The Register® — Biting the hand that feeds IT

Feeds

VPN ban makes for nervy times behind Great Firewall

'Internet Monitoring Team' threatens disconnection for accessing 'prohibited sites'

By Phil Muncaster, 28th November 2012
  • print
  • alert

Customer Success Testimonial: Recovery is Everything

Multinationals and foreign web users based in China to get jittery on Wednesday after pictures began circling the internet which suggested a new clamp down on the use of virtual private networks (VPNs).

While VPNs in the Western world are more commonly used to enhance security, for netizens-in-the-know living in the People’s Republic they represent an essential tool for bypassing the Great Firewall, which blocks many foreign sites and services including Twitter, Facebook and, periodically, Gmail.

As such, they can also be important for the continuing productivity of foreign firms operating inside China, ensuring unfettered access for employees to the world wide web, although just how important will depend on the type of company. However, China Digital Times has got its hands on two photos posted to Google+ last week, which depict signs in a business centre in the Shandong capital of Jinan.

The first, written by the Orwellian sounding “Jinan City Internet Monitoring Team”, warns that some staff have been found “privately logging on to prohibited websites”.

“Upon discovering such activity, the violator’s internet access will be directly cut off and the police will be notified,” it continues.

The second sign apparently reads as follows:

Warning. In order to eliminate access to prohibited websites through use of VPN software by internal staff, starting today, the VPN function will now be disabled. For those who must use a VPN to access the internet, after preparing your file, go to D1 (88885681) and ask a technician to help set up your connection.

There’s of course no suggestion that this hard line approach will be mirrored throughout the People’s Republic, or even throughout Shandong province.

However, it serves to highlight once again the precipitous nature of doing business in China and the unique tech challenges this throws up.

VPN companies were deliberately disrupted and their services blocked during the politically sensitive Communist Party Congress earlier this month, for example.

In addition, reports emerged last year that IT departments in some companies had been forced to warn staff not to use VPNs for accessing overseas web sites as it could result in the authorities black-listing their corporate IP addresses. ®

Cloud based data management

COMMENTS

House Rules Send Corrections
All Reader Comments (41)
Highly Rated
Anonymous Coward
Anonymous Coward

Hello from the Other Side of the GFW

This was a notice at one particular business centre, so there's no indication that there's a trend of it happening. Certainly not in my workplace (tech company in a big office complex)... yet.

Internet access got pretty bad (crappy ping times, mega-variable DL speeds) during the party conference, with much internet traffic being routed through Beijing (according to business owner colleagues of mine in another city, where all of his visitors were coming from Beijing for that week).

And a completely unscientific poll of expat drinking buddies shows that some of us have had VPN troubles since the party conference too, with some of the foreign IPs simply becoming no longer available.

Required viewing - http://www.ted.com/talks/michael_anti_behind_the_great_firewall_of_china.html

/anon for obvious reasons

/message sent encrypted via Hong Kong

5
0
GettinSadda
Reply Icon

Re: SSL VPN through Port 443

Virtually impossible to block - but easy to ban.

There are unlimited ways to sneak a VPN through disguised as allowed traffic, but if the punishment for getting caught doing so is high enough, few will take the risk.

This is a really dangerous situation and I wish western politicians will do something to prevent it - unfortunately I actually expect they are taking notes on how to do similar over here!

6
2
The BigYin
Reply Icon

Re: SSL VPN through Port 443

Or a reverse SSH proxy on the same port. Or TOR or some-new-thing-I-have-not-heard-of-yet.

How China expects remote workers to operate without VPN is a mystery to me. Do they expect corporate LANs to be publicly accessible or soemthing?

3
1

More from The Register

SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
115
breaking news
Jailed LulzSec hacker Cleary coughs to child porn images, will be freed soon
Some images of infants as young as six months
68
breaking news
Ecuador: All right, Julian, you CAN stay on our sofa - it's your human right
Minister and Wikileaker share cosy chat in tiny London flat
65
Google flings another £1m at online child sex abuse vid CRACKDOWN
See, see, we're trying, ad giant tells Daily Mail UK.gov
41
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
BBC lied to Parliament about doomed £100m IT monster, thunder MPs
Axed DMI ballooned and burst while watchdogs sang Kumbaya
50
NSA whistleblower to tech firms, Obama: 'Grow a pair!'
Ed Snowden: Email tracking grabs 'IPs, raw data, content, headers, attachments, everything'
63
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Not just telcos, THOUSANDS of companies share data with US spies
It's all perfectly legal, trust us
68