According to the latest FOTN report from Freedom House, in 2016, residents of 37 countries of the world and this is not counting the states that did not participate in the study.
But in almost all of these countries there are many people who can easily go to banned sites. The authorities of most states turn a blind eye to anonymizers.
But there are a few exceptions, one of which could theoretically be Russia. A few days ago, even news appeared on the Internet about a bill to ban the State Duma banning Tor and VPN.
Many Russians responded to this news with a question: “And how are the authorities going to implement it?”. To answer it, we turn to the experience of countries in which there is already a war against VPN and Tor.
Struggle Method # 1. Block specific IPs
In neighboring Belarus and Kazakhstan, laws on blocking Tor and VPN are already in force. In practice, they are executed simply: the addresses of the input nodes of Tor, servers of VPN providers and websites with information about block bypass are blacklisted and blocked by providers.
At first glance, it is pretty pointless. After all, instead of blocked public Tor and VPN-sites, new ones appear.
The effectiveness of this method can be judged by the dynamics of the number of Tor users in Belarus. Over the year, the number of “normal” connections to Tor (downloaded the browser and launched without changing the settings) decreased three times from 9000 to 3000 users per day.
But the number of people who connect to Tor through the "bridges" (input nodes whose addresses are not publicly available) has increased dramatically. If prior to the law against anonymizers, a couple of hundred people used this method, then in 2017, on average, about 2000 per day.
Now let's compare the total number of Tor users in Belarus (the number of direct connections + the number of connections to Tor via bridges) before and after blocking input nodes. In 2015-2016, there were, on average, just over 9,000 daily, and in 2017 about 5,000.
As you can see, even such a clumsy locking method has an effect. Those who really need to continue to use Tor anyway. But almost half of the people were either afraid of the ban, or simply did not bother with the settings for connecting via “bridges”.
Struggle Method # 2. Intelligent traffic analysis and blocking
In China, the issues of Internet censorship were concerned in the late 90s and in 2003 created the Golden Shield for total control over the information on the Internet. Since then, the "Great Chinese Firewall" has become a complex and multi-functional system.
Due to the unique DPI (Deep Packet Inspection) traffic analysis technology, the Golden Shield can (not always) determine VPN / Tor traffic and block the communication channel through which it is transmitted and at the same time make exceptions for VPN license holders from the Ministry of Industry and Information.
But this technology is imperfect, like the whole Golden Shield. Since 2012, periodically there is news about the mass blocking of VPN providers in China, but the local population still has the opportunity to visit forbidden sites.
The fact is that a few days after such incidents there are reports that someone from VPN providers has already invented a new way to disguise from DPI and is working again.
Such efficiency is fully justified. After all, the market of 90 million Chinese VPN users (2014) is worth it to fight for it.
Struggle Method # 3. Blocking all "extra" network protocols
This method is used in a closed and conservative Turkmenistan, where the IT infrastructure and communication with the outside world are paid minimum attention (unlike China), and the level of Internet censorship is only slightly inferior to North Korea. In the paragraph below it is difficult to believe, but information in it is confirmed by several sources at once.
From the comments on linux.forum.org, habrahabr.ru and the Roskomsvoboda website, it can be found out that in Turkmenistan in recent months, many users have stupidly not working a lot of network protocols necessary for VPN and other anonymizers: OpenVPN, PPTP, L2TP, IPsec Tor. And some providers blocked ssh and https.
But some readers of our site from Turkmenistan have VPN without problems.
Struggle Method # 4. Disconnection of the country from the Internet
No Internet - no Vpn and Tor ;-) Such a method is currently used only in North Korea, where a strong reason and personal permission of the head of state is needed for access to the World Wide Web, and for the masses there is an internal network of Kvanmen.
Is it possible to simply and disconnect from the Internet a country that already has tens of millions of Internet users?
Such a case was on January 27-28, 2011 in Egypt (the population of the country is about 80 million, Internet penetration at that time was 25%). The government simply alternately called all Internet and mobile service providers with a request to turn off the Internet.
The graph of the time of disappearance from the network of Egyptian providers clearly shows that the whole process took about one and a half hours. Only one provider remained in working order, which ensured the efficiency of the stock exchange and servers for state needs.
Also, cases of a sudden temporary disconnection of the whole country from the Internet took place in Libya, Syria (the result of a hacker attack on the country's largest provider) and Sudan.
Struggle Method # 5. Fines
Some countries use server blocking by IP and traffic filtering along with slight psychological pressure.
