Douglas Crawford

Douglas Crawford

March 13, 2015

Update 13 March 2015

China has recently stepped up its efforts to block the use of VPN to evade censorship restrictions, so in an effort to provide the best and most up-to-date information available, we have scoured the internet and heeded the helpful advice of our readers who are ‘on the ground’ in mainland China, to update this article. Readers should be aware, however, that even more so than usual, the situation at the moment is very fluid…

Introduction

Despite opening up economically and embracing capitalism, China remains firmly under the control of an oligarchic Communist Party who want the economic benefits of capitalism, without the nuisance of having a politically empowered population who can engage the free flow of ideas with the rest of the world, which it sees as a threat.

In order to ensure that its population remains as uncontaminated as possible by ‘dangerous’ and ‘un-Chinese’ foreign influences (such as notions of democracy, freedom of political and religious expression, the right to uncensored access to information, etc.), the Chinese government has developed the most ambitious, sophisticated, and effective mass censorship system in the world – the ‘Great Firewall of China’ (GFW).

One of the most effective ways for both nationals and visitors to mainland China to bypass the GFW is by using a VPN service, although as we shall explore later in this article, even with this technology, evading Chinese state censorship remains a challenge.

Summary

Rank Provider Review Price Link

1

ExpressVPN_Logo 9.8
Read Review >
$8.32/mo Visit Site

2

BolehVPN Logo 9.4
Read Review >
$9.99/mo Visit Site

3

AirVPN Logo 9.4
Read Review >
$8.82/mo Visit Site

4

Screen Shot 2013-02-25 at 18.38.21 9.3
Read Review >
$6.95/mo Visit Site

5

vyprvpn_logo 9.3
Read Review >
$6.67/mo Visit Site
Editor’s Choice

Winner – ExpressVPN

ExpressVPN_Logo

Positives: Fast speed boosted for China, servers in 78 countries, operates on all devices, multiple VPN protocols, 256-bit OpenVPN, 30 day money back guarantee, ‘stealth’ servers in Hong Kong, no usage logs, 2 simultaneous connections, phenomenal customer support

Negatives: Not the cheapest VPN

A big international company with servers just about everywhere (Hong Kong, Japan, Taiwan and West Coast US), ExpressVPN is fast, has great apps for iOS and Android, and sports a 30 day money back guarantee. ExpressVPN does not keep traffic logs and is specifically engineered to be reliable from anywhere in China. More importantly, ExpressVPN runs ‘stealth servers’ located in Hong Kong and elsewhere, which are designed to hide the fact that VPN is being used. All in all ExpressVPN offers a good balance of features, with lots of bells and whistles,  and reliability.

While ExpressVPN is a few dollars more expensive than other providers, it’s well worth the money if you need a reliable and fast VPN option in China. With their 30 day money back guarantee, you have plenty of time to try it out risk free and make sure it works well for you.

Try Out the Best VPN for China Today!

Visit ExpressVPN »

30 day money back guarantee

2. BolehVPN

BolehVPN Logo

Positives: no logs, fast, great OSX and Windows software, P2P: yes, 2 simultaneous connections, ‘CloakRouted’ servers Hong Kong and West Coast US , website not blocked at time of writing

Negatives: 128-bit Blowfish OpenVPN encryption could be stronger

This Malaysia based VPN provider is in a good position to serve users in China, as it provides ‘CloakRouted servers’ designed to allow access through the GFW, and for some reason the website does not appear to be blocked at time of writing. As a provider, BolehVPN impresses us with a no logs policy, great Windows and OSX VPN software, and excellent connection speeds, so it is little surprise that this relatively small provider is very popular throughout South East Asia.

