Inside the Great Firewall of China's Tor Blocking 160
Trailrunner7 writes with an article at Threat Post about China's ability to block Tor. From the article: "The much-discussed Great Firewall of China is meant to prevent Chinese citizens from getting to Web sites and content that the country's government doesn't approve of, and it's been endowed with some near-mythical powers by observers over the years. But it's somewhat rare to get a look at the way that the system actually works in practice. Researchers at Team Cymru got just that recently when they were asked by the folks at the Tor Project to help investigate why a user in China was having his connections to a bridge relay outside of China terminated so quickly. Not only is China able to identify Tor sessions, it can do so in near real-time and then probe the Tor bridge relay and terminate the session within a couple of minutes."
And you say Chinese can't innovate (Score:5, Insightful)
Re:And you say Chinese can't innovate (Score:4, Funny)
Re: (Score:3, Interesting)
Do you really believe that a census on over one billion people, who have (who had?) an incentive to lie about their progeny, is credible?
Hell, I might be wildly off the mark but for all we know there could be two billion people in China, I wouldn't be that surprised.
Hopefully someone more aware of the reality of the situation will chime in.
Re: (Score:3)
Wikipedia cites 1.3 billion [wikipedia.org]
The margin of error in the US census is 0.009%. [census.gov]
Even allowing for China to have a margin of error a hundred times that of America's, you're looking at a maximum inaccuracy of ~12 million people, not 300.
Re: (Score:2)
Illegal aliens (both internal and external... do you know anything about the hukou system?) have an extremely high incentive to remain uncounted, particularly if they have children.
From 2008:
http://www.china-briefing.com/news/2008/09/01/is-china%E2%80%99s-population-really-13-billion.html [china-briefing.com]
Re: (Score:2)
Re:And you say Chinese can't innovate (Score:4, Interesting)
How many people are actually in China, I am in no position to guess. But I am in a position to know that census undercounting does occur and why.
As I mentioned, the "uncounteds" are both internal and external illegal aliens. Unlike most of the Western world, where the right of free travel is assumed, within China you are only legally allowed to live/work/"own" property in the place where you have a hukou (this is a gross oversimplification, but it is the beginning of a discussion). Many of the presumed 400M illegals are native Chinese who have chosen to live where they have no permission to live, doing so under the radar to avoid sanctions which in the past could have been quite onerous. They aren't at their home city to be counted (though children usually are, staying with grandparents, since without a local hukou they have no right to go to school where their parents are living) and they avoid being counted in the city where they are living because they could be forced to return to their officially registered home.
About 6 or 7 years ago, the hukou laws were supposedly eliminated, but anyone who says they have been completely abolished is wrong. Decentralized, perhaps, but they still exist and are enforced whenever the right government official gets their panties in a wad. Unless and until the hukou laws are actually abolished, the charade will continue.
Re: (Score:2)
The reality of the situation in China is that the government is under _huge_ pressure to drop the draconian population control policy, aka one-child policy. However, there is no sign from the regime that it would even consider budging on this issue. So if anything, they have an incentive to _overstate_ the population, rather than understate it.
The other reality is that hundreds of elementary schools rural areas were closed down over the past few years due to not having enough school kids. Class rooms that o
Re: (Score:1)
Why is their policy draconian? Over population is a HUGE problem that needs to be dealt with, can you think of any alternative methods that are less "draconian"?
Re: (Score:2)
Why do you claim that over population is a huge problem? The rate of human population growth has been declining for decades. It currently seems as we'll never even hit 10 billion before we drop in total numbers.
I recommend Hans Rosling on the subject: http://www.ted.com/talks/hans_rosling_on_global_population_growth.html [ted.com]
Re: (Score:2)
Population growth has to slow down, bacause it's been excessively high for the past centure.
Just scant century ago, the population of the world was under 2 billion. Now it's 7. In just 100
Re: (Score:2)
Feel free to watch the link I gave you, and understand that we're already on a growth limiting curve. There is no "population explosion". The exponential is declining. You can stop worrying.
(Pollution was an issue centuries ago in London as well, as it is in wood stoves in India today. Technological development does wonders for air quality)
Re: (Score:2)
Because there is a point where you don't have enough food and water to keep people alive.