In August 2016, there was news that in the UAE for the use of VPN will now be given prison sentences and fined up to half a million dollars. But it was not possible to find information about the real application of this law.
In February 2017, a massive 14-month campaign against VPN began in China, and in March fines of up to 15,000 yuan ($ 2,000) were imposed for using this technology without a state license. How they will fine 100 million people is somewhat difficult to imagine :-)
So is it possible to disable VPN and Tor?
Completely prohibit only in combination with a huge blow to the economy and the breaking of most ties with the outside world (see paragraphs about Turkmenistan and North Korea), or by investing huge amounts of money in creating a much more advanced analog of the Chinese Golden Shield.
But to significantly reduce the number of users is easy.
It is only necessary to organize a couple of obstacles when using locks (remember the example of setting Tor in Belarus from the first paragraph). And to consolidate the effect, you can scare a fine or a prison.
Most Russian Internet users have probably heard about recent legislative initiatives to "regulate" the Internet, or more precisely, about the authorities' desire to ban VPNs and anonymizers that allow them to bypass government censorship. Continuing the topic of anonymity and security on the Internet, we will describe how to bypass prohibitions, prohibiting circumventing prohibitions.
Who and what forbids
A few words about the prohibitors and that they are once again trying to ban.
Legal liability
Of course, many are tormented by the question - is it legal to use the Tor Browser in Russia after November 1, 2017? Theoretically, yes, because the law does not prohibit being anonymous, and the browser itself is not a means of providing access to resources prohibited by third parties in the Russian Federation. And most likely it will be, at least in the near future.
But still, we will try to suggest the worst option - let's say you are disturbing “influential people” with something, and they are simply looking for a reason to punish you. In this case, it can be assumed that the Tor-network repeater launched by the Tor-browser can be interpreted as a program participating in providing access to resources prohibited in the Russian Federation to someone other than you. If all this can somehow be dragged to court, including a 30-day warning period and proof that you are a search engine operator, then everything that threatens an individual is an administrative fine of 5,000 rubles.
The amount is noticeable, but not at all fatal, which further reduces the likelihood of such an application of the law against individual citizens using TorBrowser and other similar programs. For officials and legal entities, the amounts are more impressive, but this does not interest us, details can be found in the relevant draft law.
So, we found out that we are still not in danger of using the Tor Browser. Now let's see how to get around the ban, prohibiting circumvent the ban!
Tor banned. What does this look like?
The meaning of the whole system of connecting to Tor via bridges is that the complete list of Tor IP bridges is not published anywhere, unlike conventional repeaters, whose list of ILVs and others can be obtained at any time. And since there is no list of IP addresses, it is not known what to block, which means that the blocking itself is impossible. The above link allows you to receive addresses of bridges no more than a few pieces at a time, with manual filling of the CAPTCHA form. And we hope that the unblocked bridges will end later than the patience of the civil servants involved in their search. Of course, there are more technically sophisticated methods for searching all, or at least most, IP addresses of bridges, so the option of full blocking of bridges cannot be ruled out.
Of course, a reasonable question arises here - how do we get to the page that issues bridges, if the whole torproject.org is blocked in Russia? It turns out that in order to launch a blocked Tor, we need to access a blocked resource. Anonymous Web proxies will help us break this vicious circle. We drive in the anonymous web proxy search line (don't forget that there are other search engines besides Yandex and Google) and sort through the links we receive.
Probably, anonymous Web proxies will also try to block, and are already blocking. But their number on the Internet is quite large, with a relatively small popularity of each separately. Therefore, at least in the near future we can count on their help.
For example, you can use these services:
They for now are not blocked on the territory of the Russian Federation and do not require the use of Java Script for their correct operation. If any of them does not work, then do not despair - check the following.
Set up your own VPN server
If you are planning to set up a VPN server yourself, then carefully consider whether the leased rate is supported by the hosting provider. Cheapest VPS may not support this feature
How to do this is written for example.
By launching your own VPN server, you can not only use it as a means of circumventing censorship, but also provide access to your friends and acquaintances without paying a cent for it over and above the already paid hosting provider Keep in mind that low-cost VPS have a limit on the traffic included in the tariff. But most likely it does not bother you - usually 500 GB of traffic and more is allocated for a month. .
You can connect to it from all common operating systems, including Windows, although, of course, we recommend using Linux.
