Stații de lucru

OS - Windows 6795 Solutii

Reguli si plangeri 8 Solutii

OS - OS X 407 Solutii

Reguli de configurare 11 Solutii

Licentiere 18 Solutii

Securitate 176 Solutii

Copie de rezerva (Backup) 68 Solutii

Antivirus 71 Solutii

Aplicatii specifice 3763 Solutii

Hardware 287 Solutii

What Is Shadowsocks, and How Does It Work?

A wooden figure blocking connections.

If you’re looking to escape internet censorship, one interesting option is something called Shadowsocks. Not only is its name intriguing, it also promises to get you past any blocks safely. Let’s see what this protocol can and cannot do.

What Is Shadowsocks?

Shadowsocks is a connection tool that lets you circumvent censorship. It’s used widely in China by people looking to tunnel under the Great Firewall—the digital barrier that keeps the Chinese internet “safe” from foreign influence—as it’s completely free, though you’ll need some tech know-how to set it up.

In fact, Shadowsocks is so good at getting past China’s blocks that there’s a good case to be made for it over another tool, virtual private networks (VPNs). Not only is using Shadowsocks free, it also hides traffic a little better than VPNs do. However, before we go into any more detail, let’s first go over where Shadowsocks comes from.

Who Developed Shadowsocks?

Shadowsocks was developed by a Chinese programmer only known as “clowwindy,” who put the initial commit (a version of a program or script) on GitHub in 2012. The protocol was a huge success and clowwindy kept working on it for several years, as well as developing a free VPN called ShadowVPN.

In 2015, however, Clowwindy left a message on a GitHub thread stating that the police had found him and had asked him to stop working on Shadowsocks and, presumably, ShadowVPN. He also was forced to delete the code on GitHub and he had “no choice but to obey.” He added that “I hope one day I’ll live in a country where I have freedom to write any code I like without fearing.”

What Happened to Clowwindy?

After this last message, it has remained quiet surrounding clowwindy. According to this blog post, after clowwindy had an “invitation to tea” (a term with about the same level of threat as the KGB’s infamous “friendly chat”), they briefly surfaced to show they were okay, and then faded away.

Thankfully, though, clowwindy’s work has not been relegated to the dustbin of history. Instead, a team of enthusiasts has carried on their work and kept working on Shadowsocks. At the time of writing in March 2022, it’s a powerful piece of communication technology that has gotten even better at getting past blocks.

How Does Shadowsocks Work?

Shadowsocks is interesting because it’s like a lot of other things, but just different enough that it deserves its own category. Technically, it’s just a proxy: it reroutes an internet connection through a third server, making it appear like you’re in a different location.

In a regular network connection, like the one you’re likely using now, you connect to your internet service provider’s server and then to the website you want to visit. If the authorities want to block a site, the internet service provider (ISP) is usually told to prevent access to its IP address. Using a proxy means you go from the ISP to an unblocked server and then to the site you want.

However, regular proxies are notoriously unsafe: there’s no good way to secure the connection, for one, and generally speaking, most sites can figure out quite easily that you’re using one. Shadowsocks, however, is based on a proxy protocol called SOCKS5 that secures the connection using an AEAD cipher—roughly along the same lines as an SSH tunnel.

Though AEAD ciphers are generally considered not quite as secure as the more common AES encryption (here’s one academic paper if you’d like to know more), they’re a big step up from regular proxies. They generally either use an HTTP-based protocol—pretty much just a rerouted unsecured connection—or an earlier SOCKS version which also isn’t encrypted. Using either one means you’re leaving yourself open to possible spying by, well, almost anybody.

Shadowsocks and VPNs

Reading the above, you may think that Shadowsocks sounds an awful lot like virtual private networks, which also reroute connections, but secure them as well. However, because Shadowsocks’ encryption is a little more lightweight, it doesn’t offer the same security as a VPN does.

However, the lighter encryption does mean that Shadowsocks can fly under the radar better than a VPN can. If they wanted to, an ISP could clearly identify VPN traffic, but a Shadowsocks connection is a lot harder to identify because it looks practically identical to a regular HTTPS connection.

Downsides to Shadowsocks

Because of these reasons, Shadowsocks is a great choice to dodge censorship blocks. However, it’s not perfect and there are some downsides, especially if compared to VPNs or even Tor.

For one, Shadowsocks requires a bit of setup and you need to understand a little how computers and connections work. VPNs generally just need to be installed and you’re good to go; using Shadowsocks means you need to sit down and read through the documentation and set up a server.

Depending on how you set it up, there’s a chance that Shadowsocks might take a good whack out of your internet speed. Any rerouting technology will reduce your speed, but some are worse than others. A good server will reduce the pain, but generally speaking, using Shadowsocks means a much slower connection. Also, unlike VPNs, you can’t use Shadowsocks to change your Netflix region or even to torrent files.

