Join 3,512 readers in helping fund MetaFilter (Hide)


Fight the commies
March 12, 2005 3:10 PM   Subscribe

Wanna subvert an authoritarian regime? Help me get around the Great Firewall!

Really, that's basically all. They've (China) perfected their blocking technology to the point where they can detect any search query, not just in google and yahoo, and they can block parts of sites. They block any and all web proxies the instant they go online, and the only way to completely get around the blocks is to encrypt all your traffic in HTML. I need to either a) learn to proxy outside of the country without the help of applications or b) get some impenetrable software. No BBC news. No blogspot. No google cache. Timeout errors way more often than should happen. Government spies monitoring my net traffic 'cause they know I'm a foreigner and shutting it down if I type the wrong thing into google. I only want to surf in peace.
posted by saysthis to Technology (16 answers total) 1 user marked this as a favorite
 
Hmm... it looks like everyone who replied to this thread earlier was arrested and had their comments deleted. Such is the vast Red Chinese conspiracy!
posted by Eideteker at 4:03 PM on March 12, 2005


Have somebody set up a vnc on a non-chinese computer and use that for your surfing needs? TightVNC is quite good, IMO.
posted by signal at 4:27 PM on March 12, 2005


...hmmm...have you considered, ya know...not messing around with the autoritarian regime?

BBC ain't worth the hassle.
posted by furiousxgeorge at 4:28 PM on March 12, 2005


What you need is an Infernet. [.pdf]
posted by nyterrant at 4:50 PM on March 12, 2005


Hmm... VNC sounds like a good idea.

What I'd do, if I were you would be to buy a hosting plan and setup your own, password-protected proxy on it. Only you can use it, so the government dosn't know what's going on. Use SSL to prevent snooping. A hosting plan from one-hosting.com can be had for $83 a month, and can run PHP scripts. here's one package that claims to do it. And another, and another.

My recomendation: Buy hosting and install 'em all. on one-hosting SSL setup is simple, you just drop those files into the "httpsdocs" folder and add an SSL username through the control pannel.

The next option would be a dedicated server, which you could install squid on if these PHP ones don't work. With a dedicated server, you could probably get VNC running and surf the web through there.

There's always a possibility the chinese could block SSL and VNC, also.
posted by delmoi at 5:07 PM on March 12, 2005


What you need is an SSH tunnel over port 80 to a computer outside of China.

If you don't have an external computer, you can also try JAP or Tor. It is my understanding, though, that the Chinese government is aware of, and at one time or another has attempted to block, each of these.
posted by event at 5:08 PM on March 12, 2005


Maybe it's just stepped up security because the NPC is going on, and it might be easier afterwards. I'm no real expert, however.
posted by numble at 9:52 PM on March 12, 2005


It's unlikely that China is actually blocking all the proxies. The academics at the major universities, in my experience, needed unfettered access, so there are probably frequently updated BBS's listing proxies if you know where to look.

How long have you been/will you be in the country? I may (or may not) be able to help you out a bit more. I'll tell you this, though: if you're in an area with a lot of foreigners, you're not the only one in this position. Make friends, and somebody will hook you up. Guanxi, remember.

On preview: numble is likely right, in my judgment. When the NPC meeting is over, things might get easier.
posted by gd779 at 10:33 PM on March 12, 2005


Please enjoy this fine peekabooty, a system designed to do precisely such circumvention:
The goal of the Peekabooty Project is to create a product that can bypass the nation-wide censorship of the World Wide Web practiced by many countries.
posted by majick at 10:50 PM on March 12, 2005


i'd do what event suggests, assuming ssh isn't illegal (since ssh is a pretty general, and useful, piece of software, it is probably accepted). more targetted solutions might be made illegal and are likely to share target (proxy) addresses, making the traffic from them more obvious (presumably the chinese are doing traffic analysis too). so i'd get access to a machine, or several if possible so that you can hop between addresses every now and then, abroad, and bounce off those using ssh. all you need is a friend with a cable connection who's capable of configuring his computer correctly (dynamic addresses aren't a problem - use dyndns.org or, if that's blocked, set up an email trigger that sends a reply from their machine with the current address - i use this as a backup for if dyndns fails).

and if that makes no sense, in general, educate yourself. those terms are googleable. the more you know, the safer you should be, within reason, and certainly you'll be more flexible.
posted by andrew cooke at 4:07 AM on March 13, 2005


incidentally, you might want to be extra-paranoid and explicitly configure the ssh keys before connecting. since they have absolute control of the network they can do a man in the middle attack on you (ssh assumes that the initial key is correct, so can be fooled by mim if it is always present, afaik).
posted by andrew cooke at 4:34 AM on March 13, 2005


just got an email from a lurker, fragments follow (and bow down before my l337 abilities in hiding the names):

There are a few solutions that people in China are using to get around the
firewall. "U17ra[drop this]5urf" and "Fr33[and this]ga7e" are programs that work as SSH proxy
finders, accessing lists of proxies outside the country that your net
traffic can be routed through. They can be found on 3M[this too]ul3 fairly easily,
because naturally, searching for them via Google is no good.

[note: when posting this, it's probably a good idea to obfuscate the names
of the two programs, since the Chinese filters will often react to them and
return "Document contains no data" errors. ]

posted by andrew cooke at 7:54 AM on March 13, 2005


Just to make sure all bases are covered, my friend Paul over at ibiblio.org deals with trying to get around the Chinese firewall quite frequently [I believe they host Tibet's web site] and has compiled an FAQ of sorts for technical solutions and resources in case that helps.
posted by jessamyn at 8:32 AM on March 13, 2005


Andrew, if I may ask, what is "3Mul3?

Just wondering.
posted by item at 12:45 AM on March 14, 2005


emule
posted by Optamystic at 3:56 AM on March 14, 2005


Been a while since I've checked this thread, but if anyone's still looking, thanks! I appreciate all the help I can get. I've always been computer-stupid but this kind of stuff is making me change my habits fast.
posted by saysthis at 9:50 AM on March 17, 2005


« Older I'm currently using an Office ...   |  BachFilter: I've been listenin... Newer »
This thread is closed to new comments.