Use ssh tunneling
A much simpler technical option, especially if you are using Linux. Briefly, its essence is described, but it is unlikely that it will explain a lot to you if you do not have minimal knowledge of IT. Because focus on practice.
Note the following points used in the examples:
need to be replaced by the IP address that you get from the VPS provider. - root is the username for connecting to the VPS, most often it is this. You can clarify it in the VPS administration panel.
- While entering the password, you will not see the display of the password or any other characters, everything will look as if you are not typing anything - this is done so that no one can spy on your password. Just enter the password and press Enter.
Run Linux Tunnel
Open a terminal window (Linux command line) and enter the command:
ssh -vND 127.0.0.1:8080 [email protected]
- ssh is the command that directly launches the tunnel to your VPS.
- -vND 127.0.0.1:8080 - keys and arguments of the command to be run: enable debugging output and create a proxy tunnel from your computer to your VPS.
- [email protected]
- username and IP address of the VPS.
After typing this command and pressing Enter on the keyboard, you will see something like this:
~ $ ssh -vND 127.0.0.1:8080 [email protected]
The string "debug1: Entering interactive session." indicates that the tunnel is running, you can minimize the terminal window (without closing it!) and proceed to the Tor Browser setup.
Running a tunnel under Windows
First of all, download and install PuTTy or any other SSH client supporting tunneling.
Start PuTTy and set up the session:
Setting up a session in PuTTy
Enter the IP address of your VPS in the "Host Name (or IP address)" field, below in the "Saved Sessions" section, select "Default Settings" and click on the "Save" button on the right - now you do not need to enter the IP address every time you start it.
In the left part of the window choose: Connection → SSH → Tunnels:
Configuring SSH Tunnel in PuTTy
In the "Source port" write 8080, and click the Add button. Below you set the points at the points "Dynamic" and "Auto".
Now click Open, enter root in the black window that appears (or the one that issued the VPS provider), press Enter on the keyboard, now enter the password (it will not be visible), again Enter on the keyboard. If everything is done correctly, you will start a session with the command line prompt. Minimize (without closing!) This window and proceed to the Tor Browser setup.
Configuring Tor Browser to work with the tunnel
Launch Tor Browser, open the Tor Network Settings window and perform the following steps there:
Do not use Internet censorship circumvention tools.
We no longer need the means of circumventing censorship, such as bridges or meek transport, because the connection to the Tor network will be made via a VPS leased abroad.
Enable proxy access
This setting allows you to connect to Tor through a running tunnel.
Specify the address of the proxy server
Here you can specify the address and port of the Proxy server, which is an SSH client connected from your computer to a foreign VPS.
If done correctly, the Tor Browser will successfully connect to the network.
Get bridge addresses via email
Remember the development of events.
Once it was possible to write on the Internet anything and anywhere. Then it turned out that this is not always the case, and you need to be careful in choosing places and expressions. Then it turned out that there was no need to speak on some topics, nowhere and in any way, and the means of Internet anonymization came in handy. After which they began to fight with them, Russia is not a leader here - it only supports the global trend.
We are convinced that all this is being done for the sake of our security, in the name of combating terrorism and other horrific plagues of civilization. However, the situation is only getting worse, which is not surprising - after all, instead of dealing with the causes of these phenomena, the leading world powers only exacerbate them by the increasingly harsh exploitation of third world countries. At the same time successfully using the measures of "increased security" to combat dissent within its own borders.
It can be assumed that in the near future, anonymity and privacy will be prohibited as such at the legislative level (China has actually implemented it). And access to the Internet will be on “white lists” - i.e. according to the lists approved with the participation of state bodies, and everything that is not included in these lists will be prohibited by default.
The longer we decide on a fair reorganization of society, the harder it will be for all of us later, and the more losses all of humanity will suffer.
What is Tor?
Word Tor This is the abbreviated name of the organization that developed and maintains Thor, the full name of which in English sounds like "".
The Onion Router (TOR) is a non-profit organization that manages a network designed to protect privacy and increase anonymity on the Internet by disguising Internet traffic. The Thor program disguises your real location and does not give owners of online addresses that you visit while surfing to collect information about you and your habits.
What is Tor used for?
Tor is used by people who are concerned about ensuring their privacy. Number of users Tor sharply increased after the high-profile revelations of Edward Snowden, in which they spoke about the widespread abuse of their powers by state structures. In addition, Thor is actively used by journalists, users who want to avoid state censorship, entrepreneurs and traders in underground markets. Twilight zones of the Internet, known as the “Dark Internet” or “Deep Web” and .onion Web addresses that are not indexed by standard search engines can only be reached via Tor.
