Slashdot Mirror

They can't inject into secure traffic. HTTPS solves this problem too.

Install CGIproxy on your webhost with an SSL cert (Free from StartSSL) and use it for all your web browsing cover ISP spying on non-https supporting websites (such as slashdot)

If you don't mind your ISP knowing the domain of the https sites you visit, you can still go to them directly.

If your webhost is your own server however there is no additional risks routing everything through CGIproxy.
Shared webhost space is an additional risk, since they would have the ability to see your unencrypted traffic if they desired.

Of course there is no encryption between the webhost and the non-ssl websites you visit, but since that is/was true when visiting them directly anyways this only turns a very sucky situation into a slightly less sucky one - a net improvement over all.

But all the ISP will see is that 100% of your web traffic is to a single IP and fully encrypted, and you apparently don't use the rest of the internet in your web browser.

Great Firewall is a joke. Anyone who wants to, uses proxies. I set up Apache+https+CGIProxy on my residential connection while my friend was touring in China, and I just left it up. It is undetectable (sans the fact that an https connection is established), impossible to filter, and completely transparent to a client. Piece of cake.

There are lots of alternatives. I like my own CGIProxy, but there's also Tor, Glype, PHProxy, UltraReach, etc. etc. Some of these have been around since the 1900's.

"Why were those students even able to use proxies?"

im pretty sure they mean web-based proxies in this case, which fetch the blocked page for you thus bypassing the webfilter

for anyone whos interested CGIProxy is an example of one such proxy
there are even sites which will mail you lists of new proxies, so you can stay one step ahead of the webfilter

it pretty much impossible for a webfilter to block all such sites, although i imagine if the admins took the time to actually research these tools they could come up with some pattern matching rules to get most of them.

imo the issue here isnt about whos liable, but that a 3 month suspension is way too harsh, and will wreck that years worth of learning for the students

I work in a UK school doing IT support so I have a front line view of what happens.

At a county level we have a fitler that works on basic URL blocking. It's called 'SmartFilter' and it's definately not very 'Smart'. Pupils can easily evade this filter by using CGI:Proxy, PHPProxy, Google Translate or Google Cache for example. Basically as long as the url doesn't match something in it's blacklist, it gets through.

Therefore, at a school level I have implmented a Linux/Squid based proxy with a content filter called DansGuardian. It's a lot more intelligent about filtering and works along the same lines as antispam filters. As well as domain/url blocking it allows grey listing based on the content of the web pages being pulled through it. You assign words or phrases a numerical value and if the page hits a certain score then it's blocked. As the filter is no longer simply relying on the domains/urls this solves the proxy problem.

Yes, some stuff will always get through, I think the above solution is about as good as it gets currently.

So when Turkey figures this out and blocks access to the ip address, I want to offer Turks a proxy alternative (eg Psiphone).

I'm running CGIProxy 2.0.1 and noticed YouTube shows up fine except for the video. Is this a "feature" of the Flash format, or a bug with cgi-proxy?

or run this as a cgi script on a webserver http://www.jmarshall.com/tools/cgiproxy/ not that 'anon' but better and no adverts either. No website should be without one and we have it running too

As far as I can tell, this is nothing new-- there are a variety of publicly available programs that have done the same thing since as early as 1996, when China and Singapore first announced their intentions to censor the Web. One such tool is CGIProxy, but there are others. Or is there something else about Psiphon, am I missing something?

I use: http://www.jmarshall.com/tools/cgiproxy/
I use CGIProxy to fix censorship problems. For best results, uncomment the code for URL Scrambling. It has some good features, and is stable.

I have to deal with WebSense on a daily basis. Yes, "proxy avoidance" sites are blocked, but only ones that they know about. The solution is simple: create your own proxy server outside of the filtered network--and keep it secret.

The way I did it was download CGIProxy from my home computer and dropped into the cgi-bin directory of an unfiltered remote webserver that I control. Now whenever some seemingly arbitrary site is blocked (usually under the category of "Personal Sites"), I just go to my own personal (and secret) proxy server and enter the blocked URL. Note: you may have to change all text instances of the word "proxy" within the CGIProxy file to something else for it to work.

