[FACT comments: Do it NOW! OpenDNS is what got FACT through our recent censorship crisis and kept us active. Don't wait until it's too late.]
Alternative DNS
Wikileaks
http://wikileaks.org/wiki/Alternative_DNS
English • Deutsch
Contents [hide]
1 todo
2 Howto for Windows
5 List of alternative DNS servers
This site provides guidelines for using alternative DNS servers in countries implementing domain name based censoring systems. A DNS server is like a phone book that helps your computer find the address of a website you are trying to visit. The censorship system implemented by major providers in Germany and other countries just does not give you a full phone book. Circumventing the censorship is as easy as using another phone book.
Please follow the instructions below to configure your computer with an alternative DNS server address below and to enjoy unfiltered access to the internet. The list will also give you an idea of the large number of organizations providing services that ensure your free access to information on the internet as well as ISPs that have chosen not to adopt the censorship system. We are all fighting for a common cause, please consider to contribute to them!
If you are running an unfiltered DNS server, please add it to the list.
todo
• Adding more instructions, maybe with our own screenshots?
Howto for Windows
• OpenDNS instructions for Windows XP
• OpenDNS instructions for Windows Vista
Howto for Mac
• OpenDNS instructions for Mac OS X Leopard (10.5)
• OpenDNS instructions for Mac OS X Tiger (10.4)
Instructions for routers
• OpenDNS instructions for most common routers
List of alternative DNS servers:
IPv4  |
IPv6 |
filtered |
Provider |
Territory |
|---|---|---|---|---|
| 85.214.73.63 | no | FoeBuD e.V. | Germany | |
| 62.141.58.13 | no | German Privacy Foundation e.V. | Germany | |
| 85.25.251.254 | no | German Privacy Foundation e.V | Germany | |
| 87.118.100.175 | no | German Privacy Foundation e.V | Germany | |
| 87.118.104.203 | no | German Privacy Foundation e.V | Germany | |
| 94.75.228.29 | no | German Privacy Foundation e.V | Germany | |
| 213.73.91.35 | no | Chaos Computer Club Berlin | Germany | |
| 212.82.225.7 | no | ClaraNet | Germany | |
| 212.82.226.212 | no | ClaraNet | Germany | |
| 217.11.49.200 | no | Manitu | Germany | |
| 217.11.48.200 | no | Manitu | Germany | |
| 208.67.222.222 | yes (Phishing, etc.) | OpenDNS | USA | |
| 208.67.220.220 | yes (Phishing, etc.) | OpenDNS | USA | |
| 58.6.115.42 | no | OpenNIC | Australia | |
| 58.6.115.43 | no | OpenNIC | Australia | |
| 119.31.230.42 | no | OpenNIC | Australia | |
| 82.229.244.191 | no | OpenNIC | France | |
| 88.191.77.10 | no | OpenNIC | France | |
| 91.186.21.136 | no | OpenNIC | United Kingdom | |
| 216.67.98.38 | no | OpenNIC | USA | |
| 216.87.84.209 | no | OpenNIC | USA | |
| 71.170.11.156 | no | OpenNIC | USA | |
| 156.154.70.1 | yes (Malware) | DNS Advantage | USA | |
| 156.154.71.1 | yes (Malware) | DNS Advantage | USA | |
| 194.145.226.26 | no | PowerNS | Germany | |
| 77.220.232.44 | no | PowerNS | Germany | |
| 83.243.5.253 | 2a01:198:16::5253 | no | private | Germany |
| 88.198.130.211 | no | private | Germany | |
| 92.241.164.86 | no | private / i-root.cesidio.net (cesidio root included) | Russia |
[FACT comments: If you are a free expression/free media group or a journalist who wishes to be a late signer to this call, please contact FACT or RSF.]
Reporters Without Borders and 31 other organisations urge Thai government to amend lese majeste law
Reporters Without Borders: April 29, 2009
http://www.rsf.org/article.php3?id_article=30936
“I posted a video of the king on the Internet,” Suwicha Thakor told Reporters Without Borders from behind a plexiglas screen in Bangkok’s Klong Prem prison on 20 April. “The police should have told me what I was doing was wrong. It is not right to be sentenced to 10 years in prison for this. I am not a problem for the country or its security. I am in prison for nothing.”
Suwicha was given the 10-year sentence on 3 April on a charge of lese majeste. Reporters Without Borders wrote to the king yesterday asking him to grant Suwicha a royal pardon.
Reporters Without Borders and 31 other human rights, press freedom and journalists organisations have issued a joint appeal to the Thai government for a revision of article 112 of the Thai criminal code on lese majeste.
