Great Firewall/Australia censorship proposal

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View


X-No-Archive: Yes


I was reading a debate about Australia's proposed censorship
regime, and VPN tunnels. And one guy mentioned there letting
his brother do a VPN into his computer in Sydney to bypass
Chinese censorship and the Chinese authorites have no CLUE
as they what is happening. His brother is making an encrypted
connection into his ADSL connected computer in Sydney, and
there is no POSSIBLE way for the Chinese auhorities to know
what you are up to. He allows his brother to log on to his
broadband connection, via VPN, back home in Sydney, and
the Chinese authorities have no CLUE what is going on.
They guy's brother, travelling right now in China, browses
wherever he wants, and there is no possible way for the
Chinese authorities to find out WHAT he is up to, becuase
of the encrypted connection outbound to Australia.




Re: Great Firewall/Australia censorship proposal
It might be harder to block VPN, but not entirely impossible.

What is happening in China is starting to take shape in Malaysia, as
the Malaysian government is actively setting up a whole line of Great
Firewall of Malaysia --- in order to keep its own people "Islamic".

Quoted text here. Click to load it


Re: Great Firewall/Australia censorship proposal
Quoted text here. Click to load it

Except you are WRONG, AGAIN. A VPN Tunnel is easier to spot than
anything else and stands out like a flare on a dark night.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Great Firewall/Australia censorship proposal

X-No-Archive: Yes


Quoted text here. Click to load it


But is encrypted and they cannot read what is going on. During
the Myanmar cyclone a few months ago, there were a few people,
includinng, reporting from the disaster zone, illegally. 99.9 percent
of us were never caught, because we used VPN connections to
keep the ruling from finding out. Only one was caught, becuase
he was not smart enough to use VPN. The rest of us that used
VPN were able to report without getting caught. Sure, a VPN
tunnel, like any connection, is easy to spot, but because the
connection is encrypted, they cannot find out what you are up
to.

There would have been no POSSIBLE way for the ruling military
Junta to know WHAT I was doing. All they would know is that
I was making a VPN connection to the U.S.-based servers for
my Australian online radio station, but would not know what I
was up to.



Re: Great Firewall/Australia censorship proposal
Quoted text here. Click to load it

Why are you such a dumbass?

It doesn't matter what is happening in the Tunnel, all that matters is
that it's easy to detect, easy to see the source and destination points,
easy to catch the offender.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Great Firewall/Australia censorship proposal

Quoted text here. Click to load it

Anyone who ends up behind a "national" firewall need only go here:
http://www.ultrareach.net/index_en.htm

UltraSurf will blow right through it, with ZERO visibility.

DErio

Re: Great Firewall/Australia censorship proposal


X-No-Archive: Yes


Quoted text here. Click to load it

Sound like just what is needed for people to listen to our
online radio station from behind work firewalls. Since I
figured out how to make StatCounter work with the
Live 365 account, I get a clearer picture of where
connections are coming from, and I am seeing
connections from anonymity services all over the place,
especially when we switched to Christmas music
(when not doing live programming).

I will have to recommend that on the web site. It appears
you have come up with a product that even "secure"
firewalls, like Leythos touts, would not detect it, and it
would allow even more people to be able to listen to
us from work.



Re: Great Firewall/Australia censorship proposal
Quoted text here. Click to load it

And, again, it's easy to spot in a firewall and would NOT work on a
properly setup firewall/network.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Great Firewall/Australia censorship proposal

Quoted text here. Click to load it

You don't know what you're talking about.

Re: Great Firewall/Australia censorship proposal
Quoted text here. Click to load it

*sigh*

Why don't you get a clue about how networking, firewalls and encryption
actually work instead of making a fool of yourself here? We already have
chilly-the-silly. We don't need another dimwit spreading the same
bullshit.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: Great Firewall/Australia censorship proposal

Quoted text here. Click to load it

No kidding. I know very little about this stuff. I have trouble
making two PC's talk to each other. But in what spotty knowledge
I have even *I* know his claims are bull.

