Jump to content

'Clouding' the Issue - the Great Firewall

Randy W

By Randy W,
in The Middle Kingdom - 中国

Recommended Posts

Randy W

Randy W

Posted
  • Author
Posted (edited)

We're working to restore connectivity in China, which is significantly impacted by political events.

I assume they mean the coming Tiananmen Square anniversary. I can connect through my phone, or occasionally through NordVPN - but NordVPN blocks ALL Internet access while it attempts to connect.

 

 

latest from ExpressVPN at https://www.expressvpn.com/support/troubleshooting/china-status/?utm_campaign=20190307_china_message_windows_already_upgraded&utm_content=follow_latest_updates&utm_medium=apps&utm_source=rotating_message_v3_windows_e1&redir=www.qgmybkn.com

 

Updated 12:10 GMT / 20:10 GMT+8, June 2, 2019.

Coming political events are significantly affecting VPN connectivity in China. Our engineers have been working around the clock to restore normal service. Thank you for your patience as we continue to address the blocks.

We now recommend trying to connect to the following server locations. If you tried and were unable to connect earlier today, we recommend that you try these locations again:

  • Hong Kong – 4
  • USA – Los Angeles – 5
  • USA – Santa Monica
  • Singapore – Marina Bay
  • UK – Wembley

Please make sure you’re using the latest version of ExpressVPN and your ExpressVPN protocol is set to Automatic. (See instructions below.)

 

 

but NordVPN is working fine now

Edited by Randy W (see edit history)
Link to comment
  • Replies 151
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Allon
Allon

NordVPN is good (I almost went with it) but with the improvements ExpressVPN is making, I will stick to them until there is another reason to go elsewhere like if they raise their price. It's already

Randy W
Randy W

In case anyone doubts the importance of having a good, functioning VPN . . .   The architect of China's Great Firewall embarrassed after needing to use VPN in front of live audience 

Greg.D.
Greg.D.

1. Keep ExpressVPN on all my devices before I go to China next time. 2. Once in China, share my wired connection in my laptop to my phones and tablets so that, via a vpn, I can access the app stores o

Posted Images

Randy W

Randy W

Posted
  • Author
Posted (edited)

This is why I think ExpressVPN is the better VPN. I'm using NordVPN right now, but whenever the connection drops or I'm trying to connect to a new server, all Internet access is blocked. This happens even though the NordVPN "Internet kill switch" is OFF. The Network Control Panel also shows the network blockage. Not cool.

 

That is, all Network access is blocked while NordVPN tries to connect to its server, regardless of the Internet Kill Switch.

ExpressVPN allows seamless access to CFL and other sites NOT blocked by the Great Firewall.

 

gallery_1846_733_292708.jpg

but, then again, the Great Firewall censors have successfully demonstrated that they CAN block ExpressVPN (which is why I'm using NordVPN as a fallback).

Edited by Randy W (see edit history)
Link to comment
Randy W

Randy W

Posted
  • Author
Posted (edited)

I am still experiencing frequent disruptions, I'm sure related to the protests in Hong Kong.

 

Something I forgot about is the box that is checked by default - "Only use ExpressVPN DNS servers while connected"

 

The problem is that when a temporary disconnection occurs, you lose access to these servers until the status changes to connecting, since a local network address (10.n.n.n) is used by ExpressVPN.

 

I like to UNCHECK the box, and specify DNS servers through the Network Control Panel app.

 

The DNS servers I use are Google's 8.8.8.8 and 8.8.4.4. DNS access protocol is not blocked by the Great Firewall, so there is no problem using these.

 

NordVPN also allows the use of alternate DNS servers.

 

The downside of using this is what ExpressVPN calls "DNS leakage" - your provider can see what sites you're attempting to access - but I'm not concerned about that at all.

Edited by Randy W (see edit history)
Link to comment
Randy W

Randy W

Posted
  • Author
Posted

NordVPN is hard to beat as a backup plan, but I'm not sure if this would apply to new subscribers.

 

 

Blockbuster sale — 3-year plan for $89 ($2.47/mo.)

Make sure your devices stay secure and your online activity private. Hurry up — the sale ends just in 3 days.

19-06-18-1200x675-3.png

If you take the deal, the new subscription period will start after the current one ends.

Log In and Get Deal

Stay safe!
NordVPN Team

 

 

Link to comment
Allon

Allon

Posted
Posted

NordVPN is good (I almost went with it) but with the improvements ExpressVPN is making, I will stick to them until there is another reason to go elsewhere like if they raise their price. It's already a little overpriced for what you get.

