What Is Shadowsocks?
An open-source SOCKS5-based proxy project, Shadowsocks is an intermediary that is mainly designed to bypass censorship. It was first released in 2012 by its creator, a Chinese programmer under the pseudonym “clowwindy”.
In 2015, the programmer announced that they were retiring from the project due to pressure from the Chinese police. Since then, Shadowsocks has remained open source, maintained and improved by many collaborators.
How Is Shadowsocks Different from VPN?
There is one major similarity between VPN and Shadowsocks — their ability to connect you to certain websites that are normally off-limits due to government censorship, geoblocks, or otherwise.
Given its original objective of bypassing the Great Firewall of China, Shadowsocks focuses on circumventing traffic restrictions. It utilizes HTTPS, thus disguising traffic so that it can move past the censorship measures in place.
Unlike VPN, Shadowsocks isn’t designed for privacy and anonymity. While both VPN and Shadowsocks encrypt data, Shadowsocks is much more lightweight. VPN uses many layers of military-grade encryption protocols to completely hide the traffic on its servers. Shadowsocks makes data ‘blank’ to look more like HTTPS traffic, so that it can move around unrestricted. It is not hidden, like on VPN, just disguised.
Due to its use of SOCKS5 proxies, Shadowsocks doesn’t send all your traffic through a server, as opposed to VPN. And in contrast to traditional ssh SOCKS5 proxies, Shadowsocks works with multiple TCP connections. The result is much faster speeds compared to the alternatives.
Benefits of Shadowsocks
The biggest advantage of Shadowsocks is its easy setup. The technology is a simple and capable proxy that doesn’t take long to set up and is perfect for accessing restricted content. Shadowsocks is also completely open source, with contributors making improvements regularly.
Another benefit of Shadowsocks is its selective disguising of traffic. You can choose which part of your traffic is affected by Shadowsocks — this makes it possible to access restricted content both inside and outside of your location.
Take the following scenario for example: you are in China and you want to access Gmail. By using Shadowsocks, you can choose the Gmail traffic to be “camouflaged”, thus bypassing the Chinese government’s block.
However, you will still be able to access the China-only websites. By contrast, a VPN would encrypt all traffic to your chosen server, thus making China-exclusive sites unavailable on the same device.
Last but not least, Shadowsocks is very difficult — if not impossible — to detect and block. The masking of traffic to make it appear as HTTPS is the main reason for that.
On the other hand, VPN’s modus operandi and its immense popularity have made it easier for governments and platforms to block the technology or force major corporations to remove VPN products from their stores (Apple removing VPN apps from the Chinese App Store is an example).
Understanding the Threat Model
While Shadowsocks is a great technology for bypassing content restrictions, its functionality beyond that is limited. As such, this superproxy is a viable option only if it fits a certain threat model — your ISP.
What is a threat model? Simply put, it is the reason you are looking for a VPN, VPS or DNS proxy in the first place. There are many aspects of the Internet that may demand a higher level of security — examples of threat models are public Wi-Fi hotspots, ISP-related issues such as data monitoring and logging, keeping your online identity hidden, etc.
Shadowsocks does not help your online privacy and security. You should use it only if your main concern is working around censorship.
Other threat models, which involve keeping your identity well-hidden on the Internet, are areas where Shadowsocks falls short. One could argue that it wasn’t designed for such functionality, and we agree. This is where VPN outshines Shadowsocks.