Maybe. Why do you believe we're anywhere near that point?
That is a horribly misleading statement.
First, saying the growth rate has slowed is not at all the same as saying we have a negative growth rate. Therefore your claim that we're unlikely to hit 10 billion is entirely unfounded.
It's neither misleading nor unfounded. The UN median population projection is for us to never hit 10 billion [wikipedia.org]. You know, based on actual data.
Second, the only reason it's been "declining for decades" is because decades ago we had a massive population boom.
No, please go watch the supplied video which contains, again, actual data.
What's your agenda, and why do you post lies on the intarnetz?
Re: (Score:2)
Re: (Score:2)
All of the big links provide only details about the type of filtering and not the hardware used.
Re:And you say Chinese can't innovate (Score:5, Interesting)
Despite the error in your numbers, your post reminded me of Focus in Vernor Vinge’s A Deepness in the Sky.
Spooky.
Re: (Score:2)
Or they paid some round-eye to implement this for them. They certainly have the resources.
Re:And you say Chinese can't innovate (Score:5, Interesting)
http://www.huffingtonpost.com/2011/05/23/cisco-falun-gong-lawsuit_n_865585.html [huffingtonpost.com]
Re: (Score:3)
Re:And you say Chinese can't innovate (Score:4, Interesting)
I left my job at a major router company around 2004 specifically because Chungwah Telecom was asking for us to implement features to aid spying. Although, interestingly enough, you had to read between the lines to understand that it was for spying... A lot of the techniques that do it are essentially system testing-sounding features like "clone traffic matching this IP to a second address on a different port."
At that time, deep packet inspection was not yet a reality, but any engineer could easily see that, as the data/traffic moves through numerous custom ASICs and FPGAs, and the headers get inspected, why not examine more of the data in the packet? The first stage I saw of it in the public at large was detection of layer 5 and up protocols, e.g. traffic-limiting bittorrent.
Last time I was in Taiwan (which has a grumpy relationship w/ China), one of my younger student friends in a University there demonstrated, as his Master's project, an algorithm to detect images without (fully) decoding them. The secret there was to extract, from JPGs only, the DC blocks representing the average RGB values of each 8x8 block. If you know JPG you'll recognize that. The system then ran conventional "porn detection" algorithms, etc. on the extracted mini-images.
So, yes, I can verify that 1. American companies are writing code to spy on the rest of the world and ourselves. 2. Chinese are asking for it, just like any other feature. 3. The requests for capabilities are often subtle, such that most engineers don't realize what the algorithms are doing and 4. capabilities to do this are steadily growing more powerful.
So, now, what are you going to do about, boys?
Re: (Score:3)
Are they actually capable of real time packet encryption; or do they just run it like a proxy? The lag can be horrific, like there's some server at the border waiting for the whole page to download, before they forward it to you.
Re: (Score:1)
Is it perhapa a combination of quality software engineers and the quantity of software engineers that China can put to the monitoring function? With quantity and quality, one can divide and conquer.
Re:And you say Chinese can't innovate (Score:4, Insightful)
Reality is by far the majority of Chinese in China work as near slave labour in factories or as peasants on farms working for a pittance. Don't get confused by numbers and percentages, plus independent thinking, striving for their voice, Chinese tend to be the ones who have already left and live elsewhere in the world. That is aproximately 40 million people http://en.wikipedia.org/wiki/Overseas_Chinese [wikipedia.org] which you blithely reduce nothing.
The numbers of Chinese who have a voice in China and are in a position to control anything only number in the tens of thousands, it is an corporo-Fascist Autocracy after all.
Internet censorship in China is made significantly easier because by far the majority can not afford and must gain access through a limited number of internet cafe's. As time progresses and the majority of people living in China release how backward they are in their rights and how cowardly they have been in failing to fight for them, will of course start to baulk at passing that future on to their children and grandchildren and strive to break the autocracy that controls them.
So in a future China where 1.3 billion want internet access, we will see how effective the government is at censoring them and keeping them cowed.
Re: (Score:2)
Censoring people on the Internet is quite easy. You can simply whitelist five pages (Ilovethepremier.com, ChinaRocks.com, etc.)
