From mboxrd@z Thu Jan 1 00:00:00 1970 From: Eric Abrahamsen Subject: Re: [OFF TOPIC] almost giving up on emacs email..looking for advice? Date: Thu, 13 Aug 2015 10:10:04 +0800 Message-ID: <87pp2sq6pv.fsf@ericabrahamsen.net> References: <87egjgyo09.fsf@gmail.com> <6sw6c7vbcmypwh.fsf@dhcp-6-148.hmco.com> <87pp2tgmcz.fsf@ericabrahamsen.net> <87h9o4zyzq.fsf@gmx.us> <87y4hgdgan.fsf@ericabrahamsen.net> <878u9gzw5d.fsf@gmx.us> <87a8twsk70.fsf@ericabrahamsen.net> <87zj1wxh6i.fsf@gmx.us> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43165) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZPhyE-000276-4I for emacs-orgmode@gnu.org; Wed, 12 Aug 2015 22:10:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZPhy9-00031D-FU for emacs-orgmode@gnu.org; Wed, 12 Aug 2015 22:10:18 -0400 Received: from plane.gmane.org ([80.91.229.3]:60445) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZPhy9-00030m-97 for emacs-orgmode@gnu.org; Wed, 12 Aug 2015 22:10:13 -0400 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1ZPhy8-0005lB-9h for emacs-orgmode@gnu.org; Thu, 13 Aug 2015 04:10:12 +0200 Received: from 50.56.99.223 ([50.56.99.223]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 13 Aug 2015 04:10:12 +0200 Received: from eric by 50.56.99.223 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 13 Aug 2015 04:10:12 +0200 List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org Sender: emacs-orgmode-bounces+geo-emacs-orgmode=m.gmane.org@gnu.org To: emacs-orgmode@gnu.org Rasmus writes: > Hi, > > Eric Abrahamsen writes: > >> Rasmus writes: >> >>> Eric Abrahamsen writes: >>> >>>> It's not trivial when you live in China :) >>>> >>>> I can make it work, between alternate IP addresses and ssh tunnels, but >>>> it involves a lot of cursing and grinding my teeth. In a hostile network >>>> environment any client will face the same problems, but the lack of >>>> threading becomes pretty apparent here. >>> >>> I don't know what the great firewall is like, but for "hostile networks" >>> around here (universities blocking git, airports blocking smtp/imap etc), >>> I use openvpn. Are commercial openvpn provides blocked in China? >> >> Both commercial providers, and non-commercial providers! I set up my own >> OpenVPN server on a US server, and that worked for a couple of years. >> Then they caught it, and I switched to a non-standard port. That worked >> for another four months or so, and now it doesn't work on any port. I'm >> sure OpenVPN traffic is pretty easily sniffable. > > But what if you use TCP 443? That should be hard to detect, though speed > might not be great... I guess https is OK in China. > > First link from startpage.com: > > https://www.bestvpn.com/blog/5919/how-to-hide-openvpn-traffic-an-introduction/ Oh, interesting! Let me fire up my ssh tunnel so I can open the link... Okay, that's really useful, I'll try some of these solutions, thank you. I'll admit I'm often too impatient to sit down and do the research. startpage.com is nice, but it looks like they've already found that. I'm using search.disconnect.me, which is great, and so far open. >> My next project is ipsec (another broken-leg project). But I figure, if >> I can google up these solutions, so can they, and the packet signatures >> of all these different systems must be quite identifiable. > > Isn't ipsec as less popular version of Tor? BTW: I tried Tor again in the > weekend since a relative was asking about it. Speed seems to have gotten > a lot better (I'm in EU). I don't think it's like Tor, as in I don't think it's P2P. I tried Tor a couple of years ago and it was unusably slow -- maybe it's time again. >> Using vanilla ssh seems fairly reliable: for the time being, I don't >> think they'd go so far as to block ssh across the board. That would >> really be declaring war on the internet. So sshuttle, tunnels, and the >> built-in ssh SOCKS proxy are serving me well. Using dnscrypt-proxy >> actually solves many of the problems -- in years past, it would have >> solved everything, but they've started hell-banning IP ranges, and of >> course that includes gmail. My own dumb fault for using gmail, I guess. > > The problem for me with socks is that it doesn't allow arbitrary port > connections (I mostly deal with bad network configs, e.g. closed XMPP or > git ports). I only use socks for sending email, so it works fine. I've ended up with multiple concurrent solutions, which doesn't bother me too much. But if I could get openvpn back online, I'd like to just use that. If I could set up some sort of selective tunneling, based on a whitelist of hosts, that would be nice... >> How off-topic can we get? :) > > It's interesting. And +30°C. It's fineeee! Thanks for sharing! Fun stuff! I'll report back with any surprising news.