Archives

by Jean Luc Picard

#China stops #VPNs we #stopcensure

 

Notice: VPNs Are Not for Fun

These two notices, posted to Google+ last week, inform employees at a business center in the capital of new measures to ensure that virtual private networks (VPNs) are used for work purposes only. VPNs allow users to connect to the Internet outside of China’s Great Firewall. Without access to the free Internet, it would be near impossible for most international organizations to do business in China. But because they have “abused their privilege,” these employees will now have to let technical staff know whenever they need access.

Warning

Recently, it has been discovered that at night in some rooms, staff have been privately logging on to prohibited websites (Facebook, Twitter, MySpace, etc.). Upon discovering such activity, the violator’s Internet access will be directly cut off and the police will be notified. In cooperation with police policy of Internet access through real-name registration, starting today, we will begin the trial implementation of PPPoE* real-name registration for Internet access.

Zhi Jia Rui He Business Center
Jinan City Internet Monitoring Team
2012-11-19

* PPPoE: Point-to-Point Protocol over Ethernet

Warning

In order to eliminate access to prohibited websites through use of software by internal staff, starting today, the function will now be disabled. For those who must use a to access the Internet, after preparing your file, go to D1 (88885681) and ask a technician to help set up your connection.

Jinan Zhi Jia Rui He Business Center
Jinan City Internet Monitoring Team
2012-11-19

Read more about the travails of VPNs, Google, and the free Internet in China from CDT.

Via CDT Chinese. Translation by Little Bluegill.

November 27, 2012 11:32 AM
Posted By:
from here

 

VPNs & Proxies

VPNs and proxies can be used as tools to get around the Great Firewall of China. This means that by using these tools one can access any website when in China, regardless of whether it’s blocked or not. Naturally, many of these tools are themselves blocked. Here’s an overview of some major VPN and proxies and whether they’re accessible in China. If the main website of the tool is blocked, it may be difficult to sign up for the service. However, the service itself may still be working.

Showing 1 to 64 of 64 matching URLs.

URL Tested Since Alexa Traffic Rank (Global)sort descending Blocked* Restricted**
URL Tested Since Alexa Traffic Rank (Global)sort descending Blocked* Restricted**
https://code.google.com/p/goagent Dec 17, 2012 1 0% 0%
https://itunes.apple.com/app/opendoor/id5438080… Dec 17, 2012 50 0% 0%
https://s3.amazonaws.com/0ubz-2q11-gi9y/en.html Dec 15, 2012 146 0% 0%
https://1.hidemyass.com Jan 10, 2013 855 0% 0%
https://hidemyass.com Jan 19, 2013 863 0% 0%
www.hidemyass.com Mar 19, 2011 863 100% 0%
hotspotshield.com Feb 26, 2011 7 302 100% 0%
https://www.torproject.org Mar 27, 2011 13 194 100% 0%
www.torproject.org Feb 25, 2011 14 804 100% 0%
cyberghostvpn.com Jul 22, 2011 35 080 100% 0%
https://btguard.com Dec 15, 2012 35 477 0% 0%
https://www.ipredator.se Jul 21, 2012 35 582 100% 0%
https://cyberghostvpn.com Mar 23, 2011 39 998 100% 0%
www.dongtaiwang.com/loc/download.php Dec 15, 2012 40 758 100% 0%
https://www.strongvpn.com Dec 15, 2012 43 793 100% 0%
www.strongvpn.com Mar 10, 2011 44 169 100% 0%
https://www.purevpn.com Mar 25, 2012 77 395 0% 0%
www.purevpn.com Mar 22, 2011 77 395 100% 0%
https://www.goldenfrog.com Mar 23, 2011 78 748 0% 0%
https://www.privateinternetaccess.com Dec 15, 2012 90 085 100% 0%
https://www.overplay.net Mar 23, 2011 108 830 100% 0%
https://ultrasurf.us Dec 17, 2012 109 571 0% 0%
www.overplay.net Aug 02, 2011 112 771 100% 0%
https://torrentprivacy.com Dec 15, 2012 119 231 0% 0%
https://www.tunnelbear.com Mar 10, 2013 137 816 100% 0%
https://www.kepard.com Mar 10, 2013 137 849 100% 0%
https://www.astrill.com Mar 23, 2011 137 870 0% 0%
www.astrill.com Apr 05, 2011 145 402 0% 0%
www.ibvpn.com Mar 10, 2011 149 866 100% 0%
www.hideipvpn.com Mar 04, 2011 157 695 100% 0%
www.witopia.net Mar 12, 2011 181 283 100% 0%
https://www.witopia.net Mar 25, 2012 203 843 0% 0%
https://www.ipvanish.com Dec 15, 2012 205 797 0% 0%
www.ffvpn.com Aug 30, 2012 228 417 0% 0%
www.vpnoneclick.com Dec 17, 2012 230 318 100% 0%
www.vpn4all.com Mar 04, 2011 234 651 100% 0%
https://www.grjsq.biz Dec 26, 2012 244 718 0% 0%
https://www.vpnreactor.com Dec 15, 2012 249 779 0% 0%
www.expressvpn.com May 23, 2011 288 613 100% 0%
www.puffinbrowser.com Apr 19, 2012 310 032 100% 0%
https://vpnreactor.com Mar 10, 2011 315 839 100% 0%
https://airvpn.org Mar 23, 2011 321 963 100% 0%
https://www.vpntunnel.com Dec 15, 2012 337 021 0% 0%
https://faceless.me Dec 15, 2012 338 542 100% 0%
www.itshidden.eu Dec 15, 2012 492 033 0% 0%
torvpn.com Mar 08, 2011 562 130 100% 0%
www.vpnvip.com May 19, 2011 639 311 100% 0%
https://mullvad.net Dec 15, 2012 661 566 100% 0%
https://www.vpnvip.com Dec 17, 2012 702 242 100% 0%
www.vpncloud.me Dec 19, 2012 714 047 0% 0%
https://www.privatvpn.se Dec 15, 2012 790 987 0% 0%
https://www.torservers.net Mar 23, 2011 802 574 0% 0%
https://www.blackvpn.com Dec 15, 2012 802 724 100% 0%
https://puffstore.com Dec 15, 2012 0% 0%
thefreevpn.com Mar 25, 2011 100% 0%
www.swissvpn.net Mar 19, 2011 100% 0%
psiphon.ca May 04, 2011 0% 0%
psiphon3.com Nov 08, 2012 0% 0%
www.vpnfire.com Dec 17, 2012 100% 0%
https://privacy.io Dec 15, 2012 0% 0%
www.ultrareach.com Feb 18, 2011 0% 0%
https://killwall.com Dec 19, 2012 0% 0%
https://ivacy.com Dec 15, 2012 0% 0%
www.yourprivatevpn.com Feb 14, 2012 100% 0%
* Blocked, in the last 30 days. ** Otherwise restricted, in the last 30 days. More info.
from here

 

Use our tools to bypass the censure

by Jean Luc Picard

Great Firewall of China

 

 

Online Censorship In China

GreatFire.org brings transparency to the Great Firewall of China. We have monitored blocked websites and keywords since 2011.

Latest Stats

Monitoring 969 Alexa Top 1000 Domains: 41 are blocked in China
Monitoring 17265 Domains: 1762 are blocked in China
Monitoring 7746 Google Searches: 1657 are blocked in China
Monitoring 371 Google Sites: 27 are blocked in China
Monitoring 1180 HTTPS: 218 are blocked in China
Monitoring 364 IP Addresses: 54 are blocked in China
Monitoring 60966 URLs: 8757 are blocked in China
Monitoring 13213 Weibo Searches: 1747 are blocked in China
Monitoring 433 Wikipedia Pages: 233 are blocked in China

from  here

Use our tools to bypass the censure

by Jean Luc Picard

Tor obfsproxy

 

https://www.torproject.org/images/tor-logo.jpg

 

 

is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.

 

Obfsproxy Icon

obfsproxy is a tool that attempts to circumvent censorship, by transforming the Tor traffic between the client and the bridge. This way, censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.

 

obfsproxy diagram

obfsproxy supports multiple protocols, called pluggable transports, which specify how the traffic is transformed. For example, there might be a HTTP transport which transforms Tor traffic to look like regular HTTP traffic.

Even though obfsproxy is a separate application, completely independent from tor, it speaks to tor using an internal protocol to minimize necessary end-user configuration.

Please open a ticket on our bug tracker for any bugs you find or features you would like to see added in future releases.

