Wouldn’t that still leak your DNS? I guess that’s not a big deal if you don’t care about timing correlation attacks.
Wouldn’t that still leak your DNS? I guess that’s not a big deal if you don’t care about timing correlation attacks.
People who are looking for direct integration between podcast players and SponsorBlock seem to be missing that a lot of podcasts these days that do have advertising in them oftentimes have dynamic ads where the ad audio will change depending on the day, the geographical location of the download, etc. So SponsorBlock can’t actually account for what are essentially dynamic timestamps Whereas with YouTube you typically have fairly static timestamps that can be shared across a user base, only smaller podcasts are really going to be able to be captured by SponsorBlock unless someone discovers a way to mod an Android APK to essentially prevent the client-side compilation of ads and the original podcast audio assuming that there is a podcast app that does this on the client side.
I mean, some bird species have mothers that essentially drop their fledglings to predators to distract from themselves (and their insecurities), or just simply don’t feel bothered to actually help raise them to maturity.
The great firewall situation was always interesting, because if you would use a roaming Sim, then you will be able to access anything
Roaming SIMs work because the APN sets a network routing path outside of China.
Cool writeup. I remember implementing BBR many years ago when I was trying to bypass the Great Firewall for an extended stay. Helped deal greatly with the huge congestion on Chinanet backbone at the time, but it’s less of an issue these days now that foreigners can use CN2.
A lot of these comments are downright unreasonable.
It’s important to evaluate your threat model critically. The average tourist (that isn’t going to Western China) or student is not a target for surveillance or data extrication attempts, especially firmware level attacks that are very specific to devices and are expensive to research and implement.
Companies tend to require employees to carry burner devices for international travel because that’s just good practice. You’re far more likely to lose your device when traveling, border officials have broad discretion to search for and access your devices, and companies tend to have high value information available to their devices past the corporate gateway, like trade secrets, technical designs, accounting records or employee data. That applies to any country, even Western countries.
Take your privacy seriously, but the notion that anything that touches Chinese soil means your devices are instantly compromised is a bit of a fallacious claim. Critically evaluate your role, the information you carry and why you might be the target of anything.
Anyways, as far as VPNs go - technically not illegal. Companies, universities, etc. all have sanctioned MLP gateways in Hong Kong to bypass the firewall. Every expat in China uses a VPN. There’s only one public case of anyone ever being arrested for using a VPN (and it was under a catch-all law), the others were all operators of ShadowSocks/V2Ray airports.
Tailscale and WireGuard is dicey in Mainland China. If you’re just a short term visitor, just buy a 3HK roaming sim for China and call it a day. As a best practice, you don’t really want to expose your self hosted services to the web anyways, so I would probably not even bother trying to VPN from a mainland connection directly.
I never got Plex or Jellyfin to work well on actual Mainland internet connections, simply because the Chinanet backbone that most people in China use is excruciatingly bottlenecked to the point that torrenting from other Chinese peers is just a much more pleasant experience.