Can it prohibit TOR. Access area: The law on anonymizers entered into force in Russia. Configure your own VPN server
In which times, Russian residents are forced to endure inconvenience and restriction in free use World Wide Web. This time, Russian President Vladimir Putin signed a VPN ban decree. A confirmation document was published on July 30 on the pages of the official Internet portal containing meaningful legal information. As this law says, almost all changes will enter into force on November 1, 2017, but some of them have become relevant since the signing of the Decree. Now the ban VPN and TOR in Russia has already taken place at the legislative level.
Ban VPN and Tor
As mentioned above, now all anonymisers who were previously available in free access and who did not have grounds for blocking and prohibitions will become prohibited to use. According to the established requirements of Roskomnadzor, if such programs (TOR, OPERA browser, etc.) will not restrict access to unwanted sites, their action will also be limited and banned. Tor falls under these rules in the first place.
MESSENGERS ON PASSPORT AND BANK VPN
Since the introduction of a VPN ban and adoption by the State Duma, a number of requirements began to be made to providers. The main ones were that the messengers operated by citizens will succumb to the forced blocking in the case of direct failure to establish the identity of the user by its available phone number. In addition, the draft law on the ban of anonymizers and VPN services directly obliges proxy services to limit access to prohibited pages and pages containing potentially undesirable content prohibited by censorship.
In fact, thanks to the current billing, the VPN services and various anonymous networks may be under the ban. As well as browsers that provide user anonymity, such as Tor or Yandex browser.
Consider in more detail how the VPN law will work and why in Russia they adopted such categorical measures depriving citizens of anonymity. After all, the ban on the use software, such as Tor, for Russia while nonsense.
The law on the ban of anonymizers and VPN in Russia: carefully read the text
According to the adopted 21. 07.2017, the law on the prohibition of anonymisers and VPN Publication.Pravo.gov.ru, in which the red row traced the idea that providers undertake to refuse access to sites in the blacklist of Roskomnadzor and block access to them under any pretext. Anonymous networks and programs (the same tor) will be allowed to use if they confirm their consent to cooperation with the state and will strive to support the policy of preventing the viewing of Internet resources prohibited in Russia.
It is worth noting that the ban on the use of VPN and Tor browser in Russia concerns directly all residents of the state, not only commercial users. After all, many consumers are used to making purchases on American or any other overseas sites using Tor, from which the goods are not sent to Russia and are not accepted from it payments. This is due, first of all, with the increased amount of fraud with data and bank cards. Therefore, excellent exit, in solving such a question was anonymous networks and special TOR type browsers, which issued a different IP address of the user, thus, to acquire the necessary goods for relatively low price. What was, in turn, is not beneficial to local boutiques, selling a similar product with an extra charge 1.5 times. So in the prohibition Tor more commercial reasons.
What threatens the VPN ban in Russia?
Accepting this law, citizens will receive round-the-clock surveillance by the FSB and the Ministry of Internal Affairs of Russia, which will follow the compliance with obligations assigned to providers. If any service refuses to cooperate and stimulate access to Internet resources included in the prohibited list of Rossky Denadzor, during the calendar month, it can be banned on legal grounds. Also, there will be a complete right to make such a site to the list of already prohibited in Russia. By the way, this list already has more than 80,000 unwanted sites, therefore, from adding several additional hundreds of additional hundreds, the situation will not change the situation.
It is worth noting that in China, a long time has been practiced a ban on all non-annual sites, proxy and VPN servers.
This is done in order to foreign information portals The souls and minds of many Chinese light heads, growing in them dissent and the absence of a patriotic feeling. 24 hours a day, more than two million Chinese citizens monitor the network on the subject of "wrong" thoughts and carefully eradicate them from the public spaces.
Most Russian Internet users probably have probably heard of recent legislative initiatives on the "regulation" of the Internet, or rather, about the desire of the authorities to prohibit VPN and anonymizers, allowing to bypass the state censorship. Continuing the topic of anonymity and security on the Internet, we will tell you how you can bypass the prohibitions prohibiting circling prohibitions.
Who and that prohibits
A few words about the prohibitions and the fact that they are once again trying to ban.
Legal responsibility
Of course, many are tormented by the question - whether to use Tor Browser. In Russia after November 1, 2017? Theoretically - yes, because the law does not prohibit be anonymous, and the browser itself is not in itself a means of providing access to resources prohibited in the Russian Federation for third parties. And most likely it will be, in any case, in the near future.
