Обновить

How to have prohibited content on your website and not get included in the blocking register

Время на прочтение 2 min
Количество просмотров 52K


This article contains thoughts on how to completely legally circumvent the new law on the prohibition of information and not end up with the entire site on the list of blocked resources..

Many people know about such an anonymous network as I2P; content inside it cannot be moderated or prohibited..

Please note that I am NOT suggesting moving the entire site to an I2P network and liquidate usual before throwing tomatoes at me criticize my opinion, please finish reading the article.

I’ll repeat myself, but I’ll say:

Main pros and cons of I2P:

+ fault tolerance
+ High anonymity (the network was created taking into account the fact that all nodes are under government control)
+ Inability to find out the physical location of the node
+ Advanced Onion Routing (updated version from TOR)
+ Using different encryption methods and periodically alternating them

— There is only one access to the big Internet - through a network node located in Germany
— Slow network performance *

And what can be done to ensure that your site is not included in the register and continues to function normally without removing content from it that is not acceptable to the government??

The answer is simple — transferring part of a site or the entire site to an I2P network .

At this point you may object and say - “Tor is better, it also has hiding services!»
— Yes, there is, but the Tor network was originally created as a chain of proxy servers and not a hidden Internet, the principle of networks and the place of their use are different.

How to transfer parts of articles that have been deleted under threat of blocking

To transfer a site to the I2P network, you will need to install the official network client from the site http://www.i2p2.de/index_ru.html

You will then have to create a tunnel to the site and allow the web server to communicate locally.

Please note that the I2P client may not necessarily be installed on the same server where your website is located.
Example: When you visit this address you will be able to access lurkmore through a tunnel I created from my computer
http://mad3ngpvnktxudirkmzqvmzu2shvmpquuceky7g2j3f63gbjwoaa.b32.i2p/
And with the help of this service, you can access the resources of the I2P network via the regular Internet: http://i2p.in (Open)
If the address is unavailable, the computer is turned off or the home channel is clogged, unfortunately it is not rubber

To separate access (for regular Internet/I2P), you can make a trigger in PHP (or in the server language you use) that blocked content can be accessed only from a specific IP address (if the client for the I2P network is installed locally, then 127.0.0.1)

This way you will get two benefits:
— Your site will not be blocked in the Russian Federation
— The content on your site will be accessible via the I2P network
And those people who want to read it, and I’m sure there will be many of them, will be able to download the I2P client and access the resource, or use the i2p.in service to view the content.

Now let's talk about the last item on the list of minuses — Slow I2P network

When creating a tunnel, you will be asked to select the number of “hops” to your service and the fewer hops, the less anonymity and you are easier to detect but faster the speed of work.

Since the fact of anonymity is not important to you (You’re not selling drugs, you’re just circumventing the ban.) then you can safely choose zero anonymity.

(One of the sites on the I2P network that works quickly precisely because of the use of the method described above — http://rus.i2p — Russian Wikipedia on the I2P network)



You can read more about migrating a website to I2P here http://habrahabr.ru/post/97996/ from the habra user GamePad64
Tags:
Hubs:
Всего голосов 66: ↑34 и ↓32 +2
Комментарии 58
+58

Comments 58

Why? I’m not suggesting that the entire site go underground, I’m proposing a compromise that will be beneficial for everyone, for site owners and visitors.
Only a few will use this “invisible” part.
Unfortunately, I cannot say at the moment how popular the hidden segment of the site will be, but after the introduction of the registry in the Russian Federation, the number of nodes in the I2P network has increased sharply and now there are more than 22,000 (perhaps this is not enough))

The logic of my post is that there is no need to delete unwanted content, it is better to hide it in I2P, there is no unnecessary information, especially if it is a wiki system in which information is generated by the back-breaking labor of many people and by order from above, sending a multi-page document to the trash is blasphemy.

And to support the hidden segment, you don’t need any coordination from the site owners, you just need to spend 10-15 minutes.
After the introduction of the register in the Russian Federation, they will force the ban on anonymizers, guess which site will be included in the register first? of course i2p.in.
I certainly like your solution, but a proxy is easier and faster.