All it takes is a little (un)common sense and critical thinking
skills.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?

Re: Great Firewall/Australia censorship proposal
says...
Quoted text here. Click to load it

Brian, how do you suppose the traffic appears to a firewall?

How do you suppose you keep that traffic hidden to the firewall?

What makes you think you can access ANY outside site/connection on a
properly secured network?

What makes you think you can use a PROXY site on any properly secured
network?

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Great Firewall/Australia censorship proposal

Quoted text here. Click to load it

The details matter not.

Traffic is flowing. That's all that matters. Even if it is
encrypted so one cannot see what it is, the very fact that
it is there is enough to know. In fact, being encrypted just
makes it all the more suspicious.

As I've mentioned before in this group, go look up the concept
of traffic analysis as it applies to cryptography. The very fact
of information moving between two points can be useful enough
from an intelligenc epoint of view even if you do not know
what the message itself is.

It WILL get someone's attention.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?

Re: Great Firewall/Australia censorship proposal
into@oblivion.nothing.com says...
Quoted text here. Click to load it

Maybe you've misunderstood my post/questions - we're on the same side.
Any reasonable firewall admin could spot this in a few seconds if it
took that long.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Great Firewall/Australia censorship proposal
@us.news.astraweb.com:

Quoted text here. Click to load it

Sorry for the confusion. I see that now.


Quoted text here. Click to load it

Agreed. In my case, all it would take is taking a look at my little
personal firewall's connection listing, which I actually do quite
a bit. I'm still stuck on dial up and sometimes I'm not doing anything
and I see the rx/tx lights going and I wonder "who's talking?" A
quick glance at the connections box and I have my answer.

I would imagine in a larger network environment it wouldn't be THAT
easy, but if an admin decided to browse some logs to look for this
type of stuff, he'd know what to look for and recognize it easily.
They better, or they shouldn't be running the network.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?

Re: Great Firewall/Australia censorship proposal

X-No-Archive: Yes


Quoted text here. Click to load it

You are right. If the connection is encrypted, they won't
know what you are up to. I run an online radio station
out of Australia, with my servers in the USA. Becuase I
have a VPN server on it, I can use that when I go to
countries like China that censor the Net. I can use Skype,
when running my online radio talk show, and nobody
will know I am doing it. China Telecom (the phone
company in China) had Skype blocked some years
ago, becuase it was depriving them of revenue for
long distance calls. By using my VPN, I can get
around that, and China Telecom will never know
what I am up to.

Since I figured out how to get StatCounter to work
with my Live 365 account, it has been recording
connections from office networks at small and
mid-sized businesses. With the exorbitant annual
licensing costs that filtering vendors charge, the
small and mid-sized really cannot afford the costs
to filter, so many of these office networks are not
filtered, so people at these companies have no
filtering to have to circumvent.  So many people
at small and medium sized companies can still
tune into Internet radio, becuase the cost of
filtering can be prohibitive for small and medium
sized companies.

It appears that some school districts are filtering their
students, but their employees, to cut down on the
per-seat cost of filtering. I wonder how they can
filter one group of people, but not the other, all
coming from the same router/firewall. This would
seem something like an impossible task. The
districts must have had to have a custom made
solution for that, as there is NO filter or firewall
on the market would allow a school district to
filter student computers, but not employee
computers.



Re: Great Firewall/Australia censorship proposal

Quoted text here. Click to load it

Why do you continually miss the easiest aspects of this? They will know
exactly what you are doing and encryption won't help you a bit. The process
is very simple. It's easy to see that there is a constant stream of
encrypted data from a particular IP. So the admin walks over to your desk
to see what's going on (assuming he wants some exercise and doesn't just
bring up the contents of your desktop and all the programs and services on
your system remotely.) If the admin has a sense of humor he will cut your
network cable, forcing you to go to your boss and explain what happened.

