We all know about how the Great Firewall makes it a hassle to surf the internet from inside of China. Of the 1,000 most popular websites on the web, almost 15% are blocked, including most of the social networks popular outside of China. This can become problematic even for sites and services that are not blocked, as they often integrate services or build on top of platforms that are blocked.
Content delivery networks also struggle with the Great Firewall, as they have to carefully separate the traffic of their customers. They also have to carefully monitor which of their domains and IP addresses remain reachable from within China. Apart from nuisances, users might encounter serious security and privacy threats when surfing the web from inside of China. Below are the top 5 threats to consider when using the internet in China.
Top 5 threats when surfing the internet in China
Data hungry apps
With data analytics networks like Google Analytics unavailable, app developers often have to build their own, as recently demonstrated by Meitu, the selfie app.
Newer Android versions allow you to not only inspect the permissions an app is requesting, but approve and deny them individually, only giving the apps the permissions that you think it should have, but even then, once you give permission to use your files or camera, the application is able to access these at all times, even without you realizing. Also, do not root your device, as this removes important protections against data loss.
Inside of China, tech companies are themselves responsible for acting out government mandated censorship and monitoring. That means they have their own staff looking at suspicious posts, messages and images. These processes are increasingly being automated and sometimes police officers on premises ensure the “compliance” of the tech company.
Be aware of this monitoring, and be careful with what you post and say on Chinese platforms, especially when you are signed up with your mobile phone number, which is tied to your real name and payment details.
Old, insecure software
The prevalence of old platforms like Windows XP (supported until 2014) and Windows Server 2003 (for which support ended July 2015) and Android 2.3 (discontinued September 2011) means that malware is very frequently found on websites, servers and all kinds of hardware applications. This malware is aggressively trying to spread to you. Always keep your computer up to date and make sure your platform is still supported!
Flash is still very popular by Asian web developers, as it allows them to easily use a variety of non-standard fonts that would otherwise be too data intensive to serve. Flash however is full of security holes, and is often used to (inadvertently) spread ransomware and viruses. Deactivating flash might not always be possible, but many extensions help you to only activate it on demand on websites you trust.
Injection of malicious code
When you request a website over HTTP from outside of China, the Great Firewall is able to inject any kind of code to your request. Some of that code is malware, for example injected into your software updates. Other code is used to carry out a DDoS attack on foreign websites dubbed the Great Cannon, as used in April 2015.
To protect yourself, you can hop on a VPN with good routes out of China, as this practice is less common outside of the Great Firewall, but eventually, only a HTTPS connection (as indicated by the green lock in the browser bar) can protect you. This however, has to be implemented by the administrators of the websites and services you use, so reach out to them if you see a HTTP site!
Why you need a VPN
Be extra careful when surfing the internet from China. Always make sure that your phone, computer and software are up to date and only use devices that receive regular security updates. Using a VPN is a good idea, not just to unblock sites, but also to escape code injection and monitoring. Opt for a VPN that doesn’t keep logs of your IP address or activity, and pay with privacy conscious payment methods like Bitcoin.