We begin with a short summary of how we got to where we are today. The Great Firewall of China (GFW) began operation in 2003. Early methods of censorship included Internet Protocol (IP) blocking, Domain Name System (DNS) poisoning, and the malicious insertion of Transmission Control Protocol (TCP) resets. Tor was blocked in 2009, and public obfs4 bridges were blocked a few months after their introduction. OpenVPN was blocked in 2013.
In 2015, the Chinese Communist Party (CCP) expanded its censorship to include personal as well as technical measures. In August 2015, the legendary Clowwindy was invited to drink tea. In July 2017, Breakwa11 was human flesh searched and her Github repositories deleted (though this appears not to have been the result of a CCP initative). In November 2018, Toyo disappeared from the Internet and his Github account was deleted. On March 25, 2019, the state prosecutor in Xinmi, Henan, charged him with facilitating computer crimes. In May of that same year, Teddysun deleted his articles on installation scripts.
There are occasional reports of netizens being charged with administrative offenses simply for possessing GFW circumvention software. On December 28, 2018, a user in Shaoguan, Guangdong, was fined 1,000 yuan for having Lantern (蓝灯) Pro on his phone. Similarly, on March 25, 2019, a user in Pengxi County, Sichuan, was issued a police warning when they found Wujie Yidiantong (无界一点通) on his phone. Physical inspection of phones seems to have been a factor in both cases. Affluent users should consider carrying a burner phone while traveling; everyone should memorize how to quickly do a factory reset of their phones in an emergency.
The battle between netizens and censors is frequently described as a cat-and-mouse game. This is particularly true here, since widespread dissemination of technical information necessarily requires making it public, and public discussions are as visible to the CCP as they are to anyone else.
At one time, open discussions between netizens took place on Google Plus groups. In April 2019, Google shut down Google Plus. Technical discussions continue on Chinese-language blogs, forums, and groups. For obvious reasons, discussions must be hosted outside China, and posters must register under pseudonyms. During 2019 we learned that the CCP can deanonymize Twitter users by maliciously requesting a password reset. When the password reset message is sent to a Chinese phone number, the CCP intercepts the message and identifies the user.
Censorship is notoriously tight during so-called “sensitive” periods. One example would be the two national political meetings (全国两会) during March 2019. June 4, 2019, marks the thirtieth anniversary of the CCP ordering troops to fire on civilians in Tiananmen Square (六四事件). In the weeks approaching this anniversary, Wikipedia was blocked in all languages. Image and keyword blocking intensified, assisted by artificial intelligence. Critics of the CCP disappeared without explanation. One theory why censorship is periodically tightened and loosened is that the CCP is willing to allow a certain amount of airing of grievances, but will clamp down on anything likely to lead to organized protests.
This leaves open the following possibilities for bypassing the GFW of China in 2019:
ShadowsocksR (SSR) is probably still the single most popular method for crossing the wall (翻墙), despite the fact that it is no longer maintained.
The original Shadowsocks (SS) is still maintained. Some users are reporting that the GFW can now detect and block SS servers that do not use some form of obfuscation. One interesting innovation is the Cloak plugin for Shadowsocks-Libev. This aims to disguise the SS server as an HTTPS server.
V2Ray offers more features and is less likely to be blocked than SS, though it is harder to configure. The graphical user interface (GUI) for V2Ray is provided by separate projects such as V2RayN for Windows and BifrostV for Android.
The trojan-gfw/trojan project on Github has been in development since October 2017. It claims to imitate HTTPS so well as to be undetectable. Configuration is slightly more complex than SS/SSR.
The ValdikSS/GoodbyeDPI project on Github claims to be able to bypass deep packet inspection (DPI).
The GreatFire project offers the FreeBrowser.
Lantern and Psiphon still exist. Other possibilities that may work include the VPN Gate extension to SoftEther, Dynamic Internet Technology’s Freegate (自由门), and UltraReach Internet Corporation’s Ultrasurf (无界).
People who travel to Hong Kong can purchase phones with Hong Kong subscriber identification module (SIM) cards.
Users at major universities have freer access to the rest of the world through the China Education and Research Network (中国教育和科研计算机网). IPv6 often works best.
Wireguard may still work, though its protocol could conceivably be detected and blocked by the GFW at some later date.
A few netizens use Tor with the meek-azure pluggable transport, though the Tor Browser is itself difficult to obtain in China.
Since parts of the GFW are regional, and parts are outsourced to the different ISPs, there are isolated reports of success with unexpected methods such as OpenConnect.
A handful of commercial virtual private network (VPN) services obfuscate traffic so that their services still work in China. Sometimes only a limited number of their servers will work. Apple has removed VPN clients from its app store in China; affected users must follow a convoluted process to access the U.S. app store.
