Server access from China
-
tailscale worked some times, but seemed to depend on the location of the moon relative to the air speed of a nearby sparrow and it was really slow.
Zerotier is similiar - works sometimes but China's firewall is constantly changing which ports/protocols it blocks, so setup a wireguard server on port 443 as backup (looks like normal https traffic) and test both before you go.
-
I have never heard of that happening. surely that'll take ages if they had to stick an app on every foreigner's phone
You have no idea how small these snooping apps can be. Like less than a megabyte and all your traffic goes through a server controlled by the pla and logs everything in and out of your phone whether your on mobile or Wi-Fi.
-
At first, it will probably work. But you will likely lose access after a few days and your servers will be scanned for exploits, so make sure your shit it up to date.
Source: hosted an XMPP server which was summarily banned after 2 days of access from China and then probed/attacked repeatedly until I took it offline.
almost like going to China is a mistake...
-
I have never heard of that happening. surely that'll take ages if they had to stick an app on every foreigner's phone
-
wrote last edited by [email protected]
Foreigners looking to travel through China's Xinjiang
That's only for Xinjiang.
-
You have no idea how small these snooping apps can be. Like less than a megabyte and all your traffic goes through a server controlled by the pla and logs everything in and out of your phone whether your on mobile or Wi-Fi.
Yeah but the process of taking a phone, getting the unlock code, installing it, etc.
-
From North America, and I’m going on vacation in china for a few weeks. I wonder if anyone knows if I’ll be able to access any of my self-hosted services over zerotier while I’m abroad?
Edit:
To be specific, I’m hoping to ssh into my machine over zerotier in case I need to fix something and back up some photos to my home NAS via rsync or somethingDon't make any connection to your home server, period.
-
Yeah but the process of taking a phone, getting the unlock code, installing it, etc.
Lol you just flew half way around the world to get there and now you're going to not give them your code. And yeah, they probably don't need it anyways.
"bUt YiDdIsH, wHy NoT sNeAk YoUr DeVicE iN¿"
You go ahead and try that, let us know how it works out for you if you make it back.
Simple solution to every other dumb shit question you're going to ask; just bring a fucking burner device not logged into anything!
Jesus, I got this fence post out in my yard if you wanna continue this non argument.
-
Lol you just flew half way around the world to get there and now you're going to not give them your code. And yeah, they probably don't need it anyways.
"bUt YiDdIsH, wHy NoT sNeAk YoUr DeVicE iN¿"
You go ahead and try that, let us know how it works out for you if you make it back.
Simple solution to every other dumb shit question you're going to ask; just bring a fucking burner device not logged into anything!
Jesus, I got this fence post out in my yard if you wanna continue this non argument.
You could just delete your sensitive stuff on your normal device if you cannot afford a burner. VPN certificates and logins can be revoked.
-
Foreigners looking to travel through China's Xinjiang
That's only for Xinjiang.
Elsewhere in China, phone inspections may not be standard but targeted. Although broader surveillance like the National Anti‑Fraud Center may be used.
Aka I ain't travelling there
-
People posting here don't realize that CN gov IDs and allows certain traffic to get rerouted through a certain VLAN so they can do DPI and record every packet through a beefy expensive tap device to analyze the telemetry later, and potentially build a case against you. If they so choose. And they likely have the capability to trivially decrypt TLS.
Don't bring in any tech, don't access your personal net back home, don't expect any level of actual privacy or good intentions. Just do your business and keep your digital digital persona minimal while there.
wrote last edited by [email protected]really off-topic here, but as long as you factory reset a google pixel before leaving home why wouldn't you bring that with you?
AFAIK it's possible to detect government tampering by using GrapheneOS' Auditor
I'm asking in good faith but maybe it would be dangerous to stand out by running non-standard OSes
-
Elsewhere in China, phone inspections may not be standard but targeted. Although broader surveillance like the National Anti‑Fraud Center may be used.
Aka I ain't travelling there
wrote last edited by [email protected]Your choice ¯\_(ツ)_/¯
-
From North America, and I’m going on vacation in china for a few weeks. I wonder if anyone knows if I’ll be able to access any of my self-hosted services over zerotier while I’m abroad?
Edit:
To be specific, I’m hoping to ssh into my machine over zerotier in case I need to fix something and back up some photos to my home NAS via rsync or somethingwrote last edited by [email protected]Maybe it is possible, maybe not. GFW may interfere with zerotier connections.
If that doesn't work, you can consider using Alibaba Cloud's HK server for transit.
Generally speaking, if you come to China for work or pleasure like ishowspeed, there is basically no risk. I wish you a pleasant trip to China.
