China’s VPN crackdown gives local ecosystems home advantage

Image credit: karen roach /

China appears to be on a path to plugging the leaks in the Golden Shield Project (aka the Great Firewall of China) – particularly regarding VPN services – which is likely diminish the small presence that Google, Facebook and so on have managed to establish to date to almost zero.

Regulation in China can be a very grey area, but when it comes to the Great Firewall of China (GFW), the government appears to be deadly serious about enforcing the rules the Ministry of Industry and Information Technology (MIIT) announced in January 2017, which dictate that all special cable and VPN services need to obtain government approval to operate.

This news passed without too much fuss, as many services such as ride hailing have continued to operate despite being technically illegal. However, last week the MIIT clamped down further by adding another 84 categories of content to the blocked list, as well as demanding that ISPs prevent users from using VPNs by February 2018.

I think that it is the demand that ISPs prevent users from using VPNs that has the scope to have the greatest impact.

There are two factors to consider:

1. There are many VPN providers that are capable of circumventing the GFW but do not have a physical presence in China. Hence, they will be unaffected by the regulation or its enforcement by MIIT.

2. It is much easier to block the vast majority of VPN traffic than most users think.

There are two main protocols in use: L2TP/IPsec and Open VPN. Of the two, L2TP/IPsec is used far more because this protocol has been natively implemented into Windows 10, MacOS, iOS and Android which between them account for almost all internet traffic globally.

However, L2TP/IPsec has a problem which is that while the traffic is encrypted using IPsec, it is always transmitted on port 500, making it very easy to identify. Open VPN is much more complicated to set up and use, but it can be configured to run over almost any port, making it very difficult to detect.

Because most users are not technically literate, they tend to use L2TP/IPsec and any ISP determined to block this simply has to block all encrypted traffic on port 500 to shut it down completely. This will leave Open VPN as the only viable option in China, and because of the greater complexity in using it, only the very determined users will put the required effort in to get it working.

I think that this will further hamper the efforts of the foreign ecosystems to gain a foothold in the domestic Chinese market.

However, the flip side is that it will make the entrenched positions of Baidu, Alibaba and Tencent all the more secure as increasingly, they only have to worry about each other.

The net result is that my preference for Tencent increases as its position at home will become more secure even as the international market remains wide open for it to address. This is why it remains my favorite ecosystem from an investment perspective.

This article was originally published on RadioFreeMobile

Be the first to comment

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.