Since a new government took over last December, the authorities have stepped up enforcement of the lese majeste law and the Internet has been one of the leading victims. Access to more than 50,000 websites is currently blocked because of content critical of the monarchy. Around ten people are being prosecuted (or have been prosecuted) for lese majeste and two of them have been convicted. The crime of lese majeste is punishable by three to 15 years in prison.
In their appeal, Reporters Without Borders and the other organisation say: “We see the current trend of multiple prosecutions for the same offences intended to stifle commentary, opinion and dissent.” The lese majeste law had not been used since 1991. Now not a day goes by without the People’s Alliance for Democracy, a member of the ruling coalition, trying to silence criticism in the name of respect for the king.
The appeal urges the authorities to “work with local free speech organisations for a moratorium on lese majeste prosecution so that a constructive dialogue can begin on the issue of Internet freedom.”
List of signatories:
1. Adil Soz, International Foundation for Protection of Freedom of Speech, Kazakhstan
2. Algerian Centre for the Defence and Promotion of Press Freedom (CALP), Algeria
3. Arabic Network for Human Rights Information (ANHRI), Egypt
4. Article 19, United Kingdom and international
5. Asian Human Rights Commission, Hong Kong
6. Associação Brasileira de Jornalismo Investigativo (ABRAJI), Brazil
7. Association of Independent Electronic Media (ANEM),Serbia
8. Bahrain Center for Human Rights (BCHR)
9. Canadian Journalists for Free Expression (CJFE)
10. Cartoonists Rights Network, International (CRNI), U.S.A.
11. Center for Media Freedom and Responsibility (CMFR), The Philippines
12. Center for Media Studies and Peace Building (CEMESP), Liberia
13. Committee to prtect Bloggers (CPB), USA
14. Committee to Protect Journalists (CPJ), USA
15. Doha Center for Media Freedom, Qatar
16. Electronic Frontiers Foundation (EFF), USA
17. Freedom Against Censorship in Thailand (FACT), Thailand
18. Freedom House, USA and International
19. Global Voices, international
20. Independent Journalism Center (IJC), Moldova
21. International Federation of Journalists Asia-Pacific (IFJ), Australia
22. International Press Institute (IPI), Austria
23. Instituto Prensa y Sociedad (IPYS), Venezuela
24. Initiative for Freedom of Expression (Antenna -TR), Turkey
25. Media, Entertainment and Arts Alliance (MEAA), Australia
26. Media Foundation for West Africa (MFWA), Ghana
27. Media Institute of Southern Africa (MISA), Namibia
28. Media Rights Agenda (MRA), Nigeria
29. Reporters sans frontières (RSF), France
30. Southeast Asian Press Alliance (SEAPA), Bangkok
31. World Association of Newspapers (WAN), France
32. World Press Freedom Committee (WPFC), U.S.A.
Giles Ji Ungpakorn, one of the lasts victims of the lese-majeste crime, is also joining the appeal.
Suwicha Thakor still locked up
Nicholas Farrelly
New Mandala: April 28th, 2009
http://rspas.anu.edu.au/rmap/newmandala/2009/04/28/suwicha-thakor-still-locked-up/
Thailand has been big news in recent weeks. With all the attention on Abhisit, Thaksin, Sondhi and all the rest it is all too easy to forget that Suwicha Thakor (สุวิชา ท่าค้อ) remains locked up for lese majeste. Political Prisoners in Thailand continues to update its file on his tragic case. He was, you may recall, sentenced to 10 years for his Internet thought crime. As I wrote earlier in the month:
Experience suggests that dogged media attention embarrasses the palace and the Thai political elite. It will be hard, no doubt, to keep foreign media outlets interested in Suwicha’s case but that is what he needs.
There are now the inevitable efforts to ensure that Suwicha is quietly forgotten. I don’t think that should be allowed to happen. His story would be of great interest to the many millions who have recently seen Thailand on their television screens and who are wondering where the deeper faultlines actually lie.
Twensored is using Twitter
30-04-09
Hey there! Twensored is using Twitter.
Twitter is a free service that lets you keep in touch with people through the exchange of quick, frequent answers to one simple question: What are you doing? Join today to start receiving Twensored’s updates. http://twitter.com/login
Already using Twitter
from your phone? Click here.
Red-shirts in Korat charged with lèse majesté for burning coffin in protest against Prem
Prachatai: April 26, 2009
http://www.prachatai.net/english/node/1178
On Apr 24, Papatchanan Ching-in, leader of a group of red-shirts in Nakhon Ratchasima province, reported to police after arrest warrant had been issued for her by the provincial court on the previous day.
