If you’re looking to escape internet censorship, one interesting option is something called Shadowsocks. Not only is its name intriguing, it also promises to get you past any blocks safely. Let’s see what this protocol can and cannot do.
What Is Shadowsocks?
Shadowsocks is a connection tool that lets you circumvent censorship. It’s used widely in China by people looking to tunnel under the Great Firewall—the digital barrier that keeps the Chinese internet “safe” from foreign influence—as it’s completely free, though you’ll need some tech know-how to set it up.
In fact, Shadowsocks is so good at getting past China’s blocks that there’s a good case to be made for it over another tool, virtual private networks (VPNs). Not only is using Shadowsocks free, it also hides traffic a little better than VPNs do. However, before we go into any more detail, let’s first go over where Shadowsocks comes from.
Who Developed Shadowsocks?
Shadowsocks was developed by a Chinese programmer only known as “clowwindy,” who put the initial commit (a version of a program or script) on GitHub in 2012. The protocol was a huge success and clowwindy kept working on it for several years, as well as developing a free VPN called ShadowVPN.
In 2015, however, Clowwindy left a message on a GitHub thread stating that the police had found him and had asked him to stop working on Shadowsocks and, presumably, ShadowVPN. He also was forced to delete the code on GitHub and he had “no choice but to obey.” He added that “I hope one day I’ll live in a country where I have freedom to write any code I like without fearing.”
What Happened to Clowwindy?
After this last message, it has remained quiet surrounding clowwindy. According to this blog post, after clowwindy had an “invitation to tea” (a term with about the same level of threat as the KGB’s infamous “friendly chat”), they briefly surfaced to show they were okay, and then faded away.
Thankfully, though, clowwindy’s work has not been relegated to the dustbin of history. Instead, a team of enthusiasts has carried on their work and kept working on Shadowsocks. At the time of writing in March 2022, it’s a powerful piece of communication technology that has gotten even better at getting past blocks.
How Does Shadowsocks Work?
Shadowsocks is interesting because it’s like a lot of other things, but just different enough that it deserves its own category. Technically, it’s just a proxy: it reroutes an internet connection through a third server, making it appear like you’re in a different location.
In a regular network connection, like the one you’re likely using now, you connect to your internet service provider’s server and then to the website you want to visit. If the authorities want to block a site, the internet service provider (ISP) is usually told to prevent access to its IP address. Using a proxy means you go from the ISP to an unblocked server and then to the site you want.
However, regular proxies are notoriously unsafe: there’s no good way to secure the connection, for one, and generally speaking, most sites can figure out quite easily that you’re using one. Shadowsocks, however, is based on a proxy protocol called SOCKS5 that secures the connection using an AEAD cipher—roughly along the same lines as an SSH tunnel.
Though AEAD ciphers are generally considered not quite as secure as the more common AES encryption (here’s one academic paper if you’d like to know more), they’re a big step up from regular proxies. They generally either use an HTTP-based protocol—pretty much just a rerouted unsecured connection—or an earlier SOCKS version which also isn’t encrypted. Using either one means you’re leaving yourself open to possible spying by, well, almost anybody.
Shadowsocks and VPNs
Reading the above, you may think that Shadowsocks sounds an awful lot like virtual private networks, which also reroute connections, but secure them as well. However, because Shadowsocks’ encryption is a little more lightweight, it doesn’t offer the same security as a VPN does.
However, the lighter encryption does mean that Shadowsocks can fly under the radar better than a VPN can. If they wanted to, an ISP could clearly identify VPN traffic, but a Shadowsocks connection is a lot harder to identify because it looks practically identical to a regular HTTPS connection.
Downsides to Shadowsocks
Because of these reasons, Shadowsocks is a great choice to dodge censorship blocks. However, it’s not perfect and there are some downsides, especially if compared to VPNs or even Tor.
For one, Shadowsocks requires a bit of setup and you need to understand a little how computers and connections work. VPNs generally just need to be installed and you’re good to go; using Shadowsocks means you need to sit down and read through the documentation and set up a server.
Depending on how you set it up, there’s a chance that Shadowsocks might take a good whack out of your internet speed. Any rerouting technology will reduce your speed, but some are worse than others. A good server will reduce the pain, but generally speaking, using Shadowsocks means a much slower connection. Also, unlike VPNs, you can’t use Shadowsocks to change your Netflix region or even to torrent files.
However, you could also argue that none of that matters: Shadowsocks was developed as a way to circumvent the blocks placed on free speech by a despotic regime and to do so for free. At that, it succeeds admirably and we recommend anybody looking to escape internet censorship at least look into it.