this post was submitted on 10 Aug 2023
961 points (98.6% liked)

Technology

59219 readers
4404 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] cman6@lemmy.world 142 points 1 year ago (5 children)

In case anyone wondered how to potentially get around this...

  • Pay for a server in another country that gives you SSH access
  • Create SSH SOCKS tunnel: ssh -N -D 8008 your-server-ip
  • Open your browser and set the SOCKS server to localhost:8008 (in Chromium/Firefox you can search for this in Settings)
[–] tal@kbin.social 22 points 1 year ago* (last edited 1 year ago) (1 children)

So, that's definitely better than nothing, but your browser isn't the only thing -- though these days, it is a very important thing -- that talks to the Internet. If, for example, you're using a lemmy client to read this, I'd bet that it's good odds that it doesn't have SOCKS support.

Though I wouldn't be surprised if someone has made VPN software that intercepts connections and acts as a proxy SOCKS client, which would make it work more like a traditional VPN if you can reach a remote SOCKS server, though maybe with a performance hit.

googles

Yeah, okay, looks like stunnel can do this on Linux. So it's a thing.

You don't need a 100% solution, though, to have a pretty big impact on society. Combine technical barriers with it just being easier to not think about what's going on outside, maybe some chilling effects from legally going after people who do start doing things that you don't like (viewing websites, spreading information, etc), and you can control people's information environment a lot. Make using circumvention solutions illegal -- okay, maybe you can bypass their system if you don't get caught, but do you want to risk it? Make creating or spreading circumvention solutions really illegal. Do you want to risk getting in a lot of trouble so that random other person can get unrestricted or unmonitored Internet access?

On that note, I was reading about the way North Korea does it in an article from someone who got out of North Korea. That is about as close as it gets to a 100% solution. Only a few thousand people are authorized to get Internet access. You need to apply to use the Internet with a couple of days lead time. Each pair of computers has a "librarian" monitoring what the Internet user on each side is doing, and every five minutes or so the computer will halt with whatever you were doing on the screen and require fingerprint re-authorization from the "librarian" to continue. Users are not allowed to view pages in Korean, just English and Chinese (I assume because most information out there that you'd have to go outside North Korea to get access to is likely available in either English or Chinese, and they definitely don't want people seeing anything out of South Korea).

That pretty much screws North Korea in terms of access to information, is a costly solution, but if you place an absolute priority on control of the information environment, North Korea does prove that it's possible to take a society there.

[–] SpaceCowboy@lemmy.ca 8 points 1 year ago (1 children)

North Korea does prove that it’s possible to take a society there.

I don't think NK took themselves there, they were already there when the internet was invented. Easier to limit access to few people when you have draconian measures in place when access becomes possible.

Having a society that already widely has access to one that has extremely limited access is a lot more difficult.

[–] Corkyskog@sh.itjust.works 3 points 1 year ago

This is a good point that many don't think about. Even if you could somehow drop hardware and free starlink into North Korea it wouldn't even matter because the citizens never grew up on internet culture. No one would be able to figure out what to do with it by the time they got caught.

[–] petrich0r@lemmy.world 12 points 1 year ago* (last edited 1 year ago)

Unfortunately it would be trivial to block an SSH tunnel like this. I recall reading news 10 years ago (maybe even earlier) some foreign journalist tried this at a Beijing hotel room and got shut down in minutes. That was when people are still using PPTP and L2TP protocols to get around censorship, Wireguard and shadowsocks wouldn't be born for another couple years.

[–] DefinitelyNotBirds@lemmy.world 11 points 1 year ago

This is actually pretty interesting, thanks for sharing. Although i live in a third world country that doesnt care about anything at all including piracy, but this tunneling thing looks pretty handy

[–] droans@lemmy.world 6 points 1 year ago* (last edited 1 year ago)

Couldn't you also just set the VPN to use port 443?

E: Apparently this isn't enough. IE, for Wireguard, you would need to find a way to obfuscate the handshake.

[–] Jaysyn@kbin.social 2 points 1 year ago (1 children)

I'm not 100%, but I think you could set this up for free with an Oracle AlwaysFree tier VM.

(Boo Oracle, yes I know. Still very handy.)

[–] DAMunzy@lemmy.world 4 points 1 year ago

Just looked up Oracle Always Free... Good to know about, thanks!