MP3 blocking is a little harder to get around, but is possible as WebSense only looks at the extension after the last dot of the filename. The solution is to have your proxy respond to a "fake" URL like "http://somesite.com/somemp3.mp3.prx" and have it pipe the real file located at "http://somesite.com/somemp3.mp3" through the fake URL. I've modified my copy of CGIProxy to do just that, and it works like a champ.

Of course, all this information is for educational purposes only. ;)

As always, for a solution to all your censorship problems, see this. The beta version supports JavaScript too.

Here's a tool to get around Web censorship. It's the censorhip-circumventing software itself, not just a site that runs it; anyone can downlad and install it on a Web server for their own use. It's been around since 1996, first developed when Singapore and China first announced they would try to censor the Web. I think this approach is more effective than the various sites running public proxies, because those can be blocked by censors much more easily than when everyone has their own private proxy.

If you try CGIProxy and find any shortcomings, please let me know so I can fix them. To my knowledge, it's the only such software out there that solves certain kinds of problems, such as proxifying JavaScript (in beta, but almost there); for example, this means that most Web-based email and other complex sites can work through it.

Note that out of the box, the CGIProxy isn't optimally configured for privacy, but there are config options to change that. The code is heavily commented, with the intention that users can customize it in several ways to make it unrecognizable to censors.

Have fun! Let me know if you have any questions.

can help with a lot of these situations. I used to work for a company that had a overly restrictive proxy server that all employees passed through for accessing the internet. When the company blocked email sites like hotmail, gmail etc. I got fed up. I run my own domain on my own server at home. So i loaded CGI Proxy and through my own webserver was allowed to access any site that the proxy didn't like. Since my server ran https and the url's are scrambled via CGIProxy the company's proxy server had no idea what sites I was accessing. My domain was never banned or blocked.

http://www.publicproxyservers.com/index.html
http://google.ca/translate
http://jmarshall.com/tools/cgiproxy/

Just a few examples...

You need to install it on a non-Chinese server. After that, you'll be able to access it so long as it's in a directory under public_html (you should password protect this directory so only you can use it). I paid $7.95 a month to a hosting company in New Jersey to use it (as part of a shared hosting package)... worked perfectly except for https sites, which it wisely doesn't allow because the link from the server running cgi-proxy to you isn't secured. I still use it today, actually, to read my personal email while I'm at work... you can access any port you want, so it's great for web email programs like Neomail, Horde, etc. that are blocked by firewalls.

It's been many many years since I've been to China. Last time I was there was 1992 and the internet was an unknown thing. But I do have an idea or two. There's pesky filtering software at my college that makes it a pain in the butt to have "freedom." So I set up a webserver off campus and put a proxy on it. If a normal proxy server doesn't work, you can try using a cgi proxy script and access it using https. A cheap solution is spending $100/year on a virtual server. That works for me, but maybe a country of 1 billion people is a bit more sophisticated than a university of 5000 people.

One easy thing you can do is install this cgi proxy script on some host you know isn't yet banned. Then when you need to surf the web from an internet kiosk or similarly restrictive environment, access all the banned sites by way of that script.

Or in situations where you have full control of the machine, ssh to a known host on the other side of the firewall and do your surfing from there.

Four different ways:
First of all, friendly people outside of that country download this free perl proxy and put it in /cgi-executeables, and mods it to be free of the word "Proxy" (My copy here is free of the "P" word- my school blocks anything with the word "Proxy" in the address bar)

Secondly, some nice person compiles a list of working HTTP / Socks / etc proxies

Thirdly, they put this on a big P2P client

Finally, some other nice person works out the Iranian government's IPs, and adds those to a peer guardian like blocklist that's distributed with the p2p client.
If they block most non-80 ports, then just use desproxy to get around it.


Finally: PROFIT! (Well, liberty, which is just as good)

What works really well for me is running a copy of CGIProxy on a https vhost on my personal server. That way the URLs are obfuscated and all content is wrapped up in SSL. Works rather nicely, and it works for most types of sites.

so that they will always link back to Slashdot. Most websites just use "blahblahblah" or "/blahblahblah" for their links. For example, links on

Well...all they have to do is have some modifying code like CGI-Proxy does....

Why not download a simple Perl script that grabs information from a website, and sends it to your comptuer?

Even more effective, and keeps one more old Linux box running. (don't give out the password, though, or you'll have a spam hub on your hands)

That's not going to work in the large number of corporate workplaces where web access is forced through a proxy server.

