Lance Cottrell of Anonymizer is one of those rare guys who make me believe he started a company in no small part to do good. And so his cloaking-technology company is providing free services to help Chinese citizens sneak through their national firewall, and is doing the same thing for Iran on a paid basis, under contract to the Voice of America. I think this is wonderful, and he reports that it’s working well now. Even so, I think there are scalability concerns. Right now only 10s of 1000s of users are covered. If there were a few more zeroes on that, standard spam-blocking techniques, currently ineffective, might work. What’s more, the Chinese bureaucracy, currently not highly motivated to shut the service down, might bestir itself to be much more effective.
Anonymizer’s methods are surprisingly straightforward. They make available an anonymous proxy server and, when the Chinese government blocks access to its URL, distribute a new URL on a daily e-mail list. Apparently, the mean time to blockage used to be months, and now is down to a couple of days. Lance claims to have already worked out prepared (undisclosed) tricks prepared for when the mean time to blockage drops so low — e.g., less than a day – that current techniques stop working.
I would guess that one of these tricks is to distribute different proxy URLs to different list subscribers, making it hard for the Chinese government to block them all … especially since the subscribers whose URLs did get blocked would quickly be dropped from the list. One bonus to this hypothetical approach is that they could use all sorts of standard spammer techniques to punch the e-mails themselves through any filters. The only truly reliable way to block spam is to identify it via the call-to-action part. But if you’re sending different URLs to different people, that makes call-to-action identification and blocking hard.
Still, there’s a scaling problem. Right now they only reach 10s of 1000s of Chinese citizens. It’s hard to see how they could get through to a really large fraction of the population without leaving themselves open to standard spam-blocking techniques. What’s more, there’s no compelling technical reason China couldn’t block 100s, 1000s or even 10s of 1000s new URLs each day on a quick-response basis.
That said, Anonymizer’s heart and head both seem to be in the right respective places. What Lance told me doesn’t go nearly as far as my Operation Peking Duck proposal, but it’s in the same direction, right down to requiring the Chinese citizens to have a secure piece of client software, and hoping the authorities don’t criminalize the very act of running that software, or defeat it via a spyware blocker. More fundamentally, he seems to understand that he can’t win long-term without being, in his great phrase, a “freedom spammer.” Indeed, right now a significant fraction of the e-mail list subscribers are actually spam recipients, to provide legal cover should anybody get into trouble simply for being on the list.