She and her friends were charged with lèse majesté after they had staged a protest against President of the Privy Council Gen Prem Tinsulanonda, the People’s Alliance for Democracy (PAD), and the government by burning a mock coffin at the province’s Tao Suranari Statue on Apr 7.
On the coffin, they reportedly put a message referring to Prem by a royal prefix to mock what was believed to be PAD leader Sondhi Limthongkul’s slip of the tongue when he routinely appeared on his ASTV on Apr 3, saying, ‘the yellow shirts come out to protect Gen Prem, as […censored to save Prachatai of another possible charge..] is President of the Privy Council’. (see clip in Thai)
According to Nakhon Ratchasima Police Superintendent Pol Col Bunlert Wongwajjana, Col Weerapattarapol Bunchiaw, a military officer attached to Army Region 2 at the province, filed the charge with the police on Apr 9. On Apr 10, PAD members in the province also filed charges against them for lèse majesté, violations of national security under Criminal Code Articles 113, 114 and 115, and defamation under Article 326.
Denying all the charges, Papatchanan was brought to the provincial court and was granted bail guaranteed by her relative’s public service teacher position. She is obliged to report to the court on May 6. Her friends have yet to be identified by the police, said Pol Col Bunlert.
PAD members also filed charge against the police themselves, including Provincial Police Commander Maj Pol Gen Chatkanok Kiewsangsong, Pol Col Bunlert Wongwajjana, Deputy Police Superintendent Lt Pol Col Pichet Orachun, Deputy Police Superintendent Lt Pol Col Chalasin Chalalai and 10 other policemen who were present at the scene for dereliction under Criminal Code Article 157 which carries a penalty of 1-10 years in prison and a fine of 2,000-20,000 baht.
Source: http://www.prachatai.com/05web/th/home/16588
Bangkok Pundit: April 7, 2009
http://bangkokpundit.blogspot.com/2009/04/equating-prem-with-royalty.html
It seems to be the case that many are trying to equate Prem with Royalty or to put Prem at the same level as members of the Royal Family. The most recent attempt is by PAD leader Sondhi L a few days ago on ASTV. The excerpt of what Sondhi L states is in the video below:
Sondhi L states:
“เสื้อเหลืองออกมาปกป้องพลเอกเปรม ติณสูลานนท์ ในฐานะที่พระองค์ท่่านเป็นประธานองคมนตรี“
[Translation "The yellow shirts [will] come out to protect Prem in pra ong’s capacity is the Chairman of the Privy Council”]
BP: This is controversial as pra ong is the pronoun used to refer to HM the King, HM the Queen, other members of the Royal Family, buddhas, and gods.
Sondhi L is often loose with his language, but am a little surprised he said this. Was it a slip of words or did he mean it?
Right here, right now: Searching for Jakrapob evidence
13:21, April 29, 2009
A source informs us that the Special Branch police are at this moment raiding BBC offices in Bangkok, looking for evidence against Jakrapob.
Thailand Jumped the Shark: April 29, 2009
http://thailandjumpedtheshark.blogspot.com/2009/04/did-special-police-raid-bbc-bangkok.html
This is an interesting development, if true, because in the Thai language media there were a couple stories about how a committee was set up to look into Thaksin and Jakrapob’s recent statements that could be perceived as lese majeste.
In the stories, it said that it would be hard to get a foreign journalist to corroborate what Thaksin and Jakrapob said, as in a sworn deposition or as witnesses, because the farang value system is different than the Thai one, and the foreign media would protect them just for speaking their minds or having an opinion on the subject. In other words, it would be difficult for a foreign journalist to testify against Thaksin and Jakrapob over a lese majeste charge in an interview, especially outside the country.
If you take these stories with this the raid on the BBC, it seems like they are hunting for direct evidence instead testimony as to what they said, or it could be intimidation.
The Thai media–Nation Group and Manager Group– has really been ramping up the rhetoric against the foreign media. And, as far as I know, Jonathon Head, still has lese majeste charges against him too.
I think Abhisit would be an idiot to go after the BBC, but, I guess, stranger things have happened.
If the story is true, Suthichai Yoon and Thanong will be dancing on the rooftops.
[FACT comments: Perhaps self-exile is not looking so attractive to Jakrapob! Gambling is illegal in Thailand but who’ll bet on 10 or 20 years? Suwicha Thakor was never given all these chances! Jakrapob is a golden goose and Suwicha is just political cannon fodder.]
Jakrapob’s meeting with prosecutors put off
The Nation: April 29, 2009
http://www.nationmultimedia.com/2009/04/29/politics/politics_30101657.php
Public prosecutors on Wednesday postponed their meeting Jakrapob Penkair to June 15 before they make a decision whether to indict him for lese majeste.
