Friday, June 2, 2017

How I Tunneled through the Great Firewall of China

For political and commercial reasons, China blocks Internet sites. Services I use daily, like Google, Blogger, Twitter, and the New York Times, simply do not exist on China's Internet, thanks to the Great Firewall of China.

Before my trip to Shanghai in April 2017 I made sure I would have access to all the Internet services I use at home. I took the following steps:
  1. Took inventory of blocked sites I would want to access. The logic used by the Chinese authorities to decide which sites to block is not always intuitive. Google's Gmail is blocked, but the Microsoft Outlook email service is freely available.
  2. Researched VPN (Virtual Private Network) solutions which would provide encrypted tunnels through the Firewall to the outside world. I learned not all VPN services work in China.
  3. Developed workarounds if the Chinese authorities decided to defeat the VPN services I chose.
I succeeded in defeating the Firewall at no cost. I got to use the Internet while I was in China as though I was in the outside world.

Inventory of Blocked Sites

I found a Web site, Blocked in China, that tests any URL to see if it is blocked in China or individual Chinese provinces. Blocked sites included:
Google services; e.g., Search, Maps, Blogger, and Gmail
Twitter
New York Times
If I were to try and visit these sites while in China, without using VPN, I would be treated to "This site can't be reached" messages.

VPN Solutions

I searched the Web for the experiences of other travelers. Along the way I found sites that review VPN apps to be used in China.

I subscribe to the VPN Unlimited app: it's inexpensive and it has served me well in the USA, Europe, and Asia. However it was not showing up in reviews.

The ExpressVPN app was getting rave reviews and good traveler experiences, so I installed it on my phone and tablet before I left for China.

Workarounds

I wondered what I would do if the Chinese authorities really clamped down on VPNs while I was in China. I would do just fine, of course, but figuring this out was an interesting exercise. Here are some sites that are not currently blocked:
Search and maps: Microsoft Bing. I also loaded the Shanghai map into the Maps.me app on my phone. 
Email: Microsoft Outlook.
Blogging: I configured Blogger so I could post using an email from Outlook.
Microblogging. I configured Tweetymail so I could post a Tweet using an email from Outlook.
News: Minnesota Public Radio, CNN, and BBC.
I could manage without Internet access for some services:
Documents: I cached documents I might need while in China on my phone and tablet. 
Password management: My password manager caches encrypted keys on my phone and tablet and can be used offline. 
I felt reasonably confident I would not be cut off from the outside world while I was in China.

Field Test

While I was in-flight from Tokyo Narita to Shanghai Pudong, I inserted a SIM into my phone. I had previously registered the SIM with the Chinese authorities, providing a scan of my passport. As the plane taxied towards the terminal at Pudong, I turned on my phone and did a quick test.
VPN Unlimited failed to tunnel through the Great Firewall. As recommended by the vendor, I had set the application to KeepSolid Wise mode which "adds a layer of encryption and data obfuscation for restricted environments" but to no avail.
ExpressVPN worked.
When I was temporarily prevented from entering China at Pudong airport, I tried to look up flights out of China on Expedia, but the travel site was temporarily blocked. I decided it would be best not to turn on ExpressVPN at that time, not with Chinese immigration officials occasionally reviewing information on my phone.

Once I was in Shanghai, I realized a lot of people were defeating the Great Firewall. Although Google services were blocked, Google Maps was showing Shanghai traffic conditions. Many people must be driving, logged in to Google, with VPNs turned on. 
I used the Internet in Shanghai as though I was in Tokyo
ExpressVPN worked flawlessly throughout my stay: I was able to use the Internet as if I was in Tokyo, or another city of my choosing. However, with hindsight I would have installed additional VPN apps before taking the trip, just in case.

Notes
I took the (manipulated) picture at the top of this post at Mill Ruins Park, Minneapolis.
In July, 2017, Apple removed ExpressVPN and other VPN apps from their China app store. I learned this from the New York Times. Last year, Apple removed New York Times apps from their China app store.

No comments:

Post a Comment