> And to support the hidden segment, no coordinated actions from the site owners are needed
Well, and some computing power, I guess? after all, each network participant serves someone else?
The points:
1) Proxies and annunmizers, in my opinion, are also simpler, but the goal is different, to use annunmizers, the content must remain on the site => the site will be blocked and access will be through an annunmizer/proxy
It follows that 90% will experience difficulties due to blocking

In my decision, the wolves are fed and the sheep are safe

2) No, a node installed on the site server does not have to help the network at all; it can set the bandwidth usage for network needs to 0 for incoming/outgoing traffic
Everything is at the discretion of the server owners.

3) i2p.in is just a bridge for accessing the network, as I wrote above, if someone is really interested in information, they will try to get it by any means - for example, installing the i2p distribution (the simplest example is what difficulties pirates overcome to download a hacked applications for finding keys and so on, I’m telling you as a person who has given up piracy and uses software stores, App Store/Mac App Store/Steam)
There are only a few people who will try to get information; they will go to Google’s cache, where else. Ordinary users, especially Lulz encyclopedias, are not very technically savvy, and are usually lazy.
The authorities will promptly contact the owner of the cache to clear the information, and even there it will not lie forever; after a certain time, Google erases old pages from its cache.
I’m talking about the hidden part of the site, like in the good old days, without registration you see one part, then the full picture, here it’s the same, but in the I2P registration place
Firstly, I doubt that Google will clear its cache at the request of the Russian authorities. Secondly, Google will not erase pages from the cache if they remain accessible but blocked in Russia. In addition, there are other sites, archive.org for example.
Again, if they remain available, if they are available, the entire site will be banned by the registry, that’s the whole problem
This is the same as banning Yandex.
what are you speaking about? I did not understand you.
Ban Google, if I understand you correctly.
Not Google, I’m talking about a single site, i.e. if Lurk hadn’t deleted the page that drug control didn’t like, the entire site would have been blocked.
They didn't delete it, just shhh!
Prohibited pages can be moved to another site. The main one will remain available. Well, let them ban him, Google will cache it anyway, so whoever needs it will find it very easily, using a standard browser without any add-ons. And it’s noticeably simpler than the method described in the article..
In the end, a smart webmaster, in place of the deleted page, will guess to place a stub “The page was banned by drug control” and at the bottom in “small print”, visible only to registered users, a note of this type: “there was information with the sha1 hash 4c1c2cb85bb59b9eb347b5dffc94c05f0514a736, and for it this the page has been banned, therefore, if by chance you also have information with such a hash, we warn you that under no circumstances post it on your site, otherwise your site will be banned trollface_smile.jpg».

A reasonable question arises. What needs to be hidden so much at the moment and what is so important that it cannot be removed? Well, even purely theoretically: is it really possible, for example, that on corporate websites there will be materials with information about the preparation of drugs (or calls for suicide?)?
Those units that are already on Habré will be used and will help others deliver the client.
… In addition, I am communicating with the I2P developers and in the very near future an installer with a normal face will be released, their site will be updated and it will become like a resource that you can trust, and there is an idea on how to make it possible to access both I2P resources and regular Internet without changing browser proxy settings every time.

What the site will look like:
vekw35szhzysfq7cwsly37coegsnb4rrsggy5k4wtasa6c34gy5a.b32.i2p.in/en/site/
>>Yes, and there is an idea on how to make it possible to access both I2P resources and the regular Internet at the same time without changing the browser proxy settings every time.

I have it too - make a pac file, and everything will be in perfect order, but there is a moment that promises de-anonymization in some cases :)
If you prohibit the use of content from outside in I2P sites, then everything is ok
And once again, we are not going to sell drugs via I2P, so strict anonymity is not needed, and if necessary, see paragraph 1
>>If you prohibit the use of content from outside in I2P sites, then everything is ok
mmm, can you be more specific, because I can’t imagine how.
To be on an I2P network, you register the address of the local Proxy - 127.0.0.1:4444 and it already redirects traffic to the network itself.