 

 

 

On the cloud issue, I just went to a seminar (actually a fancy dinner) where the discussion was on how companies were doing with their Cloud conversions. The tendency now is take all infrastructure and operations out of the business diagram and move it to the Cloud. I don't really understand why that is so appealing. I guess it's because most companies have no idea of how to manage IT, so they just outsource it all, which is what the Cloud in that instance, really is. We already outsource our DCS and we still need a tech support group to handle the things they simply do not have the expertise to handle.

 

I pointed that out to the group and finally, some others chirped up and said the same thing. For most individual users, the Cloud is convenient and saves a lot of hardware expense. But to a business, I still don't see where it is that convenient, and it still costs extra money. But don't say that to the Jack Welch's of the world. (And how is that Azure project doing? Oh, you went to Amazon? And how much did that conversion cost? LOL)

  • Like 2
Link to comment
  • 1 month later...
Randy W

Randy W

Posted
  • Author
Posted

These days (I expect because of the Hong Kong protests), Express is often blocked. I came up with a new strategy - under NordVPN, USA San Francisco is often 100% utilized except for up to 3 or servers. When I choose one of those, it will usually connect. I figure the 100% indicates that it is still functional.

 

Still, my home network experiences frequent dropouts, while my cell phone's data connection has been nearly 100% trouble free - when I pick it up, it's usually already connected. ExpressVPN allows you to choose on a per app basis whether to use the VPN, or a local connection, which is a BIG plus.

Link to comment
Randy W

Randy W

Posted
  • Author
Posted

from the SCMP - Chinese netizens complain when Facebook and Twitter censor THEM




Mainland Chinese backlash over ‘political decision’ by Twitter, Facebook amid US-China tensions


Chinese take to social media to vent their anger over move to close accounts for allegedly spreading disinformation about Hong Kong protests




“It is outside the firewall where freedom of speech is suppressed,” one mainland user commented in a post shared by news outlet Guancha.cn that received more than 24,000 likes.

Weibo posts related to the search “Twitter and Facebook have deleted over a thousand accounts” had been read more than 190 million times as of 6pm Tuesday.

Link to comment
  • 3 weeks later...
Randy W

Randy W

Posted
  • Author
Posted

Then there's Shadowsocks. I haven't tried this yet, but maybe it's time to do so.

 

I hear about it once in a while on Facebook - someone will often bring it up when VPN's are being discussed.

 

It's apparently a proxy - proxies rarely work, since they're so easy to block, but this one allows customization, including encryption. Still, it seems like it may be more effort than it's worth

 

from Abacus

 

china's censorship circumvention tool

 

Google is using a tool Chinese users developed to bypass the Great Firewall

 

Shadowsocks was developed in China to jump the Great Firewall, and now companies like Google are adopting it even as some debate its security and longevity

 

 

Shadowsocks is effectively a SOCKS5 proxy wrapped in encryption of the user’s choice. The innovation was combining open source technologies into something unique that meets the needs of Chinese users.
The result is a highly customizable, encrypted proxy. The customizability of Shadowsocks is perhaps its greatest strength. It can use many different types of encryption, come from servers from any provider anywhere in the world, and the traffic can be obfuscated to look like normal web traffic.
In 2015, though, creator clowwindy said he got a visit from the police and announced that he would no longer work on the project, subsequently deleting the code. But that’s hardly the end of Shadowsocks’ story.

 

. . .

 

Unlike a VPN connection, when you have a proxy set up on a computer, not all internet traffic runs through that proxy by default, potentially revealing unencrypted data or your true IP address. For those who might be government targets, like Chinese dissidents, that can be dangerous.

 

 

 

. . .

 

As it gets easier to find and use Shadowsocks proxies, it might be a more appealing option than a VPN for users in China even though it might not be as secure. Many users are more interested in simply getting access to the internet outside China than they are securing all their communication.
In recent years, China has gotten increasingly better at blocking VPNs, especially through the use of artificial intelligence. But it’s still not an easy task. Two major means of cracking down on circumvention are identifying VPN connections by recognizing patterns from specific protocols like OpenVPN or just completely blocking IP addresses used by popular VPN services.
This has resulted in a cat-and-mouse game as VPN providers get more creative -- like using TLS encryption used for web traffic to disguise VPN connections -- and dumping IP addresses for new ones whenever they’re attacked. But anyone running their own Shadowsocks proxy can easily jump over to a new server or completely change VPS providers at the cost of mere pennies.
Link to comment
Randy W

Randy W

Posted
  • Author
Posted

Then there's Shadowsocks. I haven't tried this yet, but maybe it's time to do so.

I hear about it once in a while on Facebook - someone will often bring it up when VPN's are being discussed.

