China's Solution To The VPN Quandary: Only Authorized, And Presumably Backdoored, Crypto Links Allowed

from the will-Russia-follow-suit? dept

Two of the most important developments in China’s clampdown on the digital world took place last year, when the country’s Ministry of Industry and Information Technology declared that all VPN providers needed prior government approval to operate, and then apps stores were forced to remove the many VPNs on offer there. In some parts of China, VPNs were banned completely, but such a total shutdown is not really an option for cities with many businesses that require secure overseas communication channels. That put the Chinese authorities in something of a quandary: how could they reconcile their desire to prevent VPNs being used to circumvent online controls, while ensuring that the country’s increasingly important corporate sector had access to the encryption tools it needed for operating globally? An article in the FT provides us with the answer (paywall). In recent months, international companies and organizations have found their VPNs blocked more frequently:

regulators have been pushing multinationals to buy and use state-approved VPNs. The state-approved versions can cost tens of thousands of dollars a month and expose users’ communications to Beijing’s scrutiny.

“China’s intention is to control the flow of information entirely, making people use only government-approved VPNs by making it difficult, if not impossible, to use alternatives,” said Lester Ross, partner at legal firm WilmerHale in Beijing.

The great thing about state-approved VPNs is that they can include backdoors for the government to use, and can be to shut down quickly if really serious problems arise that require even more stringent controls.

Backdoored crypto is inherently vulnerable to attacks against those built-in weaknesses, but the Chinese authorities are doubtless willing to let companies run that risk for the sake of maintaining overall control. Since Russia’s views on VPNs are closely aligned with those of China, it will be interesting to see if it decides to adopt Beijing’s solution to the VPN dilemma to tidy up its own rather clumsy approach.

Follow me @glynmoody on Twitter or, and +glynmoody on Google+

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “China's Solution To The VPN Quandary: Only Authorized, And Presumably Backdoored, Crypto Links Allowed”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: Even If Their Encryption Is Backdoored ...

How do you make that out, as the VPNs are inside the great firewall, and will have their access to the Internet controlled by the great firewall. Also, being a state controlled VPN, it is a man in the middle for HTTPS, and so can detect and block any added encryption..

Sayonara Felicia-San (profile) says:

Re: Re: Even If Their Encryption Is Backdoored ...

Because no serious country with a well thought out and funded spying system, is going to put all their eggs in one basket.

They almost certainly, have a number of different attack vectors in their arsenals, and this is just going to be one of many.

To answer your question the two ways are going to be:
1. Identifying those VPN’s who attempt to confuse or defeat deep packet inspection techniques.

2. compromise systems en-masses, using our own backdoors and exploits, we forced or encouraged manufacturers to build in themselves.

Most of which will either already have been stolen by the numerous spies working in the United States and/or by identifying reverse engineering those exploits.

And of course, their newest method, which is simply to copy us and force manufacturers to include backdoor not only in encryption but in literally numerous electronic devices and technologies.

Sayonara Felicia-San (profile) says:

How does this differ from our own?

I’m talking about our own governments destruction of privacy, which inconveniently has to take an incremental approach:

FBI Says Device Encryption Is ‘Evil’ And A Threat To Public Safety

FBI, Security Chiefs Ask SenateFor Keys to All Encrypted Data

…and this is just the FBI, which clearly doesn’t have the black budget, like the NSA and CIA to sabotage so many different attack surfaces as to make encryption basically pointless for the majority of targets.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...