What confuses me is why isn't this implemented as a browser mechanism? Simple cookies aren't useful if they aren't returned on subsequent requests, if it's blocked by an action on the client side, then there's no issue.
Blocking things like Flash cookies are another story though.
I've been living in southern China for the past year and the last month has been a nightmare. It seems if you're pumping a significant amount of traffic over an encrypted channel, they block the remote server but only for the specific port.
I have a handful of personal OpenVPN servers and made the mistake of transferring a lot of data over 22 (SSH) and port 22 for that server was blocked. As the parent post suggests, it seems to be updated every 24-48 hours, usually every 24 hours though.
I found a good technique for those running private OpenVPN servers is to use iptables to forward a large number of external ports to the internal OpenVPN port, so that means once you see the port get blocked, you just increment your client port without needing to modify the server and you can connect fine again.
This has made it significantly hard to work from China, to the point where I'm considering leaving.
I'm currently living and working as a software developer here in China, and my livelihood depends on using a VPN. A few things I've learned:
I have about 7 different VPN servers that I manage for myself, my main one I use nowadays is on EC2, however I'm running a low cost low bandwidth VPN on DigitalOcean now and have been very happy. There are a huge number of VPS hosts around, pick one in a country with a good privacy record and work through that.
The process is simple: I just chuck an Ubuntu image on the server, install OpenVPN, and zip through a guide on configuring. The process becomes painfully simple to replicate to new servers if you're happy using a single private key for each of your servers, you can just copy the original server configs to a new server and have multiple servers available to you.
Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker