If youre on Unifi you might have noticed that some sites are blocked and its due to government

directives to block these sites. Now that goes against what the Government of Malaysia promised its stakeholders during the advent of the MsC, in which it promised to not censor the internet. If you remember, somewhere in August 2008, the government issued a similar directive to censor Malaysia Today. So whats a average user to do to bypass these internet blocks. The blocks themselves are issued by the government and issued to all ISPs, fortunately there are a couple of ways to bypass these internet blocks which amount to censorship, and it depends on what kind of mechanism your ISP uses to block it. Im all for a free internet and here are some ways you can bypass those blocks. So lets focus on the simplest mechanism the ISPs use to block the internet, and thats a DNS block. A Domain Name Server (DNS) is a server that works in a similar fashion to a phone directory you know that big book of phone numbers the telephone company use to give out. So imagine the internet was like your phone network, and every website you wanted to call had a phone number, you may know the websites name like www.google.com or www.keithrozario.com, but in order to actually visit any website youd need to know its IP address. A IP address is exactly like a phone number, in that once you have it you could just type it in an visit the website, however if you dont have the websites IP address youd need to look it up. A DNS would act as a phone directory, just that in a phone directory you look up a phone number based on a persons name, while in a DNS you look up an IP address based on a websites name. Your browser automatically looks up every link you click or address you type on a DNS. A DNS block which is what Unifi uses to block these websites, is simply removing the entry for a particular website from its DNS. What this does is exactly like removing a page from a phone directory, so that if I wanted to look up a new entry of a person I dont know I wont be able to find it. However, if I already knew the phone number of the person I wanted to call itll be useless, and in Unifis case its just that useless. A simple way to bypass a DNS block is to visit a website directly by entering its IP address in your address bar, this is just like saving someone phone number on your contact list so you dont have to look up the phone directory every time. Hence, for the blocked sites, its a simple matter of looking up the IP address of the website in question using a tool like this one from network-tools.com. Another much easier and probably safer and more secure way of bypassing the DNS block is to use another DNS altogether. In the analogy before, Unifi is trying to block your access by preventing you from looking up phone number in phone directories Unifi has provided to you. Whats to stop you from using a publicly available phone directory? Or someone elses phone directory? The answer: nothing.

So all you have to do is to configure you network connection to lookup a separate DNS rather than the one recommended by your Internet Service Provider, my favorite is OpenDNS but there are others who prefer Google. The method is pretty simple, heres a step-by-step provided for Windows Vista, and for OpenDNS change your DNS IP to 208.67.222.222 and your alternate DNS IP to 208.67.220.220, if you prefer Google then the DNS IP would be 8.8.8.8 and the alternate would be 8.8.4.4. At the end you should have something that looks like this:

I also have to stress, that changing your DNS server to OpenDNS has benefits above and beyond bypassing Unifis censorship. OpenDNS operates phishtank, which is a crowdsourced application that signals out phishing websites and then blocks those websites via a DNS block. To a Layman what that means is that once you switch to OpenDNS, youll be looking a Domain Name Server that has added protection from malicious websites since OpenDNS will actually block websites it believes are malicious. Now of course youre thinkingisnt that the reason I switched to OpenDNS? Yes and No, theres a difference between trying to un-censor the web and keeping the web safe from malware. You can read up more here. Also OpenDNS operates a parental control DNS where it blocks access to sites marked as Adult websites. This would easily by pass any DNS block your Internet service provider has set in place, but what if your ISP actually has a more sophisticated blocking mechanism. A DNS block

is real kiddie stuff when it comes to online censorship and there should be other means to block users from accessing content and other means for users to bypass those blocking mechanisms. by the way, if you prefer Google over OpenDNS you might want to read this. In short theres a WHOLE lot of stuff your ISP can do that you probably dont know about. So a basic Virtual Private Network (VPN) would be the best option here. In a VPN setup, what actually happens is that you setup a connection to a private server and then use that server as a proxy for all your connections. This means that as long as your Internet Service Provider doesnt block the IP address of your VPN you can basically roam free. Another good reason to have a VPN is that theyre usually encrypted, so that your ISP cant look at what youre looking at, some VPN providers provide 2048 bit encryption, which would take a super computer millions of years to crack. While you may not be starting the next revolution or Arab Spring, sometimes it feels a bit uncomfortable especially in Malaysia to know that your ISP could potentially be spying on your personal data, and a good VPN is a solid way to prevent that from happening. So how do you setup a VPN. Well thankfully theres a free version you can try, and its called proXPN. proXPN is a fantastic free VPN service that uses end-2-end encryption to keep the baddies and your local ISP out of your business, it utilizes a 2048 bit encryption. On the website, the company claims that: With proXPN nobody* can see the websites you visit hijack your passwords, credit cards, or banking details intercept and spy on your email, IMs, calls, or anything else record your web history run traces to find out where you live As to how far thats trueI think it is. Theres a downside however, the free v ersion is throttled to just 100kbps, and you need to use a specific application to access the service. That being said the paid version doesnt have throttled speed and cost just over USD9/month. I think thats a pretty sweet deal.