But beyond that, technical measures will only take you so far. There's no "reasonable doubt", after all. Chinese official, "We blocked a Tor connection from 123 fake street, go arrest and execute everyone there."
Re: (Score:2)
Re: (Score:2)
You mean ssh and ssl type connections?
My college did it easier (Score:5, Informative)
Tor has to connect to so-called "dictionary servers" periodically to refresh its list of tor nodes to try to use. If you block those servers, tor breaks.
At least, that's how it worked when they finally figured out how to block it after 3 years. Maybe tor has improved since then.
Re: (Score:2)
Re:My college did it easier (Score:5, Informative)
Tor has changed since you read last... "Bridges" were added to Tor and are not listed in any central directory.
Tor bridges [torproject.org]
Re: (Score:1)
Any SSL connection from China to outside is tracked and they attempt to connect to it in a few minutes after original connection is made. They try to establish a tor handshaking and if it succeeds, the IP is blocked in the great firewall.
Re: (Score:1)
You can use Tor without connecting to directory servers. That's the point of bridge nodes, which this article is about...
Re: (Score:2)
But... but, if you have an unlisted / unknown proxy server that accepts YOUR connections, wtf is the point of TOR lol? Just start channeling through it over the designated ports. I mean it just uses SOCKS along w the other proxies, tor's gold lies in obfuscating your connection by sending it through relays around the world. Not sure what else is going on that would prevent the above. Either way you set with what tor calls a bridged node :)
Re:My college did it easier (Score:5, Informative)
Tor has to connect to so-called "dictionary servers" periodically to refresh its list of tor nodes to try to use. If you block those servers, tor breaks. At least, that's how it worked when they finally figured out how to block it after 3 years. Maybe tor has improved since then.
This was the situation. Countries did download the entire Tor directory and block all the nodes listed in it. This is why bridge relays were invented, and there is no public list off all bridge relays. It works like this: You get a bridge address, you connect to a bridge and the bridge then connects to the Tor network. This changed the arms-race. GFW is now able to detect the Tor bridges and this is a set-back for the Tor-project. They will find a solution which fools the GFW and the Chinese will lose face.
Lose face (Score:5, Funny)
For those unfamiliar with the concept "face", it's the social equivalent of getting modded -1
Face: So what happens when... (Score:2)
For those unfamiliar with the concept "face", it's the social equivalent of getting modded -1
So what happens when you lose Facebook? It's been so long since I logged in, I've forgotten how. Does that mean I get modded -1000000000?
Re:My college did it easier (Score:5, Informative)
Tor has to connect to so-called "dictionary servers" periodically to refresh its list of tor nodes to try to use. If you block those servers, tor breaks.
At least, that's how it worked when they finally figured out how to block it after 3 years. Maybe tor has improved since then.
We have to remember though what Tor was designed to do and what it was not designed to do. Tor was designed to protect the privacy of individuals who don't want their browsing habits revealed. It does this by preventing your IP address from being available to the web server you connect to, and additionally it encrypts traffic so intermediaries, such as your ISP can't snoop on your traffic. It was NOT designed as a means of bypassing firewalls that are actively try to block Tor. That was never its purpose.
Re:My college did it easier (Score:5, Insightful)
It was NOT designed as a means of bypassing firewalls that are actively try to block Tor. That was never its purpose.
Totally agree that it was not the original purpose, but I would add to your comment and congratulate the folks behind Tor for taking a stand and trying to allow their software to get past the GFW. Sometimes when you realize that your software is being used for something more important (possibly something much more important than not letting your ISP know what you are doing) then it is a great opportunity to change your purpose somewhat. If the purpose itself isn't being changed, then it is still heart warming to see the effort being made anyhow.
Re: (Score:2)
Re: (Score:2)
Yes, but the entry node runs on your machine.
Re: (Score:2)
my understanding is that connections to and from entry and exit nodes are unencrypted . only connections between relays are encrypted.
Out of the exit node: not encrypted, but your IP address is hidden, which is what is important at that end. Traffic to the entry node IS encrypted, otherwise your ISP would be able to snoop your browsing habits!
SSH (Score:2, Interesting)
Does this mean people should start tunnelling their Tor connexions through SSH, at this point?
