What Is the Great Firewall?
The Great Firewall is a block on outgoing traffic from Chinese IP addresses. So, if you’re on a connection from Beijing or Shanghai (and, since recently, Hong Kong), you can’t access sites like Facebook, Google, or a large number of Western media outlets (One example of the ever-changing list is here. How-To Geek isn’t on it, or at least, not yet.).
We have a full guide on how the Great Firewall works, but, in short, it blocks traffic in several ways, making it very hard to get around. For example, if it detects a certain keyword being used on a site, it will make it so that any request to connect from a computer in China to that site returns an error. The best example is the phrase “Tiananmen Square Massacre,” an event in 1989 when the Chinese army murdered protesters in a central Beijing plaza.
The Great Firewall—properly known as the Golden Shield Project—was set up to regulate what the Chinese people get to see online. The criterion seems to be anything considered harmful to the Chinese public and, considering the People’s Republic’s ideas about press freedom, that includes many foreign media outlets. Also out are social media sites, which are off-limits mainly in the name of stemming “misinformation” about what’s going on in the country.
Besides restricting the flow of information, the Great Firewall also targets things like online gambling, depictions of excessive violence, adult entertainment, and LGBT content.
How to Get Past the Great Firewall
If a government-censored internet doesn’t sound that great to you, or if, like one Chinese national we spoke to, you need access to Google’s search engine and email services for work, there are two reliable ways to get past the Great Firewall. You can either use Tor or a virtual private network (VPN). As Tor needs some expertise to set up, we’ll focus on VPNs.
VPNs are handy privacy tools that reroute your internet traffic to a server owned by the VPN. Instead of your connection going from your laptop or smartphone directly to the site that you want to visit, you connect to the server first, and then to the site in question. This makes it so that only the VPN knows where you’re connecting from, with the website only seeing the VPN server’s IP. At least, theoretically: Whether or not a VPN really keeps your activity private is a subject that is up for debate.
RELATED: What Is a VPN, and Why Would I Need One?
If you’re in China and want to connect to Twitter, for example, the Great Firewall can keep you from doing so by blocking Twitter’s IP address, poisoning its DNS server (a method that makes websites direct you to the wrong IP), or even blocking the packets of information that are sent from the site to you. It’s an effective system and works like a charm on any Chinese IP address (or those from Hong Kong and Macau).
However, you can circumvent these blocks by using a VPN server based outside of the People’s Republic, provided that it hasn’t been blocked by the censor. Thus, instead of using a Chinese IP, you can reroute your traffic to a nearby country without censorship (Taiwan and Japan are the main favorites), and enjoy their regular, free internet, just like at home.
How China Blocks VPNs
Sadly enough, though, there is one problem for anybody visiting China and using a VPN to get around the Great Firewall: not all VPNs work. All our contacts have had problems at some point or another while tunneling under the Great Firewall. In most cases, you’ll just see the VPN connection fail or get a site error despite being connected through a VPN. That being said, none of our contacts has gotten into trouble for using a VPN in China, and the only punishment we could find for it online is in the form of a $145 fine, although Tom’s Guide claims that no foreigner has ever received one. Even so, it’s always best to avoid attention from the authorities in a totalitarian state.
Exactly how China can detect VPNs isn’t clear (The censor isn’t exactly advertising its methods.), but most likely, it does so in the same way that it blocks other sites, through what’s called “deep packet inspection.” Packets, the bits and bytes that form a block of text or an image, contain the information sent over a connection. China has developed technology that can intercept a packet and look inside to see whether any of the information is on the naughty list.
What experts think has happened is that China can now also inspect a packet to see whether there’s any sign of it having come from a VPN. When you connect to a server outside of China, the system checks for any tell-tale signs that you’re connecting to a VPN. If so, it blocks the connection. The trick to getting around the VPN detection system is to use a VPN that masks its connections in such a way that they appear like any other.
However, as many of our sources have confirmed, there’s no sure-fire way to check which VPNs work and which don’t. While many VPNs will advertise that they work in China, the only way to make sure is to go to China and find out. Or, better yet, you can ask anybody you know there which services work best for them.
That being said, there are a few VPNs that came up a few times as being reliable when we talked to our contacts, namely, ExpressVPN, VyprVPN, and Windscribe, although in all cases, there were issues at times in the form of blocked servers or serious slowdowns. As far as we can tell, there’s no VPN that works perfectly all the time in China.
Download Before You Go
Usually, the sites of these VPN services are blocked from within China, meaning that you can’t download the program while there. That being the case, you should probably sign up for your service of choice (maybe even two) before heading to the People’s Republic, just to be on the safe side.