But still, we will try to assume the worst option - let's say, you interfere with "influential people", and they are just looking for a reason for what to punish you. In this case, it can be assumed that running Tor -Browser The TOR-network repeater can be interpreted as a program involved in providing access to resources prohibited in the Russian Federation to someone except you. If all this somehow be able to be paid to court, including a 30-day warning period and proof that you are the operator search engine, then everything that threatens physical lickThis is an administrative penalty of 5,000 rubles.
The amount is noticeable, but not fatal at all, which further reduces the likelihood of such an application of the law against individual citizens using Torbrowser and others similar programs. For official I. legal entities The amounts are more impressive, but it is not interested in us, details can be found in the relevant bill.
So, we found out that we still do not threaten anything terrible for using Tor Browser. Now let's figure out how you can bypass the ban, prohibiting to bypass the ban!
Tor banned. What does it look like?
The meaning of the entire system of connecting to Tor through the bridges is that full list Tor IP addresses are not published anywhere, unlike conventional repeaters, whose list of RKN and others can get at any time. And since there is no list of IP addresses, it is not known that blocking, which means that the blocking itself is impossible. The above link allows you to get the addresses of bridges for no more than a few pieces at times, with manual filling of the Captcha form. And we hope that unlocked bridges will end later than the patience of civil servants engaged in their search. Of course, there are more technically sophisticated methods for finding all, or at least the majority, IP addresses of bridges, because the option of full blocking of bridges cannot be excluded.
Of course, there is a reasonable question here - how do we get to the page issuing bridges, if all Torproject.org is blocked in Russia? It turns out to run the blocked Tor we need to go to the locked resource. Anonymous Web proxy will help us to break this vicious circle. Drive in the search bar Anonymous Web Proxy (do not forget that in addition to Yandex and Google there are other search engines) and go through the obtained links.
Probably anonymous Web proxies will also try to block, and already blocked. But their number on the Internet is large enough, with a relatively low popularity of each separately. Because at a minimum in the near future we can count on their help.
For example, you can use these services:
They are for now Not blocked on the territory of the Russian Federation and do not require the use of Java Script for their correct work. If some of them does not work, then do not despair - check the next one.
Configure your own VPN server
If you plan to configure the VPN server yourself, then carefully read whether the tariff is supported by your hosting provider. The cheapest VPS. may not support such an opportunity
How to do it is written for example.
By running your own VPN server, you can not only use it yourself as a means of circumventing censorship, but also provide access to your friends and acquaintances, do not pay for it neither the cents over the already paid hosting provider Keep in mind that inexpensive VPS has a limit on traffic included in the tariff. But most likely it does not constrain you - usually 500 GB of traffic and more stands out for a month. .
You can connect to it from all common operating systems, including Windows, although, of course, we recommend using Linux.
Use SSH Tunling
A much simpler technically option, especially if you are using Linux. Briefly its essence is described, however, it is hardly a lot to explain to you if you do not have minimal knowledge in the IT area. Therefore, focus in practice.
Pay attention to the following points used in the examples:
You need to replace the IP address that you get from the VPS provider. - root - the username for connecting to the VPS, most often it is. You can clarify it in the VPS administration pane.
- While entering the password, you will not see the displays of the password and any other characters, everything will look like you are not gaining anything - it is done so that no one can spit your password. Just enter the password and press ENTER.
Running tunnel under Linux
Open the terminal window (command linux string) and enter the command:
sSH -VND 127.0.0.1:8080 [Email Protected]
- sSH - Directly command Running tunnel to your VPS.
- -VND 127.0.0.1:8080 - Keys and arguments of the launched command: include debug output and create a proxy tunnel from your computer to your VPS.
- [Email Protected]
- Username and IP address VPS.
After a set of this command and pressing Enter on the keyboard, you will see something like this:
~ $ ssh -vnd 127.0.0.1:8080 [Email Protected]
Row "Debug1: Entering Interactive Session." Indicates that the tunnel is running, you can fold the terminal window (without closing!) and proceed to configure the Tor Browser.
Starting the tunnel under Windows
First of all, you download and install Putty or any other SSH-client supporting tunling.
Run Putty and configure the session:
Setting the session in Putty
In the "Host Name (or IP address)" field, you enter the IP address of your VPS, below in the "Saved Session" section allocate "Default Settings" and click on the right "Save" button - now you do not need to enter the IP address each time.
