Jump to content
You are not logged in ▶️ Click to sign-up or login ×

In the event of a single internet gateway, where will you go?

NOC

By NOC
in IT and Computers

 Share

Recommended Posts

trd Silver Member

trd

Posted
Posted

It's time to explore bolt holes.

If they install a single gate, where will you go? What attracts you to this place? (other than it not being Thailand and not having a great firewall)

What do you mean where would you go? There will still be internet available.
Link to comment
Share on other sites
petedk Platinum Member

petedk

Posted
Posted (edited)

I will stay here and jump and shout with joy.

For the past 3 days my Internet speeds have been around 1.0 Mb/s upload and 1.2 Mb/s download, so that part of it can only get better. . It is so slow that I can't open many websites now, so no difference there.

Ok. Joking aside. I will stay here. I will probably get really pissed off sometimes if more and more sites are blocked or censored. I hope there will still be acess to my favourite foreign newspapers and TV stations.

I have spoken to many Thais (maybe up to a hundred) about this and NOT ONE has anything against it. I don't think they understand the potential consequences. Either that or they really don't care about what goes on outside their own little world. As long as they have Facebook and Line to "get the news" they are happy.

Edited by petedk
Link to comment
Share on other sites
KhunBENQ Star Member

KhunBENQ

Posted
Posted

Either that or they really don't care about what goes on outside their own little world. As long as they have Facebook and Line to "get the news" they are happy.

The latter one.

What can a population with such limited English/foreign language skills do with the big world outside?

Google, Gmail, Hotmail, Youtube, Facebook, LINE, WhatsApp.

What else is required?

BUT: Facebook is the censors biggest problem.

Lot of unwanted content, but unthinkable to block in total. Would trigger an uprise tongue.png

Link to comment
Share on other sites
Cam Khao Senior Member

Cam Khao

Posted
Posted

I thought VPN's and encryption would be the next things to be banned?

They can ban the actual providers offering these services.

But as far as I know, once you are using a fully encrypted VPN tunnel, then even using deep packet inspection, there is no easy way to discover it.

I could be wrong, its been a lot of years since I last worked in the industry. I try an keep up to date though, so I think I am correct.

So the smart way to do it is to forget about companies offering VPN services.

Rent yourself a Virtual Private Server (VPS) in whichever country you would like to appear to be in.

Set up the VPS as a VPN gateway.

Connect to your VPN from here.

This means you have a static IP address in the geolocation of your choice, by using a VPN tunnel which should be almost impossible to detect.

I have friends doing just this in China and they drill straight through the great firewall no problem.

If you are really worried, grab a TAILS distro, and install an OS that is entirely routed through the TOR network.

Link to comment
Share on other sites
BuaBS Senior Member

BuaBS

Posted
Posted (edited)

Well , whatever they decide to do , do it quickly . Now I have to wait and put some purchase on hold . Don't need to buy them if my internet freedom is butchered. Too big to take on the plane home.

As for where ? Maybe Hungary or Czech repuplic ? It seems they still have a government that isn't completely assimilated into the EU-Borg hive and stop muslims from coming in and still have their own money.

But will they allow refugees from western europe ?

Edited by BuaBS
Link to comment
Share on other sites
ldnguy Silver Member

ldnguy

Posted
Posted (edited)

Easy to get around it, so what's the problem?

In any case, this is my home so why would I move elsewhere? If this was introduced in the USA do you think 350 million people would leave? For 99.99% of people it's not an issue at all. Not everyone builds their life around the internet and needs access to all of the few billion pages out there. Surely you can live without a handful of the millions of site out there. While I don't like the idea of blocking sites, why should I give up a good life for the sake of a few websites? To leave your home over this seems like a huge over-reaction to me. This is just one small thing in life. Surely there's more to life than the internet.

Some of you make fun of Thais only using facebook, etc, but many on here are even worse. You want to give up your home because you may not have access to a few sites.

Maybe many of you don't even realise how much western governments hide from you? You don't have access to that information either. It's blocked!

Edited by ldnguy
Link to comment
Share on other sites
BudRight Gold Member

BudRight

Posted
Posted (edited)

A few years ago (maybe eight years ago) they hijacked all the SMPT traffic in the country to scrutinize it for criticism of...whatever. The problem is that their server was completely unprepared for this and crashed almost immediately. All email in the Kingdom stopped working for a few hours until they finally gave up this stupid plan.

The largest users of VPNs are not expats watching Netflix, they're corporate users on Citrix protecting themselves against industrial espionage. If those people get blocked then there will be hell to pay and fast.

...and this is why China blocks domains rather than certain kinds of traffic. It's a hopeless game of wack-a-mole that China is always losing. Just pick a provider that uses IPV6, rotates their address and laugh at the censors as they try to figure out which of 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses are VPNs that minute.

Edited by BudRight
Link to comment
Share on other sites
rakman Gold Member

rakman

Posted
Posted

I thought VPN's and encryption would be the next things to be banned?

They can ban the actual providers offering these services.