However, you could also argue that none of that matters: Shadowsocks was developed as a way to circumvent the blocks placed on free speech by a despotic regime and to do so for free. At that, it succeeds admirably and we recommend anybody looking to escape internet censorship at least look into it.

[mai mult...]

How to Escape Internet Censorship

As you probably know, the internet isn’t free everywhere: in some countries, people are met with blocks when accessing sites the government doesn’t approve of. Thankfully, there are ways around these blocks, and you don’t even have to be particularly tech-savvy to use them.

Warning: We probably don’t need to tell you this, but if you’re in a country that limits freedom of expression enough to restrict the internet, you need to be very careful when circumventing any blocks. There could be electronic countermeasures in place or even physical ones. As has happened in Myanmar and Russia, police could stop you on the street to check your smartphone. Please, be careful and keep safe.

  • How Blocks Work

To block our site, you would somehow need to cut off access from your ISP to our IP address. That’s how Chinese censorship works: It simply blocks traffic to any IP addresses that have been flagged. These flags can be for any number of reasons, some are because sites have content considered subversive by the authorities, while others offer gambling or pornography.

The nature of the block also reveals how we can get around it: if your government (or even just your ISP) is blocking an IP address, all you need to do is to connect to another, non-blocked IP address and have it connect to the blocked IP address for you, forwarding the traffic through the unblocked IP address for any other sites you want to visit. There are several ways to do so, and we’ll go over a few options below.

  • Proxies: Not Recommended

If diverting your connection in the way we described above sounds like something you’ve heard before, you’re probably already familiar with proxies. These little apps—usually simply accessed through a website—will reroute your connection through an IP address so as to make you appear in that location rather than your own.

Proxies are great for passing a regional block on YouTube or something similarly innocuous. However, for something a little more serious like passing a censorship block, using a proxy is a very bad idea indeed. The connection usually isn’t secured in any way and you can very easily be tracked—claims from proxy providers notwithstanding. Whatever you do, don’t use a proxy to get past blocks.

  • Shadowsocks

There is, however, one exception to the “no-proxies” rule, namely a protocol called Shadowsocks. Though it also doesn’t protect the connection the same as other proxies, it’s less easy to detect than one thanks to it disguising itself. Where a regular proxy can easily be detected by most blocks, Shadowsocks is a HTTPS connection, thus tricking the detection system.

Shadowsocks was developed by a Chinese programmer and it’s widely used there to get past the Great Firewall. There’s no question it works. However, if you’re having any trouble with it or you’re worried about active searches for proxy traffic, you may want to escalate your block-busting by using a VPN.

  • Virtual Private Networks

Virtual private networks are powerful, though slightly overhyped security tools that can help you evade censorship blocks and remain safe while doing so—on paper, at least. VPNs not only reroute your connection, they’ll also encrypt it through a so-called VPN tunnel, which prevents anybody from seeing what you’re doing.

We have a full article on how VPNs work if you’re interested.

For most people, most of the time, VPNs are the best way to get around censorship blocks, but they come with some downsides. The biggest is probably that they cost money, even the cheapest ones out there will set you back $5 to $10 per month, which is more than some people can afford.

The other issue is that you can’t always be sure whether the VPN you have is a good one: the marketing madness surrounding them rises in pitch every few months, it seems. We’ve made a selection of the best VPNs that we feel offer the best value; Mullvad is probably the best choice if you need a cost-effective solution that gets past any censorship blocks, while VyprVPN claims to have a special protocol that can go unnoticed by authorities.

  • ExpressVPN
  • SurfShark
  • Windscribe
  • ProtonVPN
Hide.me
  • ExpressVPN
  • Private Internet Access
  • NordVPN
  • CyberGhost
Best VPN for China
  • VyprVPN
  • Mullvad VPN

As we alluded to above, VPNs aren’t bulletproof—for one, police could simply check your phone for VPN software—as well as being possibly too expensive. One method of bypassing censorship that is harder to detect, as well as being free, is to create an SSH tunnel to a trusted server outside of your country and access the internet through that.

The downside is that you need some tech-savviness to set up an SSH tunnel. We have a full guide on how to use SSH tunneling that will get you on your way, though. If you have the equipment and knowledge necessary, this may be the best option yet.

Other Methods

Besides the methods above, there are other ways to get around blocks, but these usually require some more specialized technical knowledge or some extra setup, as is the case with changing your DNS server or using Tor. Decentralized VPNs are another promising technology. However, as these services are still in their infancy, we wouldn’t quite risk using them yet.

How to Browse Anonymously With Tor

However, to repeat our earlier point, there is an inherent risk when getting around government blocks. Torrenters who get caught risk a fine, but some repressive governments may have a much worse penalty for you if you’re caught circumventing censorship. If unsure, it could be better to not take the risk and wait for better days. Whatever you decide, we hope you stay safe and those better days come soon.
[mai mult...]