How does Thor work?
To hide your traffic and true location and your IP address, Tor uses servers and network nodes that are supported by volunteers, rather than providing you with a direct route to the websites you visit, send your traffic through a network of virtual tunnels. Instead of sending data packets directly to the server, information like a ping-pong ball is transmitted through a chain of network relays. Thus, Tor helps you to hide your digital fingerprints from unwanted eyes.
Does Tor encrypt my data and traffic?
The answer to this question is simple - no. Tor is just anonymous traffic. It does not encrypt traffic, but using virtual private networks (VPN) in addition to Tor, as well as a good habit to stay away from HTTP-based websites, can bring good results. Want more security - get used to using the HTTPS protocol, whenever possible.
Do I have to pay to use Thor?
Tor is a free open source system, and the number of programmers working to develop this system is consistent with the number of developers of Windows, Mac, Linux / Unix and Android.
How to use Tor?
You just have to pc and. The software is already configured and ready to use, but since the network redirects traffic indirectly, surfing speed may noticeably decrease.
How to access. onion addresses?
"White web" is the zone of the Internet, which is indexed by search engines, including Google. Below we have a “deep web” and a “dark web” (“dark web”), the latter of which is often associated with illegal operations.
“Onion” addresses are part of “deep web” and to access them, you must know the 16-digit code instead of the standard URL. You can find these through special search engines, forums and invitations, and some companies, such as Facebook, give out themselves. onion addresses specifically for Tor users.
How do I stay safe?
If you are going to use Tor, then you need to understand a few basic internet safety regulations. As a first step, disable all plugins and software that can open you up for attack, first, of course, Flash and Java.
You should keep in mind that Tor does not relieve you from operating system vulnerabilities, and considering how many flaws are in the software for Windows or Mac, you can use an open source operating system (for example, one of the Linux versions) to stay as secure as possible.
Anonymity does not guarantee protection from a fool
Pro-law enforcement agencies have plenty of ways to monitor your activities, so do not consider yourself 100% protected only because you use Tor. If you visit illegal domains in your country, buy or sell illegal goods, or download obviously prohibited materials, Tor will not protect you.
So should Tor be used?
If you need to anonymize your traffic, do it, but for tasks that need high Internet speed, for example, distribution or downloading via torrent, Tor is not the best solution. In addition, if you want to use the network for illegal activities, you must understand that you do this at your own peril and risk.
Do not consider Tor as the final and only solution for network security - this is just one of its aspects. VPN and transition to the HTTPS protocol are also important components to protect your privacy and your data.
The article is written on the basis of publications in the popular computer edition.
Here you can find answers to questions about the network: advantages, disadvantages and tor problems network. All this will help you to easily achieve anonymity on the network and avoid cases of disclosure of your identity.
Tor - what is it?
Tor is the global Internet network that ensures user anonymity. To many, it is known as the onion routing. You can connect to it using the Tor browser.
Why do I need Tor?
Tor's main advantage is anonymity. What kind of requests you make, what IP address do you use, what files are downloading - no one will know. In addition, you can view the sites that are usually blocked by the provider. Moreover, you will be able to browse onion sites and submit to a site from another geographic region. Just remember: using any browser other than Tor on the Tor network will not ensure your anonymity.
How to use Thor?
The Thor network itself is not capable of protecting all your Internet traffic. It is able to protect only those applications that are configured to transmit data through it. For your convenience, you can use the Thor browser. It is already optimally configured to protect the anonymity of your stay on the Internet. Using any other browser with the Tor network is not safe.
Torrent through the Tor network - is it real?
Download torrents when you are on the Tor network, unfortunately, is impossible. Otherwise, your real IP address will be visible to others. So, anonymity is leveled. In addition, Tor's work will be slow - not only for you, but also for other users.
Can I install additional plugins for the Tor browser?
Thor browser by default blocks any plugins such as Flash, RealPlayer, Quicktime and others. The fact is that they can open your real IP address. And that is why we do not recommend installing additional Thor browser plugins. Otherwise, the benefit from using the Tor browser will be minimal or generally reduced to zero.
How to protect yourself when using the Tor network?
To connect to sites use only secure https connection. In the Tor browser there is an extension that always installs just such a connection. And still it is better to make sure that the address bar is listed as https: // in the address bar, and you see the name of the site you requested.