But as far as I know, once you are using a fully encrypted VPN tunnel, then even using deep packet inspection, there is no easy way to discover it.

I could be wrong, its been a lot of years since I last worked in the industry. I try an keep up to date though, so I think I am correct.

So the smart way to do it is to forget about companies offering VPN services.

Rent yourself a Virtual Private Server (VPS) in whichever country you would like to appear to be in.

Set up the VPS as a VPN gateway.

Connect to your VPN from here.

This means you have a static IP address in the geolocation of your choice, by using a VPN tunnel which should be almost impossible to detect.

I have friends doing just this in China and they drill straight through the great firewall no problem.

If you are really worried, grab a TAILS distro, and install an OS that is entirely routed through the TOR network.

All it take would be a packet filter to look at the payload. If encrypted, drop it. If clear, examine for unwanted references and drop or pass as desired. Not hard ot do.

Link to comment
Share on other sites
Cam Khao Senior Member

Cam Khao

Posted
Posted

I thought VPN's and encryption would be the next things to be banned?

They can ban the actual providers offering these services.

But as far as I know, once you are using a fully encrypted VPN tunnel, then even using deep packet inspection, there is no easy way to discover it.

I could be wrong, its been a lot of years since I last worked in the industry. I try an keep up to date though, so I think I am correct.

So the smart way to do it is to forget about companies offering VPN services.

Rent yourself a Virtual Private Server (VPS) in whichever country you would like to appear to be in.

Set up the VPS as a VPN gateway.

Connect to your VPN from here.

This means you have a static IP address in the geolocation of your choice, by using a VPN tunnel which should be almost impossible to detect.

I have friends doing just this in China and they drill straight through the great firewall no problem.

If you are really worried, grab a TAILS distro, and install an OS that is entirely routed through the TOR network.

All it take would be a packet filter to look at the payload. If encrypted, drop it. If clear, examine for unwanted references and drop or pass as desired. Not hard ot do.

AFAIR packet filtering does not interrogate data, it simply filters/blocks specific protocols based upon a user defined ruleset. It would not detect encrypted VPN traffic.

Link to comment
Share on other sites
NOC Rookie Member

NOC

Posted
  • Author
Posted

Easy to get around it, so what's the problem?

In any case, this is my home so why would I move elsewhere? If this was introduced in the USA do you think 350 million people would leave? For 99.99% of people it's not an issue at all. Not everyone builds their life around the internet and needs access to all of the few billion pages out there. Surely you can live without a handful of the millions of site out there. While I don't like the idea of blocking sites, why should I give up a good life for the sake of a few websites? To leave your home over this seems like a huge over-reaction to me. This is just one small thing in life. Surely there's more to life than the internet.

Some of you make fun of Thais only using facebook, etc, but many on here are even worse. You want to give up your home because you may not have access to a few sites.

Maybe many of you don't even realise how much western governments hide from you? You don't have access to that information either. It's blocked!

My question was directed at foreigners. You keep the 'good life' for yourself.

Link to comment
Share on other sites
NOC Rookie Member

NOC

Posted
  • Author
Posted (edited)

Fact, if and when this single gateway is implemented, my business with be relocated to an another country.

How will it affect your business? I guess anyone doing dodgy stuff must be the most worried.

Not everyone is doing 'dodgy' stuff. But I can see how your 'Thai mindset' would want to make yourself 'appear' better than a lowly farang.

You see, many of us don't like your culture. It's not that we came here hating Thailand, it's the racist and xenophobic nature of the Thai populous that has created the disdain. A single gateway would be the camel's straw.

Edited by NOC
Link to comment
Share on other sites
NOC Rookie Member

NOC

Posted
  • Author
Posted

@ BuaBS (i'm bored w/ the BS too) I could do Hungary or Czech, but visa's for a yank might be hard to come by. I've been researching Taiwan and Portugal.

Panama, Ecuador, Columbia and Chile are options, but they aren't known for fast internet.

Link to comment
Share on other sites
muratremix Gold Member

muratremix

Posted
Posted

Right now all major ISP's peer with google (youtube!) / facebook / microsoft.

If they want to inspect web traffic, all youtube traffic will pass from Happiness Internet gateway. Speeds will be lowered for sure.

Why they don't simply do this one gateway for social media only for f. sake? Just redirect google plus / instagram / facebook etc ip's through local server with middle-ssl certificate and log whatever they want to log which doesn't concern us.

Right now, Internet in Thailand is pretty fast compared to its neighbours. This move will be pretty backwards.

Link to comment
Share on other sites
WhizBang Platinum Member

WhizBang

Posted
Posted

I will stay here and jump and shout with joy.

For the past 3 days my Internet speeds have been around 1.0 Mb/s upload and 1.2 Mb/s download, so that part of it can only get better. . It is so slow that I can't open many websites now, so no difference there.

For about 2 months, my internet was actually working at the speeds I was paying for, about 90% of the time.

