Risk
1/4/2011
10:23 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Top 3 Tools For Busting Through Firewalls

Can't access a Web site thanks to employer or government censorship? Fortunately, there's a host of tools and techniques that can help you slip through the blockade. Here's an in-depth look at three of the best.

Top 10 Security Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010

The Future: The Unending Arms Race

One important question that comes up in the wake of the use of proxies: how much trust can people place in any given proxy method? The very nature of proxies makes them tough to trust, and each incarnation I've looked at has different trust issues. It comes down to a tradeoff between decentralization and control.

A decentralized proxy network like Tor is harder to shut down, but it's also that much harder for the pedigree of any one part of the network to be verified. (At least Tor's creators are aware of this.)

A commercial service like Proxify in theory has more oversight over its own nodes, but it's an open question if they are that much more trustable by dint of being that much more centralized. Proxify's terms of service agreement is also very explicit that they provide the service as-is and entirely on their own terms -- something most anyone providing a proxy would want to spell out ahead of time to avoid legal entanglements.

The only truly trustable proxy would be one set up independently -- although with that, what you gain in personal control, you lose in resilience to outside attack, since one node is far easier to shut down than six hundred.

There seems little question that the struggle between censors and citizens will remain an arms race, with censorship worked around almost as quickly as it's put into place. The question remains: if such filters are so unreliable and so routinely dodged, why do governments or other groups bother to try blocking information at all?

The answer is simple: it's symbolic, not tactical. It's more about what forms of speech a given government or organization wants to show disfavor for, and not about actually preventing information from reaching people. In the long run, it's impossible to suppress any one piece of information completely -- but few people want to be seen as tacitly condoning things that aren't in their best interest, and so up go the firewalls.

Since it's unlikely those attitudes will change anytime soon -- especially in regimes like North Korea, where information control is the very lifeblood of the state -- the arms race will continue. And the growing sophistication of the services available out there only means there will be that many more ways to route around the damage.

SEE ALSO:

Workers Abusing Social Sites On Corporate Networks

IBM Adds Web App Firewall To IPS Appliances

Air Force Blocks Web Sites With WikiLeaks Content

Google Seeks Allies Against Censorship

Chinese iPhone 4 Forces Censored Maps

China Loses Web Filter Battle

Clinton Calls On Businesses To Support Internet Freedom

Previous
5 of 5
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DenisL857
50%
50%
DenisL857,
User Rank: Apprentice
3/14/2014 | 8:06:39 PM
this really worcks yo have helped me get youtube back because my prents are sick of me watching kung fu panda and listening too dubstep
thancks again and do you have any other research sugjestions for hacking my firewall
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7896
Published: 2015-03-03
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before ...

CVE-2014-9283
Published: 2015-03-03
The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

CVE-2014-9683
Published: 2015-03-03
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

CVE-2015-0890
Published: 2015-03-03
The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

CVE-2015-2168
Published: 2015-03-03
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in customer-controlled software. Notes: none.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.