Why?

In June 2004 BT took the step of putting technical measures in place that allowed them to censor the Internet.

At the time there was muffled dissent at the idea of creating and deploying such technology but those voices were silenced by accusations that opposition to CleanFeed was to support the abuse of children.

We warned that this was the start of a slippery slope.

In 2011 the MPA took BT to court in an attempt to block Newzbin, when the Honourable Justice Arnold understood that BT already had an Internet censorship system in place he ordered it to be used to block Newsbin

On the back of the Newzbin success various other private entities took to the High Court to chase more ISPs and in February 2012 the Honourable Justice Arnold ruled that both users and the operators of TPB infringe the copyrights of the Claimants (and those they represent) in the UK.

The result of this ruling was that BT, TalkTalk, Sky and others were required to take measures to block or at least impede access by their customers to a peer-to-peer ("P2P") file-sharing website called The Pirate Bay ("TPB").

At the time the OpenRightsGroup issued the following statement;

Blocking the Pirate Bay is pointless and dangerous. It will fuel calls for further, wider and even more drastic calls for internet censorship of many kinds, from pornography to extremism.
Jim Killock, Executive Director of the Open Rights Group

A decade after originally predicting the slippery slope of Internet censorship; we have Court ordered censorship at the behest of foreign private entities, secret URL blocklists courtesy of the IWF, varying levels of Internet Filtering in homes, coffee shops and restaurants, on top of all of that the City of London Police appear to be using legislation designed to tackle serious crime and fraud to intimidate and shut down proxies.

How it Works

The PAC file format and SOCKS5 standards have been around since ~1996. Tor has been around since 2002.

The Proxy auto-config file format was originally designed by Netscape in 1996 for the Netscape Navigator 2.0 and is a text file that defines at least one JavaScript function, FindProxyForURL(url, host), with two arguments: url is the URL of the object and host is the host-name derived from that URL.

A very simple example of a PAC file is:

function FindProxyForURL(url, host)
{
  return "PROXY proxy.example.com:8080; DIRECT";
}

This function instructs the browser to retrieve all pages through the proxy on port 8080 of the server proxy.example.com. Should this proxy fail to respond, the browser contacts the Web-site directly, without using a proxy. The latter may fail if firewalls, or other intermediary network devices, reject requests from sources other than the proxy; a common configuration in corporate networks.

The PacketFlagon software allows people to create their own personalised lists of URLs that should be served by the proxies which bypasses censorship.

When a URL is added to a PAC the various servers that make up the proxy cluster fetch the updated list of allowed URLs and updates their ACLs to allow those URLs through.

If a URL is removed from a PAC file (and no longer exists in any other PAC config) it is scheduled for removal from the proxy ACLs to ensure the proxies are not misused.

URLs are checked against the OpenRightsGroup Blocked.org.uk database to see if they are currently being blocked by UK ISPs and their status is displayed on the PAC view page.

The Proxy servers utilise BGP (Border Gateway Protocol) to allow access to IP addresses announced by the UK ISPs that perform network filtering. If you receive an Access Denied message when trying to use your PAC file send a tweet to @PacketFlagon or an email to Security@RoutingPacketsIsNotACrime.uk

Open Source

This software is available for free under a BSD 2 clause license and can be found here.

This website and the backend systems wouldn't have been possible without free and open source software.

  • MySQL
  • PHP
  • Memcache
  • OpenSSL
  • Apache
  • CentOS
  • Squid
  • OpenSSH
  • Tor

We've seen the rise of DRM, we've seen legislation such as the US Digital Millenium Copyright Act and the UK Digital Economy Act become law, we've seen corporations selling your information or locking you out of your software and we've seen that Governments spy on your communications as well as censor your Internet.

Free and Open Source software helps to prevent these injustices, specifically, free software means users have the four essential freedoms:

  1. to run the program,
  2. to study and change the program in source code form,
  3. to redistribute exact copies, and
  4. to distribute modified versions.
  • Ditch your iPhone or Windows for an Android phone flashed with a 3rd party ROM
  • Ditch your Apple OS for a compatible version of Linux
  • Ditch your Windows OS and experiment with a Linux distribution

Consider joining the OpenRightsGroup that exists to preserve and promote your rights in the digital age. They are funded by over 2,400 people like you.

Proxy Server Bandwidth Utilisation

Each server has 24Gb of RAM for content caching and a 1Gbit uplink with both IPv4 and IPv6 addresses

Bandwidth statistics are updated every 60 seconds.

Server Bandwidth Last ACL Sync Status
1-1
19 May 00:58
1-2
19 May 00:58
WARNING: You should not trust any public proxies as they could be used to evesdrop on your traffic.
NOTE: These proxies will NOT improve your privacy, they will not cloak you. The X-Forwarded-For header is set.
Consider using Tor and read up on how to ensure your privacy as well as bypassing censorship

Got Questions

If you have any other questions about this project then feel free to get in touch by sending an email to Security@RoutingPacketsIsNotACrime.uk or via Twitter;

@PacketFlagon