Hacker News new | comments | ask | show | jobs | submit login

So, the next step is encrypting the content before sending it through TLS...TLS over TLS



If they can unwrap the first layer of encryption, and most normal traffic inside isn't encrypted, people tunneling through MITM'd TLS are playing a game of cat and mouse with a very well-funded adversary that can imprison, torture, or kill them.

Obviously, a lot of people do this kind of thing in China, and from what we know, circumventing the "Great Firewall" isn't routinely getting people killed. But people should know what they're doing before they try it in Kazakhstan.


Next step: steganography


Steganography needs vast quantities of cover data. You're increasing the bandwidth costs dramatically when you recommend steganography for everything.


Steganography needs vast quantities of cover data.

Porn? Perhaps the world's smut peddlers will become beacons of freedom and civil disobedience? (Sounds like a Neal Stephenson book.)


That's a terrible TX/RX ratio. Unless you encode data in each request and receive small pictures only, it would take ages to send any real information. Good for receiving though.


Every huge porn site is banned in Kazakhstan. I believe that porn is forbidden here.

The worst thing — they just ban sites without any explanation. Site just stopped to work and you don't know why. Even w3.org was banned for some time (probably because its validator could be used as web proxy).


A VPN or SSH tunnel w/proxying is essentially this with a dedicated jump point.


Better do it from an untraceable IP address, or you might get some visits.

This is the biggest problem when governments go this route.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: