Working from Mainland China
This page addresses two things:
1. How to circumvent Internet blocks and protect against snooping on your Internet connection
(by governments, companies, or identity thieves).
2. How to secure your e-mail communications.
(NOTE: #1 is not enough to guarrantee #2 – you need to take additional steps!)
For more-in depth information on these subjects and other related security issues, be sure to read the Frontline Guide to Internet Privacy and Security and Using the Internet Securely (PDF). More resources and background reading are listed at the bottom of this page.
CIRCUMVENT INTERNET BLOCKS AND PROTECT AGAINST SNOOPING ON YOUR INTERNET CONNECTION:
Unfortunately, thanks to China’s Internet censorship, many websites that you need to access are blocked in mainland China. Fortunately, there are many technologies for you to get around the blocks.
BEFORE TRAVELING TO THE MAINLAND YOU SHOULD SET UP AT LEAST ONE OF THE FOLLOWING:
1. VPN – VIRTUAL PRIVATE NETWORK.
If you have an account on the Hong Kong University network, you can access HKU’s Virtual Private Network. When you go through the VPN you will be accessing the Internet via the Hong Kong University network, so your Internet experience should be identical to when you are at HKU. Just visit the HKUVPN page and follow the instructions to configure your computer’s network for the HKUVPN. You will be able to login with your HKU network username and password.
If you are not on the HKU system there are a number of options for purchasing a personal VPN or using another free VPN service (though you need to make sure the people operating it are trustworthy). One personal VPN service that has come strongly recommended by people working in China is the WiTopia Personal VPN, a good investment at US$39.
2. TOR
Tor is an “anonymizing” tool that utilizes an “onion routing” system, sending your requests for web pages and any other data through several “nodes” in many parts of the world. So the Chinese Internet Service Providers will not actually be able to “see” what website you are really trying to visit.
- You should use Tor with Firefox.
- If you don’t have Firefox download it here.
- Then download Tor here (follow the instructions provided).
- Then install Torbutton on your Firefox browser for easy use.
NOTE: Tor does not prevent operators of Tor “exit nodes” from viewing the data you are sending. Some Tor exit node operators are more trustworthy than others. Some are in mainland China. IF YOU DON’T WANT ANYBODY TO SEE THE CONTENTS OF YOUR E-MAIL, YOU MUST USE ENCRYPTED E-MAIL (see below for info on encrypting your e-mail). Click here for more information about this issue.
3. PSIPHON
Psiphon requires that you have access to a trusted computer outside of mainland China that will always be turned on, and whose owner (if the computer is not yours) trusts you not to use the computer’s Internet connection in a way that might be illegal in his or her home jurisdiction. You install a “Psiphon node” on that computer, then log into it remotely when you are in the mainland, enabling you to access the Internet via that computer’s ISP. It’s good to have a backup method handy in case that computer gets turned off or goes down accidentally when you are using its connection.
OTHER METHODS YOU CAN USE TO GET AROUND INTERNET BLOCKS WHEN IN CHINA:
Download Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide by Citizenlab. (IMPORTANT NOTE: Two of the services mentioned in the guide are operated by Dynaweb, which is affiliated with the FLG. I do not recommend using them in China as there have been rumors that some users of these services have been questioned about possible FLG links.)
- Anonymouse
- Proxy servers (click here and here for some proxy lists).
(WARNING: While proxies are fine for circumventing censorship, do not use them to convey sensitive personal financial or other sensitive information UNLESS YOU PERSONALLY KNOW WHO IS OPERATING THE PROXY.)
Be sure to read: Top 10 Places Your Email Can Be Intercepted (PDF).
If you are sending e-mails that you have any reason to believe could result in very bad consequences for yourself or others if they are seen by third parties, especially the Chinese authorities, you need to use encryption when sending e-mails.
RELATIVELY SECURE:
(Note that none of these methods is really secure unless the recipient is also using encrypted e-mail.)
- Create an account with an encrypted e-mail service,
such as MailSaurus (open source)[they are no longer in operation] or Hushmail (not open source), both of which offer free accounts in addition to paid services with more custom features. - A simple way to send encrypted e-mail (assuming that you trust Google in the particular circumstance) is to use GMail – but IF AND ONLY IF you add “s” to the “http” in the URL, so that your address bar reads https://mail.google.com/mail/ (You will know the encryption is working in Firefox when the top address bar turns yellow.)
- A more technical but more fully secure way to encrypt your e-mail is by using a PGP key. Read “Ensuring your e-mail is truly private” by Reporters Without Borders for instructions.
Another new service whose development team includes people I know is VaultletSoft: it requires you to download a secure e-mail client, but you can put it on a USB drive and use it from any computer.
NOT SECURE: E-mail services provided by Internet Service Providers are not secure because the ISP administrators can access the e-mail, and because they are generally not encrypted so that the people who control the internet connection you are using at any given time (or who are snooping on it) can potentially monitor your communications going back and forth. Your company or university e-mail is not secure unless it is encrypted, for the same reasons (also corporate or university systems administrators can still look at your e-mails if they want – and many companies reserve the right to monitor employee e-mail communications). Yahoo and Hotmail are ALSO NOT SECURE because they too are not encrypted. (Also, if you use yahoo.com.cn e-mail, or any mainland e-mail service provider, your e-mail records will be shared with the Chinese police upon request.)
Resources, explanations & guides:
NGO In a Box – Security Edition by the Tactical Tech Collective. RSF Handbook for Bloggers & Cyberdissidents, especially Ensuring your e-mail is truly private and Technical Ways to Get Around Censorship. Anonymous Blogging with WordPress and Tor by Global Voices Advocacy Zuckerman explains the difference between Psiphon and Tor. Tactical Technology Collective Open Net Initiative Amnesty International’s Irrepressible.info
