SoylentNews is people
SoylentNews
from the internet-routing-around-blockages dept.
Two web browser extensions that use content delivery networks (CDNs) in entirely opposite ways:
A research group at UMass Amherst has developed the CacheBrowser extension to circumvent the great firewall of China. In a nutshell, it works for websites that are hosted on CDNs like akamai and cloudfare. When you access a blocked site, CacheBrowser goes directly to the CDN and pulls a copy from there via SSL. The key is that the data is retrieved via SSL so the chinese censors are unable to distinguish between CDN access to blocked websites and CDN access to permitted websites. They are playing a game of chicken with China's censors. If China wants to block those websites it must block all websites using that CDN, the overwhelming majority of which are not on the censor list.
The yin to CacheBrowser's yang is the Decentraleyes firefox extension. Nearly every large website, and many small ones, use cross-site includes to pull javascript libraries like jquery, googleapis, cloudfare, etc from a CDN. That enables the CDN to track every page a browser loads from those websites. Decentraleyes helps the user go black by redirecting those CDN accesses to local copies of the libraries, making the user invisible to the CDN's tracking systems.
(Score: 0, Informative) by Anonymous Coward on Sunday November 29 2015, @09:40AM
> The second plugin could be also solved by a public cashing web proxy...
No it can't. The browser still checks in with the real server to ask it if the local cached copy is expired.
(Score: 2) by wonkey_monkey on Sunday November 29 2015, @11:29AM
I thought the proxy did that. Seems to me that would be more efficient, anyway.
systemd is Roko's Basilisk
(Score: 1, Informative) by Anonymous Coward on Sunday November 29 2015, @11:58AM
If the proxy does it or the web browser does it the result is the same. Every page load causes the CDN to get a pingback.
(Score: 2) by M. Baranczak on Sunday November 29 2015, @04:43PM
The second plugin could be also solved by a public cashing web proxy...
No it can't. The browser still checks in with the real server to ask it if the local cached copy is expired.
The caching proxy only checks the origin server if the document's TTL is expired. If you set the TTL to 20 minutes, then the origin server won't get more than 1 request per 20 minutes, no matter how often clients request the document. And the origin server has no idea who the clients are.
(Score: 0) by Anonymous Coward on Sunday November 29 2015, @05:21PM
The CDN sets the TTL via the http expires header.
(Score: 2) by M. Baranczak on Sunday November 29 2015, @06:16PM
(Score: 0) by Anonymous Coward on Sunday November 29 2015, @07:00PM
There are some big unstated assumptions in your post that make usage much more difficult in this single-user scenario:
(1) That a regular will user will know how to install a caching proxy, configure it to ignore expiration times from servers and maintain it.
(2) That the caching proxy will be used by enough people such that the proxy's IP address isn't enough to identify the user.
So yeah, it is technically true that an expert user with a lot of resources could put up a caching proxy and make it available to enough people so that his own usage is mixed in with a bunch of other people. But that is not the use-case that Decentraleyes addresses.