A brief guide to Internet censorship circumvention

While censors are busy tightening their grip on the free exchange of information, hackers are pushing back with ever more tools to counter it. We made a quick rundown of the most popular methods currently in use and their pros and cons.

Web-based proxies

Web-based proxies are websites just like this one that fetch other web pages at your request and display them to you. Their major advantages are ease of use (all you need to do is enter a web page address and click a button) and universal accessibility (as long as you have a browser you'll be able to use them). The simplicity however comes at a cost: for technical reasons it's impossible to make a web-based proxy that displays 100% of websites correctly, a web proxy cannot guarantee perfect anonymity protection and you have to trust a generally unknown third party with your traffic.

Consequently web-based proxies are perfect when you need a quick dose of Reddit at work or are browsing from an Internet cafe. But if your need to pinch filters is persistent (e.g. you live in a country with Internet censorship) you should definitely look into alternative options.

Public DNS servers

Domain Name System or DNS is a critical part of Internet infrastructure responsible for translating human-readable server names (such as "websiteproxy.co.uk") into so called "IP addresses" that computers can use to send data packets to each other (such as "141.101.117.193"). Every time you go to a website your computer makes a request to a DNS server to obtain the website's IP address.

This is by far the favourite place for the censors to interfere as this type of blocking is cheapest to implement and operate. If they control the DNS server they can discard all the queries for banned websites or return false IP addresses. However, this kind of filtering is also easiest to circumvent. All you need to do is configure your computer to use a different DNS server. For example, the one operated by Google.

The advantage of this method is that it has a lot lower overhead then all the other ones so the impact on your connection speed will be negligible. Unfortunately Internet filters are getting more sophisticated lately so in many cases it no longer works.

HTTP/SOCKS proxy

As mentioned above, a proxy server is a server that can fetch webpages for you. But unlike in the case of web-based proxies, with an HTTP or SOCKS proxy you set up your browser once to use it and from there on it connects to all websites via the proxy. This is much more effective in avoiding filtering then the previous method. You can either find a publicly available proxy or register for a private one (often this means paying a small fee).

Public HTTP/SOCKS proxy

Most publicly available proxies are either misconfigured web servers or honeypots set up by shady types specifically to snoop on people traffic. We don't recommend using them unless you know exactly what you are doing.

Private HTTP/SOCKS proxy

"Private" proxies (requiring a password and some sort of registration) on the other hand are a decent middle ground in the world of anti-censorship tools. They are often cheaper than VPNs (and some are even free), fast and effective against many (although not all) filters.

TOR

Tor project uses the magic of cryptography to show us a glimpse of what Internet can (hopefully) be one day: a completely anonymous censorship- and surveillance-free network. It provides best anonymity guarantees currently available and (as of time of this writing) is thought to be "NSA-proof".

Unfortunately all these nice things aren't without a downside. Because Tor network is operated by volunteers its capacity seems to be constantly lagging behind its popularity. Plus, the way Tor guarantees your anonymity is by routing the traffic via several different servers that may be geographically distant from each other. These two factors combined make it at times painfully slow.

In addition, while your traffic is encrypted inside the Tor network (and thus protected from snooping by, for instance, your ISP), somewhere it has to exit to the regular Internet. It does so at so called "exit nodes" which obviously can inspect the traffic that goes through them. Just like other parts of Tor, exit nodes can be operated by anyone and because they are so easy to abuse to intercept traffic lots of bad guys are already on it.

VPN

VPN (short for Virtual Private Network) encrypts all your traffic and routes it through a trusted remote server. Aside from being very effective in evading censorship it gives you a good protection from snooping by local agents (ISP, government) and provides a decent anonymity layer.

The only real downsides of VPN are that it costs money and that for anonymity protection you are relying on a single party that potentially can be an easy target for pressure by government agencies seeking to identify you.

Comparison table

Method Ease Reliability Anonymity Security* Speed Costs
Web-based proxies ★ ★ ★ ★ ★ ☆ ★ ★ ☆ ★ ★ ☆ ★ ★ ☆ 0
Public DNS servers ★ ☆ ☆ ★ ★ ☆ ☆ ☆ ☆ ★ ★ ★ ★ ★ ★ 0
Public HTTP/SOCKS proxy ★ ☆ ☆ ★ ☆ ☆ ★ ★ ☆ ☆ ☆ ☆ ☆ ☆ ☆ 0
Private HTTP/SOCKS proxy ★ ☆ ☆ ★ ★ ☆ ★ ★ ☆ ★ ★ ★ ★ ★ ★ $0 - $5/mo
Tor ★ ★ ☆ ★ ★ ★ ★ ★ ★ ☆ ☆ ☆ ☆ ☆ ☆ 0
Private VPN ★ ★ ☆ ★ ★ ★ ★ ★ ☆ ★ ★ ★ ★ ★ ★ $5/mo+

* The security column only reflects additional security risks introduced by each method and is not reflective of security benefits they may or may not provide. For example, using public DNS server has maximum security rating, but it does not provide any additional security over your vanilla Internet connection.

Website Proxy is powered by Unblock Sites | Privacy statement