Jakrapob, formerly a prime minister’s Office minister and until recently a leader of the red-shirt movement, asked for the postponement saying he had some business to attend to overseas.
The prosecutors decided to grant him the request because further investigation and questioning of witnesses, as well as translation of relevant documents, had not been completed, according to Kayasit Pisawongprakan, director-general of the criminal litigation division at the Attorney-General’s Office.
The case against Jakrapob is in connection to a lecture he delivered, in English, at the Foreign Correspondents Club of Thailand in August 2007.
If Jakrapob fails to report to the prosecutors on June 15, his guarantors would be asked to find him or an arrest warrant would be issued for him, Kayasit told a press conference at the Attorney-General’s Office.
Is Thailand blocking VPN?
29-04-09
Hello Facthai,
Is Thailand Blocking VPN now?
I have 3 VPN servers, now I can not connect to any of the 3 VPN servers anymore from Maxnet!
Also starting a few days ago, somesecure connections no longer work, like SSH connection , TLS encrypted connections, including e-mail connection to secure ports, all stopped working.
I am using CAT CDMA now and 1 out of my 3 VPN servers is still working, and so I could do a google search for Thailand blocking VPN and I found your website / blog.
I also found this article from last year:
Net lags suggest Thai govt monitoring traffic
Don Sambandaraksa
Bangkok Post: June 6, 2008
http://www.zdnetasia.com/news/internet/0,3…62042297,00.htm
Thailand’s Internet is stuttering with a series of unexplained outages and slowdowns that suggest that the government is running a far-reaching program to monitor its citizens’ online activities, one similar to the U.S. Carnivore e-mail policeware program.
This can be seen in the way YouTube is now all but unusable for TOT subscribers, and how sending large e-mail messages through a foreign server on port 25 often fails, while encrypted, non-standard ports or VPN access over the same network works fine.
A former security-consultant-turned-businessman in Thailand, speaking on condition of anonymity, said that the entire situation was seriously damaging business confidence and may be on the verge of being illegal, especially for foreign businesses operating in Thailand.
In many industries, a user has a duty to alert his company or his authorities if he knows that data has been compromised. But what if the leak is to a foreign government? That said, in most countries, national security laws override privacy laws.
There are legal ramifications on contract law, especially if the businessman is doing business with the Thai government or military.
“If you are going to do it, do it properly,” the former security consultant suggested.
China and Singapore, for instance, use a monitoring software package from a company called Xacct Technologies from Israel which is capable of far more than e-mail logging and can scale better than the system that he believes is in place now. Another packet monitoring system that is in use and can scale well is Phorm.
He first noted earlier this year that e-mail sending slows down as the work day progresses and fails almost entirely around lunchtime. His company uses a corporate e-mail server located overseas. Analysis of the traffic suggest that the authorities are intercepting anything on standard SMTP port 25, regardless of the destination IP address. He said he has the IP numbers he suspects to be the sniffing machines as the latency incurred there is far too long to be a regular switch.
To circumvent this monitoring, users can simply use a VPN to access their corporate network overseas, use SSL encrypted e-mail ports or even encrypt on an end-to-end fashion. Gmail remains secure when accessed via HTTPS, although he did question what went on behind the scenes when Thailand lifted the ban on Google’s YouTube and if any agreements had been struck.
That said, the former security consultant said that there was a legitimate need for governments to monitor e-mail for national security but that the way the Thai government had done it had failed miserably.
“How hard is the system to circumvent? I have to circumvent it as otherwise I have no way of getting my e-mail, by going to http://www.mail2pda.com or using HTTPS for Gmail. Then what’s the point? Already the government has lost the ability to gather intelligence.”
Rather it should have been done professionally and be totally invisible without the terrorists or the public knowing.
From the business point of view, it was just another in a long list of questionable decisions “that makes Thailand look positively Mickey Mouse”, he said.
Rather than announce to the world that they were intercepting and monitoring e-mail and thus making everyone use encryption, it would have been much better if the government had kept quiet and had done traffic pattern analysis on individuals to learn more about their network, he said.
For instance, if one person was using encryption all the time, the government should keep a close eye on him and who he contacts, but by botching up this project, it means that everyone has to use encryption and VPN and thus the government has lost its ability to gather information and protect the people.
The consultant also questioned the legality of the recent Thai cybercrime law in the context of European privacy laws.
In a seminar soon after the law was passed, police said that as long as a server host or ISP could provide a name to an activity, that would satisfy the 90-day log retention requirements.
