VPNs are useful for creating a private connection online. Most users around the world use VPNs specifically for privacy. But a growing number of users in places like China and Iran also use VPNs for circumvention.
The Wall Street Journal’s WSJ.com has a decent article (China’s Internet ‘Wall’ Hits Business) related to VPN usage in China among businesses built around a recent American Chamber of Commerce in China press release. The article is written by Paul Mozur and Carlos Tejada. The article is pretty good but there are a few things that caught our eye that need more explanation:
1) The article states “it is illegal for foreign companies to operate a VPN in China without a local partner”. That is true, as Internet Service Providers must be primarily owned by local Chinese. But it skims over the subtleties about whether it is illegal to use a VPN in China, period. It is not illegal to use a VPN in China if the Virtual Private Network’s nodes and servers are outside of mainland China. The Shanghai-based lawyer we conferred with, along with our deep understanding of China’s Internet landscape, shows us that there are no laws on the books in China that prohibit any user in China from connecting to a VPN outside of mainland China.
2) The article states “the government has been closing ports used by VPNs, and that the company has maintained services by switching to new ports each time an old one is closed.” Yes, this is true and this began around October 20, 2012. However, according to the monitoring from VPN provider Kovurt.com based in Hong Kong, as of around November 27, 2012, new actions were taking place in China: not only were ports closed, but also highly encrypted packets started to be filtered. So even when using alternate ports, it was the more enhanced packets that were being captured for possible further analysis and/or blocking. In the VPN world, we call that “filtering”. The bottom line: even changing ports does not work in the end because all encrypted packets using OpenVPN are filtered. That means VPNs using the OpenVPN protocol do not work.
3) As an important addition to #2, we should note that not all VPN protocols are blocked. Only OpenVPN protocols are blocked. But PPTP and L2TP, which users can easily use from their laptops, desktops, or mobile devices, are not blocked in China. Why? Because they use traditional ports used by e-commerce sites. Is it possible to block PPTP and L2TP? Yes it is, but that means either a DNSBL is used or the entire Internet is shut down to SSL traffic. So people complain that VPNs do not work in China are only usually trying to use OpenVPN, which is only one of the triumvirate of useful VPN protocols and technologies. This article fails to mention that VPNs are used and running fine if OpenVPN is not relied upon. Providers like Astrill, Kovurt, and Witopia all provide their users a choice of OpenVPN, PPTP, and L2TP.
Let us know more about how you are using VPNs around the world and your experiences with VPNs in China.