use VPNs specifically for privacy. But a growing number of users in places like China and Iran also use VPNs for circumvention.

    The Wall Street Journal’s has a decent article (China’s Internet ‘Wall’ Hits Business) related to VPN usage in China among businesses built around a recent American Chamber of Commerce in China press release. The article is written by Paul Mozur and Carlos Tejada. The article is pretty good but there are a few things that caught our eye that need more explanation:

    1) The article states “it is illegal for foreign companies to operate a VPN in China without a local partner”. That is true, as Internet Service Providers must be primarily owned by local Chinese. But it skims over the subtleties about whether it is illegal to use a VPN in China, period. It is not illegal to use a VPN in China if the Virtual Private Network’s nodes and servers are outside of mainland China. The Shanghai-based lawyer we conferred with, along with our deep understanding of China’s Internet landscape, shows us that there are no laws on the books in China that prohibit any user in China from connecting to a VPN outside of mainland China.

    2) The article states “the government has been closing ports used by VPNs, and that the company has maintained services by switching to new ports each time an old one is closed.” Yes, this is true and this began around October 20, 2012. However, according to the monitoring from VPN provider based in Hong Kong, as of around November 27, 2012, new actions were taking place in China: not only were ports closed, but also highly encrypted packets started to be filtered. So even when using alternate ports, it was the more enhanced packets that were being captured for possible further analysis and/or blocking. In the VPN world, we call that “filtering”. The bottom line: even changing ports does not work in the end because all encrypted packets using OpenVPN are filtered. That means VPNs using the OpenVPN protocol do not work.

    3) As an important addition to #2, we should note that not all VPN protocols are blocked. Only OpenVPN protocols are blocked. But PPTP and L2TP, which users can easily use from their laptops, desktops, or mobile devices, are not blocked in China. Why? Because they use traditional ports used by e-commerce sites. Is it possible to block PPTP and L2TP? Yes it is, but that means either a DNSBL is used or the entire Internet is shut down to SSL traffic. So people complain that VPNs do not work in China are only usually trying to use OpenVPN, which is only one of the triumvirate of useful VPN protocols and technologies. This article fails to mention that VPNs are used and running fine if OpenVPN is not relied upon. Providers like Astrill, Kovurt, and Witopia all provide their users a choice of OpenVPN, PPTP, and L2TP.

    Let us know more about how you are using VPNs around the world and your experiences with VPNs in China.

    This news was originally syndicated from the news at VPN Instructions. We have permission to syndicate this article, and the original is © VPN Instructions.

  • Is OpenVPN Dead?

    Date: 2012.12.15 | Category: China, GFW, VPN News & Updates | Response: 0

    With total filtering (i.e., block) of the OpenVPN protocol in recent weeks in places like China, many users are wondering if this is the end for OpenVPN. What started in late October 2012 with only filterings of certain ports of OpenVPN, was ratcheted up by the end of November 2012 with a seemingly total block of OpenVPN services throughout most of China. This has left users of OpenVPN paid systems at places like Witopia, Astrill, and StrongVPN a loss, frustrated, angry, and despondent.

    So if OpenVPN has been so easy to block in a place like China, is this the end for the service? Probably not because other services like Kovurt have quickly filled the void by using OpenVPN and encrypting it in ways that do not readily allow future blocks of OpenVPN user accounts.

    Companies like Kovurt use the same types of VPN protocols that Witopia, Astrill, and StrongVPN use, such as PPTP/L2TP/SSL VPN/OpenVPN, but they go a step further and create “digital envelopes” that create more trusted connections between users and the Virtual Private Network world. (You can see more information about VPN instructions and tutorials at This does slow down the usage for users a little, but that slow pace is balanced by broader privacy and better Internet access for users of services like Kovurt VPN.

    According to Wikipedia, OpenVPN is “an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls. It was written by James Yonan and is published under the GNU General Public License (GPL).”

    So nothing in that definition and use of OpenVPN should change much in the near-future. The only change now is more companies will be utilizing best practices to keep more users private and secure when using VPN services. OpenVPN is far from dead!

    This news was originally syndicated from the news at VPN Instructions. We have permission to syndicate this article, and the original is © VPN Instructions.