However, according to European privacy law, putting a name to an activity requires user consent. Quite how this would affect Europeans doing business here, or Thais doing business in the EU, was still unclear, he said.
Another question was who had access to the information being gathered. In the past, the US government launched Echelon and Carnivore, projects aimed at wiretapping the Internet in the name of security. But at least they had clear objectives and responsibilities, unlike the clandestine Thai system that appeared to be in place, he noted.
The consultant saw three possible scenarios: “If the reason is to spy by the government, then you (a journalist) are at great risk personally. If it was decided it was important to monitor all e-mail and someone in government screwed up, this is fine and people should be happy. But if the reason is commercial and you are exposing someone’s email to somebody in the government, this is bad,” he said. Finally, he had a piece of advice he would like to pass on to the government: “The effort involved in censorship is far greater than the effort required to monitor, and monitoring gives you more information. Censorship blocks, monitoring gains intelligence.”
“In Europe, authorities infiltrated a major paedophile ring. They worked for 18 months, infiltrating and learning about the network, which operated in cells.” Many of the operatives are still in therapy. But by taking that route, they were able to expand their reach through the cells and gather evidence they could use in court. In the end, they arrested hundreds of people and more importantly, they pulled 26 children out of that network who were being abused.
“If they had taken the approach that this server has paedophilia and it has to be shut down, they might cut off access to 10 paedophiles but they would not have saved any children,” he said.
[FACT: Don is sadly no longer with Bangkok Post.]
Dissent Made Safer
How anonymity technology could save free speech on the Internet.
David Talbot
MIT Technology Review: May/June 2009
http://www.technologyreview.com/computing/22427/?a=f
“Sokwanele” means “enough is enough” in a certain Bantu dialect. It is also the name of a Zimbabwean pro-democracy website whose bloggers last year published accounts of atrocities by Robert Mugabe’s regime and posted Election Day updates describing voter intimidation and apparent ballot stuffing. You can visit Sokwanele’s “terror album” and see photographs: of a hospitalized 70-year-old woman who’d been beaten and thrown on her cooking fire (she later died, the site says); of firebombed homes; of people with deep wounds carved into their backs. You can find detailed, frequently updated maps describing regional violence and other incidents. You will be confronted with gruesome news, starkly captioned: “Joshua Bakacheza’s Body Found.”
Because this horrific content is so readily available, it is easy to overlook the courage it took to produce it. The anonymous photographers and polling-station bloggers who uploaded the Sokwanele material remain very much in danger. In a place like Zimbabwe, where saying the wrong thing can get you killed or thrown in prison on treason charges, you take precautions: you’re careful about whom you talk to; you’re discreet when you enter a clinic to take pictures. And when you get to the point of putting your information on the Internet, you need protection from the possibility that your computer’s digital address will be traced back to you. Maybe, at that point, you use Tor.
Tor is an open-source Internet anonymity system–one of several systems that encrypt data or hide the accompanying Internet address, and route the data to its final destination through intermediate computers called proxies. This combination of routing and encryption can mask a computer’s actual location and circumvent government filters; to prying eyes, the Internet traffic seems to be coming from the proxies. At a time when global Internet access and social-networking technologies are surging, such tools are increasingly important to bloggers and other Web users living under repressive regimes. Without them, people in these countries might be unable to speak or read freely online (see “Beating Surveillance and Censorship“).
Unlike most anonymity and circumvention technologies, Tor uses multiple proxies and encryption steps, providing extra security that is especially prized in areas where the risks are greatest. Paradoxically, that means it’s impossible to confirm whether it’s being used by the Zimbabwean bloggers. “Anyone who really needs Tor to speak anonymously isn’t going to tell you they use Tor to speak anonymously,” says Ethan Zuckerman, cofounder of Global Voices, an online platform and advocacy organization for bloggers around the world. “You can’t tell if it’s happening, and anyone who is actively evading something isn’t going to talk about it.” That said, the Sokwanele journalists “are extremely sophisticated and use a variety of encryption techniques to protect their identity,” he says.
Anonymity aside, Internet users in dozens of countries–whether or not they are activist bloggers–often need to evade censorship by governments that block individual sites and even pages containing keywords relating to forbidden subjects. In 2006, the OpenNet Initiative–a research project based at Harvard and the Universities of Toronto, Oxford, and Cambridge that examines Internet censorship and surveillance–discovered some form of filtering in 25 of 46 nations tested, including China, Saudi Arabia, Iran, and Vietnam.
