For the past few days especially yesterday I have exchanged a number of emails around the globe to figure out a solution for the deteriorating blogging condition in Pakistan which started a few days back as reported by Don’t Block the Blog, Press Release of 3rd February and also my blog, I have a few things to share so I thought I would d formulate this into a small report.
PSIPHON – http://psiphon.civisec.org/
I was probing if PsiPhon could be used from Pakistan to handle the Pakistani Censorship (PsiPhon is a better replacement for TOR which I talked about a few months back here) but unfortunately PsiPhon does not support SSL at the moment but today Nart Villeneuve (of Citizen Lab who has been actively involved with the creation of PsiPhon) responded that the next update will definitely handle SSL which is due to be out in the coming few days and more close to a month.
I quote a few sections of his email correspondence with everyone
My understanding is that psiphon will allow https/ssl connection soon. There are other ways depending on you setup, for example, if your version of php is compiled with openssl support fsockopen (http://ca.php.net/manual/en/function.fsockopen.php) will support ssl:// (same as https) also cgiproxy (http://www.jmarshall.com/tools/cgiproxy/) will support https:// connections if you have openssl and the perl module Net::SSLeay. However, because of all the scripts and so forth used by the blogger interface getting a web-based proxy (such as cgiproxy, or psiphon when it supports https) to work seamlessly will be difficult.
On a personal level I did get that cgiproxy setup but sadly not on a HTTPS framework – as that requires and expensive certificate to the tune of $250 by a certifying agency. But in what is definitely a concern is his statement here that should be weighed heavily before creating any such solution.
There is another important consideration here. The operator of the “proxy” — whatever it is — will be able to collect all the usernames/passwords of all the bloggers who login via that interface! And since the account is now tied to your google account, the proxy owner could get all your gmail too!
Hence the security threats is definitely an issue of grave concern. In slight of our problems in Pakistan Nart has also sent a copy of our email exchange to a few contacts at Google since he has been interacting very closely with them for the past year and a half, probing the option if the blogspot back-end can remain on an unencrypted platform to be accessible from Pakistan, maybe not publicized but more as an underhand tweak to enable bloggers full access to the blogspot interface.
PKBLOGS
In other news, I also have had a good IM chat last night with Naveed Memon about solving the issue at the PkBlogs end. He was very understanding and his one line really conveyed a strong message “even if I am too busy, we can’t after all, let them win!” That I feel is the spirit with which Naveed and Yasir Memon have done for the Pakistani blog community over the past year, I think their efforts should definitely be lauded.
In our detailed discussion I think we both understood the gist of the problem (as long as the gmail sign-in process can be handled with the proxy script it should be a walk in the park – its more of configuring the pkblogs script to retain the cookie used to sign in) let it be well understood that this configuration of retaining the cookie solves the accessibility issue but introduces a huge privacy leak, as pointed out by Nart but it does definitely the issue, Naveed suggested we can configure to have the cookie expire and discarded after say 30 minutes, but even then the issue persists, as a safety precaution I have requested him (if possible) to have the script evaluated by someone independent to have transparency in the process, thought I trust him but for the sake of the overall community we should think this issue out thoroughly in all honesty.
We may have nailed the problem, but a solution has to be created from scratch, he has said he will definitely give it a shot despite a heavy workload on a number of projects at hand – he sadly has not given us a time frame but trusting him I suspect it will be soon
That’s it guys – I thought I should get you all up to speed on the work in progress on the technically side, but can some one take the initiative on the Legal aspect of this battle – we need to get that going ASAP.
Comments
33 responses to “Pakistan Blogging Situation – Update”
Doc, i dont want to sound like an ass-kisser here but you deserve some sort of award for your hard work. I guess no one has made such a big difference as you have by spearheading this campaign against blocking freedom of speech. I am glad that there is someone out there who believes in what he does and does not make any hollow promises.
Am very glad to see you work so hard on this. Thank you so very much!
