/ tor

PSA: Run a Tor node, lose access to Chinese IPs

Today, I wanted to try to see how the Internet looks behind the Great Firewall of China. I used a public HTTP proxy list listing Chinese proxy servers (meaning getting into Chinese censorship from the US, not bypassing it in China), and guess what? I was already blocked. Why? I suspect that I was running a Tor relay from my home connection.

Some Chinese websites do load, but many of those who do usually have a CDN outside the Chinese firewall. For example, I can visit AliExpress from my home computer without Tor, but I can't visit 163.com or 2345.com.

While I don't care at all for Chinese websites, there are people who do. If you want to access Chinese websites AND run a Tor relay on the same IP address, you may be screwed. Surprisingly, I can sometimes visit Chinese websites over Tor, but it's about as reliable as having Comcast as your home ISP.

Proof: telnet 2345.com

Optimum Online 100/35 in Westchester County, NY, home computer on same connection as Tor middle node:

neel@megora:~ % telnet 2345.com 80
Trying 42.62.30.180...
telnet: connect to address 42.62.30.180: Operation timed out
telnet: Unable to connect to remote host
neel@megora:~ %

Verizon FiOS 50/50 in Brooklyn, NY, Tor middle node (this connection isn't exclusive to Tor, it's used when I am in Brooklyn as well):

neel@kat:~ % telnet 2345.com 80
Trying 42.62.30.180...
telnet: connect to address 42.62.30.180: Operation timed out
telnet: Unable to connect to remote host
neel@kat:~ % 

Total Server Solutions in Los Angeles, CA (via an ITL VPS), Tor exit node:

neel@us-west:~ % telnet 2345.com 80
Trying 42.62.30.180...
telnet: connect to address 42.62.30.180: Operation timed out
telnet: Unable to connect to remote host
neel@us-west:~ %

Vultr VPS in New Jersey, non-Tor IP used for this website:

neel@newwww:~ % telnet 2345.com 80
Trying 42.62.30.180...
Connected to 2345.com.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
neel@newwww:~ %

It seems that IP addresses used for Tor nodes are blocked by the Chinese firewall, even if the same IP address used for a Tor node is accessing a Chinese website outside of Tor. And the little bit of the Chinese Internet which can be accessed on the same IP address as a Tor node is usually on a CDN outside of the Great Firewall.

Why are they doing this?

The blockage of the Chinese Internet on Tor IP addresses is probably related to the fact that China already illegalized VPN services and is in the process of strengthening the censorship regime.

While I am not advocating that China (or Russia, or Iran) should censor the Internet or block anonymity services (they shouldn't), China could just block the IP:Port combination of the Tor node and not the entire IP itself. Then Tor users (and people running Tor nodes from their home computers) could access Chinese websites.

Or better, allow access to literally everything on the Internet (which should be done in every country, whether US, UK, China, Russia, or even North Korea).