Flash proxies: circumventing Internet censorship with Tor

Martin Brinkmann
Mar 29, 2013
Updated • Mar 29, 2013
Encryption, Internet

Depending on where you live, you may not be able to access select websites or services available on the Internet. This is not limited to countries where you would expect Internet censorship to exist, China, Iran or North Korea for example, but lately many European countries too have started to block sites, usually based on commercial interests rather than political or religious interests.

To circumvent Internet censorship, users need to use a proxy, virtual private network or other means that helps them access the blocked contents. The Tor project and its Tor software is one of those solutions and while it may work great most of the time, its public nature on the other hand provides censors with the means to blacklist the service's relays easily and bridges, unlisted relays, get blocked easily when they are discovered.

Instead of playing a cat and mouse game with censors, by adding new static IP bridges to the network, Stanford researchers came up with a concept they call Flash Proxy or Proxies. The idea here is to tap into the vast IP address pool of regular Internet users to use them as a proxy to connect to existing bridges and the Tor network.

The process is explained in detail on the official project website. You may ask yourself how this initial connection between the censored user (the client) and the Flash proxy is established. The researchers came up with badges that are added to websites.  Webmasters can configure the script to ask visiting users explicitly whether they want to act as a proxy, or make them proxies right away. I highly suggest the first option to give users full control over it. Despite the name Flash Proxies, the current implementation uses JavaScript and WebSockets only.

The badge communicates with the facilitator to find the addresses of clients that need a connection. Once it has a client address, it connects to the client transport plugin running on the Tor relay, and begins proxying data between them. The badge itself runs in the background and has no impact on the visitor's interaction with the volunteer site.

Censored users need to download a Tor browser bundle from the Internet and run it afterwards. They also need to setup port forwarding in their router for this to work.

You can visit a site like the one that is hosting the project to start acting as a proxy for users in countries where Internet traffic is heavily censored.  A Firefox extension and Chrome extension is available as well to turn your PC into a bridge if activated.

What is certainly interesting in this regard is that the service can be configured to automatically connect to other addresses without explicit permission by the user. (Thanks bastik for the tip and the excellent explanations).

Update: To clarify the last sentence. Websites can make your browser connect to other addresses without explicit permission, this is independent from the Flash Proxies script or any other script making use of the method. If you want to prevent that, you need to disable Websockets in the browser for now.

Firefox users can type about:config, enter network.websocket.enabled in the search and double-click the parameter to turn Websockets on (true) or off (false).

Chrome users can run the browser with the startup parameter --disable-web-sockets to do the same.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. smaragdus said on October 7, 2012 at 8:55 pm

    I have just tested the Wikipedia Book Creator and in works fine. I am pleased that the output format can be EPUB which is far superior than PDF. For me EPUB is the best e-book format, I prefer it to FB2 DJVU and especially over PDF, not to mention Microsoft LIT, Amazon and Mobipocket trash.

  2. benny said on November 2, 2012 at 9:21 am

    they actually had epub export for awhile but then stopped. good to see it’s back.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.