[joeblau]

It's amazing what humans beings will do for information. This reminds me of a time in 2007 where my friend was a teacher at an elementary school. The school blocked MySpace and Facebook to stop the students from visiting those sites. Somehow, the students figured out how to use proxies and get around the firewalls and what ended up happening is that the teachers were the only ones who couldn't figure out how to get around the firewalls. My friend came to me asking how the kids were getting around the firewall, but my explanation was over his head.

[chacham15]

The solution I used to use in high school: add a period to the end of the domain name. E.g. "www.facebook.com" became "www.facebook.com.". Apparently, the last dot does nothing, but gets around almost all pattern matchings. Everyone I told was amazed, but it actually worked (and teachers/administration were clueless).

[notimetorelax]

Here's some nice explanation on that matter: http://www.dns-sd.org/TrailingDotsInDomainNames.html.

Excerpt from the page: "domain name that doesn't have a dot at the end is not fully-qualified and is potentially ambiguous".

[girvo]

My favourite was that http was blocked, but https wasn't at my school. Easy peasy :)

[TazeTSchnitzel]

I use that for a different trick at school. It gets around keyword filtering on search terms :)

[jonmetz]

This type of filtering made the EFF's HTTPSEverywhere common in my last school

[cbhl]

I remember being one of these kids.

My high school put in a transparent squid-based filter for all HTTP content in my second year, and all traffic going to ports 80 and 443 went through it. They blocked all UDP traffic (even internal to the school, and all outbound TCP traffic except to ports 80, 443... and port 21, which the Yearbook people needed to upload files somewhere. Once I realized that the traffic on port 21 didn't go through an active sniffer, I just started running my SSH server at home on port 21, and bringing PuTTY around on my USB key.

[Cameron_D]

My school did filtering on port 80 but allowed all TCP traffic out on port 443 so I just ran SSH there. I changed schools and it seems as though they did further filtering on packets (They close connections of 443 if the server sends data first - like happens with SSH), after some testing I managed to get OpenVPN using TCP on port 443 running great.

[cwilson]

Hell, I remember this being common when I was in high school between 1999 - 2003. It started with the computer savvy kids figuring it out, but eventually the word spread and before you know it football players were using proxies to play stupid games on Newgrounds. Good times.

[pavanred]

What's more amazing is why human beings try to block information in the first place, at least in places where its unnecessary, even for their own cause. For instance, the Indian IT firm Infosys (many other similar companies in India too), block use of personal email, social networking sites etc. which I personally find pointless but probably can be argued about. But, what surprises me is they also have policies in place to not provide internet connectivity to software developer recruits who are new grads. And, these developers are provided internet access only after a few months and only if they obtain an approval from their manager that their work requires them to have internet access.

[agumonkey]

Centralized authority is weak against distributed desire and eyes. We will constantly attempt any potential hack. And as soon as a crack is found, it diffuses everywhere.

[higherpurpose]

In communist countries people used to listen to radio from the same nationality people that lived in other countries (speaking the same language).

In fact, that's happening in North Korea right now, too. North Koreans who fled have radio stations in South Korea and some of them also smuggle some radio units in NK.