Bugged planet indeed, I wonder if any of our lovely "free world" companies like Amesys or Siemens are selling the DPI gear, or if China is using a fully homebaked solution.
And if so, does it run (Red Flag) Linux, obviously.
Re:SSH (Score:5, Informative)
Bugged planet indeed, I wonder if any of our lovely "free world" companies like Amesys or Siemens are selling the DPI gear, or if China is using a fully homebaked solution.
If you watch the 28c3 Torproject presentation available at http://tinyurl.com/7c893sl [tinyurl.com] then you will learn that western corporations like Intel, Nokia and Cisco are heavily involved in Internet surveillance and censorship around the world.
obfuscation? (Score:3)
If we learned more about how they detect the tor session, couldn't we obfuscate the data to combat detection?
I mean, encrypted data stands out from normal traffic like a sore thumb, and unless the user is a bank, transacting large amounts of it puts up a red flag. But, what if we obfuscated the data so that it looks like ordinary unencrypted/uncoded data?
Re:obfuscation? (Score:4, Interesting)
Re: (Score:3, Insightful)
Actually, I think this is something of a myth.
"normal traffic" these days is mostly compressed.
Since the goal of both encryption and compression is to achieve a byte stream that is otherwise indistinguishable from random noise, I don't think one set of random noise stands out much more than another set of random noise.
Only thing that really separates traffic these days is imperfections in these algs and the negotiation protocols.
____
My
Terminate the session in minutes (Score:1)
And then terminate the offender in under an hour. ( and his family )
Thank you Chinese government (Score:5, Interesting)
for helping us build more robust Tor protocols
Oh, you thought you were going to actually kill the average Chinese citizen's desire for free access to information? You didn't understand that a stronger Tor protocol or something even better than Tor is the actual result of your escalation of the arms race?
You're pretty ignorant about basic human nature, aren't you, you authoritarian assholes.
Oh, and btw you grumpy old shitbags:
http://www.nytimes.com/2012/01/04/world/asia/chinas-president-pushes-back-against-western-culture.html [nytimes.com]
The reason you are lamenting the influence of Western culture on China, and not basking in pride at the influence of Chinese culture on the West, is because YOU CENSOR EVERYTHING IN YOUR CULTURE. So Chinese Culture is hobbled and decimated. Because you think you can control, nevermind why you think you should control, Chinese thought. Instead of a great big strong tree, you have a demented little broken bush. Because of YOUR efforts at preventing Chinese culture from growing, by censoring everything, you morons
You ignorant controlling douchebags. Your average Chinese citizen understands this, why don't you you stupid old and decrepit paranoid control freaks?
Re:Thank you Chinese government (Score:5, Funny)
And how you do really feel?
Re:Thank you Chinese government (Score:5, Interesting)
Question: what is the greatest ally in the growth of Western Cultural influence in China?
Answer: The Chinese Central Government, for working so hard to make sure that Chinese Culture can't grow.
They think that controlling culture, and growing it, are compatible concepts. Culture grows when it freely crosspollinates with other world cultures. Japanese culture has freely been assimilating culture from around the world and we still recognize a distinctly Japanese culture. The game of controlling culture and "protecting" culture from "illegitimate" influences is the game of the insecure little person who believes Chinese culture is inferior. The person proud of being Chinese is freely dabbling in world culture, infusing their own thoughts, and defining Chinese culture as strong and new. Culture needs to crosspollinate to survive and grow. Sit on it, control it, keep it in a box, and your culture dies.
Look at what these ignorant insecure douchebags are doing:
http://www.nytimes.com/2012/01/01/world/asia/censors-pull-reins-as-china-tv-chasing-profit-gets-racy.html?pagewanted=all [nytimes.com]
I know: I can hear the typical snobby Western voice now: "I wish my government would censor the Kardashians and Jersey Shore."
