10:23 AM
Connect Directly

Top 3 Tools For Busting Through Firewalls

Can't access a Web site thanks to employer or government censorship? Fortunately, there's a host of tools and techniques that can help you slip through the blockade. Here's an in-depth look at three of the best.

Top 10 Security Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010

The Future: The Unending Arms Race

One important question that comes up in the wake of the use of proxies: how much trust can people place in any given proxy method? The very nature of proxies makes them tough to trust, and each incarnation I've looked at has different trust issues. It comes down to a tradeoff between decentralization and control.

A decentralized proxy network like Tor is harder to shut down, but it's also that much harder for the pedigree of any one part of the network to be verified. (At least Tor's creators are aware of this.)

A commercial service like Proxify in theory has more oversight over its own nodes, but it's an open question if they are that much more trustable by dint of being that much more centralized. Proxify's terms of service agreement is also very explicit that they provide the service as-is and entirely on their own terms -- something most anyone providing a proxy would want to spell out ahead of time to avoid legal entanglements.

The only truly trustable proxy would be one set up independently -- although with that, what you gain in personal control, you lose in resilience to outside attack, since one node is far easier to shut down than six hundred.

There seems little question that the struggle between censors and citizens will remain an arms race, with censorship worked around almost as quickly as it's put into place. The question remains: if such filters are so unreliable and so routinely dodged, why do governments or other groups bother to try blocking information at all?

The answer is simple: it's symbolic, not tactical. It's more about what forms of speech a given government or organization wants to show disfavor for, and not about actually preventing information from reaching people. In the long run, it's impossible to suppress any one piece of information completely -- but few people want to be seen as tacitly condoning things that aren't in their best interest, and so up go the firewalls.

Since it's unlikely those attitudes will change anytime soon -- especially in regimes like North Korea, where information control is the very lifeblood of the state -- the arms race will continue. And the growing sophistication of the services available out there only means there will be that many more ways to route around the damage.


Workers Abusing Social Sites On Corporate Networks

IBM Adds Web App Firewall To IPS Appliances

Air Force Blocks Web Sites With WikiLeaks Content

Google Seeks Allies Against Censorship

Chinese iPhone 4 Forces Censored Maps

China Loses Web Filter Battle

Clinton Calls On Businesses To Support Internet Freedom

5 of 5
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
3/14/2014 | 8:06:39 PM
this really worcks yo have helped me get youtube back because my prents are sick of me watching kung fu panda and listening too dubstep
thancks again and do you have any other research sugjestions for hacking my firewall
Register for Dark Reading Newsletters
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
According to industry estimates, about a million new IT security jobs will be created in the next two years but there aren't enough skilled professionals to fill them. On top of that, there isn't necessarily a clear path to a career in security. Dark Reading Executive Editor Kelly Jackson Higgins hosts guests Carson Sweet, co-founder and CTO of CloudPassage, which published a shocking study of the security gap in top US undergrad computer science programs, and Rodney Petersen, head of NIST's new National Initiative for Cybersecurity Education.