Posts tagged “Circumvention”

Handbook for bloggers and cyber-dissidents



Blogger Handbook Reporters Without Borders has released the Handbook for bloggers and cyber-dissidents (local mirror) which includes a chapter by myself on censorship circumvention technology.

In response to state-directed Internet filtering and monitoring regimes many forms of circumvention technologies have emerged in order to allow users to bypass filtering restrictions. In general, circumvention technologies work by routing a user’s request from a country that implemented filtering through an intermediary machine that is not blocked by the filtering regime. This computer then retrieves the requested content for the censored user and then transmits the content back to the user.

There are numerous projects to develop technologies that would enable citizens and civil society networks to secure themselves against, or work around, Internet censorship and surveillance. Circumvention technologies are often targeted towards different types of users with varying resources and levels of expertise. This chapter guides users through the process of selecting a circumvention technology that meets the users specific needs.

The chapter “Technical ways to get around censorship” is also available in HTML format: Part 1 & Part 2. It is also available in Chinese, Arabic and Farsi/Persian.

Google Accelerator



It’s been suggested that Google’s new Accelerator can be used to defeat Internet censorship. Although it may be partially effective in doing so, it certainly does not do so anonymously or securely. For example, using the Google Accelerator from within China it can be partially sucessful — some blocked content is accessible, some is not. As Fons Tuinstra reports access to some sites can be intermittent — at first Google News was inaccessible, later it was accessible. Not all requests for content are directed through the Google Accelerator. Some requests are made directly to the server being requested. In the case of accessible a blocked site (news.google.com) from China, if the first request was a direct request it would be blocked as usual, however, the seoncd was likely to the Google Accelerator’s cache. In the case of ages with many images, some connections may run through the Accelerator others may be direct connections, so the success for circumvention purposes will vary.

However, even when the connection is made through Google’s Accelerator, the originating IP is passed along to the host.

REMOTE_ADDR: 72.14.194.31
HTTP_X_FORWARDED_FOR: 128.100.171.24

Google’s Accelerator does not provide anonymity and can be sucessful in circumventing censorship if the requested content is already cached by the Accelerator. Since al the traffic is is plain text it can be intercepted by any upstream intermediary (government, ISP, etc..) and any blocking done by keyword will also still be functional.
More… »

Anonymity & Blogging



Anonymity and blogging is a hot topic. In addition to a panel at BlogNashville a variety of guides have recently come out. The EFF has published a guide on “How to Blog Safely“. It is a general discussion of blogging and anonymity. Another guide by Ethan Zuckerman, ” A technical guide to anonymous blogging“, focuses on the pragmatic side of blogging anonymously.

The one thing, which I noted in the comments is that people who want to be anonymous should not rely on the use of open public proxies. Although the use of such a proxy can sheild your IP address from the host you’re connecting to it may send through identifying headers and all the traffic between you and the proxy is generally in plain text and easily intercepted by anyone (ISP, government, workplace) sniffing traffic upstream. For anonymous communications, try TOR, now sponsored by the EFF.

However, I don’t want my comments to be interpreted as falling into the “no matter what you do you can be tracked down” category. Rebecca MacKinnon’s account of the Anoniblog meeting indicates that this point was brought up a number of people. While not disputing the theoretical possiblity of such an omnipotent adversary I think the key is pointing out what technologies work well in specific situation and fully informing users of potential weaknesses. Rather that trumpet a defeatist approach, we should note that people are risking imprisonment and other nasty consequences for publishing information online. They are taking these risks without technologies or non-technical practices that help sheild them from such consequences. There are technologies that work well to provide security and anonymity and given the specifics of the end-user’s situation — technical capabilties and legal/consequencial environment of the country of residence — such technoogies can provide a layer of protection that such users do not currently enjoy.

Choosing Circumvention



In response to state-directed Internet filtering and blocking regimes many forms of circumvention technologies have emerged in order to allow users to bypass filtering restrictions. These technologies are often targeted towards different types of users with varying resources and levels of expertise. What may work well in one scenario may not be the optimal option in another. When selecting a circumvention technology it is important for the potential circumvention provider and user to ask the following questions:

  • What is the number of expected users and the available bandwidth? (for the circumvention provider and the user)
  • Where is the primary point of Internet access for the expected user(s) and what will they be using it for?
  • What is the level of technical expertise? (for the circumvention provider and the user)
  • What is the availability of trusted out-of-country contacts for the end user?
  • What is the level of expected penalty if the user is caught using circumvention technology?
  • Does the end-user properly understand the potential security risks of using the specific circumvention technology?

More… »