How to avoid detection in the Tor network?
While you're online, do not open documents uploaded through Tor. If the browser when opening the document (DOC and PDF) warned you about the danger, do not ignore it. After all, the document may contain links to certain Internet resources; opening it will reveal your IP address to others. So it is better to disconnect from the network or the Internet before opening such documents.
How to hide the use of Thor network?
Thor hides the sites to which you are connecting from intruders. But, by default, it does not hide the use of Thor network. Therefore, if it is important for you to hide the usage itself, then you can reduce the risk of detection using the Thor bridging bridge. But the best way to protect is social: the more Thor users are with you and the more diverse their interests, the harder it is to find you among them. Invite other people to use Thor too!
Should Thor be used for illegal purposes or should such use be encouraged?
No, Thor was created for freedom of expression, privacy and the protection of human rights. Tor is not a lawbreaking application for Tor users or forwarders.
Can you promise that I will not be in trouble due to the launch of the Tor Forwarder?
No, any new technology creates some legal uncertainty and Tor is no exception. And we can not guarantee that you will never come across responsibility in any way for your Thor forwarding server. However, we sincerely believe that people providing forwarding servers should not and cannot be responsible for the traffic that passes through them. As a confirmation, we ourselves provide a server for forwarding traffic for the needs of the network.
Against the background of the introduction of blocking Russian sites in Ukraine and the intentions of the Russian government to additionally introduce the blocking of the VPN service and anonymizers, we decided to see how often this practice is used in the world and in which particular countries users have already encountered such blocking.
According to the Freedom House report, over the entire past year, the governments of 37 countries introduced blocking of certain sites. And this is only taking into account those countries that took part in the study. In almost all countries where site blocking is introduced, people can access blocked resources through additional means, including the Tor browser, anonymizers, and VPN services. Usually they are not blocked and remain accessible to users. But there are exceptions.
Recently, a bill has been submitted to the State Duma of Russia, proposing to monitor the operation of the VPN and Tor. The bill states that Tor, anonymizers and VPN services will have to deny access to those sites that are prohibited in Russia. Lists with such sites will be sent to the management services. If within a month the requirements are not met and the sites remain available, only in this case Roskomdzor, through Internet providers and mobile operators, will block access to these services. If all the requirements are met, users will continue to be able to use an anonymous browser and VPN to access other sites whose activities do not extend to the territory of the Russian Federation.
The Russians reacted very sharply to the new bill, although it has not even been adopted yet. But there is absolutely no doubt that soon he will be accepted. In the meantime, let's find out how Tor and VPN are blocked in other countries.
IP blocking
In some countries neighboring with the Russian Federation, laws on blocking access to VPN and Tor have already entered into force. In particular, the governments of Belarus and Kazakhstan went to such measures. In these countries, blocking is carried out using Internet providers that calculate the necessary IP addresses and simply block them. In Belarus and Kazakhstan, there are so-called “blacklists”, which include the IP addresses of VPN servers, Tor entry nodes, and even the addresses of sites that describe how to bypass a block. These lists are sent to providers, which in turn block them. Someone such an approach may seem meaningless. Perhaps this is the case, because instead of blocked public nodes, new ones appear, but the popularity of these services still has a little impact on blocking.
According to statistics downloads and installations of Tor, its popularity has declined. If in 2015 the number of connections to the anonymous network without making any changes to the settings was 9000 per day, then after blocking, it was 3 times less.
But after the decision was taken to block access to Tor’s public IP addresses, users increasingly began using so-called bridges that have IP addresses that are not on the ban list. And the number of such bridges began to increase constantly. Before the adoption of the law on blocking, only a few hundred people connected to the network, then after the law came into force, the daily number of such connections increased to 2000. But even despite such statistics, even this method of blocking still makes sense, because changing nodes and generally not make any changes to the Tor browser for every user. Most average users are even afraid to install a new program on their computer or an extension to their browser, not to mention using Tor or VPN services.
If you read the total number of users of an anonymous web browser in Belarus before and after blocking, then even with an increase in the number of users working through bridges, the difference is about 4000. So, as you can see, the method still gives its effectiveness. Some people do not know how to bypass the lock, others do not want to bother with the settings. But there are those who simply fear that they will be tracked down and punished for visiting prohibited sites.
There are at least 4 other methods in the world that are used in different countries to completely or partially block access to Tor or VPN. Read more about them in our next article.
