Zeronet: Problems with Zeronet in China

This wasn't unexpected, but as long as you can run Tor, then it should work fine.

Actions from GFW:

• *.zeronet.io domain points to different ip. source: http://viewdns.info/chinesefirewall/?domain=zeronet.io
• IPban on 104.156.231.236 (zeronet.io website ip address): source: http://ping.pe/104.156.231.236

Affected services:

zeronet.io website

The site can't be accessed due domain & ip ban. Changing IP does not help, registering new domain also not a long-term solution

Possible solutions:

• Set up mirrors, eg. to http://hellozeronet.github.io/

ZeroBoard

ZeroBoard was the first site on ZeroNet when multi-user sites was not possible, so the messages are signed and distributed by contacting the site owner which was done by a simple http request.

Possible solutions

• Drop this site
• Re-create the site with self-signed id certificates
• Move the adder script to different domain and ip
• Add a whisper protocol to ZeroNet that allows messages to be distributed between peers just like updates. (Cons: spam solution?)
• Add a direct message option to ZeroNet API that allows direct messages to be sent to an ip address using ZeroNet protocol. Pro vs current http solution: it does not requires https since ZeroNet protocol supports self-signed cert with pinning.

ZeroID

The certificate request currently done by http (or bitmessage)

Possible solutions: Same as ZeroBoard minus drop the site

boot.zeronet.io tracker

This one also affected by the IP ban. The other trackers and (and the .onion one ofc) are not affected.

Possible solutions:

• Move to different domain

Other sites not be affected (as long as you have compatible ID)

as long as you can run Tor

GFW block all directory servers and most bridges, so you need a front-proxy such as Shadowsocks.
But if you have a front-proxy, you can directly visit zeronet.io.

I think the ultimate solution is ZeroNet via I2P:

• I2P is tough enough to anti GFW so far.
• ZeroNet will auto get DHT feature when use I2P Torrent.

Btw to do some experiments is there any cheap VPS provider behind GFW? (shared ip also fine)

NEVER trust any service in China. China law require server must put a backdoor for government.

I think it would be helpful to include some .onion / i2p based trackers for faster bootstrapping.

Tor users from China are recommended to use meek pluggable transport, so it might still work. One such tracker:

http://trackeryknvofs3m.onion/

Meek pluggable transport works well in China, but it's slow and need to spend more because cloud platforms' bandwidth more expensive. Most people don't care about anonymity won't like this, so I think adding a feature that use anti-cersorship proxy/pluggable transport to connect to tracker only #1108 is useful.

@HelloZeroNet We need a way to help Chinese new users download the ZeroNet client.

The client is hosted on github, so: https://github.com/HelloZeroNet/ZeroNet#how-to-join should work

Proposal: Sooner or later trackers will be blocked. ZN should be able as a fallback download few last IPs that downloaded Zerobundle recently.

is it feasible to use things like NDN in nowadays situation ?
(named data network, that is not IP based, but content based, similar concept to IPFS, but for packet, not for static content)

There was an idea that the peers can exchange trackers and maybe possibly creating a community auto-updated & distributed tracker list. Though there would still have to be some unrestricted trackers or peers for initial connection (maybe an indpendent/individual tracker/peer list on /Config page which will not be shared in comunity tracker list).

Could we not mirror zeronet.io on IPFS and on ZN? So that the content could proliferate behind the GFW rather than create increasingly elaborate mechanisms to tunnel through it

The zeronet.io is used to provide information and download method about ZeroNet. So putting it to ZeroNet would not help.
Github is still accessible from China and it has all the required information, so I don't think it's a big issue.

It's safe to say that we just lost China.
People will not download the zeronet if it is difficult to access it, I propose to create a network of zeronet inside China and not to contact it.
The user should not receive connections to all nodes immediately.
Most likely, they connect to the zeronet and pull out all the ip addresses.

Another option is to allow users to connect to each other manually.
It will be enough for them to reset the ip address via the website or messenger.
Perhaps this is the only way to keep zeronet alive inside China.

Is it false positive? Looks like it's blocked.
http://www.chinafirewalltest.com/?siteurl=github.com

Quite a few online testers confirm this. That's unfortunate.