Archive for category Filter Circumvention

Internet Censorship in Australia… again

Posted by Aaron in Filter Circumvention, Internet censorship, Ranting, at stupidity, at the Australian Government on January 17th, 2010

It is with huge disappointment that I see Conroy still pushing ahead with his brainless attempt to censor the Internet. The policy has morphed slightly, it’s now only blocking “RC” content.

Conroy claims that this is to “bring the Internet in line with other media, like publications, radio, TV and Movies”. However, anyone who knows where the word “Internet” comes from will (hopefully) immediately see the problem: The word “Internet” comes from shortening “Interconnected Network”. The Internet isn’t a media for publication or broadcast. It’s a communications medium like the telephone or postal systems. We don’t “filter” them, so how, exactly, is the “filter” going to bring the Internet in line with similar mediums?

The results of the government’s 12-month-late live pilot were unsurprising, for the most part. After all, the government left it up to Enex to determine what were acceptable success criteria.

As a result, we end up with gems like the claim that a 10% speed reduction is “negligible”. Let me explain why this is just wrong. I have an ADSL2+ Internet connection. Being around 2km from the exchange, I get around 13Mbps. A 10% reduction in speed equates to around 1300kbps, or around 160kB/s. While it is true that this is not much, it does not meet the definition of “negligible”. According to wikipedia: “In engineering, mathematics, physics and similar disciplines, the term negligible refers to the quantities so small that they can be ignored (neglected) when studying the larger effect.”

The result of the test? A success, of course. It was a foregone conclusion, due to their being no success criteria specified. Not to mention that it failed to test the really important things. For example: whether the filter will still be effective in 10 years, when we have 100Mbps internet (the filters weren’t tested above 8Mbps) and are using IPv6 (none of the filters can handle IPv6 traffic, but Enex didn’t even test it), or even if the filterboxes are susceptible to DoS attacks.

Now to explain again why we still shouldn’t go ahead with this:

  1. The Internet is not a broadcast media like TV or radio, nor a publication like a magazine or newspaper. Trying to classify it as if it is is just stupid.
  2. The majority of RC content is not illegal to possess or view anyway. It’s only illegal to display (in public) or distribute (within Australia).
  3. An ISP filter cannot hope to block even a tiny fraction of the RC material on the web. The blacklist will be compiled by a complaints system. Complaints have been shown to take months to process. The current ACMA blacklist currently contains considerably less than 1000 RC URLs (1000 is actually very generous, since the ACMA blacklist contains stuff all the way down to MA15+). There are well over 1 Trillion (1,000,000,000,000) unique pages indexed by google. If there is only 1000 out of 1,000,000,000,000 URLs on the Internet that are actually RC (0.0000001%), then the problem is so small that there is no need to spend millions upon millions of taxpayer dollars (both taxes and increased ISP fees to cover the cost of implementation) on such a small problem. If there really is so much RC stuff on the web, then such a tiny blacklist, that takes months to add new sites is not going to have any appreciable effect upon people “accidentally stumbling” across it.
  4. It will not work. Anyone suitably determined is not going to be stopped by a blacklist-based ISP filter anyway. As I have pointed out on this very blog, it is incredibly simple to bypass the majority of filters. The live pilot results confirmed this, showing that none of the products tested were able to block even the majority of circumvention techniques. The Internet is not designed to be censored. There are many, many ways to bypass censorship, and the only way to make it effective is to do what China is doing (cutting itself off from the rest of the Internet) at which point it stops being the Internet.

If Conroy wants to continue with this mad scheme then he should not be surprised when it blows up in his face.

, , , , , , ,

2 Comments

Just in case you thought Conroy knew what he was doing…

Posted by Aaron in Filter Circumvention, Internet censorship, Ranting, at stupidity, at the Australian Government on July 1st, 2009

http://www.privacy.gov.au/internet/tools/#6

I find it a little ironic that the government’s own internet privacy website includes sites that would allow people to bypass its proposed censorship system. Conroy’s view about the ease of bypassing this little farce of a “filter” seems to have been that only the smart, spotty nerds or computing experts will be able to bypass the censorwall. And yet, on a GOVERNMENT SITE, no less, there is a simple-to-understand guide to bypassing it.

1 Comment

Advanced-level (but actually very simple) filter bypass technique: Putty/SSH

Posted by Aaron in Filter Circumvention, Internet censorship on May 3rd, 2009

SSH stands for Secure Shell, and is a way to securely administer a remote machine. In addition, SSH allows for secure file transfers (via SFTP) and tunneling of data through the SSH connection.

