Search the Community

Suggestions are below: Your best bet is to speak to people or expats who live in China. (I am not that person) Learn what "vpn obfuscation" is ssl or ssh can obfuscate your vpn usage but if the end point is blocked (which is the case a lot of the times when it comes to vpn servers) then it doesn't matter Investigate shadowsocks and setting up your own vps (you may need some help from IT inclined folk) since you can delete and create a new vps if your IP becomes stale There are some VPN companies that work in better in China than others https://www.tipsforchina.com/ https://dcamero.azurewebsites.net/

Hello all, I am not an IT expert at all and honestly I'm confused in terminology related to vpns. I live in Germany and soon moving to China. I would like to take with me a router and get a good VPN and hopefully setup the routeur There to have it always connected to this vpn. I don't know the names or terminology about what to do to reach this result. 1) does most of recent routers can do that ? (Asus for example ?). Maybe I need to upload a file to the router from the VPN supplier. 2) which vpn could work ? Airvpn? Cyberghost? Torguard ? I plan to do all the setup here in Germany before leaving cause all is so much more complicated in China (tell me about getting an Android phone there during my last trip and get the google play store to work, was horrible !). If any of you know a combination router + VPN with a good tutorial how to set it up.. I'd be very appreciative!! Thanks in advance !

Reading the comments at https://github.com/systemd/systemd/issues/7182 does not give me confidence that the issue is cleanly "resolved" for all now and future setups. Major risk for users in Iran, Turkey, China, Russia, etc. I run internet activities in Linux Mint in VirtualBox in Windows10, with Eddie and OpenVPN in the outer ring of W10. Initially to get going without having to spend time with problems, but also due to some logic, I always follow the discipline of: 1. Boot W10. 2.Start Eddie and OpenVPN with Network Lock. 3. Connect to Air server. 4. Start VirtualBox. 5. Boot Linux guest. Logically this means that Linux only sees and interacts with the secured VPN configuration. Mint handles Network Lock state changes as simple link up/down/up. Occasional testing with ipleak, doileak etc have not shown any leakage. Suggest this procedure as extra insurance while the systemd civil war and casualties continue. Edit: Sorry, after reading links I got a bit brainfuzzy and thought original poster was running in a VM. I will leave my comment for that configuration, and go for my second coffee of the day.

Hi there. I've lived in Australia for a while. The internet is rubbish: expensive, unreliable, often slow and compromised (data retention). I had better internet in China! Airvpn does not have a server in Australia. There are posts in the forum on why not, but they revolve round the exorbitant cost (cost of living is often higher than the Scandi countries, without access to Europe and the culture. Beaches kind of do not make up for that.) And the data retention / surveillance state. This has been turned into a fine art in Australia. On the whole, Airvpn works well, but some of its servers have been blacklisted, by for instance Netflix or the BBC. You might need for those sites to get another VPN - but I would urge you to stick with Airvpn for all other activities. Why? Several reasons. Australia does not have a bill of rights, or even guaranteed freedom of speech (some political speech is protected, sort of). Politicians learned long ago they could simply lie to the voters, scare them or ignore the voters' criticisms - so overt control of the press was not required. In any case, one half of the press landscape is controlled by Murdoch. So, they do not need to, in any case. It is easy for the authorities to obtain a warrant, merely by saying they suspect X of doing Y - even if they do not have a lot of evidence. The judiciary is compliant. There is data retention too. The Federal Police (kind of like a cheap FBI) were caught accessing journalists data, without warrant. It was an "accident", they said. [see: http://www.zdnet.com/article/ombudsman-finds-australian-federal-police-unaware-of-journalist-metadata-requirements/; https://www.theguardian.com/australia-news/2017/apr/28/federal-police-admit-accessing-journalists-metadata-without-a-warrant; https://www.theregister.co.uk/2017/11/28/australian_federal_police_did_not_delete_metadata_as_promised/; https://www.theguardian.com/world/2016/apr/14/federal-police-admit-seeking-access-to-reporters-metadata-without-warrant]. So, all the promises that the data would be used only in extreme cases were hollow. As predicted. The other problem is that unlike the US, where information illegally obtained, and anything flowing from it, can't be used in court (the doctrine of the fruit of the poisoned tree) - no such prohibition exists in Australia. It is up to the judge. So, information can be used even if there was no valid warrant. Additionally, the domestic intelligence service is largely unaccountable; for instance, its evidence to court proceedings and coronal inquests is usually not published (and so cannot be tested) - unlike the US. And indeed, all records of those courts are usually not available publicly, on grounds of "privacy". [Contrast with the US and what happened in the lead up to 9/11. such public disclosure would not occur in Australia.] So, in short, if you live in Australia, you should be using a good quality VPN . They are not yet illegal - but there have been discussions from time to time of making them so. And stay off social media.

The hope is that tls-crypt UDP sessions can defeat firewalls yet give better performance than the TCP tunnel required with SSL. But, I haven't seen anybody post about their experience in China with tls-crypt yet.

