Comments

TivoExpatJune 12, 2014 9:27 AM

In China right now, and no gmail no google no yahoo no twitter.
Miss the gmail.
And you can't get to VPN services to download the VPN software.
But mobile gmail via wifi is OK without the VPN.
Corporate VPN works best, and in worst case use remote desktop or Citrix on other side of VPN and then launch browser.
Pick your poison on blocking of access vs. tracking your everything.

kronosJune 12, 2014 10:15 AM

From people I know that travel to restrictive countries: prepare as much as you can before arriving. Keep your private stuff encrypted on your hard drive/USB drive and don't keep the encryption software on the same drive. Hide the encrypted files if at all possible. If you want to use code words to communicate with the outside world (assuming your e-mail is not encrypted and it will almost certainly be read), keep the list of code words encrypted or memorize them. Use a phrase like 'Hope Aunt Judy is doing better after the operation' to mean you are being watched closely (or arrested) rather than 'Tango Sierra Bravo Foxtrot Zulu'. ;)

StuartJune 12, 2014 11:07 AM

I was in Shanghai for 10 days in March for a business trip... Neither of my 2 VPN accounts would connect once I got there. That was very annoying, I ended up finding yet another VPN account that did work (12vpn if anyone's curious).

Besides all the censorship, the hotel wifi was about half the speed of dial-up.

Absolutely hated the trip, and would think twice about going back.

ArclightJune 12, 2014 12:08 PM

I can confirm this. Another annoying thing is that most public WiFi at McDonalds, Starbucks and other businesses on the mainland require that you have a China-based mobile phone to confirm your ID before being allowed on.

Nick PJune 12, 2014 12:16 PM

@ Stuart

That dialup was a pain for me in the 90's. Certain things just weren't feasible. Yet, I managed to run servers, hacking tools, instant messaging, file sharing and more on such infrastructure.

If anything, the China situation seems like a good reason to go old school with one's online approach. Ive often had people do it for security purposes. It would probably have performance benefits, too. The last benefit is that such minimalist, console software run comfortably on disposable laptops (e.g nettops).

Richard June 12, 2014 4:56 PM

PPTP is usually blocked is China unless you are on a Corporate network or lucky at a top western hotel. L2TP is better and is not blocked at most top end western hotels. You really need OpenVPN however and have it configured to go out on TCP 443. Take a DD-WRT loaded router with you and plug it in to the ethernet in your room then connect va it rather than over the hotel WiFi. That works best for me. NEVER leave your computer unattended in your room. Your hard drive will be cloned and acquired by the maid while you are at breakfast. Paranoid? You need to be. Its the PRC!

AdamJune 12, 2014 8:13 PM

One of the more interesting things about the censorship I found when I was living in China (this was in 2008, when Google was still accessible), was that if I did search for a banned topic, my connection would just cut out completely for 5 minutes. I don't know if that still applies.

aaron aJune 12, 2014 11:20 PM

Makes me want to take a tig welder to the underside of my MacBook air. Or never go to... it's all the same here but over the wire.

The Dog That Did Not BarkJune 12, 2014 11:24 PM

Around 2009 I analyzed the search topics coming out of China as reported in Google Trends. These were the search terms that people in China were using with Google.

The thing I noticed in general was an almost complete lack of abstractions. Terms like "ideology", "philosophy", even "Marxism" were not coming out of China.

To some extent this may be explained by a culture which tends to be more concrete-bound, but it may also have been due to censorship.

SchneieronSecurityFanJune 18, 2014 7:59 PM

@ Adam - 3 banned terms then and maybe now were Tiananmen Square, Taiwan, and Tibet.

I always found it amazing that Taiwan, the country where so many of the country's factories have their headquarters (Foxconn, etc.), had its name blocked.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.