SS and SSR servers may be either self-built or rented from micro-businesses that set them up and share them among customers. Because of their icons, SS and SSR are sometimes referred to as paper airplanes (纸飞机). International access points are therefore called airports (机场). The better quality offerings generally connect through China Telecom’s “China Next Network” (CN2 or Autonomous System 4809) to improve performance. The best performance (and the highest prices) come from CN2 Global Internet Access (GIA). At the very top of the market are services who lease an international private leased circuit (IPLC).
For self-built solutions, you must make an informed choice of virtual private server (VPS) provider and location. It may help to choose a provider who allows for changes of IP address at low cost or no cost. It is particularly frustrating to discover that an IP address is already blocked due to the actions of a previous customer. The choice of protocol and obfuscation method also matter. Some obfuscation methods allow the proxy server to be camouflaged as a web server. If this kind of obfuscation is not used, frequent changes of port number and password may help. Slow page load times may be due to limited peering capacity rather than intentional throttling. The Bottleneck Bandwidth and Round-trip (BBR) congestion control algorithm for TCP may help here. Some users also accelerate TCP by tunneling it through kcptun.
2020年4月23日星期四
2020年4月20日星期一
2020年4月14日星期二
天在上,地在下,可为什么是地天泰,天地否呢
你看为什么讲君子道长呢?因为这个爻一定是由下往上运动。泰卦就是消息卦,你看它同性爻在底下往上连在一起,没有跟异性交错,这叫做消息卦。那么这个消息卦,你看也知道说,啊!这个由下往上走,它会继续带着的阳爻往上走,这叫做君子道长,小人道消。上面那个阴爻变成小人了,那慢慢就被推出去了,就是小人道消。那么这边提到天地交,跟上下交,什么意思呢?一般来说的话,天在上,地在下,这是正常的情况,但这里正好倒过来,所以要记得叫做地天泰。为什么说地天反而是泰呢?泰代表通,地在上,天在下,天本身是要往上走的,地本身是留在底下,它们之间就会沟通。你把它放在政治上,乾卦代表君子,也代表君;坤代表小人也代表民,君跑到民底下,代表他们之间可以了解,就譬如说下知民情,他才能够造福百姓。所以一个领导能够到最底下,来了解大家的情况,上下的意见可以沟通,这是好事。所以它里面取的象很简单,从外面看的时候地天泰,看起来是反的,事实上它是怎么样呢?正好沟通。让你上下气可以沟通。那么内健而外顺,就是里面很健,叫做乾卦,外面叫做坤卦,叫做顺,我们常常讲外柔内刚这些,都跟这有关。所以一个人外表跟地一样,很平顺,那这些人都很客气,内心里面有它的原则,叫做外柔内刚。这就是像泰卦一样,它是可以通达的。
2020年4月12日星期日
赌徒算法:
赌徒想用从赌场借的十块钱赢走一百块,第一次全部投注,如果赚钱,则第二次利用10元投注,如果不赚钱,则再加倍投注,直至输光10元,即赌徒净资产小于-10元时,被平仓。
算法描述
//赌徒记账
int credit=0;
//赌徒止盈
int debit=100;
//止盈判断函数
if a>=b
break
//当局结果
int result=rand();
//赌注判断函数
int bet=10;
if result=0;
bet=bet*2;
else
bet=1;
//赌徒封禁状态判断
int ban=0;
if credit<-10
ban=1;
else
ban=0;
//赌徒满意状态判断
int profit=0;
if credit>100
profit=1;
else profit=0
//赌徒循环
int credit=10;
int debit=100;
int result=0;
int bet=10;
int ban=0;
int profit=0;
for(i=0,ban||profit=0,i++)
{
result=rand();
if result=0;
{
credit=credit-bet;
bet=bet*2;
}
else
{
credit=credit+bet;
bet=10;
}
if credit>100
profit=1;
if credit<-10
ban=1;
}
cout<<i<<\n;
return 0;
算法描述
//赌徒记账
int credit=0;
//赌徒止盈
int debit=100;
//止盈判断函数
if a>=b
break
//当局结果
int result=rand();
//赌注判断函数
int bet=10;
if result=0;
bet=bet*2;
else
bet=1;
//赌徒封禁状态判断
int ban=0;
if credit<-10
ban=1;
else
ban=0;
//赌徒满意状态判断
int profit=0;
if credit>100
profit=1;
else profit=0
//赌徒循环
int credit=10;
int debit=100;
int result=0;
int bet=10;
int ban=0;
int profit=0;
for(i=0,ban||profit=0,i++)
{
result=rand();
if result=0;
{
credit=credit-bet;
bet=bet*2;
}
else
{
credit=credit+bet;
bet=10;
}
if credit>100
profit=1;
if credit<-10
ban=1;
}
cout<<i<<\n;
return 0;
2020年4月10日星期五
真随机数!基于matlab读取系统时间
matlab能知道现在是几点钟吗?能知道现在的日期吗?