The ultimate bypass is to run a cgi proxy on an ssl site off your cable modem.

I'm not having a very good day for staying on topic here, but...

WEBSENSE! How I hated that rubbish. The last company I worked for squandered over 10k on buying it for a small department of computer programmers at the same time as cancelling overtime to save money.

Anyway, not sure why you're having trouble getting round it. We were able to use a simple proxy without problem. You could create your own with this elegant peice of work if you can't find a suitable legal one and don't have a suitable server at home. The URL you want will always be masked by the name of the proxy.

My problem with Websense was not so much that it showed the management didn't trust me (when I was working harder than they were), but that it was stupid! On my lunch break I liked to read a couple of things regularly - chess news / discussions and maths articles. Chess was banned under "online games" even when just reading strategy articles, and for some reason, several Maths sites got blocked as the same!

Sorry - I'll go back to being on-topic from now on... oh hang on - the topic is porn. Perhaps I'm better off talking about proxies, after all. ;)

I didn't think you were volunteering. I doubt I could really pull it off, either. then again, the person distributing the program could concievably be charged with something, too. but it's an interesting idea, and I'll definitely pass it on.

If you have Apache, mod_ssl, and a broadband connection, you can download a CGI proxy that can be configured on your server. Anyone observing the connection would only be aware that a connection between you and your machine was taking place, and have zero knowledge of your activities (other than the date/times). This would prevent them from filtering or changing anything.

Or just install CGI Proxy on your own server. I'm using it right now.

My school's filter is a little smarter - it blocks Google cache and most anonymisers. The simple solution is to set up a web proxy server using CGIProxy on your home machine.

Try CGIProxy.

Register yourself a .kids.us domain. Put some innocent kiddy content on it (pictures of Barney or something). Then, in a hidden, cryptic location (something like mysite.kids.us/sadkfjasgdfkjsad/), set up a proxy server (something like CGIProxy). Problem solved.

• Lameness filters (It blocks a lot of legitmate posts)
  
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than others
  
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.
  

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop, besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!
  

• Lameness filters (It blocks a lot of legitmate posts)
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than others
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop, besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!

• Lameness filters (It blocks a lot of legitmate posts)
  
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than others
  
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.
  

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop, besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!
  

This proxy only lets you surf four doamins, and this site is one of them. He says he did it because of anonymous attacks.

• Lameness filters (It blocks a lot of legitmate posts)
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than others
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop, besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!

• Lameness filters (It blocks a lot of legitmate posts)
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a
  
  ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than
  
  others
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a
  
  LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it
  
  dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop,
  
  besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a
  
  bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but
  
  infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and
  
  googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the
  
  goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!

• Lameness filters (It blocks a lot of legitmate posts)
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than others
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop, besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!

• Lameness filters (It blocks a lot of legitmate posts)
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than others
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop, besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!

• Lameness filters (It blocks a lot of legitmate posts)
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than others
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop, besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!

• Lameness filters (It blocks a lot of legitmate posts)
• Unnessary posting delays. Hasnt taco learned to touch type? A lot of posts are typed in less than 20 seconds and it is a
  
  ANNOYING DELAY! 2 minute ban? Come on, so some are faster then others, big deal, some people have more to say than
  
  others
• Broken moderation system, The whole point is to sort the gems from the crap, yet a lot of posts designed to make a
  
  LIVELY DISCUSSION are MODERATED as flamebait! Come on, not everyone likes X, but just because some one bashes it
  
  dosent mean its Flamebait. Flame bait is more useful for DIRECT INSULTS and not legitmate discussions.

• Crapfloods, a meaningless flood of random letters or text, which the lameness filter does a crappy job at trying to stop,
  
  besides trolls have written tools using the opensource slashcode to generate crapfloods which bypass the filter
• Links to offensive websites, the most common one is known a http://www.goatse.cx, a awful site which shows a
  
  bleeding anus being stretched on the front page. Trolls sneak these links in by posting messages that look legitimate, but
  
  infact are sneaky redirects to the site. Common examples include rd.yahoo.com, www.linux-kernel.tk, goatsex.cjb.net, and
  
  googles "Im feeling lucky".
• Trying to break slashdot, this is actually a good thing, as it helps test slashdot for bugs. Famous examples include the
  
  goatse.cx javascript pop-up, the pagewidening post and the browser crashing post!

