Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd: There is an app for online freedom - Hotspot Shield

Jacob Appelbaum jacob at
Fri Feb 18 08:51:47 PST 2011

On 02/18/2011 10:22 AM, Jose Rojas wrote:
> Done that already but still not working.
> Actually, I got one specially from the people behind it but still not working
> Any other ideas?

Looks like you're being blocked in some special way - can you work with
us to find out why you're blocked?

Please read this and let us know when you're ready:

If you can't read that page, I'll put it here:

These are the quick and dirty steps to producing good, useful logs and
traces to help us diagnose fingerprint-based blocking techniques.

1. Start up wireshark sniffing of your connection using  these general
instructions and/or  these OS-specific instructions.

If you are using a Linux root shell for testing, the command to use
instead of wireshark is: "tcpdump -v -i any -s 0 -w bridge_test.cap"
2. Verify the wireshark sniffing is working. Try to access some
non-censored websites and see if they show up in the wireshark capture

Avoid sensitive sites sites that you are logged in to, because otherwise
your login information will be stored in the capture file.
3. Get a private bridge IP from us (#tor-dev on, the ssl
port is 6697). Do not use it yet.

4. Tell the person who gave you the bridge to follow the instructions in
steps 1 and 2 to start sniffing the bridge side.

5. Tell them to enable info level logs on their bridge.

6. Attempt to access the bridge IP in Firefox with Tor still disabled:
Enter the bridge IP address and port number into the Firefox URL bar,
with an https in front. The URL location bar should look like this:

You should get a certificate warning. Tell us if you do or do not. If
you do not get a warning, the bridge is likely blocked by IP. Ask us for
a new bridge and try again (but leave the wireshark capture running the
whole time).
7. If you do get the warning or you have tested at least 2-3 different
private bridge IPs, configure your Tor to connect to the private bridge
IP, and to log at info.

8. Let Tor attempt to connect.

9. Tell us the results.

10. If Tor was in fact blocked, please also attempt to visit some
self-signed SSL sites. Good examples are:,, Note whether
or not you can access these IPs. Ensure wireshark is still capturing
your attempts.

11. Have wireshark save the capture file for this entire process, and
send us this file and the Tor client log file.

All the best,

> Jose
> On Fri, Feb 18, 2011 at 10:16 PM, Chris Ball <cjb at> wrote:
>> Hi,
>>   > Hi all, My first post in this list...
>>   > Hotspot Shield, Tor and Freegate are NOT working in
>>   > China... where I am now.
>>   >
>>   > So, if somebody knows of an effective tool to bypass the Great
>>   > Firewall of China, I'll appreciate if you let me know!
>> While China has blocked all of the published Tor relays, there are a set
>> of relays (called "bridges") that are only published a few at a time in
>> order to make it harder to block all of them.  You can try going here:
>> and following the instructions, or can read more about bridges here:
>> - Chris.
>> --
>> Chris Ball   <cjb at>
>> One Laptop Per Child
> _______________________________________________
> liberationtech mailing list
> liberationtech at
> Should you need to change your subscription options, please go to:
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> You will need the user name and password you receive from the list moderator in monthly reminders.
> Should you need immediate assistance, please contact the list moderator.
> Please don't forget to follow us on!/Liberationtech

More information about the liberationtech mailing list