可以通过调用几个特殊字符来实现哦~还能因此生成真随机数
1.基于系统时间的真随机数
1.1伪随机数
先给个说明,matlab的随机数是伪随机数,比如你输入rand,输出一个数
你关掉matlab,再开,再输入rand,出来的还是这个数。。。晕了吧。。。
伪随机数,实际上是通过一个固定的、可以重复的计算方法产生的。计算机或计算器产生的随机数有很长的周期性。它们不真正地随机,因为它们实际上是可以计算出来的,但是它们具有类似于随机数的统计特征。这样的发生器叫做伪随机数发生器。
其实matlab的随机数原理是有一组已经生成的伪随机数,可以用seed来说明:
输入rand('seed',0),就是调用第零个seed的伪随机数!
1.2真随机数
如何变成真随机数呢?只要把seed的序号,变成和系统时间有关就行了嘛!比如现在是凌晨一点,就嗲用第一个seed,凌晨两点就调用第二个seed
1.3clock的使用
如何获得系统时间,输入clock,系统会返回给你一个向量,向量里有六个元素,看看熟悉不,第一个元素是2012吧~没错,就是年月日时分秒!
temp=clock;
temp=sum(temp(4:6))*sum(temp(2:3));
temp=round(temp/10);
rand('seed',temp);
以上这段代码就是所谓的真随机数啦!
注意:直接写clock(1)会报错,因为clock可以说是个命令,而非变量名~
2.其他关于系统时间的命令
date
返回值是一个字符串,为年月日
now
返回值是一个一维double矩阵,目测为秒数
可以通过调用几个特殊字符来实现哦~还能因此生成真随机数
1.基于系统时间的真随机数
1.1伪随机数
先给个说明,matlab的随机数是伪随机数,比如你输入rand,输出一个数
你关掉matlab,再开,再输入rand,出来的还是这个数。。。晕了吧。。。
伪随机数,实际上是通过一个固定的、可以重复的计算方法产生的。计算机或计算器产生的随机数有很长的周期性。它们不真正地随机,因为它们实际上是可以计算出来的,但是它们具有类似于随机数的统计特征。这样的发生器叫做伪随机数发生器。
其实matlab的随机数原理是有一组已经生成的伪随机数,可以用seed来说明:
输入rand('seed',0),就是调用第零个seed的伪随机数!
1.2真随机数
如何变成真随机数呢?只要把seed的序号,变成和系统时间有关就行了嘛!比如现在是凌晨一点,就嗲用第一个seed,凌晨两点就调用第二个seed
1.3clock的使用
如何获得系统时间,输入clock,系统会返回给你一个向量,向量里有六个元素,看看熟悉不,第一个元素是2012吧~没错,就是年月日时分秒!
temp=clock;
temp=sum(temp(4:6))*sum(temp(2:3));
temp=round(temp/10);
rand('seed',temp);
以上这段代码就是所谓的真随机数啦!