You could just use CGIProxy, with the script suitably renamed of course.

I agree. BESS is so intrusive. At least we don't have the version that advertises itself and some other scum company at the bottom of every page any more!

Also that's why I've set up a CGI-proxy
Pi

is sadly blocked at most filtered internet places (libraries, schools) (good thing I have a cgi-proxy available running on https)

It is a good site however. My job's very first webpage is on there. Sure freaked out the boss when I showed that to him: "What happened to our website"/"Nothing! it's an archived copy"


CGIproxy site

Pi

This is a problem I have at school. I have set up a CGI Proxy on my home server (on a broadband connection) and viola, no more blocked sites.

If you want to set your own up on your *nix or windows + apache box, download CGI Proxy from http://www.jmarshall.com/tools/cgiproxy/

Why not make your own?
People here should check out the free CGI Proxy Script and upload it to your own server. (Wow, that sounds like spam, but no... I only recommend it because it's cool)

True it's still not free, but when you figure-in hosting will also bring email and all sorts of other goodies, it might be worth your while instead of always shelling out for all the anonymizing services, file storage, email, and whatever.

Just a thought.

Just use CGIProxy. It installs easily as a CGI script for Apache or any other web server. I run it on my home computer to use when I'm at school and need to access a blocked site.

CGIProxy lets you set up your own cgi-proxy with apache, mod_perl and mod_ssl.

A word of caution: connect to your cgi proxy through ssl, otherwise your employer will still see your redirected urls in their log files...

Good luck!!!

IIRC, Safeweb does attempt to clean up JS and other dangerous stuff from pages it displays to you, but it's still a risk.

They do a pretty good job of sanitizing JS, but not perfect. In about an hour, I found a couple ways for a malicious server to compromise anonymity through SafeWeb, using JS. I'll grant that it's a tough job to sanitize all JS, but SafeWeb should provide a way for users to browse without JS. In my opinion, this is the single biggest problem with using SafeWeb.

I sent email to the Safeweb folks about the fundamental "You're using Javascript" problem, and got a really prompt reply from their technical management, which was good, but they fundamentally didn't get it, which bothered me.

Their FAQ indicates they don't get it-- they dismiss the notion that JS is a privacy concern, and discredit those who say it is. However, I think they realize it internally. I know someone who used to work there. He says they get emails complaining about JS every day, but they don't want to do away with their current UI.

As I mentioned, Triangle Boy is really cool - it's a sort of distributed set of volunteer-run anonymizing servers, which keep moving around to prevent blocking services from blocking them...

The concept is old... some people (*cough*) have been doing this since at least 1996. All it takes is an anonymizing proxy script that is released for distribution. I wrote one called CGIProxy, and there are others out there. Triangle Boy has pros and cons compared to these-- it puts the bandwidth load on SafeWeb's machines rather than the volunteer Triangle Boy servers, but then it won't work at all if the SafeWeb server ever has a problem (the other scripts run independently).

Feel free to ask more questions; this particular topic is a specialty of mine.

But certainly, even in the presence of such technical workarounds, we must directly confront what the German publishers are doing. It's always better to have the law on your side than to have their guns pointed at you.

Agreed, the amount of pages is highly irritating, but you can do something about the ads. On my NT workstation at work I run Proxomitron as a filtering proxy. I can even route it to the corporate firewall without much headache. At home I run CGIProxy on my home web server to get around the corporate firewall when it blocks pages (until they block my home machine). If you're running linux (or WinX, for that matter), you can set up a Junkbuster proxy that will perform pretty much the same function as Proxomitron.

You can try cgiproxy... I'm sure there are many many more like them... I actually originally found this one on Freshmeat:

http://www.jmarshall.com/tools/cgiproxy /

I set this up once for a friend of mine to get around his firewall at work so he could read the onion. I'm not completely sure how effective this would be for all filter's since I know some of them filter out URL's that contain the name of a banned website... for example if you went to see the onion, the url would appear somewhere in the arguments to the proxy script, and that might be enough to trip some filters. I'm sure if you combined this with IP addresses for the sites you want to visit would be sufficient.