And for thinking that way, you have merely identified yourself as knowing nothing about how culture actually works, and have allied yourself with authoritarianism. congratulations, you're ignorant and you're an asshole. i'd much rather have people watching jersey shore than some government entity telling them what to see and watch. and there is nothing wrong with the pursuit of empty guilty pleasures, that's a PERFECTLY VALID SEGMENT OF CULTURE. think of it as creative ferment from which greater cultural products spring forth. without the base of empty silly nonsense, the "higher" cultural products have nothing to grow out of.
direct that somewhere else (Score:2)
I have no idea why you are on a tangent accusing someone else of wanting censorship. The point was that your rant (now two of them) is being directed at technical people in the US, not the Chinese Government.
How about writing mean letters to the Chinese Government, or getting involved in Politics instead of ranting here on /.?
Trust me, personally I'm not for anything that China does. With out of control IP laws, rampant corruption, and pay-for-politics in the US we have a shitload to worry about at home.
Re: (Score:1)
Part of the price of freedom is putting up with inanity.
No, that's actually something VERY specific to so-called Western culture. The rest of the world embraces the concept of government acting on behalf of the population even when it goes against so-called freedom of speech -- another uniquely Western concept.
Re: (Score:2)
Freedom of speech is a human concept, not a western concept. Or I suppose your condescending patronizing opinion is that nonwesterners like being slaves?
Re: (Score:2)
Re: (Score:2)
Nope. France, 18th century.
You are confusing it with democracy, a completely different concept.
Re: (Score:2)
IIRC in Athens they let any random citizen stand up in the forum and speak their mind.
Re: (Score:2)
That's not freedom of speech, there is no dissemination or publishing.
Re: (Score:2)
Unless you can cite something that specifically says that they outlawed making pamphlets or whatever about what went down at the forum, I'm going to go ahead and assume they had that option. I mean come on, this is THE ancient republic we're talking about here.
Re: (Score:2)
I am pretty sure, the concepts of a "pamphlet" or "journalism" were not invented yet, and wouldn't for literally millennia after that.
Greece, and later Rome, relied on speeches, debates and art performances made in person. Only few people, usually ones constantly in contact with power structure, were sufficiently skilled in then-accepted forms of public speech and debates, and fewer could afford any sustained effort of in-person organization of opposition to the prevailing power structures and position. Mos
Re: (Score:2)
hey, genius:
cavemen said pretty much whatever they wanted. the idea that there is a government that can control your type of speech is the modern invention in question here
freedom of speech is the baseline of simple existence
seriously, you're a complete and utter moron, or one very hard working troll
Re: (Score:2)
cavemen said pretty much whatever they wanted.
In public? At whatever time when "cavemen" (that's a pretty broad definition of a period in human history) had the concept of public speech to begin with?
"Free speech" as it is proclaimed, applies to, and only to public speech. It was either extremely difficult or heavily regulated for various reasons everywhere, over the whole history of mankind, with exceptions I have described.
Please note that even Wikileaks people claim that they engage in protected free speech because they speak to the public. If they
Re: (Score:2)
dear hard working troll:
your words do not pass the laugh test. try harder next time
sincerely,
rational thought
Re: (Score:2)
you're an idiot or a clever troll
did newton invent gravity?
Re: (Score:2)
It's not actually a real problem.
I've developed a method for reducing unpleasant stimulus by avoiding it, rather than interfering in the communication of others. I'm hoping to make millions by patent trolling.
Re: (Score:2)
And here is the problem, wealthy people and organizations are already in the constant state of being sued, and it does not hurt them a single bit. Even if it was possible to sue a newspaper for deception of the public, and win such a lawsuit, it would not cause sufficiently public-visible correction, and can not discourage future deception.
Without "freedom of speech" proclaimed in such absolute manner, it would be possible to have a recourse for extreme and willful acts of betrayal of the public -- such as
Re: (Score:2)
Re: (Score:2)
actually i think that a lot of those scenarios you mention would be in violation of other statutes, so while you may be free to say things, the consequences of what you say may result in criminal charges (such as "unmarked advertisement for known-dangerous products" most likely being in violation of OH&S laws).