 

 Visit BolehVPN »


3. AirVPN

AirVPN Logo

Positives: no logs at all, transparent service, accepts Bitcoin, , 256-bit AES encryption, dynamic port forwarding, real-time user and server statistics, support for Tor over VPN and VPN through SSL and SSH tunnels, good speeds, 3 day free trial, uses shared IPs, P2P: yes, 3 simultaneous connections, server in Hong Kong

Negatives: website blocked by GFW

We know that AirVPN is a slightly odd choice to recommend given that its website is blocked in China, but if you can get around this (by signing-up before visiting China, or using one of the VPN alternatives listed in the discussion below), then when it comes to censorship busting technology, AirVPN is very hard to beat. It supports VPN through Tor, as well SSH and SSL tunneling (which conceals that fact that VPN is being used by hiding the OpenVPN traffic inside a regular looking SSH or SSL tunnel, which are very resistant to the kind of deep packet inspection used by the GFW), and we are always impressed by AirVPN’s dedication to privacy, reliability, and connection speeds. Edit: We are told that if you email the AirVPN team, they can provide access to the AirVPN website through a URL that is not blocked in China.

 

 Visit AirVPN »


4. TorGuard

Screen Shot 2013-02-25 at 18.38.21

Positives: No logs, very fast, shared IPs, SSH tunnelling, DD-WRT routers, server status information P2P: yes, servers in Hong Kong, Japan, West Coats US

Negatives: Encryption on most servers a bit meh, customer service could be better, jurisdiction uncertain

According to our latest reports, TorGuard remains uncensored in China, especially when using its obfuscation technology, which TorGuard explained to us as follows,

‘[We] run an adaption of obfsproxy for OpenVPN which acts as a bridge between client and server. In this way the end user’s traffic is transformed into regular looking HTTP traffic making it virtually impossible to be filtered by firewalls seen in China or Iran. We have recently acquired many new clients behind the great firewall of China and as a result have also started offering secure SSH tunnel services.

TorGuard has servers in all sorts of useful locations, and although the encryption it uses on most of its servers is somewhat uninspiring, it is a solid provider.

 

 Visit TorGuard »


5. VyprVPN

Positives: fast, 160-bit and 256-bit OpenVPN encryption (Pro only), Android app, iOS app, servers in Hong Kong, 7 day money back guarantee, up to 3 simultaneous connections, no usage logs, ‘Chameleon’ anti-GFW system

Negatives: P2P:no, pricey

VyprVPN is one of the most polished and technically proficient VPN providers out there, although the fact that it records and keeps a lot of metadata, and is based in the US, means the service is not ideal for privacy fanatics. This is not, however, something that should worry most people simply seeking to evade censorship in China, who can take full advantage of VyprVPNs know-how, and especially its ‘Chameleon’ anti-0censorship technology which ‘scrambles OpenVPN packet metadata to ensure it’s not recognizable via deep packet inspection, while still keeping it fast and lightweight. The Chameleon technology uses the unmodified OpenVPN 256-bit protocol for the underlying data encryption’ to access international websites unhindered.

Visit VyprVPN »


Honorable mentions

Other VPN providers reported to be working are MyVPN, PureVPN, and Hide My Ass (HMA) (reviewed) and TigerVPN and MoleVPN (not reviewed by us). IronSocket also offers stealth servers.


Introduction

Before we discuss using VPN to evade censorship in China, there are couple of important points to note. The first is good news – to the best of our knowledge evading (or trying to evade) censorship in China will not get you in trouble. The Chinese government does its best to block censorship evasion technologies such as VPN, but does not persecute those who try to use them. If one service or method does not work, there is therefore little to be lost by trying another until you find one that does.

On a less positive note, the situation in China is continually changing, so what works one day may not work the next (although the reverse is also true). In addition to this, BestVPN is not based in China, so we have no direct way of testing how well the services discussed in this article actually work, and have to rely on anecdotal evidence, and the experiences our readers share with us. We do, however, strive to keep our information as accurate and up-to-date as possible.

The Great Firewall of China

More correctly known as the ‘Golden Shield’ project, the first phase of the GFW was completed in 2006, but it has since grown in complexity and scope, restricting internet access into and out of mainland China to only three access points, and employing up to fifty thousand cyber-intelligence specialists, who employ tactics such IP blocking, DNS filtering, URL filtering, and packet filtering, to police the data-waves.