That is, until True 'fixed' it this week. Now I am back to the same old crappy connection I always had. When I called True on Wednesday, I got a recording saying internet in my area was being 'upgraded'. Hasn't been the same since.

What is wrong with the so called technical people in this country? They are completely incapable and incompetent. If and when the great firewall goes on-line, I would expect severe problems, as I have little faith they they will be able to get it to work reliably, if at all. And then there is the issue of out and out failure after some bonehead technician fixes or adjusts something.

Link to comment
Share on other sites
Headgame Advanced Member

Headgame

Posted
Posted

The problem is that a VPN is too easy and the logical next step is to restrict the use of those just like China does. Otherwise what is the point of a single gateway?

Not all VPNs are blocked in China.

Sent from my iPhone using Tapatalk

Link to comment
Share on other sites
thedemon Silver Member

thedemon

Posted
Posted

The problem is that a VPN is too easy and the logical next step is to restrict the use of those just like China does. Otherwise what is the point of a single gateway?

Not all VPNs are blocked in China.

Sent from my iPhone using Tapatalk

No they aren't but, as I wrote, they are restricted.

Corporate and private VPN's work but can be very slow. All the big name VPN providers seem to be blocked though. Whereas those VPN providers normally publish a list of IP addresses or hostnames to connect to various nodes in each country or city. That doesn't work in China because all of those are blocked so you need to contact the VPN provider via chat session each time you want to connect. They will then give you 2 or 3 IP's which, if they work, will last a few hours before they too are blocked. Then you start again.

This is additionally complicated by the fact that you can't directly connect to the VPN providers website to initiate a chat session because even that is blocked. I have needed to connect to my own VPN in Bangkok (painfully slow), get the IP's from the providers, disconnect that connection then connect again with the new IP's.

The net result is that though anyone determined enough can "jump the wall", the majority can't or won't bother.

Link to comment
Share on other sites
Cam Khao Senior Member

Cam Khao

Posted
Posted (edited)

For those who are interested I did a little digging around, just to make sure my assumptions about VPN security were correct. As I stated previously, it's been a while since I worked as a corporate techie, and although I try and keep up to date with things, I could have been wrong.

So, this is how things stand with regard to VPN detection (talking about OpenVPN here).

OpenVPN can be detected by Deep Packet Inspection (DPI). Note that I say detected. It cannot be snooped upon as it is encrypted, but whoever is performing the DPI will know a VPN is running across the port.

So we need to hide OpenVPN and there are two pretty simple ways to do this.

1. Run the OpenVPN connection across port 443, the port that HTTPS uses, so that it looks like any other SSL secured port 443 traffic. This is probably good enough unless somebody like the NSA is singling you out to take a look at, and start looking at your port 443 traffic closely.

2. Run the OpenVPN connection within it's own SSL tunnel. Not even DPI will be able to see it. Downside here, is it's a little more tricky to set up.

I've just tested option 1 myself, and it works fine.

Edited by Cam Khao
Link to comment
Share on other sites
muratremix Gold Member

muratremix

Posted
Posted

OpenVPN can be scrambled with some patches.

But why bother? If they want to stop free business to invest on internet and control all traffic flow, because of happiness orders it, it would be too slow anyway.

There are other examples, for example in Turkey, quasi monopol Turkish Telecom filters out all traffic at major entrance points of its International Gateway.

Thats why it doesn't exchange traffic with google etc. All traffic must enter from these chokepoints. So they can inspect packets and use this new software they bought from some european country (sweden?) to monitor all internet users social media (and other?) usage. They can easily pinpoint users ip addresses that posts in social media against government etc.

Link to comment
Share on other sites
ldnguy Silver Member

ldnguy

Posted
Posted

Fact, if and when this single gateway is implemented, my business with be relocated to an another country.

How will it affect your business? I guess anyone doing dodgy stuff must be the most worried.

Not everyone is doing 'dodgy' stuff. But I can see how your 'Thai mindset' would want to make yourself 'appear' better than a lowly farang.

You see, many of us don't like your culture. It's not that we came here hating Thailand, it's the racist and xenophobic nature of the Thai populous that has created the disdain. A single gateway would be the camel's straw.

I know not everyone is doing dodgy stuff. I said those that do are the most worried.

By the way I'm not Thai.

If you don't like Thailand then why haven't you left? I mean this as a genuine question. Before moving here I lived in Spain for a year. I didn't really like it so I left. I didn't make a song and dance out it, but just moved on. Life's too short to stay somewhere you don't like. I'm just baffled by why so many stay in a place they claim not to like. Surely you'd be happier moving to a country you liked.

Link to comment
Share on other sites
ldnguy Silver Member

ldnguy

Posted
Posted

@ BuaBS (i'm bored w/ the BS too) I could do Hungary or Czech, but visa's for a yank might be hard to come by. I've been researching Taiwan and Portugal.

Panama, Ecuador, Columbia and Chile are options, but they aren't known for fast internet.

How about USA? Wherever you go the NSA will be spying on you, so you can't really run away from that.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






×
×
  • Create New...