In a new and still-evolving study, OpenNet found that more than 36 countries are filtering one or more kinds of speech to varying degrees: political content, religious sites, pornography, even (in some Islamic nations) gambling sites. “Definitely, there is a growing norm around Internet content filtering,” says Ronald Deibert, a University of Toronto political scientist who cofounded OpenNet. “It is a practice growing in scope, scale, and sophistication worldwide.”
Tor can solve both problems; the same proxies that provide anonymous cover for people posting content also become portals for banned websites. When it officially launched five years ago, the Tor network consisted of 30 proxies on two continents; now it has 1,500 on five continents, and hundreds of thousands of active users. And its developers are trying to expand its reach, both abroad and in the United States, because digital barriers and privacy threats affect even the free world. In the United States, for example, libraries and employers often block content, and people’s Web habits can be–and are–recorded for marketing purposes by Internet service providers (ISPs) and by the sites themselves. “The Internet is being carved up and filtered and surveilled,” says Deibert. “The environment is being degraded. So it’s up to citizens to build technologies to [counter these trends]. And that is where I see tools like Tor coming into play. It preserves the Internet as a forum for free information.”
Neutral Nodes
The product of a small nonprofit organization with eight paid developers and a few dozen volunteer security professionals around the world, Tor takes advantage of the fact that Internet traffic consists of two-part packets. The first part contains data–pieces of a Web page you are viewing, or of the photo file or e-mail you are sending. The other consists of the Internet protocol (IP) address of the sending and receiving computer (plus other data, such as the size of the file). Tor uses the latter portion–the addressing information–to build a circuit of encrypted connections through relays on the network (see “Dodging Spies, Data Miners, and Censors” next page). The requisite relays (which collectively serve as proxies) are operated on a volunteer basis at universities such as Boston University and a few corporations, and by computer-security professionals and free-speech advocates around the world. (Many Tor users also use existing technologies, such as HTTPS–a protocol for encrypting and decrypting a user’s page requests and the pages that are returned–to protect the content they are sending and receiving.)
Tor, like the Internet itself, emerged from military research–in this case at the U.S. Naval Research Laboratory in Washington, which built a prototype in the mid-1990s. The military interest was clear: without a way to make Internet traffic anonymous, an agent’s cover could be compromised the minute he or she visited .mil domains using the Internet connection of, say, a hotel. Even if the data were encrypted, anyone watching traffic over the hotel network could quickly figure out that the guest might be associated with the U.S. military. And the problem is hardly limited to hotel networks; IP addresses can be linked to physical locations by a variety of means (ISPs correlate such data with phone numbers, data miners can piece together clues from Internet traffic, and someone outside your house can confirm that you are the source of specific kinds of Internet traffic by “sniffing” data traveling over Wi-Fi). As a Tor presentation puts it, chillingly, what might an insurgent group pay to get a list of Baghdad IP addresses that get e-mail from a .gov or .mil account?
The navy project never emerged from the lab, but it attracted the interest of Roger Dingledine, a cryptographer concerned about a different aspect of Internet privacy: the way ISPs and websites amass databases on people’s browsing and search history. In 2000, at a conference where he was presenting his MIT master’s thesis on anonymous distributed data storage, he met a Naval Research Lab mathematician, Paul Syverson. The two men saw that tools for protecting military agents and tools for protecting Web surfers’ privacy could be one and the same, and together they revived the project with funding from the Defense Advanced Research Projects Agency (DARPA) and the navy.
The first public version of Tor, which came out in 2003, was available for anyone who cared to install it. But it worked only on open-source operating systems, and using it required at least some technical knowledge. The Electronic Frontier Foundation, the digital civil-liberties organization, funded development of a version for Windows, and soon a wider variety of users emerged. “Originally one of my big reasons for working on Tor was to provide tools for people in the West–Americans and Europeans–to let them keep their information safe from corporations and other large organizations that generally aren’t very good at keeping it to themselves,” says Dingledine, now 32, who is Tor’s project leader. But now, he says, some police agencies use Tor to make sure that an investigation of an online scam won’t be compromised by tipping the scammer off to regular site visits from a police department’s computers. And some companies, he says, use it to help them prevent competitors from figuring out, say, who is scouring their online product sheets.
It quickly became clear that this diversity was crucial to the technology’s success. “It’s not just safety in numbers; there is safety in variety,” Dingledine says. “Even if there were 100,000 FBI agents using Tor, you would know what it’s for: ‘You are using the FBI’s anonymity system.’ Even from the very beginning, part of the fun and the challenge was to take all of these different groups out there who care about what Tor provides, and put them all into the same network.” To help promote wider use, its developers made Tor far easier to install. And in 2006, they developed a new feature, the Torbutton, which allows Tor users to easily turn Tor on and off while they browse with the Firefox Web browser (turning it off speeds up Internet access but removes the protections).
