Feeds

German hackers poke hole in great firewall of China

A new Olympic sport

SANS - Survey on application security programs

German hackers have constructed a route around the great firewall of China. The Chaos Computer Club said its technology will help athletes and journalists travelling to Beijing for the Olympic Games to circumvent censorship.

Visitors to China are being offered USB sticks containing a browser that connects via the TOR proxy network. These "Freedom Sticks", regular USB drives with pre-installed copies of the TorBrowser and Torprojects software, will only be available during the two-week period of the games. The Chaos Computer Club has also set up a dedicated micro-site that offers separate downloads of the software here.

In a parallel move, German digital rights activist group FoeBuD is offering similar "privacy dongles" through its web store for sale at €20.

TOR point

TOR is a worldwide network of servers, run by volunteers, that provides a means to anonymise data sent over the internet. Information sent over the network is encrypted and routed through different servers on the TOR network.

China uses a network of filtering and blocking technologies, mostly supplied by Western technology firms, to block access to sites about Falun Gong, reports of the Tiananmen Square protests of 1989 and the Tibet independence movement. Until recently news reports on the BBC were also blocked.

Using proxies to get around these controls and browser sites isn't hard (at least for the tech-savvy) but maintaining anonymity is a problem, which is where the TorBrowser software and freedom sticks come in. Using the technology to send data out of China anonymously is another potentially useful application. The disadvantage of slower download speeds that come from using an anonymiser network is a minor drawback in comparison.

Chaos Computer Club is offering the technology partly to offer an easy way around Chinese censorship restriction but also to make a political point much closer to home.

Controversial new German laws on data retention may make it a criminal offence to operate TOR network nodes. The regulations are the subject of an appeal to the German Federal Constitutional Court.

"We are calling upon the German authorities to stop criminalizing the operators of servers of the TOR network. The behavior of the authorities is detrimental to the people in oppressive states, whose lives are at risk. China is only one of many examples", said Björn Pahls of the Chaos Computer Club. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.