
Man jailed for over 5 years and fined $76K for selling VPN in southern China - Sami_Lehtinen
http://scmp.com/news/china/policies-politics/article/2125326/man-jailed-51/2-years-fined-us76000-selling-vpn
======
QAPereo
Yeah, and mind you the UK under May and the US would almost certainly love to
do this too. Demonize encryption and anything which might allow you to bypass
either monitoring, ISP fuckery, or copyright law. There’s probably no
_technical_ solution for a government to do this, but as with rubber hose
crypto, they don’t actually _need_ one. If we don’t want this in our future,
it’s going to take a lot of work.

~~~
nurettin
I'm surprised people actually trust their browser encryption. All it takes to
decrypt is for a government to ask for your ISP's reverse proxy logs or
acquire a bunch of root certificates.

~~~
Benjamin_Dobell
How are "reverse proxy logs" in any way useful for decrypting SSL?

Root certificates aren't useful either unless users install them. On the other
hand, private keys of SSL providers can be of use for serving false
certificates, but that's only useful if you also MITM.

~~~
nurettin
Reverse proxy is part of the MITM. Every sizeable work place in my country has
some sort of root certificate installed on every workstation's browsers. They
log your traffic and use those root certificates to decrypt your traffic. -1
all you want.

------
songco
Setup VPN on Cloud VMs for personal usage -> Generally ok, and you may need to
stop it if police known it... Share it with others -> Maybe ok if not too many
people, and you need to stop it if police known it... Sell it to others ->
dangerous if you lived in China.

The GFW have the ability to detect VPN connections and you will got a
connection reset...It’s more and more difficult to use blocked service/site in
china.

~~~
whooshee
There are no laws against individuals who use VPNs to browse restricted sites,
but there are laws(license impossible to get as individuals) to take down
those sellers.

VPNs are becoming obsolete, Proxies like ShadowsocksR are still usable.

~~~
odiroot
Out of curiosity, where do you host your SSR?

AFAIK AWS, DigitalOcean, GCP are regularly blocked. GigsGigs in HK is
throttled.

~~~
Canada
It's fine on those services, just rotate IP addresses and ports regularly.
Don't put too many users on the same proxies at once.

~~~
odiroot
That's a really big hassle when you need to use the tunnel and the IP has been
burned. You actually need the same tunnel to manage your servers.

GFW even blacklisted my personal domain because I was running DNS queries
against it to establish my SS tunnel. At least it seems like it.

~~~
iforgotpassword
I got annoyed by this too much a couple years ago, also the fact that they
seem to be able to detect most if not all tunnel types and randomly inject
packets that will break the connection. So I proceeded to quickly hack up a
simple tunnel based on the surprisingly simple to use tun devices. The
protocol was UDP based, didn't support any kind of connection reset, was not
encrypting but just masking via xor, and contained some simple but cool tricks
(as far as I'm concerned ) to deal with the high packet loss across the gfw
you'll experience depending on time of day. Sure not ideal if you permanently
live there or want to spread sensitive information, but all I want is decent
browsing experience when accessing "our" internet. I was happy when 720p
videos played without buffering on YouTube.

------
fatman13gg
> Taobao is owned by Alibaba, which also owns the South China Morning Post.

Interesting. I am wondering how they update their posts. Because scmp.com is
actually being blocked in where I am staying at. Maybe some state sanctioned
services? I have been using aliyun services and never had any issues.. yet..

~~~
odiroot
What do you mean? As far as I know SCMP writers don't reside in mainland
China. At most in Hong Kong.

SCMP is completely inaccessible from China Unicom (mobile) and China Telecom
(landline). Most possible the other options also block it.

~~~
fatman13gg
My bad. Somehow I was under the wrong impression.

------
naveen99
So Amazon and rackspace can't rent cloud servers to people from southern china
? or is it just low cost proxy's and vpn's that get seller into prison ?

------
unixhero
Whoops, I did that too. It was fun tho.

------
santoshalper
Dude was selling that shit on Alibaba. Brazen.

