Primer on Anti-Censorship Software

So your Web access is censored. How can you visit banned Web pages? Answer: That depends on your situation. If your Internet connection is entirely cut off, you may need to use something like a cell phone, assuming you still have cell service; otherwise, you may need a satellite phone. If you do still have an Internet connection, there are several ways to access banned Web pages using various software packages. All of them involve routing your Web traffic around the censoring filter to get to banned sites, by accessing special software on a server outside of the censoring filter that you can access; that server in turn can access the sites you want to visit. Here we divide anti-censorship solutions into two rough groups: those that require you to install or configure something on your computer ("cliented" solutions), and those that don't ("clientless" solutions).

Cliented Solutions

These methods work if you're willing and able to install a piece of software on your browsing computer. It could be a browser plugin, or it could be an independent piece of software. Some solutions only enable access to Web content, while others (like a VPN) enable all of your network traffic to circumvent any censoring filters.

You can also use an HTTP proxy or an SSL (secure) proxy to get around censorship. These don't require you to install any software, but you must reconfigure the browser to use the proxy that you or someone else installed on another server.

Cliented solutions tend to be more bug-free than clientless solutions because of their simpler architecture, so virtually all Web pages will work correctly through them. However, not everybody is willing and able to install software on the browsing computer, or to reconfigure their browser-- they may be using a public terminal, or they may not trust that the software is virus-free and otherwise malware-free.

Clientless Solutions

Clientless solutions let you visit a URL where the anti-censorship software is running, tell it the URL of the page you want to visit, and then view that page. You seem to be browsing the Web normally, except that all your Web traffic is redirected through the special software (which is reflected in the URL in your browser's location bar).

Clientless solutions do require the software to be installed on a server outside of the censoring filter, but a single installation can be used by many users. Thus, one person can install the software on a server which can then be used by that person's friends and family.

Clientless solutions tend to be more complex to write than cliented solutions, and as a result some Web pages may work incorrectly through them.

CGIProxy

CGIProxy was the original anti-censorship software, and it is a clientless solution. It has been in development and use since 1996, and BIFSO's initial primary task will be to update CGIProxy to support new Web technologies and fix bugs. Among clientless solutions, CGIProxy is the most rigorous in supporting pages with JavaScript (i.e. "dynamic" pages), which includes almost every popular Web page today.

You can download CGIProxy from its home page or from BIFSO's site. As described earlier, it has to be installed on a server somewhere outside of the censoring filter; one installation can then be used by many people.

For techies: CGIProxy is a CGI script, or it can be installed under mod_perl for much faster performance if that is available to you. Please install CGIProxy only on a secure server, or else the censors will be able to see what you and your users are doing.

Security

By their nature, all clientless solutions are safest if the user knows and trusts the person who installed the software on the server. This is because all data transmitted, including passwords, are readable by the anti-censorship software in the middle. A malicious installer could modify the anti-censorship software (or write their own!) to do things like record people's passwords.

When using a clientless solution, make sure that the URL you access it with begins with "https://"; this means it's on a secure server. Otherwise, people between you and the anti-censorship server can read your traffic.

Of course, please be careful whenever you try to circumvent censorship, or else you could get in trouble. Be discreet and try to hide your tracks. Use encryption whenever you can (secure servers use encryption).


© Copyright 2011, 2012 Berkeley Institute for Free Speech Online