Every time I check HN, there's a new crypto tool, encrypted databases, and tips on hardening your servers. No matter how secure your system is technically, there is always the requirement to make parts of it "insecure" (in the sense that people buy enterprise encryption, but expect the company that sells it to keep a spare copy of the keys to recover lost data just in case)

The reality in cyber security is that people provide the weakest and easiest point of entry to compromise any computer system. Until the business side and process side of things improve, shit like this will remain common.

I thought this was a joke with the answer being "because there's a giant park instead of buildings"

The park's on the other side of the second cluster of high-rises.

Not exactly. If you use an standard VPN protocol right out of the box (read: OpenVPN), then yes it is automatically blocked. The OpenVPN SSL handshake is different to regular SSL.

There are certain ways you can disguise the traffic and the VPN companies that specialize in China do that- but the GFW is regularly updated so what works today probably won't work next month.

The other issue is that even if you do get a VPN working, they have a tendency to throttle your connection. VPN traffic is quite different to your regular http/https.

As someone with a startup that operates in both India and China, I completely agree that India will be the next big thing.

Both are messed up in their own ways. The difference is that in India, things are generally getting better. There are exceptions but the trend is moving towards a better internet ecosystem.

China on the other hand is a case of how to F* things up. They modernized their tech backbone so quicky hundreds of millions of people have access to fast (20 mbps+) internet. From there the government has made it virtually impossible to have a global tech focussed startup in China.

Just an example- npm repos are by default blocked in China. Apparently the automatic version control ended up with a number sequence that corresponds in some bamboozled way with a black date that's censored. Government had a hissy fit and therefore NPM is blocked. You have to reconfigure to use Chinese locally hosted repos which is a security risk (Read: IOS malware in Chinese versions of software)

We also got stung with a government request for data on users. Since the law in China changes with every government official you meet, some of the shit they ask for is beyond rediculous. To be fair, it's also happened in India, but the frequency is decreasing.

Cheers for the insight. How does the request for data on users differ between China and India? Am curious.

There really isn't that much difference in the substance of the requests which was not what I expected.

It's more the frequency and how the requests are delivered that is different

The price the manufacturer is looking to sell, this doesn't make sense. Sure it offers more hardware flexibility than a PI, but its ultimate form factor makes it at best a pi type substitute rather than opening up new possibilities like what the Arduino Nano does.

A new Meteor and Django in the same week. Feels like Christmas come early

You might be interested in this then https://github.com/commoncode/django-ddp

Well, this is just the first alpha. Stable release may be much closer to January.