Flash proxies: circumventing Internet censorship with Tor
Depending on where you live, you may not be able to access select websites or services available on the Internet. This is not limited to countries where you would expect Internet censorship to exist, China, Iran or North Korea for example, but lately many European countries too have started to block sites, usually based on commercial interests rather than political or religious interests.
To circumvent Internet censorship, users need to use a proxy, virtual private network or other means that helps them access the blocked contents. The Tor project and its Tor software is one of those solutions and while it may work great most of the time, its public nature on the other hand provides censors with the means to blacklist the service's relays easily and bridges, unlisted relays, get blocked easily when they are discovered.
Instead of playing a cat and mouse game with censors, by adding new static IP bridges to the network, Stanford researchers came up with a concept they call Flash Proxy or Proxies. The idea here is to tap into the vast IP address pool of regular Internet users to use them as a proxy to connect to existing bridges and the Tor network.
The badge communicates with the facilitator to find the addresses of clients that need a connection. Once it has a client address, it connects to the client transport plugin running on the Tor relay, and begins proxying data between them. The badge itself runs in the background and has no impact on the visitor's interaction with the volunteer site.
Censored users need to download a Tor browser bundle from the Internet and run it afterwards. They also need to setup port forwarding in their router for this to work.
You can visit a site like the one that is hosting the project to start acting as a proxy for users in countries where Internet traffic is heavily censored.Â A Firefox extension and Chrome extension is available as well to turn your PC into a bridge if activated.
What is certainly interesting in this regard is that the service can be configured to automatically connect to other addresses without explicit permission by the user. (Thanks bastik for the tip and the excellent explanations).
Update: To clarify the last sentence. Websites can make your browser connect to other addresses without explicit permission, this is independent from the Flash Proxies script or any other script making use of the method. If you want to prevent that, you need to disable Websockets in the browser for now.
Firefox users can type about:config, enter network.websocket.enabled in the search and double-click the parameter to turn Websockets on (true) or off (false).
Chrome users can run the browser with the startup parameter --disable-web-sockets to do the same.Advertisement