Looking for obfsproxy bridges?

You can use BridgeDB to get obfsproxy bridges.

Example:

Here are your bridge relays:

  bridge obfs2 96.47.67.233:12984  
  bridge obfs2 54.247.0.43:52176

Bridge relays (or “bridges” for short) are Tor relays that aren’t listed in the main directory. Since there is no complete public list of them, even if your ISP is filtering connections to all the known Tor relays, they probably won’t be able to block all the bridges.

To use the above lines, go to Vidalia’s Network settings page, and click “My ISP blocks connections to the Tor network”. Then add each bridge address one at a time.

Configuring more than one bridge address will make your Tor connection more stable, in case some of the bridges become unreachable.

Another way to find public bridge addresses is to send mail to bridges@torproject.org with the line “get bridges” by itself in the body of the mail. However, so we can make it harder for an attacker to learn lots of bridge addresses, you must send this request from an email address at one of the following domains:

  • gmail.com
  • yahoo.com

Looking for IPv6 bridges?

Looking for obfsproxy bridges?

Specify transport by name:

Note for experts: if you can use IPv6, try upgrading to Tor 0.2.3.12 or newer and use these bridge lines:

  bridge [2001:948:7:2::163]:6001
  bridge [2600:3c01::f03c:91ff:fe93:d525]:9001
  bridge [2600:3c01::f03c:91ff:fe93:b8ee]:443

Let us know how it goes!

Download Obfsproxy Tor Browser Bundle

We’ve made an experimental package that currently works in all censored countries with no config changes.

Windows Obfsproxy Tor Browser Bundle (signature).

OSX (10.6 & 10.7) Obfsproxy Tor Browser Bundle (signature).

Linux 32-bit Obfsproxy Tor Browser Bundle (signature).

Linux 64-bit Obfsproxy Tor Browser Bundle (signature).

Installation Instructions

To set up an obfsproxy bridge, or to build it from source, see the separate Obfsproxy Installation Instructions page.

Obfsproxy Instructions

client torrc

Hey! Are you looking for the guide on how to set up an obfuscated bridge on a Debian system? Check this out.

Step 1: Install dependencies, obfsproxy, and Tor

You will need a C compiler (gcc), the autoconf and autotools build system, the git revision control system, pkg-config and libtool, libevent-2 and its headers, and the development headers of OpenSSL.

On Debian testing or Ubuntu oneiric, you could do:
# apt-get install autoconf autotools-dev gcc git pkg-config libtool libevent-2.0-5 libevent-dev libevent-openssl-2.0-5 libssl-dev

If you’re on a more stable Linux, you can either try our experimental backport libevent2 debs or build libevent2 from source.

Clone obfsproxy from its git repository:
$ git clone https://git.torproject.org/obfsproxy.git
The above command should create and populate a directory named ‘obfsproxy’ in your current directory.

Compile obfsproxy:
$ cd obfsproxy
$ ./autogen.sh && ./configure && make

Optionally, as root install obfsproxy in your system:
# make install

If you prefer not to install obfsproxy as root, you can instead just modify the Transport lines in your torrc file (explained below) to point to your obfsproxy binary.

You will need Tor 0.2.3.11-alpha or later.

Step 2a: If you’re the client…

First, you need to learn the address of a bridge that supports obfsproxy. If you don’t know any, try asking a friend to set one up for you. Then the appropriate lines to your tor configuration file:

UseBridges 1
Bridge obfs2 128.31.0.34:1051
ClientTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed

Don’t forget to replace 128.31.0.34:1051 with the IP address and port that the bridge’s obfsproxy is listening on.

Congratulations! Your traffic should now be obfuscated by obfsproxy. You are done! You can now start using Tor.

Step 2b: If you’re the bridge…

Configure your Tor to be a bridge (e.g. by setting “ORPort 9001” and “BridgeRelay 1”). Then add this new line to your tor configuration file:

ServerTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed

Launch Tor using this configuration file. You can do this by using your favorite init script, or by pointing the Tor binary to the torrc file:

spawn tor

Next, find the TCP port opened by obfsproxy. Look in your log file for a line similar to this one:
bridge torrc
The last number, in this case 34545, is the TCP port number that your clients should point their obfsproxy to.

Congratulations! Tell your clients to point their obfsproxy to your IP address and to port 34545.

from here