No, it only would cover people who produced the product and ordered the advertisement. As far as I know, those who marketed and advertised it, no matter how complicit, are safe. It's also possible that allowing distribution of a dangerous product serves the interests of society (ex: alcohol, tobacco), but advertisement and promotion of its use causes nothing but harm and there is no excuse for allowing it other than "right to profit" or similar nonsense. In US all (ineffective) restrictions on alcohol adver
Re: (Score:2)
As far as I know, those who marketed and advertised it, no matter how complicit, are safe. It's also possible that allowing distribution of a dangerous product serves the interests of society (ex: alcohol, tobacco)
you're getting a bit pedantic here. advertising agencies merely speak on behalf of their clients - they are an instrument - like a megaphone (which is why the client would be in trouble, not the advertiser). although if the client is a big fish with a lot to lose you can bet the advertiser would have to defend themselves in court, and if they didn't have their ducks in a row they would go down too.
I was also referring to things that would violate OH&S legislation by not advertising them as being dan
no, not porn (Score:2)
the grass mud horse ;-)
http://en.wikipedia.org/wiki/Grass_Mud_Horse [wikipedia.org]
Vent much? (Score:1)
I get it, we all do (or at least I hope). But do you really think that the Chinese government reads /.? We can hope, but sheesh if world leaders can't get them to open up why would they listen to someone vent on /. and say "Eureka! He's on to something!"
Re: (Score:1)
I don't think the Chinese can hear you homie.
Maybe you should try doing it in all caps, that's louder.
Why (Score:2)
Re: (Score:2)
You make the case that western culture will prevail over Chinese culture because it is free. The implication is that competition in the marketplace of ideas makes things better.
So, taking my cue from your tagline, the Chinese government should just vigorously enforce US copyright law (which they do not currently), and the western threat will subside. Lets call it Sino-Offence Preventing America.
Wake up people! Lack of copyright in China is not stifling US innovation and creativity!
Re: (Score:2)
i never understood this point of view. that because we have domestic problems we cannot criticize others. on that basis, no matter how much worse a country is, we can never criticize them
"there is a problem somewhere in my country. therefore i will refrain from critical thinking on international issues"
i just don't understand
is it because you think it is hypocrisy? you do realize the nature of american censorship is far different from that of chinese censorship? the inability to express your politicla opini
Not that much new here... (Score:2, Insightful)
Re:Not that much new here... (Score:5, Insightful)
Tor exit node based blocking has been used on various IRC servers to combat abuse for years and years now, The chinese might be doing something more fancy, but that only shows that they didn't go for the fairly easy and quick solution.
The Torproject responded with bridges when countries started to block entire countries like those IRC servers do. The entire list of Bridges is not public. What GFW now does to detect and block those bridges is something new and it is something entirely different. The "download the entire list of Tor servers and block them" method was used and stopped being efficient thanks to Tor bridges.
Re: (Score:2, Informative)
I've used the previous method on my own IRC network, not to block Tor outright, but to prevent people from clicking 'refresh' to get a new IP and avoid channel bans or client side /ignores placed on them after spamming, harassing others, and generally trying to go where their behavior makes them unwanted.
With a daemon linked to tor, my server can send some info to the tor network to ask if this is a tor connection. It needs my servers IP and port, as well as the users IP and source port.
Upon a successful r
Re: (Score:2, Insightful)
They're not blocking exit nodes -- they're blocking your first hop(s) into the tor network
Tor ... (Score:1)
Tor, China and the USA (Score:5, Interesting)
Re: (Score:1)
you have to understand though that tor in itself is not a longterm solution. Should the majority of users be in countries that have taken the path of USA or China, there would be no point left in using tor, which works on its user nodes.
Re: (Score:1, Insightful)
you're a fucking moron. the united states of america is nothing close to communist. did you just type a bunch of shit and hope you look brilliant by chance? ...further evidence that most americans dont realize how good they have it, and that most stupid americans continue to misuse labeled like "communist" and "fascist"
these words have meaning beyond shock value when tossed around carelessly in conversation. words MEAN something. use the right words, or keep your stupid fucking ideas confined to your fa
Re:Tor, China and the USA (Score:4, Insightful)
You're right--the US is nothing close to communist. The US is however VERY close to or has already acheived fascism, which is properly defined by the inventor of the word as the merger of corporate and state interestes. We absolutely have that. Right now the only thing we're missing is the traditional single dictator, but I'm not all that certain that it's required in version 2.0.