Global spread
Syria is an all-purpose Internet repressor. It hunts down some bloggers; a Syrian named Tariq Biasi, for example, was recently sentenced to three years in prison for “dwindling the national feeling”; he allegedly posted a comment critical of the state’s security service online. Beyond going after online critics, Syria also blocks many websites–including Facebook, YouTube, and Skype–from all Web users in the nation. I spoke about Syrian censorship with another blogger, Anas Qtiesh; he sat in an Internet café in Damascus as I messaged him from my living room. Qtiesh isn’t worried that he’ll be tracked down, because he tends to blog about pan-Arab politics, not about criticisms of the regime. But he wants access to more of the Internet than the government permits, so the Firefox browser on his laptop sports the Torbutton. Click the button, and presto–the same Internet that everyone in America sees. To access blocked sites, his computer negotiates a series of proxies, eventually connecting to an IP address somewhere else in the world. This intermediary fetches the blocked material. “Tor brings back the Internet,” he wrote.
Qtiesh has plenty of company: Tor was always of interest abroad, but word of mouth and the introduction of the easy-to-use Torbutton have helped accelerate its global spread. Zuckerman has been actively promoting Tor through his Global Voices network. So have other advocates of online free speech in Asia, China, and Africa. And these efforts have been working. Wendy Seltzer, who teaches Internet law at American University and founded Chilling Effects, a project to combat legal threats against Internet users, saw that firsthand when she traveled to Guangzhou, China, for a blogger conference last year. China is generally acknowledged as the most sophisticated Internet filterer in the world; it employs a variety of techniques, including blocking IP addresses, domain names (the text name of a website, such as www.google.com), and even Web pages containing certain keywords (Falun Gong, for example). According to one report, Chinese security forces have arrested several hundred Internet users and bloggers in the past 10 years. Seltzer says that many bloggers she met in Guangzhou were using Tor. And when she went to an Internet café there, she reports, the computers were automatically configured to run the software.
In China, Tor is one weapon in a large arsenal. But in Mauritania, Tor appears to have single-handedly overwhelmed state censorship. Nasser Weddady is a Mauritanian-born son of a diplomat, now living in the Boston area. He is a civil-rights activist who seeks to call attention to the slavery still practiced in his native country, where black Muslims work in servitude for Arab and Moorish farms and households, far from the international spotlight. In 2005, in response to Internet filtering in Mauritania, he translated a guide to using Tor into Arabic and arranged for its distribution to owners of cybercafés. The effect was stunning: the government stopped filtering. Officials “didn’t know we were using Tor,” says Weddady. “I’m not sure they know what Tor is. But they noticed that our communications were not disrupted, so the filtering was useless.”
Such successes can be short-lived, of course, and Weddady predicts that the regime will regroup and resume filtering. “The Middle East in general is a civil-rights desert; it has some of the most sophisticated filtering operations in the world,” he says. “Plenty of people I personally know are using Tor in that region.” Users know that to any snooper, the messages they post appear to originate from a Tor relay somewhere else in the world, so cybercafé owners can’t rat them out even if they want to. “Tor doesn’t say, ‘Just trust us not to give out your information’–it says, ‘We have a design where nobody is in a position to give up your information, because no one person has it,’” says Seltzer, who volunteers on Tor’s board. “I do believe Tor is the best solution for people who are trying to get access to blocked matter, or are trying to speak anonymously.”
Bridging Tor’s Gaps
Neither Tor nor any other tool is a perfect solution to Internet spying and censorship. As an open-source project, Tor publishes everything about its workings, including the addresses of its relays. That doesn’t betray the actual source and destination of users’ information, but it does mean that a government could obtain this list of addresses and block them. (So far, nobody has taken this step, though Iran, Saudi Arabia, and the United Arab Emirates did find a way to block Tor for a few months in 2008.) Second, using Tor can make Internet access painfully slow; online activities can take more than 10 times longer when using Tor, according to a study by Harvard’s Berkman Center for Internet and Society. “It turns out the speed of light isn’t so fast after all,” Dingledine deadpans. And this problem is getting worse; in the past year, the number of users has increased faster than Tor’s developers can add relays.
