Internet in China
June 1, 2013 3:11 PM

What are the best practices for internet security in China?

I'll be going to China relatively soon, and while I'm there I would like to be able have access to:

-- Gmail (essential, or please at least warn me if it's impossible so I can set up mail forwarding to another account)
-- Online banking (essential)
-- Skype
-- Github
-- Tumblr
-- Twitter and Spotify (?)

I'm not really sure what kinds of problems there will be in accessing these currently; there are other AskMeFi questions about this, but they are fairly outdated.

I also would like to know if there are any unique dangers in using the internet in China, and if there are any steps I can take to keep my personal information (especially online banking) from being compromised. General advice about the best way to keep in touch with people back home and share photos, etc. is also appreciated, especially if you've been over there before.

Throwaway at throwaway01222@gmail.com
posted by anonymous to Computers & Internet (10 answers total) 3 users marked this as a favorite
Are you going for a week or a year?
posted by k8t at 3:50 PM on June 1, 2013


I would set up a VPN and route all my internet traffic through that. I'd also use a mac rather than a windows machine. Also, don't let your computer out of your sight.
posted by empath at 3:55 PM on June 1, 2013


Depending on your operating system, you'll want something like VPNNetMon (Windows), VPNCheck (Linux) or Viscosity (OS X) that will monitor your connection and halt outbound traffic if you get dropped by the VPN.
posted by invitapriore at 4:05 PM on June 1, 2013


(I am an IT Security consultant, but not your IT Security consultant. Unless I am, then never mind.)

I wouldn't worry too much about your online banking information. The biggest threat faced by travelers in China is espionage, both corporate and governmental. Attacks against a single bank account just aren't all that likely there. (Attacks against an entire bank are, however.) Using a VPN, as suggested upthread, is a good best practice.

If you're a corporate business traveler, worry mightily. If you're just a tourist, though, don't sweat it, really - the bad actors are just not all that interested in you.
posted by deadmessenger at 4:55 PM on June 1, 2013


Yes there are dangers, and here is one to make yourself aware of: when logging into one of the web services you mentioned, you might see an unexpected extra login screen. It may or may not look familiar or like the site's typical login screen. That's a fake login screen designed to capture your user ID and password before you log into the site's real login screen. Amazingly enough, this kind of shitty practice is not illegal for the government there to do. Welcome to China.
posted by Dansaman at 10:32 PM on June 1, 2013


My partner is over there for a week. She has taken a 'throwaway' phone and laptop (she needs to give presentations) which will get sold on ebay or reserved for future trips. These are not going to be allowed back on the domestic network, if we need to transfer new stuff to the laptop it will have to be sent via email.

We set up a disposable gmail account for her, selected older email and all incoming mail to her main account is forwarded to that new account which is set up to reply/send as though it was the main account (you need to prove ownership of both accounts to set this up). She logged out of her main account before leaving and we have a process for forwarding her older email if she needs something she forget to copy over.
posted by epo at 2:12 AM on June 2, 2013


Depending how long you're going for and whether you need full Office applications, you might consider bringing a Chromebook instead of a standard PC/Mac. Definitely use a reputable VPN service like ProXPN if they'll let you (i.e., if it isn't blocked by the Great Firewall). Throwaway accounts are definitely advised, where feasible. When you return home, immediately change any passwords for accounts that you accessed while there. If you're using a PC or Mac, install the best AV and security suite that you can get.
posted by maxim0512 at 5:13 AM on June 2, 2013


Good advice in here. FWIW, most major commercial VPN providers are not currently blocked in China, but this could change at any time -- particularly around sensitive anniversaries like Tuesday's. That said, I've had good luck here in Beijing with Witopia and VPNinja, and I know Astrill is popular among the gringo community as well.

As for the services you mentioned: everything will work great with a VPN. Without... well, just get a VPN:

- Gmail

Not blocked outright, but intermittently interfered with in a way that makes it a royal pain in the ass to check without a VPN. IMAP and POP3 continue to work fine, though.

-- Online banking

Probably fine.

-- Skype

Works, but be aware that the Chinese version of the client is at the very least filtering keywords in text chat. I've had weird drops in Skype-to-landline calls over the past few months, but nothing suggestive of anything other than general network crappiness. Which should be mentioned: be prepared for the internet to crawl here under even the best of circumstances. A lot of overseas sites actually load faster with a VPN, even if they're not blocked.

-- Github

Was blocked for a while, but is currently accessible.

-- Tumblr

Works.

-- Twitter and Spotify (?)

Both blocked. Twitter is blocked by the GFW, as is Facebook; Spotify is accessible but won't play you any music if you don't have an IP address from one of the countries they offer service in. Ditto Pandora, Netflix, Hulu, etc.
posted by bokane at 4:50 PM on June 2, 2013


As others have stated the answers you need depend on how long you're going and how paranoid you are. For full paranoia I'd bring a disposable laptop that I'd only boot off of a CD ROM that I kept on my person at all times unless it was in the CD drive.

You should also use a VPN for sure. If you are cheap and/or techy you can install Tomato or DDWRT on your router at home and host it yourself. This might be slower than commercial VPN and will be at most as fast as the upload speed of your home connection.
posted by Aizkolari at 1:23 PM on June 3, 2013


Anecdotes, second hand:

A very close friend and colleague goes to China frequently on business (ten times a year). It's all normal stuff, nothing exciting, just manufacturing. I have asked him about his security. He takes a Mac laptop and his iphone. He keeps them with him, or the laptop locked securely.

When he gets home after a ten or fifteen day stint, he has to change all his passwords. Everything he can access online gets accessed, while he is in China. They even access his online accounts for utilities, such as his electric bill. For no good reason, they just snoop. It's China. It's what they do.

I have heard that some people will only take a prepaid cell phone to China, and get rid of it once they return. Anything that can be accessed wirelessly, will be.

New York Times article.


Bruce Schneier., with comments.
posted by Xoebe at 2:31 PM on June 3, 2013


« Older How do I keep water from coming up through the...   |   Does waiting for someone with "issues" ever work... Newer »
This thread is closed to new comments.