>From anecdotal experience: Running your own OpenVPN endpoint on a cloud provider like digitalocean* seems to work really well as long as you wrap the OpenVPN connection in something else like obfsproxy or stunnel. Theoretically if a commercial provider implemented something besides pure openvpn then that'd work as well. And if you want to roll your own node there is a set of ansiable scripts/playbooks called streisand at https://github.com/jlund/streisand, which includes a version of OpenVPN that proxies through an Stunnel connection.
*Some slight issues arose with running on Digitalocean, the user's account was locked completely at first and wanted extensive identification to unlock(passport), and the speed from China to node hosted anywhere but Singapore or LA was extremely slow. A VM hosted in singapore also seemed to be randomly slow, even to stuff that was hosted in Singapore. -Andrew On Thu, Feb 12, 2015 at 2:13 PM, Nathan of Guardian < nat...@guardianproject.info> wrote: > > > On Thu, Feb 12, 2015, at 11:45 AM, Tim Libert wrote: > > asking for a friend, can anybody suggest best ways to have a secure voice > > conversation with persons located in mainland china from outside china? > > threat model is interception by chinese authorities, other states/actors > > are not of significant concern. email alone is insufficient for task. > > 1) Setup a VPN of some sort to defend against traffic filtering and > blocking. Tor doesn't work with streaming audio (UDP) so it isn't an > option this case, but there are still viable VPN solutions out there > (ExpressVPN and others detailed here: > http://www.greycoder.com/best-vpn-china/) > > 2) Use something like Ostel (https://ostel.co/) service to have an > end-to-end encryption audio and/or video call using Jitsi or CSipSimple > (Android) or Linphone (iOS/Android): > https://guardianproject.info/howto/callsecurely/ > > You might also try using Signal (iOS), Redphone (Android), or > SilentCircle apps for mobile, but I am not completely up to date on how > well they work at the moment. > > +n > > -- > Nathan of Guardian > nat...@guardianproject.info > -- > Liberationtech is public & archives are searchable on Google. Violations > of list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. > Unsubscribe, change to digest, or change password by emailing moderator at > compa...@stanford.edu. >
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