It is kind of amusing to see people equate "socialism" with "communism" or use either of those terms in conjunction with fascism though--and it's even more amusing to watch people blame government for "stealing" things when, at best, it's been the enabler of the theft by large multinational bankers and corporations. It's everyone's vaunted "private industry" and "free enterprise" that are the thieves. They rig the game, or they outright steal, and they use part of their takings to enable a media campaign to get everyone to hate the one force that could possibly stop all that--proper (in the interests of the people) government regulation.
Were it not so tragic, it would be even more amusing to watch people complain about "big government" willingly step into the TSA's porno scanners, support indefinite detention of whoever doesn't look like them, and generally engage in their fawning behavior over the ever-militarized police forces who truly occupy our cities and our streets. It is "law enforcement", which is almost never used against the rich and corporate, that is the greatest threat to freedom, liberty, and especially life these days, and yet that's the one part of government these morons never seem to question. "Law enforcement" has tried and will continue to try to bring this and many other evils to the US, and that sort of thing must be stopped at all costs.
Re: (Score:2)
Those may all be bad (and they may not), but they have nothing in particular to do with fascism.
ssh tunnel on nonstandard port (Score:3)
This seems a bit obvious... does anybody know how much luck folks have had with this method?
Re:ssh tunnel on nonstandard port (Score:5, Interesting)
Re:ssh tunnel on nonstandard port (Score:4, Informative)
It works, though it stands out like a sore-thumb.
Re: (Score:2)
I guess any traffic they can't inspect would be suspect.
this could be bad? (Score:1)
So if they can inspect in real time, is it possible that them letting the connection go for a few minutes means they are collecting the tor bridges data, and other data like exit points before they terminate?
spam/trespass steganography (Score:2)
It used to be that firewalls and filters would search out malicious connections attempting spam or attacks and drop them. But in Soviet China, it's the opposite. So disguise any connections to Falun Gong website as spam or worse, and they GFW will be sure to let it through.
It had to happen eventually (Score:2)
As with any war, maneuvers lead to counter maneuvers. Escalation leads to further escalation. The only way to end a war is either by choice (as we did in Vietnam and now in Afghanistan), out maneuvering your enemy (siege of Stalingrad, battle of the Bulge), or if the enemy destroys its own credibility with the people (Iraq insurgency movement).
So good going China, you've managed to shut down TOR. I'm sure you have shared your successes with other "Great Firewall" regimes and those who desire "Great Firew
Re: (Score:1)
Care to name some? Many free public proxy servers are banned, and the paid ones are expensive enough, such that the masses cannot afford it.
Re: (Score:1)
I won't name any, advertisement for it are common if you surf popular websites from Panda Land. But I can tell you that yes, it's not for free, but no, it's not expensive, affordable for a Chinese city dweller level of income (8 USD for 6 months, about 50 RMB, which is the price of cinema ticket without the popcorn bucket).
Re: (Score:3)
Using a VPN service advertised on popular websites seems akin to buying drugs from a guy who advertises at the local police station.
Re: (Score:2)
VPN access exists as long as the Chinese government allows it to exist. If they can probe and whack TOR, that shows they can whack anything - and that they choose not to.
Note that some sites in China do actively block VPN connections.
Re: (Score:2)
Re: (Score:2)
FreeNet would have been a better choice i think. harder to track down who is running it. Tho not impossible.
Re: (Score:3)
Re: (Score:2)
Ultimately, FreeNet is more about publishing 'sites' than sharing files ( tho i agree it can do both ), and if we waned to help out our oppressed brothers, we would mirror 'outside' sites on FreeNet. Even setup auto run scripts to do it.
And while its not been done yet, i don't see a technical obstacle why a "gateway" couldn't be created that sucks in outside data and inserts it into FreeNet, on demand. I also don't see it compromising security, except for the guy(s) running the gateway, in a presumed free c
Re: (Score:2)
Those "sites" are still just static files; you're not establishing a connection to the original server to view them, just accessing what was pushed into other peers.
You could push data from the web into FN, obviously, but you can't simply proxy it.
Re: (Score:2)
The countries bordering china are generally not good choices for where you'd route your connectivity... Some of them even use china for connectivity themselves. And the border region with some countries is either very sparsely populated, or filled with mountains that would block your wifi signal.