Anonymizer problem drags on.
The authenitcation service of Anonymizer could not recongnize IP addresses from inside of the Great firewall of China.
Labels: Proxy Services
Jun 29, 2006
The authenitcation service of Anonymizer could not recongnize IP addresses from inside of the Great firewall of China.
Jun 27, 2006
Ignoring the keyword detection of “Great Firewall of China”
Richard Clayton is presenting a paper (blog post here) that discusses some interesting details of the keyword detection mechanism of China's national firewall:
the keyword detection is not actually being done in large routers on the borders of the Chinese networks, but in nearby subsidiary machines. When these machines detect the keyword, they do not actually prevent the packet containing the keyword from passing through the main router (this would be horribly complicated to achieve and still allow the router to run at the necessary speed). Instead, these subsiduary machines generate a series of TCP reset packets, which are sent to each end of the connection. When the resets arrive, the end-points assume they are genuine requests from the other end to close the connection — and obey. Hence the censorship occurs.
the keyword detection is not actually being done in large routers on the borders of the Chinese networks, but in nearby subsidiary machines. When these machines detect the keyword, they do not actually prevent the packet containing the keyword from passing through the main router (this would be horribly complicated to achieve and still allow the router to run at the necessary speed). Instead, these subsiduary machines generate a series of TCP reset packets, which are sent to each end of the connection. When the resets arrive, the end-points assume they are genuine requests from the other end to close the connection — and obey. Hence the censorship occurs.
However, because the original packets are passed through the firewall unscathed, if both of the endpoints were to completely ignore the firewall’s reset packets, then the connection will proceed unhindered! We’ve done some real experiments on this — and it works just fine!! Think of it as the Harry Potter approach to the Great Firewall — just shut your eyes and walk onto Platform 9¾.
Though it is unrealistic to have all Web servers to ingnore TCP reset from China, Clayton's study offers unique details about the implementation of Great Firewall of China.Labels: Censorship
Jun 23, 2006
Anonymizer's Operation: Anti-Censorship update
In a recent email to its Chinese users, Anonymizer's Operation: Anti-Censorship, a special free service for internet users inside China, changed its web address and secure proxy IP address in order to counter the possible blockage by Great Firewall of China. You can get the software and updated secure proxy IP address from :
http://zidanchun.com/
However, several users inside China have reported problems with the new secure proxy IP address of Anonymizer's Operation: Anti-Censorship. The error message includes:
http://zidanchun.com/
However, several users inside China have reported problems with the new secure proxy IP address of Anonymizer's Operation: Anti-Censorship. The error message includes:
Authentication error: invalid country of origin
Error code = 208
Call support
Hopefully, this error could be soon corrected.
Error code = 208
Call support
Hopefully, this error could be soon corrected.
Labels: Proxy Services
Last posts
- Another delay in reparing submerged cables off Tai...
- Asia Cable Crisis
- News update
- Firefox's little secret with Yahoo
- First look at Psiphon
- Psiphon: Your Private Secure Web Proxy Server
- Wikipedia blocked again
- China: We don't censor the Internet. Really!
- Blogspot got blocked again by Great Firewall of China
- New Tools Beat the Great Firewall of China