In the left part of the window, select: Connection → SSH → Tunnels:
Configure SSH Tunnel in Putty
In "Source Port" write 8080, and click the Add button. Below you install points at the points "Dynamic" and "Auto".
Now click Open, in the black window that appears, enter the root login (or the one that issued a VPs -Produder), click on the Enter keypad, now enter the password (it is not visible), once again Enter on the keyboard. If everything is done correctly - you will start the session with the command line invitation. Fold (without closing!) This window and go to the Tor Browser setting.
Setting Tor Browser to work with tunnel
Start Tor Browser, open the Tor Network Settings window and follow the following steps there:
Do not use Internet censorship
Taxation tools, type of bridges or Meek-transports we are not needed now, because the connection to the TOR-network will be made by the VPS rented abroad.
Turn on the use of proxy to access
This setting allows you to organize a connection to TOR through a running tunnel.
Specify the Proxy Server Address
Here are the same as the address and port of the proxy server, the role of which is the SSH-Clement connected from your computer to overseas VPS.
If everything is done correctly, Tor Browser will successfully connect to the network.
Get bridge addresses via email
Remember the development of events.
Once it was possible to write on the Internet anything and anywhere. Then it turned out that it was not always the case, and you need to carefully choose places and expressions. Then it turned out that some themes should not speak at all, no in any way, and here the means of Internet anonymization were useful. After that, they began to fight with them, Russia is not the leader here - it only supports the global trend.
We are convinced that all this is done for our security, in the name of the struggle against terrorism and other terrifying ulcers of civilization. However, the situation is only worsening that it is not surprising - after all, instead of combating the causes of these phenomena, the leading global powers only aggravate them more and more hard exploitation of the third world countries. At the same time, successfully using the measures of "increased security" to combat dissent in their own boundaries.
It can be assumed that in the near future anonymity and privacy will be prohibited as such at the legislative level (China has already actually implemented). And access to the Internet will be carried out on "white lists" - i.e. According to the lists approved with the participation of state bodies, and everything that is not included in these lists will be prohibited by default.
The longer we are decided on a fair reorganization of society, the more difficult for us everything will be later, and the more losses will incur all of humanity.
TOR network browser is one of the most common means of circumventing blockages: they use more than 200,000 Russians every day, and in five years their number has increased 3 times. The main advantage of TOR - it does not leave traces on the Internet - neither personal data, nor visited sites or sent messages. But it can be trapped and block it.
How can it be blocked?
Roskomnadzor can make public "input" network IP addresses, as well as IP addresses of sites with expansion .ONion (available only in TOR) into the registry of prohibited. Also, the regulator has the right to oblige providers to limit access to TOR. This is not easy to do, but such a procedure has been introduced, for example, in China. However, it does not mean that it works.
Is it possible to get around the blocking?
In addition, the TOR network can be connected by reconfiguring the browser to non-public nodes that are much more complicated. In public access, there are no IP addresses, and addresses in encrypted form are transmitted. You can also bypass the TOR lock by purchasing a foreign IP address from a foreign VPN service, experts. The law does not apply to foreign addresses.
From May 5, 2019, all services for instant messaging that work in Russia must check phone numbers when registering.
In theory, they must send a request to the communication operator. There are checked if there is such a number in the database, and only if the answer is positive, you can register and send messages. And if no numbers or the user cannot confirm that this is his phone, registration must be banned, and it will not receive messages.
Government Decree of 10/27/2018 No. 1279
This procedure was approved by last fall last year, but by virtue of it will come only now. Will all this work in business and how it will affect the use of messengers, it is not clear.
Services for instant messaging that work in Russia are required to check the user's phone number with a communication operator database. If no numbers or the user cannot confirm that this is his phone, will refuse registration and prohibit communicating.
Comment: It is not clear whether it will work. It may turn out as a ban on the purchase of a sim card without a passport: it seems it is impossible, and they still distribute them in transitions. But the verification procedure is approved and can apply it.
About VPN.
All proxy and VPN services, as well as the anonymous TOR, I2P and FreeNet networks, potentially fall under the law. Their owners are invited to limit access to sites entering the register of prohibited sites of Roskomnadzor.
Tracking anonymizers, TOR and VPN services that provide access to the sites blocked in Russia will be FSB and MIA.
Document also prohibits operators of search engines Issue links to resources blocked in Russia. (It is not clear how Yandex should cope with this. And Google will also be banned?)
In the law on the protection of information, changes have appeared. They were accepted to limit access to prohibited sites. Provisions that relate to blocking blockages will take effect on November 1, 2017.
