Re: [O] [OFF TOPIC] almost giving up on emacs email..looking for advice?

[Rasmus]

Hi,

Eric Abrahamsen <address@hidden> writes:

> Rasmus <address@hidden> writes:
>
>> Eric Abrahamsen <address@hidden> writes:
>>
>>> It's not trivial when you live in China :)
>>>
>>> I can make it work, between alternate IP addresses and ssh tunnels, but
>>> it involves a lot of cursing and grinding my teeth. In a hostile network
>>> environment any client will face the same problems, but the lack of
>>> threading becomes pretty apparent here.
>>
>> I don't know what the great firewall is like, but for "hostile networks"
>> around here (universities blocking git, airports blocking smtp/imap etc),
>> I use openvpn.  Are commercial openvpn provides blocked in China?
>
> Both commercial providers, and non-commercial providers! I set up my own
> OpenVPN server on a US server, and that worked for a couple of years.
> Then they caught it, and I switched to a non-standard port. That worked
> for another four months or so, and now it doesn't work on any port. I'm
> sure OpenVPN traffic is pretty easily sniffable.

But what if you use TCP 443?  That should be hard to detect, though speed
might not be great...  I guess https is OK in China.

First link from startpage.com:

      
https://www.bestvpn.com/blog/5919/how-to-hide-openvpn-traffic-an-introduction/

> My next project is ipsec (another broken-leg project). But I figure, if
> I can google up these solutions, so can they, and the packet signatures
> of all these different systems must be quite identifiable.

Isn't ipsec as less popular version of Tor?  BTW: I tried Tor again in the
weekend since a relative was asking about it.  Speed seems to have gotten
a lot better (I'm in EU).

> Using vanilla ssh seems fairly reliable: for the time being, I don't
> think they'd go so far as to block ssh across the board. That would
> really be declaring war on the internet. So sshuttle, tunnels, and the
> built-in ssh SOCKS proxy are serving me well. Using dnscrypt-proxy
> actually solves many of the problems -- in years past, it would have
> solved everything, but they've started hell-banning IP ranges, and of
> course that includes gmail. My own dumb fault for using gmail, I guess.

The problem for me with socks is that it doesn't allow arbitrary port
connections (I mostly deal with bad network configs, e.g. closed XMPP or
git ports).

> How off-topic can we get? :)

It's interesting.  And +30°C.  It's fineeee!  Thanks for sharing!

Rasmus

-- 
May the Force be with you