The end seemed near in recent weeks for a number of expatriates in China. Not because of the Mayan apocalypse, which many Chinese actually believed would come on Dec. 21, but rather because the “Great Firewall”, China’s vast internet censorship system, had become adept at blocking some bypass services used to access corporate networks as well as forbidden sites such as Facebook and Twitter. One US newspaper correspondent in Beijing managed to warn on Twitter that news bureaus would relocate to Tokyo if China didn’t back off.
While the Communist Party might have called that particular bluff, the interference with services known as virtual private networks (VPNs) also hit business travelers, who depend on them for a secure connection to their company applications and data overseas.
An unnamed senior manager of a French company involved in major infrastructure projects in China told the South China Morning Post about problems he had using his company’s VPN during one trip:
I could get connected with the VPN and log in with a password, but from there I couldn’t go anywhere. After a while the connection was reset. I tried it many times and even consulted the IT department in Paris, but they couldn’t solve the problem. They told me the problem must be China’s internet firewall.
An official from the Ministry of Industry and Information Technology suggested to the Global Times, a state-owned newspaper, that the answer was for multinationals to cooperate with local companies to set up approved VPNs in China. That idea is unlikely to appeal, given fears that the reason China is blocking VPNs is to facilitate eavesdropping on corporate activities and growing anxiety about Chinese industrial espionage.
The good news is that some internet users and VPNs are finding ways around the blockade. Strongvpn.com, for one, gave step-by-step illustrated instructions for less tech-savvy customers to tweak settings on their machines. Other providers, such as Net Ignition, whose standard service at $150 a year costs about twice as much as typical paid VPNs, insist their own technology can get around the Chinese restrictions:
Trusted VPN providers for China such as Net Ignition, which supply a ’boutique’ premium VPN services to its users, has robust monitoring tools that can quickly react and beat any access blockage in real-time to ensure that users enjoy uninterrupted services.
Some users are swapping tips directly. Philip G. Collier, an American in the coastal city of Xiamen, said he had luck just changing his system’s IP address—the series of numbers used to route information over the internet—and the port, the virtual connection point on the computer itself. “It is a trivial matter to change the IP and stay connected to the outside world,” he wrote in the comments of a post about China’s new measures on the blog of Bruce Schneier, a noted online security expert. “Port and IP rotation keeps us online longer than we’re off,” he said, saying that the Great Firewall was taking 8-10 hours to detect and block his VPN connections each time.
“Secure shell tunneling” is an alternative to a VPN. On Jan. 8, Erik Ringmar, an international relations professor at two Shanghai universities, announced on his blog his success at reconnecting to the internet after managing to change the connection port on the US server he connects to. He wrote out a step-by-step recap for others and said he had celebrated by reposting the New York Times piece on Premier Wen Jiabao’s family that got the newspaper’s site blocked in China.
Undoubtedly, some Chinese firewall masons are already at work on countermeasures for the tactics of the likes of Collier and Ringmar. But in the meantime the surf is rising again for China’s expats.