But the biggest limitation is simply that all these tools still reach only a narrow slice of the world’s Internet users. Yes, if you’re a business traveler in China and have technical savvy and bandwidth–or you hire someone to set you up–you can circumvent government filters. (It’s generally understood that state security forces will rarely move to shut down circumvention tools unless they’re publicly embarrassed by being outsmarted online.) But a recently released Berkman report by Zuckerman, faculty codirector John Palfrey, and researcher Hal Roberts has concluded–on the basis of data supplied in 2007 by makers of circumvention software–that only a few million people use the major circumvention tools worldwide. It’s true that usage has grown since then–and this estimate doesn’t count everybody who has figured out a way to use proxies. Still, China alone has 300 million Internet users, and the researchers believe that most of them aren’t equipped to fight censorship. Meanwhile, the list of nations that censor is only growing. Two years ago, Turkey piled on, with particular zeal for stamping out criticism of the nation’s founding father, Kemal Atatürk.
Tor is preparing for the fight against relay blocking by creating a system of “bridge nodes”–a constantly changing list of IP addresses through which people can reach the main network of relays. A user can simply send an e-mail asking for a bridge address. Of course, an Iranian censor could also request and block such addresses, but the idea is to defeat such efforts by generating ever more bridges, donated by a wide range of Internet users. And Jonathan Zittrain, a Berkman cofounder and Harvard Law School professor, envisions going even further. “The next big moment that the Tor people haven’t implemented–something in the background, something that would be huge–would be if your use of Tor, by default, makes you a Tor node yourself,” he says. “At that point, it totally scales. The more people use it, the more people can use it.”
As part of a three-year effort to improve the software and expand its use, Tor’s staff and volunteers will step up appeals for Tor users to let their computers serve as bridges to individual users elsewhere. But taking the next step–becoming a relay, or node, potentially available to any Tor traffic–would massively increase the traffic flowing through a user’s computer. If users became nodes by default, it could defeat the purpose of using Tor to remain low key: once a user wandered into a cybercafé to blog anonymously, that terminal would soon stand out as a hub of Internet traffic. What’s more, such a system “sets off an arms race with all the network providers and network administrators,” says Andrew Lewman, Tor’s executive director. “It increases traffic, and we become something they might block, because that’s their job.” Tor would ultimately like to find safe ways to enlist distributed help, but for now, developers are pursuing intermediate goals, such as limiting bulk data transfers and improving the flow among existing Tor relays.
One criticism leveled against Tor is that it can be used not only for good purposes but for bad–protecting distributors of child pornography, for example. Dingledine’s response is that Tor’s protections help law enforcement catch criminals, too, while criminals may find it more effective to use neighbors’ or public Wi-Fi links, or hacked computers, to mask their identities.
Another concern is that circumvention tools–especially those that only use a single proxy, which holds information about who is talking to whom–can create privacy and security worries of their own. Earlier this year, Hal Roberts discovered that certain tools used widely in China–DynaWeb Freegate, GPass, and FirePhoenix–appeared to be offering to sell users’ browsing histories. While there’s no evidence that any individual’s privacy was compromised, the point was made: in many cases, using anonymity or circumvention systems still means trusting an organization with your information–and trusting that its privacy policies can and will be honored. (With Tor, it’s a bit different; since no single relay ever holds the information about the complete route, you must trust the integrity of algorithms that obscure connections between origins and destinations.) “I don’t doubt the dedication of the people hosting these tools, but what I’m concerned about is whether they will protect your data,” Roberts says. “The biggest takeaway is: they have that data.”
Dingledine thinks events will push people to seek the protections that Tor and other tools provide. In 2006, for example, AOL gave away millions of users’ search terms for research purposes. Although the searchers were identified only by random numbers, bloggers and reporters were quickly able to identify individual users from clues based on the search terms. (Since Tor uses a different router pathway for each user each time, it’s impossible to amass such aggregate data about even an anonymously identified Tor user.) Dingledine reasons that each time a national censor blocks news sites and YouTube, or an ISP or website loses or sells or gives away user data, people will seek solutions. “The approach we’ve taken so far is to let the bad guys teach people about it,” he says. “Let the AOLs and the China firewalls screw up. Let everybody read about why they want privacy on the Internet.” More and more people might just decide that enough is enough.
David Talbot is Technology Review’s chief correspondent.
FACT censored [and how to resist]
Political Prisoners in Thailand: April 28, 2009
http://thaipoliticalprisoners.wordpress.com/2009/04/28/new-fact-censored-and-how-to-resist/
On 26 April 2009, Freedom Against Censorship reported that access to their site was being blocked by at least ISPs in Thailand: TOT ADSL, Kasetsart University, and Buddy Internet. FACT has issued a letter of protest and has also asked readers to let them know if other providers are blocking their site. Read the full article here: “Freedom Against Censorship Thailand CENSORED!”
On 27 April 2009, FACT posted a workaround. If you are having difficulty using the original site, then access the site here. [Note: http has been replaced by https]. Share this information widely.