So, no one is stopping you from making a rule in the next update for Proxy - when accessing a site in the .i2p zone - to block traffic from the outside world.
>>So, no one is stopping you from making a rule in the next update for Proxy - when accessing a site in the .i2p zone - to block traffic from the outside world.

yeah, thank you - I see, I just thought that there was already some functionality that I wasn’t aware of.
pac file has been in the client for a long time. Located in the scripts folder.
And? there is nothing interesting in it, I watched it.
> how to make it possible to access both I2P resources and the regular Internet simultaneously without changing the browser proxy settings every time
It’s very simple, but here’s how to implement it so that the i2p site cannot accidentally or intentionally give out the visitor’s real IPv4 address to external Internet resources?
Yes I understand, I meant something else :)

> How to have prohibited content on your website and not get included in the blocking register
Somehow you expect an unexpected loophole in the law or something that will allow you to write about anything... You look under the cut and see... I2P.
Loopholes in laws are closed quickly) I proposed a compromise option, I think that it will find its consumer.
damn the misspelled word is also bold…
It’s easier to set up ipv6 - the geniuses from Roskomnadzor still hardly know what it is.
This is a temporary measure, unfortunately
This force is already boring, please stop.
>> To separate access (for regular Internet/I2P), you can make a trigger in PHP (or whatever server language you are using) stating that blocked content can only be accessed from a specific IP address
And what prevents you from doing this without I2P. The whole point is for everyone to have access to the site. Or did I understand something wrong?
What do you have in mind? By trigger I mean prohibiting the display of unwanted information via the regular Internet to prevent blocking
I misunderstood at first. Thank you
The world is watching with interest as another battle for freedom of speech takes place in Russia.
It would seem, but everything may not be so simple. In fact, in addition to the “heavy” Java client, there is also an obstacle to switching to I2P,
It is worth remembering that all members of the “community” have a negative attitude towards sites that do not work if you have cookies and javascript disabled. Are there many such sites? And sawing through part of the platform to put it somewhere there…
And if you dig deeper, more similar “social” problems will appear..

PS I don’t know how it is now, but a little less than a year ago the I2P client was leaking quite a bit (OS FreeBSD). This was the reason for it to fall and restart every 3-7 days (moreover, it did not always rise automatically).
I think there will be no problems with Cookies and JS; the influx of new users guarantees a change in concepts within the community.

The leaks seem to have been fixed, it has been working stably on OS X for more than a week, and does not consume very much memory.…
A UFO flew in and published this inscription here
A UFO flew in and published this inscription here
but there are quite a lot of pitfalls, according to your version, should it be prohibited to go to the site from bookmarks? Because navigating from bookmarks will not be any different from entering the address in the navigation bar to the site.
A UFO flew in and published this inscription here
Yes, they do, but you propose your method as simpler, but in reality it turns out to be complicated.
A UFO flew in and published this inscription here
I don’t agree with you, and as you call “readers of the anarchist’s cookbook”, in other words, those people for whom anonymity is most important, and this has been the case for a long time in the Tor/I2p networks Silk Road is an example of this…

I'm talking about a method accessible to any sane person.
This can be easily solved on the side of the inspectors - it’s easier to equip one (well, one department) workplace with a “reanonymizer” than to retrain the entire audience.
Plus, log all the IPs from which the transition was made from the admin panel, and methodically enter them into iptables in order to completely cut off the possibility of evaluating the site.
I think that people who have been repeating “no one will use” in any news about anonymous networks for a year now should express their thought “I personally will not use” a little more precisely. Have you already forgotten Rusleaks, which single-handedly brought Russia to the forefront in the number of nodes? There is no website, people remain.

The article does not say that with an anonymous tunnel there is no possibility of blocking at the physical source address, so it is worth thinking about anti-spam protection (for example, a different approach to registration or closing content added via I2P for indexing).
I saw the word “address” and immediately understood who the author was
i2p is, of course, a cool thing, but with the same success you can simply not show these pages to clients with Russian IPs with the words “not available from Russia, please use a proxy.” All that remains is to update the geoip in time.
Everything will work if you do it as a service.
Viruses are difficult to catch because... within 24 hours they change DNS records and move to other IPs. And the domain is the same.
Here is a “proxy dns hoster” with 100 ip addresses that are constantly changing.

And in general, soon there will be Internet with coupons in our country.
1) Oldfags will remember what Floppinet is (naturally it will be based on the new technological base of the 21st century)
2) Data transmission technologies using RFC-1149 encapsulation will begin to actively develop (these days, this technology has been practically forgotten; it is sad that over the past 22 years, almost no active development and research has been carried out on the development of this promising method).

How to have prohibited content on your website and not get included in the blocking register

Suicide, pedophilia and drugs are subject to blocking. Why would an ordinary person have such prohibited content on his website??
— There is only one access to the big Internet - through a network node located in Germany

This is where you are not entirely right - you can set a different output gateway in the router settings, just false.i2p is standard in the default configuration.
Only full-fledged users can leave comments. Sign in, Please.