Using the OpenSSH client on the command line, all you have to do is add a single option, eg.

ssh username@server -D 9050

In PuTTY:

putty

This creates a SOCKS proxy on port 9050 of the local machine. Point your browser (and other apps) at this to bypass any local filter (as long as the filter allows SSH connections)

,

No Comments

Medium-level filter bypass: The Onion Router (tor) for Windows

Posted by Aaron in Filter Circumvention, Internet censorship on April 30th, 2009

The Onion Router, or tor, is a tool specifically designed to enable secure access to Internet content blocked in oppressive regimes. Earlier versions were somewhat difficult to set up, requiring you to edit config files. However, newer versions make the set up process absurdly simple.

There is an excellent how-to on the tor project site, however, I will explain how to set it up here too.

This guide is for Windows users only. I advise users of MacOS to go to https://www.torproject.org/documentation.html.en and follow the excellent guide there.

  1. Visit http://www.torproject.org/
  2. Click “Download Tor”
  3. Click on the “Installation Bundle for Windows”
  4. Once the file has downloaded, run it to begin the install process.
    Tor install, step 1
    At the first page click Next

    Tor install, step 2
    On the second page, I recommend you leave the options set to their defaults, ie. Full install. If you don’t have Firefox installed, untick Torbutton. Click Next.

    Tor install, step 3
    Click Install to begin the installation.

    Tor install, step 4
    The install is now complete. Click Next.

    Tor install, step 4.1
    If you installed Torbutton, Firefox will ask you to confirm its installation. Click Install Now.

    Tor install complete
    Click Finish to quit the installer and start the newly installed tools.

  5. You should now see a window like this
    1st tor start
    After a short time it should display that it is connected to the Tor network:
    Tor success
  6. If this is displayed, skip to step 10. If it is not, your ISP is likely blocking connections to the Tor network. Fortunately, Tor has a few tricks to get around these restrictions.
  7. On the Vidalia Control Panel, click the Settings button
    Tor Settings
    Next, click the Network tab at the top of the new window

    Tor network settings
    If your ISP has a HTTP proxy (if it doesn’t, leave the box unchecked), click “I use a proxy to access the Internet” and enter its details. Then click the “My ISP blocks connections to the Tor Network” checkbox.

    Tor bridges config
    Leave this window open, we will need it again soon

  8. Open your web browser and head to https://bridges.torproject.org you should see a page like this:
    Tor bridge relay page
    For each of the 3 lines on this page starting with “bridge” select and copy each into the box labelled “Add a Bridge:” in the Settings window. You should end up with something like this:
    Tor filled out bridge page
    Click OK.
  9. In the main Vidalia Control Panel window click “Start Tor” (you may need to click “Stop Tor” first). If all goes well, Tor should now connect successfully.
  10. The last step is different for each web browser. I will show you how to do it in Internet Explorer and Firefox.
    • Firefox: If you have torbutton installed, you simply click the new tor button in firefox to enable tor. If you didn’t install torbutton (like me) you’ll need to do it manually:
      In Firefox, click Tools -> Options -> Advanced -> Network -> Settings…
      Firefox tor settings
      Enter these settings and click OK and OK again.
      You are now browsing anonymously using the Tor network.
    • Internet Explorer:
      • Open the Windows Control Panel
      • Open Internet Options
      • Click the “Connections” tab
      • Click LAN settings
      • Set the options to this:
        Internet Exploder Tor settings
      • Click OK and OK again.
        You are now browsing anonymously using the Tor network.

,

1 Comment

Easy-level filter bypass: Web Proxies

Posted by Aaron in Filter Circumvention, Internet censorship on April 29th, 2009

This is by far the easiest way to bypass any filter, though many filters at workplaces, schools, etc. will attempt to block them. The Australian government’s filter, at the present time, will not attempt to block any circumvention techniques.

To do this, all you need is a web-browser such as Internet Explorer (this I do not recommend), Firefox, Google Chrome, Opera, or Safari

  1. Head to http://www.google.com
  2. Type in “Web Proxy”
  3. Click on one of the links, such as http://anonymouse.org/anonwww.html
  4. If the site is blocked, return to the Google search and try another link
  5. Enter the URL of any blocked site (into the “website address” box, obviously) and hit Enter
  6. Browse unfiltered

,

4 Comments

ALL ISP-level filtering is opt out. Methods to follow

Posted by Aaron in Filter Circumvention, Internet censorship on April 29th, 2009

The Australian government’s plan to censor the internet is now opt-out. That’s right. Well, it’s still mandatory for ISPs to implement for all customers (as far as I know. Conroy might change his mind. Again) but since bypassing it will be trivial, as I will discuss in future posts, it is effectively opt-out for anyone who doesn’t want it.

I will rank the difficulty of these bypass methods as easy, moderate, or technical. Easy methods will be easy for even an Internet newbie who doesn’t know a URL from a URI. Moderate should be able to be done with anyone who knows how to install software on their PC. Technical-level methods will require knowledge of unix and windows command lines and remote access to a server in a non-filtered country.

, ,

1 Comment