I will be going to China soon, and i know some webpages are either blocked by the government, or users from chinese ip addresses are blocked by the websites. Is there something i can do to get around these hurdles?
I will be going to China soon, and i know some webpages are either blocked by the government, or users from chinese ip addresses are blocked by the websites. Is there something i can do to get around these hurdles?
yes , use a proxy server when surfing the web , it will be slower than the native speed
I did some research about proxies. Tor button and Foxyproxy seem good, but i have run into trouble with both of them. With Tor button, no web pages load, i just get this message
http://img139.imageshack.us/my.php?i...eenshotjv6.png
And with foxyproxy, i chose use default proxy for all url. But when i go to a 'whats my ip address' web site. I get the same ip address reported whether or not i turn foxy proxy on
The best solution is Tor.. Tor is a low-latency anonymity network that provides an anonymous interface to TCP services. The chinese government has not succeeded in blocking Tor, and a lot of Chinese activists use it, including Free Tibet protesters during the Olympics.
You can install Tor on Ubuntu via the usual means. You'll also want to install Privoxy, a filtering HTTP proxy, and the NoScript plugin for Firefox. Privoxy blocks adds and content which could compromise your anonymity (allowing the Chinese to figure out who and where you are) and NoScript blocks all client-side script including javascript, Java, and Flash (which also can compromise your anonymity).
Here are apturl links for easy installation:
Tor
Privoxy
NoScript
You should set up a different firefox profile for Tor use. Don't use Torbutton -- this encourages you to mingle anonymous and non-anonymous browsing in ways which could be unsafe. To do that, start firefox from the command line with the -ProfileManager argument. The command line is:
When you create a new profile for firefox, make an icon to launch it. Pick a different picture and alt-text for the icon, and make the command:Code:firefox -ProfileManagerTo secure the new profile, go into Edit>Preferences and disable cache and history. Set the offline data storage size to 0MB, and tell it to wipe cookies, history, offline website data, and authenticated sessions. Set the cookie preferences to default deny, and add hosts that you trust to the "exception" list. I also recommend installing ForceHTTPS, as Tor exit nodes are capable of reading any traffic you put through them that isn't encrypted.Code:firefox -P <profile name goes here>
If you're running Intrepid Ibix, you can increase your (already rather secure) setup's security by creating an encrypted ~/Private directory, with this command:
This will create a directory which is unlocked automatically at login, but without your password, will be nothing but encrypted data. Move your firefox profile into that directory by:Code:ecryptfs-setup-private
- Viewing hidden files in nautilus (control-H) and going into the ~/.mozilla/firefox directory
- Now, move the folder to your ~/Private directory.
- Right click the folder (that is now in your ~/Private directory) and select "Make Link".
- Move the link to your ~/.mozilla/firefox directory, and rename it to remove the "Link to " text.
Now, firefox will transparently access the encrypted folder. To remove all evidence of the anonymous profile, just delete that link and the desktop icon.
I understand this is a bit long for an ostensibly simple question, but anonymity is complex, and if you're going to be going up against the Chinese secret police, you need to be as secure as possible. Good luck.
You may want to have a look at this manual called How to Bypass Internet Censorship.
Jim
That's outside FireFox. Right click on the desktop and select "Create Launcher" (or click on the menu bar and select "add to panel", then "custom application launcher"). Put in a value for the name and comment, then for the "Command" field, put in:
The -P argument specifies the profile, the -no-remote argument tells it not to connect to an existing instance of firefox, so you can launch both profiles at the same time. Change your existing Firefox icon to have the command:Code:firefox -P <profile name here> -no-remote
And since the FLOSS Manuals manual was linked, it'd be good to tell you that you should definitely read the chapter on Tor Bridges as that will help you avoid detection inside China.Code:firefox -P <default profile name here> -no-remote
Thanks for the tips and links guys, i've set that up. One thing i've noticed however is that my ip address is reported as the same number (from a 'whats my ip address?' website), no matter which firefox profile i use, is that normal?
No, that is incredibly abnormal. However, I don't think I've mentioned how to specifically set up Tor for the anonymous profile, and if you haven't done that, you haven't really done anything. The Tor docs regarding that are here, but they don't go over manually configuring firefox proxy settings. Since we aren't using Torbutton, we need to do that ourselves.
Go to Edit>Preferences>Advanced>Network, and select the button "Configure how Firefox connects to the network". Set every "<Whatever> Proxy" value to localhost with the port 8118, and for "Socks Host" set the host to localhost and port to 9050.
Another thing I forgot to mention: Go to Tools>Addons>Plugins in the anonymous profile and install all the plugins except the printing one. No flash, no multimedia, nothing. Having those plugins increase the "surface area" of potential attacks.
To check your setup, go to http://decloak.net/ and run the test. If anything besides a Tor IP and a DNS server comes up, you haven't finished yet.
Looking in that link you gave me https://www.torproject.org/docs/tor-doc-unix.html.en
It says:
Open Privoxy's "config" file (look in /etc/privoxy/ or /usr/local/etc/) and add the line
forward-socks4a / 127.0.0.1:9050 .
to the top of the config file. Don't forget to add the dot at the end.
I found that file, but it seems more like a 'how to guide'. It starts like this:
It dosen't seem right to just stick they say the line they say at the above this table.Code:# Sample Configuration File for Privoxy # # Id: config,v # # Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/ # #################################################################### # # # Table of Contents # # # # I. INTRODUCTION # # II. FORMAT OF THE CONFIGURATION FILE # # # # 1. LOCAL SET-UP DOCUMENTATION # # 2. CONFIGURATION AND LOG FILE LOCATIONS # # 3. DEBUGGING # # 4. ACCESS CONTROL AND SECURITY # # 5. FORWARDING # # 6. WINDOWS GUI OPTIONS # # # #################################################################### #
Bookmarks