It's apparently a proxy - proxies rarely work, since they're so easy to block, but this one allows customization, including encryption. Still, it seems like it may be more effort than it's worth

from Abacus

china's censorship circumvention tool


Google is using a tool Chinese users developed to bypass the Great Firewall


Shadowsocks was developed in China to jump the Great Firewall, and now companies like Google are adopting it even as some debate its security and longevity




Shadowsocks is effectively a SOCKS5 proxy wrapped in encryption of the user’s choice. The innovation was combining open source technologies into something unique that meets the needs of Chinese users.

The result is a highly customizable, encrypted proxy. The customizability of Shadowsocks is perhaps its greatest strength. It can use many different types of encryption, come from servers from any provider anywhere in the world, and the traffic can be obfuscated to look like normal web traffic.

In 2015, though, creator clowwindy said he got a visit from the police and announced that he would no longer work on the project, subsequently deleting the code. But that’s hardly the end of Shadowsocks’ story.

. . .

Unlike a VPN connection, when you have a proxy set up on a computer, not all internet traffic runs through that proxy by default, potentially revealing unencrypted data or your true IP address. For those who might be government targets, like Chinese dissidents, that can be dangerous.

. . .

As it gets easier to find and use Shadowsocks proxies, it might be a more appealing option than a VPN for users in China even though it might not be as secure. Many users are more interested in simply getting access to the internet outside China than they are securing all their communication.

In recent years, China has gotten increasingly better at blocking VPNs, especially through the use of artificial intelligence. But it’s still not an easy task. Two major means of cracking down on circumvention are identifying VPN connections by recognizing patterns from specific protocols like OpenVPN or just completely blocking IP addresses used by popular VPN services.

This has resulted in a cat-and-mouse game as VPN providers get more creative -- like using TLS encryption used for web traffic to disguise VPN connections -- and dumping IP addresses for new ones whenever they’re attacked. But anyone running their own Shadowsocks proxy can easily jump over to a new server or completely change VPS providers at the cost of mere pennies.

 

Link to comment
Allon

Allon

Posted
Posted

I am really glad I don;t have to go through what Randy and other ex-pats are going through. I am sure the latency is bad too. I know when I get to people in China or even Singapore, the latency is really bad. We do global conferences using video cams and the delay is noticeable to the point of distraction. We just give up and stick to audio only. You almost feel like saying"over" when you finish talking so as not to interfere with someone else talking at the same time.

 

So far, ExpressVPN is handling this issue pretty well. I have switched to Nord and others just for grins but ExpressVPN seems to handle the interference well.

 

Skype by the way, sucks.

Link to comment
Randy W

Randy W

Posted
  • Author
Posted

I have no problems whatsoever on my cell phone data line (except that the data usage limit keeps bumping me down to 3G every month), but my desktop is giving me fits. I think this is related to the Hong Kong activity.

 

NordVPN doesn't handle dropouts very well at all - it will block internet access completely as it tries to re-connect - that's even with the Internet Kill Switch set to Off.

 

We upgrade to 100mb soon - the upgrades usually seem to un-stick things for a while.

Link to comment
  • 4 weeks later...
Randy W

Randy W

Posted
  • Author
Posted

from the Global Times on Facebook - https://www.facebook.com/globaltimesnews/photos/a.123349831079259/2583983908349160/?type=3&theater

 

Perhaps we could begin with a look at the Great Firewall.

 

There is nothing to be gained by erecting digital versions of the Berlin Wall. Instead, win-win cooperation should be the aim of all major technology-producing nations. @adamgarriereal http://bit.ly/30OkgIr

 

 

 

https://www.facebook.com/globaltimesnews/photos/a.123349831079259/2583983908349160/

 

 

 

Source:Adam Garrie Published: 2019/10/5 10:34:56
Link to comment
  • 2 weeks later...
Randy W

Randy W

Posted
  • Author
Posted

No connectivity on either ExpressVPN or NordVPN the last day or so

 

https://www.ahenacy.xyz/support/troubleshooting/china-status/?utm_campaign=china_got_update_windows&utm_content=follow_latest_updates&utm_medium=apps&utm_source=rotating_message_v3_windows_e1&redir=fqdtohl.com&redir_t=b996bac8d9369382488774def7064502ad8c36b530bce1bf8a9c53c2e47da54e

 

Update as of 09:35 GMT / 17:35 GMT+8, October 17, 2019
We are aware of a new escalation in blocks in China today that is impacting VPN connectivity, and our engineering team is actively working to respond.

We will be updating this page with the latest advice on staying connected, so please check here regularly.

 

Link to comment

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Go to topic listing
×
×
  • Create New...