Archive

Posts Tagged ‘China’

EFF Takes On Cisco’s Role In China

August 25th, 2011 No comments

“Several years ago, writer Du Daobin posted several essays on the internet, protesting such things as unfair taxes and the corruption of the media. He was then charged with ‘inciting subversion of state power,’ arrested, and after many legal twists and turns, tortured in prison. Daobin, along with several other dissidents with similar stories, decided to sue Cisco Systems (PDF) earlier this year under the legal theory that it aided and abetted China’s violation of the Torture Victim Protection Act of 1991. As the case moves forward, the Chinese Ministry of Public Security has stepped up its surveillance, harassment, and interrogation of Daobin and the others. The Electronic Frontier Foundation has now joined the Laogai Research Foundation to draw attention to the case. As part of its opening move, it has asked Cisco to make public statements in support of human rights, hoping that the company’s influence with the Chinese government will provide some modicum of protection for the threatened dissidents.”

Source slashdot /.

Categories: News Tags: , , ,

Bypassing the Chinese Firewall

March 11th, 2011 No comments


There are multiple ways to bypass the Chinese Firewall, using VPN, anonymous browsers or Tor. But I prefer to use the most simple way, which for me is using an ssh tunnel.

host:~user$ ssh -D 8888 login@myserver.org

(There is also a nice GUI for those who are not familiar with the command line.)

Then I configure my system preferences to use the socks proxy on 127.0.0.1:8888, which can also be done in Firefox Network settings. (see screenshots)

As the Chinese Government also tries to block external sites, such as Youtube and Openleaks, by filtering DNS requests, it’s necessary to filter this too. One could e.g. point them to 127.0.0.1 (in system preferences) and then send through another ssh tunnel:

host:~user$ sudo ssh login@myserver.org -L 53:127.0.0.1:53

(sudo because 53 is a privileged port.)

But actually it’s easier by just hacking the firefox configuration:

Luckily, with SOCKS5 Firefox can control which side of the proxy handles DNS lookups. By default, it does the lookups locally resulting in the scenario above. To change this, set network.proxy.socks_remote_dns = true in about:config. This makes the SOCKS proxy more like a regular proxy, where DNS is handled by the remote end of the tunnel.

… or one can install iodine and tunnel all DNS requests accordingly.

Have phun!