If OpenPGP is so simple why do people need to be taught by you? People don’t need to be taught how to use the easy stuff.

The fact that you have a good trade teaching people tells us OpenPGP is far from simple.

1. Mail encryption – OpenPGP. Simple. Uncrackable (so far) and all the Government will get is meaningless binary. Roaring trade for people (like me !!) to teach people how to effectively use this.

2. Web logging – let them. Using TOR (The Onion Router), a multi-layered proxying system, all they will get is that your ip aaa.bbb.ccc.ddd connected to . Where your connection goes from there is pretty well anonymised.

Having seen an early copy of the blacklist, which I personally think should be made public as we have a RIGHT to know what is being blocked, I can almost guarantee that many legitimate sites will be blocked.

Will Senator Conroy, et al. be compensating, for example, an Australian online business who is blocked mistakenly for lost time and profits, and legal expenses incurred in fighting the blockage ? Or will they rush through an amendment to the Bill to make them exempt from civil action ?

And then there’s the Government’s “right” under the Constitution to even try to implement this whole thing in the first place.. I mean, when did you give Senator Conroy permission to act In Loco Parentis (in place of the parents), and raise your child(ren), teaching them what is right and wrong ? Damn sure *I* didn’t !

The initial reason for a filter was to protect the good little Australian boys and girls from the nasties on the Internet, and to stop child porn from being circulated. They tried that a few years ago, and it was cracked in less than 30 seconds by a 14 year old Victorian schoolkid, as this video will show http://tinyurl.com/y9ffu9w.

Two problems with their reasoning are the “nasties” are out there anyway, not just on the Internet, and more kiddie porn is circulated daily via the machinations of Australia Post than ever could be over the ‘net – and it is almost untraceable and impossible to stop !!

Are you proposing to “filter” every DVD and CD that passes through our mail system, just in case someone tries to snail-mail kiddie porn ???

Today’s effort – the Honorable Senator announced that the Mandatory Internet Filter will be “further evaluated and refined before it is put into practice”.

*sniff* *sniff* Is that an election I smell ???

How stupid do you think the Australian public are, Senator ? You take the filter off the table” and if, by some miracle, the current Government *is* returned after the next election, what do you think will be their first order of business ??

Plus several points for having the balls to try it on, Senator. MINUS several thousand points for being stupid enough to think it might work !

Just tried it, looks good.

It’s based on open standards including OpenPGP, and interoperates well with non-HushMail email users (http://www.hushmail.com/support/faq/#whatishushmail)

Apparently Phil Zimmerman is on their advisory board too.

Give them a web link (or email attachment) that automatically:

1) Downloads and installs the proxy (a self-executing, preconfigured Putty that runs as a Windows service. see http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter4.html#config-file)

2) Opens their browser to a proxy auto-configuration file (http://en.wikipedia.org/wiki/Proxy_auto-config).

That should be almost a one-click process.

(Optionally provide another web link to switched the proxy config off if you wanted).

For a little extra effort could automatically generate a unique set up for each user.

The idea (for others too in case you figured it out anyway), is that all common web browser software can be easily configured to use a proxy server. There are different types of proxy servers, one type is called a ‘SOCKS’ proxy.

The idea is to start a proxy server, that runs on your local machine (and only accepts connections from your local machine). Your web browser, once configured, instead of sending requests directly to your ISP and then out into the world, sends connections to your local machine, through an encrypted tunnel, where it comes out at a remote machine (in a free country) before going off to the rest of the internet. If you’re really paranoid, can bounce across different providers and jurisdictions.

There are any number of providers the world over who you can set up hosting with, that can run an SSHD server (most do by default). The buzz around ‘cloud’ computing is creating more providers all the time. Or just ask a friend overseas to run it. Amazon EC2 at USD$350 for 3 years and $0.03 per hour, usage based is one solution (but requires a little more work to set up accounts and uses authentication ‘certificates’ as well as passwords). Once it’s running, you can share with as many friends as you like.

SSH is an extremely common protocol (originally and still used for secure command line terminal access to remote machines) but can tunnel other protocols, such as HTTP, etc. So this can be called the ‘http over socks over ssh’ method if you will. It would be technically infeasible to block SSH traffic (and would break a massive amount of existing embedded infrastructure), and futile anyway because there’s endless other ways to tunnel too.

You can setup OpenSSH with “ssh -D localhost:1080″ (read-on below). Or if you’re on Windows, can just use Putty (see here for instructions: http://thinkhole.org/wp/2006/05/10/howto-secure-firefox-and-im-with-putty/ )

OpenSSH is one SSH implementation, designed to run on Unix-like systems (e.g. Linux, MacOSx, OpenBSD), but can also run on Windows by using a Unix emulation layer or libraries (such as Cygwin), which are available in pre-packaged installers too, e.g. http://sshwindows.sourceforge.net/

OpenSSH can be run at both local and remote end of the tunnel (your local socks server is actually a ‘client’ for the tunnel to the remote sshd server). Or you can mix implementations, such as using Putty (a native Windows based SSH client), to any remote SSHD server (including OpenSSH).

If you want an even simpler solution (if not as technically useful or flexible), you can ask anyone overseas to install Psiphon. This doesn’t require any browser reconfiguration or local server, but is not as secure (keeps a log of traffic on the remote machine), and ‘wraps’ your web pages at the application layer, instead of the network layer. You connect via a normal HTTPS connection (like for your banking), to the Psiphon web server on the remote machine, and it proxies and ‘frames’ your requests, a bit like Google translate or image search would.

These are just a couple of the solutions available and you can guarantee there are plenty of people to supply the ingenuity, innovation and desire to fight oppressive regimes that overcome whatever restrictions government tries to put in place.