As of 7/12/08:

Domains not reachable:

- facebook.com (was reachable on 6/29/08)
- icanhascheezburger.com (was previously able to load site without pictures but now totally unreachable)
- uncyclopedia.com
- torproject.org
- dit-inc.us

Domains reachable:

- cnn.com
- bbc.co.uk
- xkcd.com
- wikipedia.org

The combination of Privoxy+Tor is again successful in accessing the blocked sites.
I chose to use this method because of its usability: free, well-integrated into popular browsers, and easy to setup.

However, there are several importants caveats to using tor:

- The network as it exists will not support connections requiring a lot of bandwidth (i.e. bittorrent, massive file transfers, etc.). It will work but it will be extremely slow. I need to stress that such usage will also have a negative impact on other tor users.
- The software is experimental and should not be relied upon for strong anonymity.
- The most reliable source for software and updates (torproject.org) is not reachable without a working copy of Tor.
- Very few entry nodes are reachable. This raises some serious questions about the immediate security and long-term viability of Tor.

In my 80 hours or so logged into a functional circuit, I have seen only three distinct entry nodes. From a security standpoint, it is easy to believe that these entry nodes are planted or otherwise compromised to allow monitoring. Even if the entries are legitimate, it wouldn’t be hard to shutdown the network entirely. I leave this as an exercise to the reader.

There is an interesting paper on timing attacks for any onion router network:
Low-Resource Routing Attacks Against Anonymous Systems by Kevin Bauer, Damon McCoy, Dirk Grunwald, Tadayoshi Kohno, Douglas Sicker
http://www.cs.colorado.edu/department/publications/reports/docs/CU-CS-1025-07.pdf

There are many alternatives to Tor which I will decline to list here. One that I am investigating is FreeGate: dit-inc.us.

I encourage readers to have a plan of action in case Internet access is restricted in their area. What tools do you have immediately available to facilitate a breakout? If you don’t usually encrypt communications (i.e. pgp or some variant), will you want/need to? How many of your contacts will you be able to reach via other means (secure or not)?

Sites that are accessible:

- Gmail over 128bit SSL

- International Google

- myspace.com (not confirmed entirely accessible)

- facebook.com (ssl login okay)

Domains not accessible:

- wordpress.com

- livejournal.com

- meetup.com

- bbc.co.uk

Tools used:

- Vidalia (Tor) and privoxy

- open proxies from proxy.org

Success on all blocked sites with the above combination.

It took a LONG time to grab the list of relays in the Tor network. Given how few entry points there were, I suspect that most of the entry points are blocked. Tor has to find at least one open entry, pull an updated list of relays and then try to build a connection. I would not rely upon this method in the long term. Sad, but true.

Note on open proxies: use as much caution as you would any unfamiliar website. Many open proxies are heavily polluted with ads, pop-ups and worse. Proxies based out of your country may be your best bet.

(The next update may take a while. I only slept 3 hours before my flight and am experiencing just a touch more jetlag than expected. Crashing in 3…2…1…)

…there is a Great Firewall looming over the webscape. Like any good defensive wall it keeps out invaders. Yet, the oft unnoticed aspect of walls is perhaps just as important. It keeps people in. Whether the wall is cyber or physical, it sends a not-so-subtle message that “We are all you should be interested in. There is nothing out there that a right-thinking person would want to see.”

Let me point out that this is true to some degree everywhere. Some methods are explicit. Others are far more insidious – a subtle manipulation of reality. But this is a topic for another time.

Like the typical wrong-thinking person, I have become accustomed to my free access to the Internet. Being unwilling to give it up, I have prepared for a small scale inspection of this Wall with just a touch of breaching as required.

First would be a survey of what is actually allowed and prohibited. The easy way is to hit the hotspots: wikipedia, major news sites, blog hosting sites, etc.

Next step is to examine what tools remain accessible. Are open proxies still available? How about the Tor network? One can quickly get a feel for if/what kind of crackdown has been made. The availability of some kind of open access, even sporadic, would have a huge impact on the success of breakout attempts. Open access means a chance to download new tools, refresh lists of proxies, exchange information and in short, buy oneself a little more time.

Finally, I will examine what methods are required to reach the blocked content. Personally, I suspect that one method will work for everything but there are inherent risks in being a one-trick pony. The sentries, though lumbering, are always moving. Sitting still is one of the best ways to find yourself locked down. Without outside assistance, it could be very difficult to break free again.

Reports on the above are forthcoming over the next week. Silence on the wire would suggest a much stronger adversary than I had anticipated.

To leave you with a bit of concrete information, I present the following tips on finding power outlets at airports.

1) Endeavor to fly through good airports and on good airlines. The Southwest terminal in Austin-Bergstrom has laptop bars setup with stools and a raised counter with two outlets per person. Good for your cell phone, too! The Continental terminal at Newark International actually has most outlets covered up with metal plates. Which leads me to number two.

2) Look around you for electronic devices. TVs, speakers, lighted signs, etc. all require power. If they’re going to wire those signs, it wouldn’t be too much of a stretch to place an outlet on the floor or wall. Electric cart parking/recharging areas by definition have power. Construction vehicles used indoors are usually electric. Discovering where they charge is akin to finding the lair of a dragon.

3) Wander into an empty part of the terminal and look for others with electronics. These people may have done the work for you.

4) Check near pillars and other structural supports.. An unadorned pillar may have surveillance or NBC detection equipment inside. Water fountains also require beaucoup electricity.

5) If your desperate, check behind the ticket counters at unused gates. Just be aware that security may not be happy to find you back there.

6) Another last-ditch power source can be found in restrooms. Some models of automatic sinks plug into the wall. Of course, this depends on the type of sink and layout of the bathroom. This is option is wet, conspicuous and difficult to explain.

7) Use your imagination! Observe your environment carefully and take nothing for granted. Even if you have to stand in the middle of the floor and strike a pose while you text.