Return to Level1Techs.com

No more fappaccinos! StarBucks blocks pr0n, or so they say


#41

Cisco Secure Desktop. It’s basically cisco-enforced antivirus scan and group policy on Windows.

Still required on Linux.


#42

have you tried --os=win ?


#43

How would that change things?

It’ll try to deploy windows binaries and expect a windows response.


Wait, hold up.

We’re waaaay off topic here.

Back to the fappaccinos.


#44

yeah with my sensitive nose the smell of cappucino and other “coffee corruptions” they make just turns my stomach.
it does have its advantages though!

but back to the topic, If you were running a company that is offering a public internet connection you do have the right to monitor and or censor content. and in some cases you can be held responsible for what a guest does on your server.

to be sure its a touchy subject that many may take offence to.
but would you rather they limit your access or have you arrested for displaying lewd material in a public place (if you were caught surfing porn)
this falls under lewd and lascivious conduct!
but it all boils down to a message similar to this (If you are using my car you had better follow my rules)

i dont like the idea any more than a lot of people as it would block a lot of medical research i often do, but i cant really blame them for protecting themselves.


#45

I used to hate Starbucks, but thanks to a friend recommending a film i always giggle at the name now

In his words:
“You have to watch Idiocracracy, but don’t think of it as a comedy film but as possible prophecy of near future”

No spoilers - watch the film to know why I rate this topic ROFLMAO

But I don’t recommend watching the whole film
I am avoiding watching it because i think i will see more correlation than i remember between the way The US president is portrayed in the film and the current ‘real’ one


#46

Well OpenVPN no longer works at my local Starbucks, even with a custom port. I guess I can tether, but I only have 20GB on my so-called ‘unlimited’ plan…


#47

Try my xor strategy! It circumvent signature detection.


#48

How did you implement XOR?

This seems to be a good high level overview: https://www.bestvpn.com/guides/openvpn-scramble-xor-obfuscation/

Is this the solution you chose?
https://tunnelblick.net/cOpenvpn_xorpatch.html
I’m not sure if I can apply that on my pfSense/BSD VM.

Why not obfsproxy? The OpenVPN devs seem to prefer it for some reason…


#49

ssh tunneling to the rescue?


#50

Yeah I saw stunnel mentioned in one of the VPN obfuscation threads. Never used it, so I’m not sure how to implement it right off. Guess I need to start Googling once I get home from SBux.


#51

I did a custom implementation in go:

package main

import (
	"flag"
	"io"
	"log"
	"net"
)

var key int
var listen string
var connect string

func main() {
	flag.IntVar(&key, "key", 170, "key to xor the data")
	flag.StringVar(&listen, "listen", ":8081", "listen on ip and port")
	flag.StringVar(&connect, "connect", ":8080", "forward to ip and port")
	flag.Parse()

	if key < 0 || key > 255 {
		flag.PrintDefaults()
		log.Fatal("key is not one byte")
	}

	// check and parse address
	conn, err := net.ResolveTCPAddr("tcp", connect)
	if err != nil {
		flag.PrintDefaults()
		log.Fatal(err)
	}

	// listen on address
	ln, err := net.Listen("tcp", listen)
	if err != nil {
		flag.PrintDefaults()
		log.Fatal(err)
	}

	log.Printf("listening on %v", ln.Addr())
	log.Printf("will connect to %v", conn)

	for i := 0; ; i++ {
		// accept new connection
		c, err := ln.Accept()
		if err != nil {
			log.Fatal(err)
		}

		log.Printf("connection %v from %v", i, c.RemoteAddr())

		cn, err := net.DialTCP("tcp", nil, conn)
		if err != nil {
			c.Close()
			log.Print(err)
			continue
		}

		go pipe(c, cn, byte(key), i)
		go pipe(cn, c, byte(key), i)
	}
}

func pipe(w io.WriteCloser, r io.ReadCloser, key byte, count int) {
	n, err := copyBufferXor(w, r, key)

	r.Close()
	w.Close()

	log.Printf("connection %v closed, %v bytes", count, n)

	opError, ok := err.(*net.OpError)
	if err != nil && (!ok || opError.Op != "readfrom") {
		log.Printf("warning! %v", err)
	}
}

func copyBufferXor(dst io.Writer, src io.Reader, key byte) (written int64, err error) {
	buf := make([]byte, 32*1024)
	for {
		nr, er := src.Read(buf)
		for i := 0; i < nr; i++ {
			buf[i] = buf[i] ^ key
		}
		if nr > 0 {
			nw, ew := dst.Write(buf[0:nr])
			if nw > 0 {
				written += int64(nw)
			}
			if ew != nil {
				err = ew
				break
			}
			if nr != nw {
				err = io.ErrShortWrite
				break
			}
		}
		if er != nil {
			if er != io.EOF {
				err = er
			}
			break
		}
	}
	return written, err
}

@nx2l this also helps you SSH out of a restricted network!


#52

#53

Fucking clerks.


#54

Inb4 ai that blocks image sites and no one can use google.