Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Enthusiast Zone > Networking > evading government Internet filters

evading government Internet filters
Thread Tools
ctbritt
Forum Regular
Join Date: Aug 2002
Location: Beirut, Lebanon
Status: Offline
Reply With Quote
Jan 20, 2008, 06:48 AM
 
Hello all-- I'm hoping someone can offer some advice.

I'm moving soon to a country that shall not be named, but it's got hella internet filters because it wants to protect its poor citizens from the evils of the West. It even deems Flickr a threat. Whatever.

I would like a solution to get around this, and I need to get it before I move to said country because their filters block access to proxies, information about proxies or information about evading the filters.

Email is not a problem. I already use secure email using OS X that is encrypted and signed. My wife uses hotmail and doesn't care.

Its normal internet traffic that's the problem. I'm thinking I need to set up a server in the states (ideally using a Mac Mini) on a home DSL line at my brothers'. I want to be able to connect securely to this machine that will then route my Net traffic back to me, by passing this country's filters. The problem is I'm not sure exactly what this involves. Web ssl? SSH? I've been doing some research but it's very technical and I"m not understanding it so much. I think I need to set up a VPN to connect to the Mac Mini that then acts as a web proxy, right?

I'd like the system to be like this:

1. I set up the networking system pref on my laptop to connect to a proxy server (or VPN) on both mine and my wife's MacBook Pros and forget it.
2. The USA-based system should be as maintenance free as possible. (I'm hoping with screen sharing in leopard, I'll be able to maintain it.)
3. I want to be able to connect to a innocuous URL (for the proxy) that I already own that resolves to the Mac Mini in the states.
4. It should be open-source if possible or OS X-based.
5. It should all run on Mac OS X Leopard. (Do I need the server version to do this?)

Any thoughts on how to do this? Simple and transparent are the watchwords once it's set up... I don't mind a bit of complexity in the middle, if it's easy enough to follow. But my wife is very non-technical and she doesn't want to bother with a bunch of terminal commands.

Thanks very much, and I hope someone can point me in the right direction.

best,
chris
( Last edited by ctbritt; Jan 20, 2008 at 12:33 PM. )
     
Cold Warrior
Moderator
Join Date: Jan 2001
Location: Polwaristan
Status: Offline
Reply With Quote
Jan 20, 2008, 10:27 AM
 
My first suggestion would be to not use your name on the Internet when asking that question. A quick Google search for you by a 3rd-party intelligence service would no doubt turn up this question.

VPN is simple and effective. You can purchase a router for your US-based residence, and you'll be able to use OS X to tunnel securely to it. At that point anything you choose to do on the net will appear as if it's coming from your US broadband connection.

Another option is to use a commercial VPN provider. I use VPNout and they work well. You'd need to use the openvpn client and Tunnelblick as your GUI (if you want a gui). Openvpn needs only a single port open. It automatically searches for it, then uses it to encrypt the connection to your VPN.

If that country is serious about filtering, it may employ people who scan logs for lots of encrypted activity outside of standard SSL web traffic.
( Last edited by Cold Warrior; Jan 20, 2008 at 11:23 AM. Reason: clarity)
     
bearcatrp
Senior User
Join Date: Dec 2005
Location: Minnesota
Status: Offline
Reply With Quote
Jan 20, 2008, 10:29 AM
 
I wish I could remember the site I read about. I was reading a newsgroup in one of the many I have about defense. They were talking about a series of servers set up for journalist in some of these countries to bypass the country there in and bounce through 5 or 6 hosts to get messages out and stuff. I was on the site once and even asked for other volunteers to set there computer up to help with the cause. I'll try to find it and get back to you but this would work for you (if I can find it again). Try doing a search on journalist in foreign countries and see if you find it.
Randy
2010 Mac Mini, 32GB iPod Touch, 2 Apple TV (1)
Home built 12 core 2.93 Westmere PC (almost half the cost of MP) Win7 64.
     
ctbritt  (op)
Forum Regular
Join Date: Aug 2002
Location: Beirut, Lebanon
Status: Offline
Reply With Quote
Jan 20, 2008, 12:37 PM
 
you make a good point, cold warrior, and i've edited the post. I also found Witopia.net, which seems like a good solution. I'm looking at VPNout, too.

Thanks!
     
hwojtek
Forum Regular
Join Date: Dec 2007
Location: a small village in western Poland
Status: Offline
Reply With Quote
Jan 21, 2008, 04:07 AM
 
Don't forget Saudi Arabia bought enough equipment to make life much harder than expected if these (relatively) low-end VPN solutions are used.
AFAIK the only way for an uncensored internet experience is to connect through the independent link your Embassy has. Which means - going to the Embassy's library.
Wojtek

All Macs still running: iMac G3 Trayloader 333MHz, iMac G3 350 MHz, iMac G4, PM G4 DP 1.6 GHz, 2 x eMac 1 GHz, PBG4 12" 1.5 GHz, Mac SuperMiniā„¢ C2D 2.33GHz/802.11n/200GB, Mac Pro Quad Core 2.0 GHz/4GB.
     
Cold Warrior
Moderator
Join Date: Jan 2001
Location: Polwaristan
Status: Offline
Reply With Quote
Jan 21, 2008, 11:48 AM
 
If you have plenty of money, you could also try to use a satellite solution.
     
rjt1000
Senior User
Join Date: Jul 2003
Location: Asia
Status: Offline
Reply With Quote
Jan 22, 2008, 12:35 AM
 
Using an SSH SOCKS proxy would work for you in most places in the world, allowing you to create an encrypted tunnel between the hostile country and your USA based computer (for more info check out my post in this thread). But if the country you are moving to may be monitoring internet traffic for any use of encryption, and possibly penalize you heavily if you do, I could not advise you to use it. I would suggest speaking with western expats once you arrive and get their advice on how best to connect to the west. Good luck.
( Last edited by rjt1000; Jan 22, 2008 at 01:09 AM. )
     
dimmer
Mac Enthusiast
Join Date: Feb 2006
Status: Offline
Reply With Quote
Jan 26, 2008, 05:24 PM
 
The "Reports without Borders" document on this topic may be of use to you as well. As may the BoingBoing.net page.
( Last edited by dimmer; Jan 26, 2008 at 05:28 PM. Reason: added BoingBoing.net link.)
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 03:40 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,