Table of Contents

Comment Icon0 The “tunneling protocol” is used to describe a computer-networking process where the payload protocol (i.e. content data) is encapsulated within a different delivery protocol (i.e. content packaging). Tunneling is typically used in two scenarios: 1) to carry a payload over an incompatible delivery protocol; and 2) to provide a secure path through an untrustworthy network. Both scenarios fit the needs of Internet users hoping to not simply circumvent Internet filters, but to stealthily surf the Internet as network traffic would be disguised and encrypted to prevent the authorities from snooping in. The Chinese end-user would download a client software that creates a tunnel to a computer in a non-filtered location. All the user’s computer network services are run through the encrypted tunnel to the non-filtered computer, which forwards the user’s requests and responses transparently.

Comment Icon0 Expatriates as well as Chinese users working for foreign organizations might be given such tunneling service accounts as part of their employment, though other users might also use commercial (e.g., monthly subscription) as well as free (e.g., advertisement-driven) tunneling services as well. As a security issue, the free tunneling services (e.g., may compromise the privacy of the end-user, since the advertisements that come along with it are often requested through plain text HTTP which may be intercepted by the Chinese authorities. A more commonly known interface which users would use to negotiate private tunneling service would be through virtual private etworking (VPN), which gives the end-user’s computer the complete experience of being in the tunneling server’s location. With OpenVPN (at, technically-savvy users could even run their own VPN service, provided they have administrative access to web servers overseas.

Comment Icon0 While tunneling solutions such as VPN might sound viable as a method of circumvention, the downside includes how popular commercial tunneling services might already be filtered in China. As specific applications need to be run in order to use tunneling services, such software might be prevented from being installed at public locations such as Internet cafes. Ideally, tunneling applications are most suitable for technically-capable users who require secure and reliable circumvention services from their own personal computers. In particular, for Internet users in China without trusted contacts living overseas, subscribing to a commercial tunneling service might be the most viable alternative for them to circumvent the PRC’s Internet censorship. Finally, since user accounts are required for tunneling connections, there is no guarantee of the user’s anonymity despite using a secure service.

Chapter 7.3.5 – Tunneling Protocol


0 Comments on the whole page

0 Comments on paragraph 1

0 Comments on paragraph 2

0 Comments on paragraph 3

Leave a Comment

You must be logged in to post a comment.