VPN ban makes for nervy times behind Great Firewall
'Internet Monitoring Team' threatens disconnection for accessing 'prohibited sites'
Multinationals and foreign web users based in China to get jittery on Wednesday after pictures began circling the internet which suggested a new clamp down on the use of virtual private networks (VPNs).
While VPNs in the Western world are more commonly used to enhance security, for netizens-in-the-know living in the People’s Republic they represent an essential tool for bypassing the Great Firewall, which blocks many foreign sites and services including Twitter, Facebook and, periodically, Gmail.
As such, they can also be important for the continuing productivity of foreign firms operating inside China, ensuring unfettered access for employees to the world wide web, although just how important will depend on the type of company. However, China Digital Times has got its hands on two photos posted to Google+ last week, which depict signs in a business centre in the Shandong capital of Jinan.
The first, written by the Orwellian sounding “Jinan City Internet Monitoring Team”, warns that some staff have been found “privately logging on to prohibited websites”.
“Upon discovering such activity, the violator’s internet access will be directly cut off and the police will be notified,” it continues.
The second sign apparently reads as follows:
Warning. In order to eliminate access to prohibited websites through use of VPN software by internal staff, starting today, the VPN function will now be disabled. For those who must use a VPN to access the internet, after preparing your file, go to D1 (88885681) and ask a technician to help set up your connection.
There’s of course no suggestion that this hard line approach will be mirrored throughout the People’s Republic, or even throughout Shandong province.
However, it serves to highlight once again the precipitous nature of doing business in China and the unique tech challenges this throws up.
VPN companies were deliberately disrupted and their services blocked during the politically sensitive Communist Party Congress earlier this month, for example.
In addition, reports emerged last year that IT departments in some companies had been forced to warn staff not to use VPNs for accessing overseas web sites as it could result in the authorities black-listing their corporate IP addresses. ®
Hello from the Other Side of the GFW
This was a notice at one particular business centre, so there's no indication that there's a trend of it happening. Certainly not in my workplace (tech company in a big office complex)... yet.
Internet access got pretty bad (crappy ping times, mega-variable DL speeds) during the party conference, with much internet traffic being routed through Beijing (according to business owner colleagues of mine in another city, where all of his visitors were coming from Beijing for that week).
And a completely unscientific poll of expat drinking buddies shows that some of us have had VPN troubles since the party conference too, with some of the foreign IPs simply becoming no longer available.
Required viewing - http://www.ted.com/talks/michael_anti_behind_the_great_firewall_of_china.html
/anon for obvious reasons
/message sent encrypted via Hong Kong
Re: SSL VPN through Port 443
Virtually impossible to block - but easy to ban.
There are unlimited ways to sneak a VPN through disguised as allowed traffic, but if the punishment for getting caught doing so is high enough, few will take the risk.
This is a really dangerous situation and I wish western politicians will do something to prevent it - unfortunately I actually expect they are taking notes on how to do similar over here!
Re: SSL VPN through Port 443
Or a reverse SSH proxy on the same port. Or TOR or some-new-thing-I-have-not-heard-of-yet.
How China expects remote workers to operate without VPN is a mystery to me. Do they expect corporate LANs to be publicly accessible or soemthing?