How to break through the Great Firewall of China on iOS
- 10 October, 2013 14:17
Most people have heard of the Great Wall of China, but China also has a modern-day virtual wall, frequently referred to as the Great Firewall of China and officially known as the Golden Shield Project. The Chinese government uses the Great Firewall to censor the Internet: Facebook, Twitter, and other sites are blocked. For tourists or expatriates in China, having no access to Facebook or Twitter can be vexing, since they may normally rely on those social networks to keep in touch with the happenings back home or to document a visit.
But there are ways around the Great Firewall. The method most commonly used by visitors and Chinese citizens alike is to use a virtual private network (VPN): You simply connect, over an encrypted connection, to a server outside the firewall. During my recent visit to Beijing, I thought I'd see whether I could use such an approach to get around the Great Firewall. Not only was I successful, but it's a lot easier than it sounds. If you're the type of person whose eyes gloss over when you hear terms like VPN and IP address, rest assured that it's not at all difficult to do.
In this article, I'll go over the steps of how I used an iPhone and a VPN to access the Internet in Beijing, China. If you have any suggestions or tips, please add them in the comments section. (Macworld's Serenity Caldwell has a very helpful article that includes general tips on traveling overseas with Apple gear.)
Before I get started, it's worth asking: Is it legal to use a VPN in China? An online report at VPN Instructions says "there are no laws...that prohibit any user in China from connecting to a VPN outside of mainland China." But the Chinese government has passed a law requiring telecommunications companies to obtain detailed information on new customers for the purposes of tracing account activity. And though a VPN prevents anyone from knowing what you're doing on the Internet, the fact that you're using a VPN in the first place raises red flags (in a bad way) with the Chinese government about your online activity. So try this at your own risk.
Prepare the device
Before my trip, I needed to find a GSM phone that would let me use a China-specific SIM card. (GSM is the radio system used by AT&T and T-Mobile in the United States, and by most mobile phones outside the United States.) Specifically, I needed an unlocked GSM phone--one not tied to any particular carrier--and a SIM card bought in China.
Most GSM iPhones sold in the United States are locked to AT&T's network. To use a non-AT&T SIM card, you have to unlock your phone, which allows you to use it on a network other than AT&T's. Fortunately, I had an old, AT&T iPhone 3GS that I wouldn't miss if it were lost. Unlocking my iPhone 3GS was easy: AT&T lets you request a device unlock online, as long as you meet the company's requirements. (AT&T's primary requirement is that the phone is no longer under contract. Other carriers have different requirements for unlocking a device.)
As for the SIM card, you could use your carrier's international-roaming plan, but such plans tend to be very expensive. In addition, I wasn't sure about the coverage of my carrier's roaming plans in China. Using a SIM card that was "native" to China ensured that I would have coverage in the country. Local SIM cards also tend to be inexpensive, and they're easy to set up. (On the other hand, most of these SIM cards allow only local phone calls.)
I also got a battery case for my iPhone 3GS--since it is more than four years old and has been sitting in storage, the phone's internal battery no longer offered much usage time. The battery case allowed me to use the iPhone 3GS more than 7 hours before it needed recharging.
Pick a VPN
A VPN takes the Internet data you're transmitting and receiving and sends ("tunnels" in networking lingo) it through a private, encrypted channel so that no other servers--such as the Chinese firewall--can read it in transit.
You'll find dozens of VPN services online and in the iTunes store, but the Chinese government is constantly working to thwart the efforts of these VPNs. How do you find out which VPNs work in China? By using the Internet, of course--but you have to do your research before you get to China. BestVPN, a site dedicated to reviewing VPNs, had the most up-to-date information on VPNs for China that I found, so I used BestVPN's recommendations as a starting point.
I signed up for two VPN services, ExpressVPN and AirVPN, just in case one didn't work when I got to China. I also picked these two services both because they allegedly worked in China and because each offered short-term service plans. (Most VPN services I surveyed offer monthly or annual plans, which was more than I wanted.) At the time of my trip, ExpressVPN offered a seven-day free trial, which was perfect for me; I bought a €1 three-day plan for AirVPN.
I also sent email messages to the VPN services to ask about their availability in China. A representative from AirVPN sent me a very helpful reply, saying that the company's service worked on "business lines" but not on "residential lines." AirVPN also gave me some tips to try in case I experienced a service disruption. An ExpressVPN rep confirmed that its service worked in Beijing.
