[pzmarzly]

Is there a good comparison of "undetectable" VPN protocols? Wireguard[0], Shadowsocks[1], VLess[2], VMess[3], Trojan[4], etc. All of them seemed to work for me during my recent trip to China.

[0] The article says Wireguard is easy to block, but in my experience GFW lets it through.

[1] https://shadowsocks.org

[2] https://xtls.github.io/en/development/protocols/vless.html

[3] https://xtls.github.io/en/development/protocols/vmess.html

[4] https://trojan-gfw.github.io/trojan/protocol

[kelnos]

> All of them seemed to work for me during my recent trip to China.

Depending on how you were connecting, your traffic may have been explicitly allowed. If you were connecting via your cell phone, using roaming with your home SIM card, you're not subject to the Great Firewall (all your data was essentially VPNed through your wireless carrier's PoP already). And IIRC many larger hotel chains that cater to foreigners (and would likely refuse to allow a citizen to stay there) also aren't GFW'd

[roughly]

Yeah, AIUI the Chinese government cares that Chinese citizens can't bypass the GFW, but either explicitly or implicitly does not care if foreigners do.

[warkdarrior]

As it should be -- a government's duty is to serve its citizens, not any foreigners who happen to be visiting.

[roughly]

This is a weird response to a censorship regime.

[blacklion]

Wireguard and Shadowsocks are trivially detectable, as Chinese and Russian providers show in practice.

TLS-in-TLS (trojan) seems to be detectable too.

If we look at Chinese and Russian government DPI, we will see that now VLESS with XTLS‑Vision and XTLS‑Reality are not detectable. YET.

[EVa5I7bHFq9mnYK]

yup, vless works, mullvad/nordvpn/pia/surfshark don't.

[olalonde]

> [0] The article says Wireguard is easy to block, but in my experience GFW lets it through.

For some time. After a while, the connection eventually gets blocked or throttled. The annoying thing about understanding the GFW is that it's not quite deterministic.