Hello! OpenVPN over SSL works just fine and you don't need anything else. However, we're also interested in trying to bypass some blocks in UDP, where UDP is not blocked globally, or in TCP without the aid of an additional TLS tunnel. For such purpose tls-crypt might help. It is now available in Chara and Castor, and will be deployed onto most or all servers in a month or so. We would be glad to receive feedbacks (not here, only in private tickets) from China or Iran. Please run Eddie 2.14 to support the new feature or re-generate properly the configuration files to test. UPDATE: tls-crypt is now available on all servers, please see next messages in this thread. Kind regards

If you're looking for something that just works, I might recommend ExpressVPN. Recently they've added a network block feature in their latest version - your connection is blocked if you lose your connection. That's one of the reasons I've preferred AirVPN since it's integrated into their client. I tend to trust AirVPN a bit more than Express since some of their server locations are in areas that I don't consider secure (Cambodia, Vietnam, Thailand, etc), but they have proved to be reliable. If you need something that works in a pinch in Windows, you might want to consider setting up your own VPN on a private server (or at a friend's house) using SoftEther. It can be slow at times in China, but it usually connects if other things aren't.

Just found this VPN for curiosity. https://hidester.com/ On it's website a protocol called CamoVPN has been described as a better protocol for circumventing china's firewall than OpenVPN. https://hidester.com/wiki/index.php/CamoVPN This caught my eyes, since I am in China now. After a little bit thought I guess that could be another fancy name of obfuscation method(I've already have a backup VPN using obfsproxy protocol). What do guys think about this VPN?

Hello everybody, first of all, I love AirVPN, and I will continue to use it. It works perfectly 99,9% of the times. But for these 00,1% I need a good alternative. I am living in China. I need a good VPN for China. Price isn’t important. It would be nice to run on Android and Windows and have a similar excellent policy like AirVPN. Does anybody have a suggestion? (and be sure that it works in China in the year 2018). Thank you very much for your help!

Hello! Not necessarily, consider for example what we call "partition of trust". In this way you can have most of the advantages of a VPN without having to trust the VPN operators and the datacenter (where a server works in) technicians. We strongly disagree about the need of security through obscurity when it involves the source code of a software, and openness should not be limited to protocols only. However this is a long and complex argument that we prefer to not discuss in wider terms right here right now. Under a very practical point of view you can see that we have been always able to guarantee access to AirVPN from China and Iran through an open source software. If any part of your software needs to be closed for such a reason (currently it's all closed source, if we're not mistaken, right?), you should wonder whether it's really necessary or it's only a design problem. Kind regards

Don't disagree with Zhang's general advice, but as a matter of convenience and security I have one bank and have used and checked with their phone call centre that they do not trigger on IP geolocation or address range. I also use a Mastercard issued by that bank. I have enabled 2 factor authentication, so some larger or whatever transactions require entry of a "netcode" sent to my mobile phone number by SMS. The 2FA may protect against trigger of other antifraud reactions. I have also just bought a new Android mobile, and set up a new Google account/identity. Google triggered email alerts to my nominated new gmail and photonmail email accounts, to check activity, and I confirmed okay to their algorithms about 3 times before it has stopped. Google gets my real geolocation in Australia from the mobile, but Air Singapore geolocation from the PC login. So for some people with simple activities VPN use is not always a problem with some careful checking. This may vary across nations, Australia has a high rate of tourist and business travel to and from the region, so single geolocation could be a major nuisance, and who trusts hotel/etc wifi. I nearly always use Singapore servers, and SG is not seen as a center for fraud and ecrime, "North Korea with the lights on" is how one expat commented. Their government/police/banks/etc are seen as closely cooperating with similar in Australia, China, India, Japan, USA, etc. One reason for not using Air USA servers is they do seem more often blacklisted, with access banned or extra captchas for blogs, subscriptions, etc.

Hello! We have several customers from China who can use our service with "OpenVPN over SSL" successfully. OpenVPN over SSH is usually successful too, but it is normally throttled more and it is also less efficient (stunnel is better than ssh under this respect). On mobile lines, in various cases avoiding UDP is enough (otherwise you will need OpenVPN over SSL on mobile devices too). Kind regards

If SSH protocol is uncensored, what is your evidence, zhang888? Where do you live? I suppose you don’t even live in China. If you are not Chinese, have you done your tests? I live in China and sometimes my connections get reset.

I was under the impression this was always the case in China, and that only SSL/SSH or Tor obfuscation could get through.

I am in China right know. Chinese government anounced a strikter VPN ban / firewall. They announced to implement these VPN counter techniques during January and February. I guess this happend last week. Since about 3 days most protocols are not working anymore (except ssl).

Was there a crackdown on VPNs in China a few days ago? I can't find anything on the topic, but all protocols, except for SSL stopped working. I already switched to SSL on my phone too, I'm just wondering if anyone knows anything. Sorry if it is off-topic (feel free to move the thread).