注意:直接写clock(1)会报错,因为clock可以说是个命令,而非变量名~
2.其他关于系统时间的命令
date
返回值是一个字符串,为年月日
now
返回值是一个一维double矩阵,目测为秒数
matlab生成随机数的rand、randi和randn三种形式
matlab中关于随机数的产生有3种库函数,下面我们来看看它们的形式:
1、rand(…)
它是生成0~1之间(开环,不包含0和1两个数)均匀分布的伪随机数,也就是无穷次试验其中每个数产生的概率是一样的。
它的函数格式如下:
R = rand(N) % 生成N×N的矩阵随机数,其中每个元素位于0~1之间
R = rand([M,N,P,...]) % 生成M×N×P×...的矩阵随机数
R = rand(M,N,P,...) % 同上,中括号不是必须
R = rand(..., CLASSNAME) % 生成CLASSNAME类型的随机数,如 'double' or 'single'
例如生成double类型的5×3均匀分布的0到1间随机数:
R = rand(5,3,'double');
同理,我们想要生成100个位于[a,b]间的数据可表示为:
R = a + (b-a).*rand(100,1);
2、randi(…)
randi(N) 是生成(0,N]间均匀分布的伪随机数,并且数都是整数,所以每个数是位于1到N之间。它的表达形式有以下几种:
R = randi(iMax) % 生成1:iMax之间的均匀分布随机数
R = randi(iMax,m,n) % 生成m×n的1:iMax之间的均匀分布随机数
R = randi([iMin,iMax],m,n) % 生成m×n的iMin:iMax之间的均匀分布随机数
例如:
R1 = randi(10,5,1); % 生成5×1的1:10之间随机数
R2 = randi([10,20],2,3); % 生成2×3的10:20之间随机数
3、randn(…)
有时候我们希望生成的随机数是呈现正态分布的,而不是随机分布,这时候我们就需要使用randn函数了。它生成的随机数整体概率为正态分布,均值为0,方差为1。也就是说生成的数中出现0的概率最大,而越往无穷或者负无穷概率越小,但是出现的随机数可能为所有实数,只不过出现的概率不同。它的格式如下:
R = randn(N) % 生成N×N个正态分布的随机数
R = randn(M,N) % 生成M×N个正态分布的随机数
例如:
R = randi(3); % 生成3×3的正态分布的随机数
4、稳定的重启分布rng
这里我们来看一下如何让每次程序运行生成的随机数都一样,主要借助的是rang函数,格式如下:
rng('default');
R = rand(1,5); % 每次程序运行生成恒定的1×5随机数
此外还有生成同样分布的表达方式:
s = rng;
R1 = rand(1,5);
rng(s);
R2 = rand(1,5); % R1和R2随机数一样
2020年4月1日星期三
暗网交易市场警示信息
该交易为欺诈交易, 暗网无需身份认证, 卖家以很低代价注册新账户来发布虚假交易诈骗.
诈骗者无实际货源, 站内外有人高价出售该商品, 骗子利用买家贪图便宜的心理(能以更低资金获取商品的本能并不是买家的错), 要求买家先放币, 再发货.
当买家主动放币后, 骗子就立即提币出站, 比特币区块链无法追回.
网站已经介入本交易, 诈骗者账户已经冻结,买家资金已经原路返回.
担保交易流程:
欺诈交易, 买家当然不可能拿到货, 聪明的买家在开始怀疑时就会直接挂起交易, 卖家无应答或者拿不出实质性东西时, 买家选择投诉, 这是担保交易流程, 遵守担保交易规则的用户, 不会受到任何损失, 资金全款返回买家账户.
由于注册账户时无身份认证信息, 所以诈骗者能轻松的花很小代价注册账户出售商品出售,即便暗网交易市场严格的审核流程和及时发现处理, 诈骗者的损失也仅仅是注册激活账户资金(门槛太高对实际出售用户不利)
请暗网买家务必熟悉担保交易流程, 购买任何商品, 不要提前放币, 除非已经的确的拿到卖家的商品并核实能用好用.
如果有其它卖家要求你提前放币, 才给你物品, 请点首页上方的问题反馈, 举报. (请详细描述, 以及卖家账号, 交易编号)
欺诈交易者, 基本都得不偿失, 担保交易流程虽然繁琐, 但是阻挡诈骗非常有效, 本交易保留的目的, 仅为提醒站内买家的警惕, 已经内心还遗留欺诈心态的某些用户.
诈骗者无实际货源, 站内外有人高价出售该商品, 骗子利用买家贪图便宜的心理(能以更低资金获取商品的本能并不是买家的错), 要求买家先放币, 再发货.
当买家主动放币后, 骗子就立即提币出站, 比特币区块链无法追回.
网站已经介入本交易, 诈骗者账户已经冻结,买家资金已经原路返回.
担保交易流程:
欺诈交易, 买家当然不可能拿到货, 聪明的买家在开始怀疑时就会直接挂起交易, 卖家无应答或者拿不出实质性东西时, 买家选择投诉, 这是担保交易流程, 遵守担保交易规则的用户, 不会受到任何损失, 资金全款返回买家账户.
由于注册账户时无身份认证信息, 所以诈骗者能轻松的花很小代价注册账户出售商品出售,即便暗网交易市场严格的审核流程和及时发现处理, 诈骗者的损失也仅仅是注册激活账户资金(门槛太高对实际出售用户不利)
请暗网买家务必熟悉担保交易流程, 购买任何商品, 不要提前放币, 除非已经的确的拿到卖家的商品并核实能用好用.
如果有其它卖家要求你提前放币, 才给你物品, 请点首页上方的问题反馈, 举报. (请详细描述, 以及卖家账号, 交易编号)
欺诈交易者, 基本都得不偿失, 担保交易流程虽然繁琐, 但是阻挡诈骗非常有效, 本交易保留的目的, 仅为提醒站内买家的警惕, 已经内心还遗留欺诈心态的某些用户.
订阅:
博文 (Atom)