Letter Re: How to Bypass Blocked Web Sites

My Dear Mr. Rawles,
I am writing in regards to Tamara W.’s letter. I am an IT manager tasked with keeping data and people secure – in that order. As a prepper with an enlightened self interest for the well being of my fellow preppers, I would strongly encourage your readers to not necessarily follow all of Tamara’s W. advice.

When your readers are at work, they should understand that the IT Department has full access to their PCs and all their records and e-mails. Your readers are playing on the IT Departments’ networks and the IT Departments literally make the rules, both logical and personal.

If, in my role as IT manager, I were to use my various net monitoring tools, someone using the IP address of a web site rather than the DNS would stick out like the proverbial sore thumb. The same is true of e-mail. The best way to maintain anonymity on the Internet or inside of is to not stick out.

Ms. Tamara W. is correct about e-mail often not being covered by web filters. However, if the e-mail were happened upon (no small likelihood), the contents of the e-mail would be immediately be traced back to the employee, with all the consequences thereof. In many small companies and all large companies, e-mails are retained for years. Is sending a compromising e-mail from work really that important?

In my role as IT manager, if I found a PC with an unsanctioned proxy on my network, I would discover it (there is no if, it would be discovered) and fire the employee immediately. The employee would likely also be turned over to government officials on the grounds that they had the means and method to steal company data. That employee’s personal TEOTWAWKI would begin sooner than everyone else. Is surfing from work really that important?

Your readers should understand that there is no privacy at the office. In most medium and large sized companies, logs are kept of everything, and because of current Federal regulations (Sarbanes-Oxley (SOX) in particular), these logs are kept indefinitely. The office is not some place that your readers will want to attempt to hide their tracks as it is essentially impossible. There are easier ways to be anonymous on the Internet.

You cannot easily imagine the backdoors and listening abilities of a national body. An Internet regulatory body that had control of an ISP could easily cause your PC to install software without your knowledge. This software would operate in the background of most commonly used operating systems like Mac OS X or Windows, transmitting all you do. Logs may be easily reviewed with the help of not very complicated algorithms. If the government becomes exceedingly hostile, I would recommend giving up Internet usage as it is more or less impossible to maintain anonymity without advanced understanding of the Internet and encryption.

I can also assure you that government control of the Internet is no joke, having spent no little time in China where this is done. By attempting to circumvent government controls, you will be putting yourself or your hosts at risk. Is it worth your or their imprisonment? Your readers have Christian duty to those who provide hospitality. Getting your hosts arrested because you want to read the Washington Post fails that standard.

The Chinese control their local version of the Internet, even if they are rather ham fisted about it. This control goes well beyond The Great Firewall of China. It would seem that individual bodies control their local DNS records as well as Internet routing (incidentally both of which change from city to city and seem sometimes to be more finely applied, like from hotel to hotel – perhaps depending on the skin color of the hotel’s residence, though I wasn’t ever able to put this to the test). To give your readers an example of control:

Q: Are you visiting Google or something else entirely?
A: It’s both. And you will not be able to tell the difference. These governments control the settings of the BGP protocol in their routers. The people who control the Internet can send you where they like. If you ping an address, it may reply even if going to the ‘wrong’ destination.

There are other methods of tracking PC usage as well. It should no surprise that China has the world’s highest percentage of spyware infected machines. As much as the Chinese spy on the Americans, they spy on their own people more. A government that is intent upon tracking its people will find a way irregardless of legality or well-being of its citizens. You can expect other governments that become afraid of their citizens to embark upon the same path.

If your readers are truly intent upon being on the Internet and hiding their identities, I would strongly encourage your readers to get an operating system that they can view and customize, like Linux. I would like to warn your readers that having a Linux OS has been regarded by law enforcement in the United States as suspicious in and of itself. I would then strongly encourage your readers to learn how to use it before attempting to conceal their activities on the Internet. I would strongly encourage your readers to learn what an IP Packet is and how it routes. Your readers would also need to learn what DNS is, how it works, and why it is set up in the manner that it is.

I would also strongly encourage your readers to encrypt their e-mails rather than send to an IP address. Low cost encryption programs like WinZip are available, but your mileage may vary. I discourage your readers from doing anything illegal, but would like to point out that WinZip encryption is unlikely to deter a determined government body. Incidentally, an unencrypted e-mail is essentially a postcard. Your readers would be wise to not include any information they do not wish others to read.

I would also strongly encourage your readers to encrypt their computers’ hard disks with a program like PGP. If a government or business suspects a person of impropriety, the first thing they will do is attempt to impound the hardware. If you are doing something of impropriety, you might as well make an effort to protect yourself. Federal courts have recently ordered that a person is not required to supply combinations to computers, as that would be self incriminating.

To put it more bluntly, if your readers feel they need something from the Internet, they should print it out or download it to a flash drive and then upload it to an offline computer today. Otherwise, they may need to trust in the Sneakernet. The Federal Government of the United States is, in my opinion, still a mostly trustworthy entity. I know and like my local congressman and other government leaders. I hope most of your readers may say the same. Nevertheless, we are here to prepare. – P. from Illinois