(During my trip, a friend told me that I could set up a free personal proxy server using Google App Engine. I didn't have a chance to try this approach, but if you have the time, you can give it a go by using Digital Inspiration's instructions.)
Set up the VPN
It's a good idea to set up and test the VPN before you leave the States, so you can work out any problems with the help of the VPN provider's support, if needed. (Yes, you can use a VPN without going abroad. In fact, you might consider using a VPN all the time, if you're concerned about privacy.)
ExpressVPN's iOS app takes care of the setup process for you. That's one appealing aspect of going with a VPN from a company that has a mobile app: If you're skittish about network configurations, using such an app lets you avoid dealing with most of the technical details.
AirVPN requires the OpenVPN Connect app, and the setup isn't as friendly as ExpressVPN's is: You have to visit the AirVPN website, set up configuration files online, and then download those files to your device. Then you use the OpenVPN app, instead of iOS's Settings app, to connect to the VPN.
Once both services' settings were configured, I tested each VPN. To open an ExpressVPN connection, I used the VPN screen of iOS's Settings app, selected a server, and toggled the VPN to the On position. For AirVPN, I launched the OpenVPN app, tapped the Autologin Profile box, selected a server, tapped the OpenVPN button in the upper left, and then turned on the VPN. With each service, the server you select here becomes the default server for future connections (though you can change that server at any time).
Get a SIM card
Buying a SIM card--which I had to do once I got to China--was the most difficult part of the process, owing to the language barrier. The store we visited had a clerk who spoke some English, but the transaction required patience and some time. Pro tip: Don't try to buy a SIM card when the store is about to close for the night, as I did.
I decided to buy a SIM card from China Unicom because the company is an iPhone carrier, so I figured that the store clerks could easily set up my iPhone 3GS. I bought a SIM card that was good for a month and included 420 minutes of local phone service and 500MB of data for ¥156 (about $25). Monthly SIM cards were available with as little as 50 minutes and 150MB of data (¥46/$8), or as much as 3000 minutes and 3GB of data (¥886/$145). The clerks installed the card for me and set up my phone.
As I mentioned earlier, the Chinese government wants complete user information for any mobile account, so the store clerks spent a lot of time with my passport. The process took about 20 minutes, and the clerks had a lot of paperwork to fill out.
The Beijing airport also has kiosks where you can buy SIM cards, so you could buy a card immediately after you got through customs if you wanted to. The kiosk clerk's English was better than that of the clerk at the store where I ended up buying my card.
Make a connection
Unfortunately, I wasn't able to make a data connection with my iPhone 3GS and its new SIM card the night I bought the card--I kept getting a black screen with a message in Chinese, and Cancel and Accept button that didn't work. Obviously, my data plan had not yet activated, but I didn't know whether there was a problem with the SIM card or with the phone's setup--or whether I just needed to wait. Since the China Unicom store was closed by this point, I had to wait until morning anyway.
Luckily, the next morning the data connection worked. I could connect to Bing, Apple, and (unexpectedly) Instagram without even using the VPN. I couldn't connect to Facebook or Twitter, however, so now it was time to try a VPN. After I waited for about 15 seconds while the phone established a connection to AirVPN, a VPN icon appeared in my iPhone's status bar, and I could connect to Facebook and Twitter and read both feeds, as well as post my own messages. I was also successful using ExpressVPN. While I was using a VPN, I noticed a network lag of 4 or 5 seconds, but it never got worse than that.
I was in Beijing for four days, and I never had a VPN problem. I was surprised to find that the signal strength at the (physical) Great Wall of China was very good, and I successfully posted Instagram pictures from there. I use Facebook to record the places I visit, and I was able to check in without a hitch. I also used Apple's Maps app to see my location relative to other Beijing landmarks (though I didn't use it for directions). And I kept track of the scores in the Major League Baseball pennant race that was then going on.
The only annoyance I encountered was that every time my iPhone went to sleep, I had to reconnect to the VPN after waking it up, before I could use the data connection. That process takes only takes a few seconds, but I wish there were a way to make it more automatic.
The next time
Apart from not being able to use the SIM card's data connection during the first evening, I didn't expect everything to go as smoothly as it did. Of course, since the Chinese government is actively (and endlessly) trying to prevent the use of VPNs to access the "outside world," it's possible that at some point the VPNs I chose won't be able to provide their services in China. So for my next visit to Beijing--if there is a next time--I'll have to be prepared to use other VPNs, just in case.