Just use Google Docs to make entries to blogspot, while using pkblogs to access it.
@stabani – I have my doubts with Google Docs –> Blogspot setup, as the issue is not how to compose the article but to be able to access the blogspot dashboard. Getting to the write page is still a long shot.
I may be wrong – can u explain how you do it with the ban in effect?
TM- You deserve the pat on the back.
watch out! thousands of hands(of pakistani bloggers)gonna pat your back, you will get backache soon hahaha.
Anyways.. joke apart, you are handling this matter quite well.
Why don’t we all send a message via Musharraf’s website. Would that make a difference?
Maybe media companies like Geo could give some attention to this issue?
sure we should do that. maybe then he will thank you for letting him know by sending his special messengers at night to reward you. 🙂
dr saab, ye salay blogger.com walay has become galay k hadii, neither they allow me to upgrade nor i am able to log into old dashboard. it sucks
thanks for the given links, will try to use them but as you said:
My understanding is that psiphon will allow https/ssl connection soon
i wonder whether is it technically possible?re-routing certificates?
@Stabani: Intresting. Can you elaborate it? I think you want to say by using Google Spreadsheet by using Google DATA API?
noooooooo. i am invisible.
I just get the feeling the techies – Adnan and Stabani are on to some interesting lead – can we please please have a shoot-out of ideas – even if it boils out to nothing it would be interesting to hear an exchange of thoughts…..
You know, at the end of the day, we need access to the blogspot admin panel, even if we figure out a way to get to the writing posts.
There was this one script i remember using in school to get around the firewall, it used a fake ssl cert to get the work done though I don’t think its suitable for a large scale use. It’s called circumventor, and you can read up on it here: http://www.peacefire.org/circumventor/simple-circumventor-instructions.html
requires you to install it on your own computer but gives you all access of cgiproxy with ssl access as well (though not very secure at all)
However, i do warn users that using proxy’s with ssl defeats the purpose, the sysadmin can easily find out the password and data by de-encrypting it (he has the key to it, so why not).
In reply to Shobz:
I already sent an email to some PTA director and forwarded it to Musharraf via his website some days back. Dunno if action is taken but I did what I could.
you mean that this idea is risky and yet it fulfills your needs. why not just use an anon proxy to update ur blog? i used one to update my wordpress blog when i couldnt access it for a week.
shobz: anon proxy does not usually allow ssl connections–i think wordpress.com disabled them a while back or something along those lines.
The problem with google is the fact that most people trust their lives with it, and by trusting your password with a stranger to an account with that much information (and email) can be potentially dangerous.
BTW, I used Google Docs to post to my blogger blog (stabani.blogspot.com) and it did work, though no title was made. Perhaps it will be fixed soon..?? Oh, and can someone try to see if windows live writer or blogdesk or some other third party desktop app can post to blogger beta?
Oh, and I second the idea of having an email to musharraf and some other media sources. Though, to be honest, having simply a report in dawn or (dreaming now) an editorial by cowasjee would probably do the trick. Perhaps someone wants to draw up a simple script (dialouge or email) that we can all send out?
What about using the television media?
I remember when blogger was blocked in India, the first thing bloggers did was to activate contacts in the television media. That worked quite well.
Can GeoTV etc be roped in?
well i did use an anon proxy which allowed ssl and i did manage to access wordpress.
Install the Blogger’s MS Word Plugin and Have fun.
I just made an old post[3 days old] post via MS Word. Its cool. I had used it before but didn’t explore it throughly. It also opens your existing post on MS Word. The only issue is that you can’t embed images at the moment.