The order says that only sites will be brought to the registry that allow you to access gambling, and not any VPN service. If I do not break the law, I will not ban anything?
Very banned. There are no criteria so that you can segmented the VPN assignment. Channels for encryption traffic are used in different purposes. Someone to work on the marketer or to sit in social networks, without breaking anything. And someone connects via VPN to play a casino - this is a violation.
The FTS may decide to block the site with such services, even if there is simply information about the options for bypassing online casino locks and lotteries. And even more so if you can download some kind of program or connect the service to go to the forbidden site.
This means that under threat any site about access to VPN, even if you are not going to break anything. If now it works, it may not work in a week.
I need a VPN for work, not for games. What to do, not to suffer from locks?
No one knows how specifically sites threatens blocking in the near future. If you literally understand the formulation of the order, even information sites can be made to the registry.
If you use VPN to work or protect against hackers and do not play online gambling, look for different legitimate options for access to anonymizers just in case. Or think how to work without VPN.
Do not hope that he swears as with the "telegram". This order was signed by the managers of the four departments, and now they will be required to execute it.
I am the usual user. Sometimes I use VPN, but forbidden sites do not attend. Does something threaten me?
Nothing threatens you. You can use anonymisers for work, dating sites or computer games and attend any sites that are in open access.
If the familiar to you VPN service will suddenly stop working, it means that he did not want to comply with the law and helped spout blocking. You will find another - there are many of them.
If suddenly it turns out that the site is blocked by the decision of Roskomnadzor or the work stood up due to the fact that the messenger or VPN does not work, you can lose money or even the whole business.
Anonymizers Act will enter into force on November 1, 2017 - it allows you to block online services that give access to sites blocked at the request of Roskomnadzor. One of these services is the browser of the TOR network, more than 200,000 Russians use them every day.
The TOR network user does not leave traces on the Internet - personal data, visited sites sent by messages. The system is arranged on the principle of onion routing. For each message, the route is accidentally selected through one of three nodes - by analogy with a bulb: each next node encrypts the previous one. Low routing was developed in 1995. David Goldshlag, Michael Reed and Mathematics Paul Siverson.
Secret in nodes
Goldshlag told "Vedomosti" about the method of blocking the service that the regulator can take advantage. After the user in the browser enters the address of the site to which it wants to get, its request in encrypted form is transmitted to the first, the input node with its own IP address. Nodes are two types - public and non-public, says Goldshlag, Russian users are most often connected to public. The IP addresses of public nodes are in public domain and, it continues, the regulator can make these IP addresses and IP addresses of sites with extension .ONion (available only in TOR) into the registry of prohibited and at the provider level to limit access to TOR. It is difficult, all providers should work, but technically possible, the developer says.
According to Goldshlag, a good example of how it is done at the national level - China, providers' level restrictions exist in many countries, including in the United States.
IP address as evidence
On April 10, 2017, the mathematician Dmitry Rogatov was arrested. According to the investigation, from his IP address, someone Airat Bashirov placed on the Internet texts with calls to terrorist attacks. The investigation believes that the rich in the help of Tor hid the traces of the online presence on the Internet. Protection Indicates that out of 104 IP addresses around the world, from which Bashirov went to the network, a single, tied to a computer in Moscow was chosen.
The connection through non-public nodes to block is much more complicated: there are no IP addresses in public access, and the addresses in encrypted form are transmitted, explains the analyst of the Russian Association of Electronic Communications Karen Kazaryan, and to use a non-public node, it is enough to reconfigure the browser.
Roskomnadzor in his right
For five years, the number of Russian users has increased 3 times, reports Goldshlag and refuses to discuss the regulator plans on Tor. Profile official does not yet know whether Roskomnadzor plans to restrict access to the service.
Roskomnadzorus is enough of the anonymizers law to block the entrance nodes TOR, the head of the public organization "RoskomxVod" Artem Kozonuk believes, but it can happen not earlier than mid-December: the department should ask the service not to provide access to prohibited sites, wait 30 days and, if the answer is not It will begin to identify the input nodes. Kozluk doubts Roskomnadzor will decide to block the domain zone.onion, where millions of Tor pages: they use their media, scientific communities and social networks.
Operators opp
If the operators blocked publicly known TOR nodes, stop its work in Russia simply, says Cisco Security Counseling Alexey Lukatsky. Users can bypass this ban using VPN, so you need to block TOR simultaneously with the restriction of VPN services, it warns.