Ryan Putin Posted October 1, 2018 Posted October 1, 2018 I will be traveling to China for a work-related assignment, and given that there's high level of surveillance in China, will a VPN protect me if I'm connected to a Public Wifi? I have FastestVPN subscription and the support guy said that the VPN only encrypts the data between two endpoints; I'm not tech savvy so i dont't know what that means. And if the Wifi asks for any permission to should I accept? Quote
digininja Posted October 1, 2018 Posted October 1, 2018 Yes, no, possibly and maybe. Yes, it will protect at least some of your network traffic as it goes from your device through to the FastestVPN server, at that point, the server decrypts the traffic and sends it on its way. That is what is mean by between the end points, you to them, what happens from them onwards depends on the type of traffic you are sending. This should at least get your traffic through the Chinese firewall. No, the Chinese have some very strict rules in place and may block the VPN or mess with the traffic in order to be able to decrypt what they see, for example swapping out encryption certificates. When doing this, if the client has been written correctly, it should warn you that something bad is happening so you will be able to make a decision as to what to do. Possibly, without knowing something about how FastestVPN works, it isn't possible to say how well they configure the service, done well and all your traffic should go across the VPN, done badly and all sorts could leak out around it. Maybe, without fully testing it in an environment where you can monitor exactly what is going on then it isn't possible to know for sure. Something to remember, if you are using public wifi and they have a captive portal (a web login page), then you'll probably need to have the VPN off to reach it meaning all your traffic is flowing in the clear till you've logged in. Also consider "Evil Maid" attacks and general surveillance. A VPN is good, but a camera pointed at your screen watching everything you do will defeat the protections to a degree. 3 Quote
Ryan Putin Posted October 1, 2018 Author Posted October 1, 2018 Thanks a lot for your reply. Another question; do they tap phones too? I've heard they tap expat phones to gain info.... Is it true? Quote
Ryan Putin Posted October 1, 2018 Author Posted October 1, 2018 I guess there's no hiding from the camera that's pointed at me. *Sigh Quote
digininja Posted October 1, 2018 Posted October 1, 2018 Like with a lot of things, it would probably depend on a cost/benefit analysis of you and your activities. If all you are doing is arranging to buy 100 biros from a Chinese firm, then they probably wouldn't get much from doing it so may not bother, if you are discussing arms details with some shady organisation, then they will probably do it and more. Due to the cost of labour and the way their government works, I'd guess that they would have more coverage than somewhere like the UK, but don't know for sure, all organisations have their limits. Quote
NoExecute Posted October 5, 2018 Posted October 5, 2018 A solution could be to setup your own openVPN server. Isn't that hard to do and it could give you some time to confirm it works as it should. I've testet a private VPN solution based on OpenVPN, from Linux workstations, and see no leaks from it. But, as with any kind of VPN solution, it's possible to sniff the traffik at the gateway, if not encrypted from that point forward. But it should get you through the Chinese firewall. As for phones, hmm. Anything on a GSM network, could possibly be monitored by the government. Something like Jitsi IM and encrypted videochat through VPN comes to mind, depending on your situation. But, as Digininja pointed out, it depends on what resources they want to spend on it, and would they bother for an ordinary bussinessman, conducting legal bussiness in China ? I guess you would be fine, just with an ordinary VPN solution, combined with some kind of encrypted messenger / videocall. Quote
kxsakbna Posted November 1, 2018 Posted November 1, 2018 If you are worry about china government, then you should realized all network traffic include but not limited public WIFI or private WIFI, wired network, mobile network are all under the government surveillance, all ISP and network technology company need make a copy of all the data (port Mirroring) to government server, which also including but limited to call records, SMS, GPS records. They will also keep a real time record for every IP address matching to every people unless it is a NAT, in that case it will match to a place and it's owner. That's why most of US or EU technology company will make china specific travel policy for their Key employee. They will use a flash installed laptop and cellphone. They will do all their job on remote computer thought WebVPN and Citrix. Which is actually not work well, since china also using BGP hijack very frequently. Quote
kxsakbna Posted November 1, 2018 Posted November 1, 2018 And They also own tons of CA and making fake certificate which will be trusted by any system. Quote
SoldierOfCryptoWar Posted November 27, 2018 Posted November 27, 2018 Yes, it should protect you Quote
jiedao315 Posted December 27, 2018 Posted December 27, 2018 做为一个地地道道的中国人给予你最标准的答案。你思考的太多了,中国政府根本懒得理会你。(As a local Chinese, give you the most standard answer. You think too much, the Chinese government is too lazy to pay attention to you.) Quote
digininja Posted December 27, 2018 Posted December 27, 2018 I'd agree for most people but it all depends on what he is worth to them. If he is a nuclear scientist at a conference on innovative research then they probably will care. Selling kids market stall plastic jewelry, they won't. Every discussion on topics like this need to start by working out threat models and risk profiles, till you have those, you can't make any sensible decisions. Quote
SoldierOfCryptoWar Posted June 11, 2019 Posted June 11, 2019 I am more worried about the fact that this is China and the Chinese people’s ability to break into various types of VPN. be careful. Quote
Miracleus Posted July 10, 2019 Posted July 10, 2019 Yes, VPN protects you in public wifi. All your data is encrypted under the VPN. However, you need to select reliable vpn providers, also many vpns are now blocked in China. Be careful using vpn in China. It is better to use invisible vpn connections like ssl. And never use free vpns in China. This is so resque. Quote
SoldierOfCryptoWar Posted July 16, 2019 Posted July 16, 2019 Yes, it will, your traffic go to VPN server and back so public wifi can't track or read it Quote
Narus Posted July 16, 2019 Posted July 16, 2019 A little but there a lot of issues with cookies and privacy. Easy for big brother to track you back just by your browsing history. If you are using a phone make sure your accounts do not automatically connect otherwise your info will leak before the VPN even connects. Usa a VPN that does not log your sessions. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.