Is that really too difficult for you to understand? It is blindingly
simple.

You have a completely false sense of your own cleverness. The mistake you
are making is thinking that most employers actually care what their
employees do. Most don't seem to, or are just too ignorant or cheap to do
anything about it.


Re: Great Firewall/Australia censorship proposal
DerioD@yahoo.com says...
Quoted text here. Click to load it

LOL, notice I said it's easy to spot and that it won't work on a
properly setup firewall/network. I did not say that the admins could
tell what you are/were doing, only that it's easy to spot.

If you think I don't know what I'm talking about, why not explain why
I'm wrong.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
  drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)

Re: Great Firewall/Australia censorship proposal
Derio wrote:

Quoted text here. Click to load it

NOTE: soc.culture.china removed from my reply.  Not a related group.

Engage that 2nd brain cell.  Does it really matter that you are
encrypting your data for someone whose resources you are using from
blocking that data?  No.  Do they need to know what is the data to block
it?  No.  They can get the same software that you can.  They can trace
which SSL proxies are used to encrypt that data traffic.  Once they have
the IP addresses, poof, they get blocked.  Never been banned from a
forum, have you?  Such abusers then attempt to use anonymous proxies
which then get banned, too.  Go read up on WebSense, censoring software
and service used by many corporations to regulate their own employees
using the company's resources.  Anonymous proxies are probably another
category on which you can block the proxies, of course that being after
already detecting whether or not you are using a VPN connect and
deciding whether or not to allow you such a connect.

Since you're using their resources, they could simply and eventually ban
VPN connects unless you use their cert (so they can decrypt) with their
proxy and perhaps only with a permit and any other VPN connects are
rejected.

The suggested site doesn't do anything new.  It's an old trick, it's
easily detected.  It's easily blocked.  Why do you think that the site
never divulges just how they purport to secure your traffic?  Because it
would become obvious that it's just another SSL anonymizing proxy
selector.  Ooooh.  The censor can get the same software to obtain a list
of the same proxies, and then ban them.

Re: Great Firewall/Australia censorship proposal

X-No-Archive: Yes


Quoted text here. Click to load it


Well, as far as WebSense, and major filter software goes, I have that
taken care of. My firewall has been configurd to block all incoming
traffic. The filtering companies cannot crawl my site, and classify it.
That keeps my website out of the filtering lists of the major software
vendors, so people on most workplaces don't have to resort to
cicrumventing the firewall to access the web site. Now that actual
radio stream, that's anothe rmatter, becuase it comes through
Live 365, instead of my server.  But I do have a proxy that
listeners can use, that, just like the rest of the website, it not
in any filtering vendors' lists, becuase I have the IP ranges of
the filtering companies blocked, making it look like my web
site is not there, becuase their web crawlers are unable to
access and categorise our site.

And since doing that, our listenership has gone SKY
HIGH. There is a lot of more listening coming from schools
now, based on what StatCounter is telling me. Since Live
365 stations have to launch through the web site, I figured
out where to put the StatCounter code in the Broadcaster
Comments section on the station page, so that whenever
someone goes there to launch the broadcast, the code
is executed, and StatCounter records that information
where I then log in and examine the logs.

From this I do see a lot of people listening from public
agencies, such as schools, government offices, and the
like. I see a lot of listening, particularly when Christmas
music is running, at all kinds of private firms, such as
doctor's offices of every type. People listen to us in real
estate offices, accountingfirms, banks, law offices, consulting
firms, graphic design firms, and much much more.

The Christmas music we are playing through Christmas
has, so far, turned out to be very popular, and our
listennership has gone sky high, especially in offices
all over the globe.

They are tuning in, not only in the United States
and Australia, but in Canada, Sweden, Britain,
and Germany, and in large numbers. With our
Christmas music programme, we have become
a hit in offices all over the globe.



Site Timeline