China is obviously very large with fourteen cities that have over five million people (Beijing, Chengdu, Chongqing, Dongguan, Guangzhou, Hangzhou, Hong Kong, Nanjing, Shanghai, Shenyang, Shenzhen, Taipei, Tianjin, and Wuhan) so when it comes to picking the best VPN service for China it gets tricky. Furthermore most of mainland China, not Hong Kong or Macau, is behind what has become known as “The Great Firewall of China”. The government actively restricts access to many websites that most of the world takes for granted.
Here are just a few:
And many many more!
For a list of tracked blocked sites click here to go to en.greatfire.org a website that constantly monitors online censorship in China.
You can also check the status of a website to see if it is currently being blocked by going to this website and entering the URL.
To get around these restrictions you will need a virtual private server (VPN) that you can access from inside of China.
Not all Virtual Private Networks work in China – Some VPNs are blocked or just don’t have the technology to get past the Chinese filters which use deep packet inspection.
Not all Virtual Private Networks work well in China – Some can get past the filtering but the government is still able to throttle the connections to a point that makes them barely function.
Because of the constantly changing situation in the battle to control access one service may work well one day and then the next be throttled or not work at all. The reverse happens as well. Sometimes a service will be blocked in one area while working fine in another. So based off of our research and what people have experienced who actually live there we recommend purchasing two services or even three. If Internet access is seriously important then what is an extra $40 to $100 dollars a year as opposed to being stranded behind the great firewall to China with no access.
Here are the top three successful China Virtual Private Networks we recommend.
- Has proprietary Chameleon protocol technology that defeats VPN blocking and bandwidth throttling.
- Server locations: Three location on the west coast, eight total in the United States for fast US data streaming. Many locations around Asia to include: Hong Kong, Indonesia, Japan, Malaysia, Philippines, Singapore, South Korea Thailand, and Vietnam. Many other locations around the world.
- Service includes Nat firewall protection, zero logging DNS, secure cloud storage, encrypted messaging system and more.
- Well developed and easy to use apps for Windows, Mac, Android and iOS devices.
- Has stealth VPN service that enables its users to bypass deep packet inspection and VPN blocking firewalls.
- Servers located in: Several US locations including the west coast. Many locations around Asia to include: Hong Kong, Indonesia, Japan, Malaysia, Singapore, and South Korea. Many other locations around the world.
- Plan includes smart DNS, no logging, anonymous payment, 5 simultaneous connections allowed, encrypted email service, torrent support, and more.
- Cross platform compatibility. Check their website for router options.
- Has stealth server technology.
- Many servers located in the US to include the west coast enabling faster data streaming. Asian server locations include: Hong Kong, Indonesia, Japan, Malaysia, Mongolia, Philippines, Singapore, South Korea Thailand, Taiwan, and Vietnam. Many other locations around the world.
- Allows up to two simultaneous connections (1 computer and 1 handheld device). US based company with no usage logging. Allows anonymous payment also accepts Chinese Unionpay. 30 day money back guarantee.
- Easy-to-use apps for Windows, Mac, iOS and Android
The Chinese government has one of the most sophisticated and ambitious mass censorship operations in the World, but it can be overcome. Purchase a private network services and protect your freedom. Make sure to test out all your connections before you travel and keep copies of the contact information for your VPN providers. Many virtual netwrok provider’s websites are block and you don’t want to be left in the dark if you run into problems. Remember the censored internet environment in China is ever changing and there is no guarantee that what works today will the next. Be prepared.
More on the Great Firewall of China
Chinas Internet firewall grew out as a project called Golden Shield which was envisioned in 1998. As the Chinese transitioned to a market economy and opened up to foreign investment it wanted to also protect itself from what it believes as dangerous political ideologies infiltrating its population. One of Deng Xiaoping’s (the leader until 1992) favorite sayings was “If you open the window for fresh air, you have to expect some flies to blow in.” The Great Firewall of China is the Chinese government swatting at what it perceives as flies.
In modern times, a collaborative study between Harvard Law School, University of Toronto Citizen Lab, and Cambridge Security Program under the OpenNet Initiative found that China is the most sophisticated content filtering regime in the world.
The Chinese Internet filter employs multiple methods here are some examples.
- DNS filtering: When an address is sent over the Internet, for example google.com, it is translated into and address consisting of a bunch of numbers by a domain name server (DNS). In China some web addresses are filter out so that no address is given or they are redirected to incorrect addresses.
- IP blocking: Access to certain Internet Protocol (IP) address are denied. When a targeted Web site is hosted on a shared server (servers maintaining multiple web sites), all web sites on the same server are also blocked. This affects all IP protocols TCP such as HTTP, FTP or POP.
- Packet filtering: When data is transmitted over the Internet it is broken down into packets. When a certain number of controversial keywords are detected in the data TCP packet transmissions are terminated. Anything from search engine results to personal email can be censored. This affects all TCP protocols such as HTTP, FTP or POP.
- SSL man-in-the-middle attack: Makes independent connections between two parties and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is monitored or controlled.
- URL filtering: The Uniform Resource Locator (URL) string is scanned for targeted keywords regardless of the domain name and blocked if contains any banned words. This affects the Hypertext Transfer Protocol.
- VPN traffic recognition: Recognizes when traffic is encrypted and or transmitted through a virtual private network tunnel and blocks traffic.
The great firewall may seem ominous to get around. In reality the firewall’s implementation is patchy and very inconsistent. One province may block a website while in another it is not. Often benign none political websites devoid of anything that may be considered offending are blocked while known targets are suddenly accessible. The situation is dynamic and constantly changing. In many ways it is a cat and mouse game as technology evolves and as the government’s policies or whims change.
Important aspects to consider when looking for a China VPN
Stealth VPN server technology
With the Chinese government actively scanning for VPN use, it is imperative that anyone who wants access to the outside use a private network provider that applies some sort of stealth technology that hides the encrypted connection from standard detection.
Location of the VPN servers outside of the country
The location of the private servers outside of China are one of the many variables that directly impact the speed at which users connect. This makes it important to consider the locations of the servers if you want the best Chinese VPN service. Even though Hong Kong is considered part of the country it is not regulated like the mainland. So remarkably Hong Kong currently remains one of the most uncensored places to access the internet in Asia (when physically located in Hong Kong though it is still recommended to protect yourself from hackers and sniffers with a VPN). This makes Hong Kong a great location for fast virtual Private Network servers. If your visit will be located closer to Taiwan or Japan then of course better speeds can be obtained by using servers based in those countries. When looking to stream content from the US users should connect to servers located on the west coast of the United States.
Final advice on overcoming the Great Firewall
- Before you travel install and check that all your network connections work.
- Keep your VPN help desk contact info on your PC.
- Change your default DNS settings before you travel (helps prevent China DNS spoofing or DNS poisoning). Click here for more on DNS leaking and how to change the settings.
- If you should find yourself blocked try switching protocols. Most private networks support multiple protocols. OpenVPN with secure 256-bit encryption is often the default protocol. Try L2TP/IPsec at 256-bit or PPTP with lesser 128-bit VPN encryption.
Click here to go back to our top VPN reviews page.