Actual implementation of the GFW, however, is very patchy and inconsistent, with websites that are blocked in one province or jurisdiction often accessible from one next door, and many totally innocuous websites that are apparently devoid of political or otherwise objectionable content finding themselves blocked. Sometimes even widely blocked websites such as Google+ are occasionally accessible.

That said, the situation has deteriorated even over the last year. In addition to websites such as Google, Facebook, YouTube, Twitter and Wikipedia being blocked, China has recently heavily censored the popular microblogging platform Weibo following Hong Kong’s student led Occupy protests, DNS poisoned all subdomains from a one of the world’s largest Content Delivery Networks, blocked countless new websites (including DuckDuckGo and BestVPN.com), and censored apparently harmless TV shows such as the Big Bag Theory.

If you wish to check whether a given website will work in China, excellent free tools are available here and here.

Using VPN to defeat the GFW

VPN is a fantastic anti-censorship tool, but this is something the Chinese government is very well aware of, and has therefore gone to considerable lengths to prevent the use of.

One important thing for visitors to note is that it is much easier to setup a VPN service before traveling to China than it is once there, as while China blocks access to many VPN websites, their servers can often still be used by the VPN software if already installed on a device.

An important new development is that a number of VPN providers have adapted the obfsproxy technology used for Tor (or have developed something similar of their own), which allows them to offer censorship-busting ‘stealth severs’, usually located in Hong Kong.

Speaking of Hong Kong, despite the recent upset caused by the pro-democracy protests, the Special Administrative Region remains one of the most free and uncensored places to access the internet in Asia, which of course makes it a fantastic location for VPN servers (although users closer to Taiwan or Japan may obtain better speed using servers based in in those countries). Users looking to stream content from the US should of course look out for providers who offer servers on the West Coast (most do).

If you find that a VPN service is blocked, then it is worth switch VPN protocols (for example from OpenVPN to L2TP or PPTP. Windows users (Vista SP1+) also have the option of using SSTP if the provider supports it (although most don’t).

At least as secure as OpenVPN (and often sporting 2048-bit SSL encryption), the SSTP protocol is very difficult to block as it uses the same TCP port 443 as SSL, meaning that to block it would effectively hamstring the internet. While we are sure that China is not above doing this, it has not done so this far. OpenVPN can also be configured to use TCP port 443 if a provider supports port forwarding.

One last point is that the GFW sometimes indulges in the practice of DNS spoofing (also known as DNS poisoning – blocking IP request results or redirecting them to other servers). We strongly suggest that all users in China change their DNS settings from their ISP’s default (a guide to doing this in Windows is included here.)

VPN alternatives

In this article we discuss other ways to access the internet from inside China, and while none of these methods provides the speed or functionality of VPN, they can be used to signup to a blocked VPN service and download its software. In addition to Tor and SSL (discussed in the article), other options include:

  • obfsproxy – this is in fact a tool used by Tor to wrap data into an obfuscation layer, making it difficult to detect that Tor is being used. An increasing number of VPN companies are now also using obsfsproxy (or something similar) to hide OpenVPN use as well
  • VPN Gate – a free, non-commercial ‘Academic Experiment Project’ developed by the University of Tsukuba, Japan. It is effectively a volunteer-run VPN network, using strong encryption, and with many nodes located throughout Asia (making it very useful for users in China)
  • Lahana – one of the biggest problems with using Tor is that the GFW routinely blocks all known exit nodes. Lahana uses a similar technology (derived from Tor), but makes setting up nodes ‘stupidly easy’, so the beauty of the system is that with nodes being so easy to set up, any attempt to block them will be very difficult as more can be readily created. It was designed to defeat censorship in Turkey, but should also work well in China
  • Psiphon – this free anti-censorship tool uses a combination of VPN, SSH and obfuscation technologies to bypass GFW style censorship. If you encounter a block when using VPN, for example, you can switch to SSH or obfuscated SSH (SSH+) instead. One of the best things about Psiphon is that if you find the Psiphon website blocked, you can request the software be sent to you via email (contact info@psiphon.ca).

