Don't know but note that shadowsocks is not a traditional socks proxy. If I understood it correctly you do a traditional socks proxy to localhost and then a more heavily encrypted link to the actual host. Maybe that second link was slow, either because of the encryption or because it's written in python? ssh gives you as much or more security anyway as there are few protocols as thoroughly checked than ssh and performance seems nice.