China plugging holes in its Great Firewall by disrupting VPN traffic !
The Hacker News

Chinese internet users suspect that their government is interfering with the method they have been using to tunnel under the "Great Firewall" to prevent them connecting with the outside world.

Sites such as search engine Google and news site MSN have become difficult to access, they say. And a number of universities and businesses have begun warning their users not to try to evade the firewall.

Since 6 May, a number of users says that internet connections via China Telecom, the largest telephone company, and China Unicom have become "unstable", with intermittent access when trying to access sites in foreign countries using a "virtual private network" (VPN) – a preferred method of evading the blocks put up by China's censors to external sites. Even Apple's app store has been put off-limits by the new blocks, according to reports.

The disruption has mainly affected corporate connections such as universities while home connections that use standard broadband systems have been unaffected, according to the prominent Chinese technology blogger William Long.

Normally traffic flowing over VPN connections is secure because it is encrypted, meaning that the Chinese authorities were unable to detect what content was flowing back and forth over it. A VPN connection from a location inside China to a site outside China would effectively give the same access as if the user were outside China.

Sites including Twitter and Facebook are blocked in China; by using a VPN linked to an outside "proxy" which acts a conduit for links to other sites, a China-based internet user could access either site directly from their computer without the authorities being able to monitor them.

But this month that appears to have changed. According to Global Voices Advocacy, a pressure group that defends free speech online, the disruption follows new systems put in place in the "Great Firewall" – in fact monitoring software on the routers that direct internet traffic within and across China's borders. The new software appears to be able to detect large amounts of connections being made to overseas internet locations.

The problem has become so bad that some universities and businesses have told their users not to try to use VPNs, and only to visit "work-related" sites; to do otherwise could lead to "trouble" for the company and the users involved.

China's approach to internet connectivity has been a bone of contention between it and the international community for years. Google dithered over the fact that it would have to censor its search results in order to function inside the country; in January 2010 it withdrew from China's mainland over allegations of state-sponsored hacking of its Gmail service. The US secretary of state Hilary Clinton has criticised the use of the Great Firewall, and earlier this week the US said it would provide $30m of funding to break web censorship in repressive regimes, and added that China had a "deplorable" human rights record and that it was a "fool's errand" to try to hold off democratic changes such as those sweeping the Middle East.


Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.