I dont know the technical aspects of all this but can help it out by mobilizing people. Let me knw if I can be of any help. Moreover over dear teeth Maestro your work is worthy of appreciation and I revere you!
mobilizing the media is a good way to attract attention–i think that should be the primary focus right now. Attract the public to this cause as how its blatant censorship
tabania mian, this is pakistan not US or UK, people here are more worried about daily foods and other stuff than some damn censorship+ unlike US/UK only 0.01% or less are involved in blogging so nobody would care other than Foriegn people who just needs a clue to “have fun” of Pakistan.
on PSIPHON, i found the following text:
NOTE: If you live in a country that censors your Internet access, you DO NOT need to download psiphon. You need to find a psiphonode provider. They will provide you with the connection information you need. Please visit the forums for more information
it means one doesn’t need to install on every machine. Doc what do you say if it’s installed on some fast machine with lots of bandwidth
Asad Hayat:
http://asad.wordpress.com/2007/02/10/absolute-blockage-to-blogger/
We can not sit hand in hand because we are not too much to fight for the freedom of speech, attracting the media is a good idea infact I acted and email the famous Dwan columnist Cowasjee he can write provided he recieves email about this issue. You can email him to his email is arfc@cyber.net.pk
@Adnan – Yes, for us here in Pakistan you need to simply get a psiphon Node access, one gets it by applying on the Psiphon forums where someone will privately message you an IP address with log-in an password. simply browse to the UP address insert you log-in and pwd and surf. Psiphon gives you a small URL bar where you can enter the domain you want to go, as long as you have the browser session working you are free to browse.
@Dr. Farrukh – I think you are quite right in suggesting to hit the media – I have been doing it for the past week was hampered for two days (due to computer overhaul issues) now I’m back – I’m mostly targeting sit-com’s and hope this can attract enough attention to bring it to the main stream. I have long since been regularly bombarding our press releases to the main stream media without fail
i doubt it if it works. cowasjee has a thing for mushy. lets see if he does something about it.
for any anti-censorship program to work, it has to be outside the country, meaning installed on a machine outside pakistan and then logged into it from inside pakistan.
As for the issue with censorship, it is only boundt to grow with time. What’s next? Censorship of email? Block of Gmail/Hotmail? Orkut and hi5 blocked? The truth is, if we don’t bring the issue of censorship to the foreground, things will only get worse, like they have in places like China.
I understand Pakistanis dont give a damn about internet censorship, but that being said, we are pakistanis and give a damn so who knows how many politicians might be interested in knowing the implications of the censorship to them (blockage of their own sites and material) and thus be a force in removing the ban altogether.
buzz.blogger.com/bloggerforword.html
I have tried it with Older version not the newer one. The only problem with this plugin is that you can’t access Comments approve/rejection area.
Do know about the Cowasjee’s style but we can attract the his attention if we keep buzzing him? What do you say more over here are few other addresses for those of you who want to indulge in advocacy:
Anwer Syed: Prof. Emeritus of political science at university of Massachusettes,Amherst
email: a******@******.net
M.P Bhandara: MNA
Email: m****@*******.com.pk
Tanvir Ahmed Khan: Former foreign secretary
Email: tan******@g****.com
Dr Pervaiz Hasan: Cheif economist in world bank
Email: ph*****@a******.com
Tariq Ali: Editor of new left review
Email: tar****@bt******.com
Try mailing them!
######
Thank You Dr. Farrukh for the list of contacts – I have noted them down but here I have just edited out their emial addresses to prevent them being used by spam harvesters.
signed
Teeth Maestro
######
Dear all,
I recieved email from Cowasjee, he is reading to listen to us and have asked me to call him on tuesday. I wish we can get support from him!
Custom Domain Option by Blogger:
http://anonymouse.org/cgi-bin/anon-www.cgi/http://help.blogger.com/bin/answer.py?answer=55373
I am not sure whether the control panel will exist on blogger.com or somewhere else.
Happened to talk with cowasjee, he told me that he is looking into matter and will call me back soon! Lets wait for some outcome
Poets everywhere forhe has his Rome his Florence his whole
preved vsem piercing pagoda*
and anon the cock crew dot He arose and looked forth into the gray