A beginner's guide to the Chinese internet,
or how to avoid being spied upon by the government
You have just set foot in China. Before coming here, you researched how life in china was like, and you learned that the government censors and spies upon its citizens. Therefore, you prepared for it by installing a VPN, and off you went. You felt secure behind your line of defense. But are you truly safe?
The system that china uses to block sites is called the great firewall of china (GFW for short). Basically, all data going to overseas websites is first sent to super computers, where it is analyzed. If the computer discovers you are trying to access restricted websites or information, it will block your connections to that website.
The way VPNs work is by encrypting (locking) your information and sending it to a remote server (computer), preferably in another country, where it is decrypted (unlocked) and sent to google.com, facebook.com, or whatever website you want to access. By so doing, it protects your personal data from being accessed on the way. Since the super computers can't access your data, it doesn't know which to block and which to allow, so it allows all of it. Of course, China could decide to block all of it instead as well. However, many multinational companies rely on VPNs to communicate, and completely blocking them would cause massive economic losses for china.
VPNs protect your data from being accessed on the way. But are there other ways China can monitor your connections? Absolutely. Therefore, to help you protect your data, we will examine several important ways China tries to access your data (spy on you).
First, through compromised software. These include most Chinese browsers (Baidu browser, 360 browser), antivirus (360 Antivirus), and communication software (QQ, WeChat, and email clients).
Lets consider them one at a time. First, antivirus. Many times, when you try to access websites containing viruses, phishing websites, and insecure websites, your antivirus will often send a pop-up message telling you that the website is compromised. Now how does the antivirus know that? Obviously, it is monitoring your online communications. Now lets imagine you are trying to access google through a VPN. Although it may not be ably to access all your online data (as it is encrypted), it can tell that you are using a VPN. It can then try to obtain the IP address (the way computers identify each other on the internet; each computer has a unique IP address) of the VPN server, and then send that information to the GFW, who can then block all connections to the VPN server if it chooses to do so. Therefore, Chinese antivirus, especially 360 antivirus, which is know for being a virus/trojan horse itself (do a google search), are highly insecure, and will most likely compromise your data and share it with the GFW. What is interesting is that the University of Beijing's (a government university) VPN service page states that users should not use 360 antivirus and browser while using their VPN, and that they should UNINSTALL it. (See picture) Perhaps they know something we don't about 360? Also, 360 software has been known to monitor QQ, Skype, and other communications software. Be forewarned.
Similarly, browsers can also tell when you are trying to access blocked websites. If the connection passes through, then the browser knows you are using a VPN to access otherwise blocked websites. It can then find the IP address of the VPN server and send that information to the GFW. After all, it's a browser, so you can't prevent it from using the internet to upload your personal data. Compromised browsers most likely include (but are not restricted to): 360 browser (just stay away from anything 360), and Baidu browser. Safe browsers include: Chrome, Firefox, and Internet Explorer.
As regards communications software like QQ and WeChat, some months ago, there was a news report saying that WeChat had just accepted to share all user communications data from inside China with the government. Since all data goes through WeChat's servers, a VPN will not prevent your data from being shared. I believe QQ is the same, as it is owned by the same company that owns WeChat. Also, all local email providers, such as Baidu, 163.com, and QQ.com are very likely forced to share user communications data with China. Yahoo has also shared some user data with China that have led to the arrest of a journalist. Since Microsoft and Apple seems to be enjoying the favors of the Chinese government at the moment, I would not trust them either. The only email provider I would recommend as safe is Gmail. In fact, one of the reasons why China banned Google is because they refused to share email communications with them. Which begs the question, why are outlook and iCloud email servers still working?
Aside from compromised software issues, there is another way the GFW can access your data. It is a little complicated, so I'll just explain it briefly. Basically, they use fake SSL certificates to decrypt https connections. In the real world, that means they can decrypt your bank data when you access your banking websites, or any other 'secure' websites. It seems they also use this method to redirect some of your connections to participate in the GFW's DDoS attacks on other countries. This is one reason why china is a main source of DDoS in the world. They are using all your computers to DDoS other country's websites. You can find the SSL certificates your browser trusts under their advanced settings (often under “security”). Open the list and if you find the CNNIC SSL certificate, remove it from the trusted list.
Well, that is all for this article. Hopefully you now know how to protect yourself and your data. If you have installed any of these software before, make sure they are correctly uninstalled, and you should be good to go. And if ever you are tempted to install Chinese antivirus or browsers, don't. You will save yourself a lot of trouble when you want to uninstall them down the road.