Amazing work! Again, thank you so much! Helped me a lot in China! Only one question (sorry I am a real idiot): how is that working? how do I have to safe the commands as script? (which format/how to safe them/how to write them) edit: so i found the .shortcuts folder, i added a file (AirVPN.sh) with the following lines: #!/bin/bash cd storage/shared/AirVPN stunnel AirVPN*.ssl but when i run it with the widget, it says "Permission denied". Can anyone help me?

Hello everyone, about two days ago China went up against VPNs (I guess). Because since then I have to use the SSL protocol on my computer to connect. Unfortunately on my mobile phone (android) I don't have this option. Are there any suggestions how to solve this? How long does the eddie android app take? (I read Juli 2018, but is there a beta testing channel). I really like airvpn, I don't want to look for another service. Thanks for your help!

Air staff might have to be cautious what they say/promise, and detailing security measures may be silly, so I will chip in as an IT pro client, but not a security expert. As far as I know, Air have said they run discrete server hardware in data centers, not the cheaper virtual machines on shared server hardware that many VPN providers use to add to their number of locations. One concern I have seen is that Meltdown and Spectre may break out of VMs into hypervisor and/or kernels, and then other VMs, on the same memory address hardware. I expect that any OpenVPN server and its administrative and support software is a much smaller attack surface, against hardened software, compared to general cloud servers with various programming languages, databases, etc. So worse cost/benefit for attackers, and not such a haul, as intercepting a database or confidential documents. One nasty possibility in the Austrian research/proof-of-concept was that javascript could by used for successful attack. I have now updated Firefox to 57.0.4, which claims to fix, on W10 and Linux Mint 18.3. Worth attention at our user end to avoid drive-by malware websites or adware. Of interest, including in lawsuits against Intel, is the many months since original findings to publication and issue of patches. Plenty of time for China/Russia/US/etc big budget cyberspies to do their secret things. So the "worst" breaches may have already happened for some targets.

The final thoughts of the reviewer are not bad at all.. "AirVPN may not be the flashiest VPN on the market and it may fall short in some areas, but it’s confident in its abilities. It also offers great value with its extensive focus on security, no-logs policy, and variety of protocols. It also puts heavy work in the background by developing, funding, and otherwise participating in multiple projects aimed at making the Internet a better place for users. Between Net Neutrality and the increasing restrictions on web content, AirVPN is a provider dedicated to fighting the good fight. We salute all such efforts — and while you might not be able to get around certain geoblocks (e.g. Netflix), you will have access to virtually anything else, including content behind the Great Firewall of China. In short, if you’re looking for a solid all-around virtual private network, you’ve found it in AirVPN." About artificial notation and as says another good Vpn provider : "Did you know that many product reviews found on the Internet are actually paid ads in disguise? It's a complicated topic, but one that we have a clear position on." They don't pay, AirVpn don't too

Since it is not very easy to use a VPN from countries like Iran a recorded a tutorial on how to use airvpn from these countries: https://usefulvid.com/bypass-the-persian-and-chinese-firewall-by-using-airvpn-with-ssl/ The videos are hosted on my website and on youtube. The reason is that it is not possible to access youtube from Iran. https://youtu.be/jl8I2-GQF94 It would be nice if you could share this with your friends in Iran, China, Turkey, Russia, UAE, Saudi Arabia and provide feedback if this method works. You can also download this video from my website to make it easier to share and spread the word. A video on how to use stunnel on android will follow and also published on this site. Update on 6.1.2018: The Video for Android is finally published: https://www.youtube.com/watch?v=zwf5JI6t0TI For all who suffer from youtube censorship this is the link for you: https://usefulvid.com/bypass-the-persian-and-chinese-firewall-by-using-airvpn-with-ssl/ Second Video on the page

Perhaps it is also required for compliance with Value Added Tax and perhaps state sales tax in some jurisdictions. When I purchase Air via Avangate with a Mastercard, no EU tax is added because I am in Australia, where the card is also issued. But due to complaints from local retailers about unfair internet retailing, and loss of tax revenue, there are new laws being implemented to force payment providers, not the goods/service seller/provider to collect and forward Australian 10pct GST(VAT) regardless of geolocation (tricks). How this is working and the rollout and enforcement is rather unclear. Taxation authorities can now scoop up and store vast detailed amounts of data and are increasingly motivated, although they allow richpigs to use Panama/Paradise Papers avoidance, and multinational transfer "pricing" to handicap national businesses. Maybe it does not "leak" to other "entities" in EU/US etc, but in Russia, Turkey, China, ... ?

Hi, I am in China, and I have tried more than a dozen vpn services. AC and Air are the two most reliable vpn services. I keep them both. If you have to pick one, in my experience, Air is a little bit faster than AC.

Not reliable. The speed was good. Can't loggin on desktop client two weeks ago. Btw, I am in China. : )

Yandex is not a browser engine, they are all based on WebKit or Gecko. In case of Yandex it is WebKit. You are probably better with Chromium or Firefox Focus instead, unless you are from Russia, where the Yandex browser is more adapted to local content and language settings. Same for Baidu browser for China. Your best option for privacy would be using vanilla versions of anything you know about. That is the only open-source clean version which is sort of tracking free. All the rest will come with additional "features".