Conclusion

Despite its very best efforts, defeating the GFW using VPN services is very doable (and popular). It can however be something of a cat and mouse game, where the rules change all the time. Nevertheless, with a little patience and flexibility there should be no need to find your internet censored while in mainland China.

Summary

Rank Provider Review Price Link

1

ExpressVPN_Logo 9.8
Read Review >
$8.32/mo Visit Site

2

BolehVPN Logo 9.4
Read Review >
$9.99/mo Visit Site

3

AirVPN Logo 9.4
Read Review >
$8.82/mo Visit Site

4

Screen Shot 2013-02-25 at 18.38.21 9.3
Read Review >
$6.95/mo Visit Site

5

vyprvpn_logo 9.3
Read Review >
$6.67/mo Visit Site
Douglas Crawford

Written by

Published on: March 13, 2015.

June 12th, 2018

I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. You can now follow me on Twitter - @douglasjcrawf.

46 responses to “5 Best VPNs for China (March 2015)

  1. Currently using VPN Express (not expressVPN) inside china: useful for visiting occasionally because it has some data quota packages that don’t time out. Under a dollar a gig, too. Only problem is that connection with different VPN servers is a very hit-and-miss, though I guess that is not an uncommon story. So worth a look.

  2. Hi. Just like to add my experiences in China where I reside approx 6 months each year. My ISP is China Unicom and provide me with 20 Mb access. within China even in evenings I rarely go below 15-17 MB and during the day I get 19-20 MB. I am in Dalian (north east china). I am very satisfied with my Chinese ISP.

    Initial I used WiTopia. Their server speeds are not great and I was getting 5-6 MB no matter where I was connecting to. Getting connected was also quiet slow and occasionally getting disconnected but hey once connected I was getting by.

    Early on this year the wheels came off. Constant blocking on many sites no doubt due to the Firewall. Their stealth technology got me (slowly) connected but speeds were terrible < 1.0Mb. I have no complains about their customer support who tried all kinds of things with me to sort things out-I am very computer /network savvy so we tried a few esoteric tricks to no avail. Always the same problem very slow servers.

    So after leaving China for a few months I cam back a month ago. Witopia was now connecting but slow slow slow thus promoting me to try others. Not keen on express VPN seems slow and too many disconnects.

    For rthe last month i have been using Golden Frog’s VyprVpn works very well and fast, like I am getting frequently 15-17 MB. As an experiment I left my computer on for a few days and was not disconnected. so I am sticking with them now.

    Here is a little tip that may work with any VPN provider you use. Ask yourself the question how much encryption do you really need? Obviously I do not want anyone stealing my ID but I am not operating a business that has confidential information. I have found that using 128 bits and yes good old fashioned PPTP gets my speeds way up. Even with VyprVP when I go to higher levels and other protocols my speed gets cut down dramatically. So for watching Netflix, uploading photos to Adobe cloud or my other sites (I am a photographer) and just research on the web I use the lower 128 Bit PPTP. To do my banking about once or twice a week I change to 256 Bit.

    I recognize that folks will get different results depending on where they are in China but for me so far so good with Golden Frog.

  3. Hi jFiveNYC,

    Thanks for that great on-the-ground info-burst. This kind of information is invaluable when trying to work out what does and does not work in China.

  4. Hi there, I’m a US student going to be in Beijing for an internship for 10 weeks during Jun-Aug. I will need accesses to gmail and UN websites to apply for fall internship while I’m in Beijing. I’ll pass through Hong Kong, but I am not sure what Stealth server is. Any tips or advices would be greatly appreciated. Thank you!

    1. Hi karen,

      A ‘stealth server’ uses obfuscation technology (often based on obfsproxy) to hide the fact that VPN is being used. From the user-side, all you usually need to know is to choose the server marked something like ‘Hong Kong (stealth)’ from the list of servers offered by your provider.

Leave a Reply

Your email address will not be published. Required fields are marked *