Signal-TLS-Proxy VS naiveproxy

I'm trying to install the Signal proxy server on my AS5104T NAS, but one of the first steps is to run a bash script, which ADM doesn't have. It only ships with /bin/sh.

A significant amount of people will go "huh, Signal will only work when my Netflix VPN is on, I wonder why that is". Signal won't just disappear.

In fact, Signal has a network of volunteers running special proxy services[1] to access Signal from countries with oppressive governments. Signal the company may leave, but Signal the app will try to stay relevant for as long as possible.

[1]: https://github.com/signalapp/Signal-TLS-Proxy

Yes, https://github.com/signalapp/Signal-TLS-Proxy/commit/461d2d1aeec601a4d62100949a227f0cef2f6154 resolved the issue for me (using a custom container). Thanks!

You were running this one?

I haven't seen a guide, but you can just look at the scripts and config files on github and manually install the nginx-proxy yourself. https://github.com/signalapp/Signal-TLS-Proxy It's just a TLS proxy.

#!/bin/bash set -euxo pipefail # update this field with the hostname of the proxy (don't put https at the start) PROXY_HOST=example.proxy.host.com PROXY_IP=$(ping -W2 -4 -q -c1 ${PROXY_HOST} | grep -m1 -oE '\([0-9\.]+\)' | head -1 | tr -d '()') || true upstreams=$(curl -sSfL https://github.com/signalapp/Signal-TLS-Proxy/raw/main/data/nginx-relay/nginx.conf \ | grep server \ | grep -oE '[^ ]+\.signal.org.*$' | tr -d ';') for host in $upstreams; do [ $host == "contentproxy.signal.org:443" ] && continue # something weird about this one, so skip it echo "Checking ${host} via ${PROXY_HOST}" curl -v -sSL --insecure --resolve ${host}:${PROXY_IP} https://${host} noproxyversion=$(curl -sSL --insecure https://${host} | cut -c 1-20 | sha256sum | tr -d '-') proxiedversion=$(curl -sSL --insecure --resolve ${host}:${PROXY_IP} https://${host} | cut -c 1-20 | sha256sum | tr -d '-') test ${noproxyversion} == ${proxiedversion} || { echo "Proxy failed for https://${host}" && exit 1; } done

People, Yall can help them Spread Christian Nationalism by turning Your device into a proxy So these Iranians can use it to access the Signal messaging app. U will need 1️⃣. a server with ports 80 & 443 available & 2️⃣. A domain name (or subdomain) that points to the server's IP address. The proxy is extremely lightweight. An inexpensive & Tiny VPS can easily handle 100s of concurrent users. Steps : SSH into your server, Install Docker, Dockers Compose & Git. sudo apt update sudo apt install docker docker-compose git. Clone the Signal TLS proxy repository : git clone https://github.com/signalapp/Signal-TLS-Proxy.git Enter the repo directory : cd Signal-TLS-Proxy

It's a bit hard to find the link to the proxy through the article, so here's a direct link: https://github.com/signalapp/Signal-TLS-Proxy

I also want to use my knowledge and server power for good things. Reading about the developments and the cencorship in iran is devastating, but I stumbled across this tweet and this repo by signal to help people in iran get the word out.

What language is "Electron" written in and how many lines of it are used. Even more, what languages are Chromium brower engine and Node.js written in and how many lines of it are used.

When we make assumptions, e.g., no need to initialise hardware, no need for bootcode, no need for bootloader, no need for drivers, no need for kernel, no need for operating system, and so on, then, IMHO, the comparisons do not make as much sense.

Perhaps it is not "how you use them" but "what they can actually do". To me, getting a computer to boot is still an essential task. Building things "from the ground up" is still, to me, the path with fewer limitations and boundaries. As I understand it, building things from the ground up is how the creator of UNIX preferred to work.

To be honest, IMO, it's really about "what you are trying to do". And the assumption in comments like these is that one is trying to do the exact same thing in (less than or equal to 500 lines of) language X, Y or Z. But what if one wants to do somehting different that no one has done before.

When I was a kid, I faintly remember Lego sets that sometimes had pre-constructed "add-ons" with moving parts. These attachments might have even been motorised. Although such attachments might have had a Lego logo with a trademark symbol on them, making them appear to be part of a set, they did not really belong with the plastic building blocks. They were obviously not meant to be pulled apart and rebuilt.

The pre-compiled "browser", a single large binary that does "everything its user could ever want to do" as determined by someone else, not the user, controlled and distributed by an advertising services company, is it a building block or one of those motorised add-ons. How many "developers" pull the browser apart and rebuild it.^1 It seems the advertising company is expecting most will not do that.

1. One exception, which uses only the networking code, is https://github.com/klzgrad/naiveproxy/

The "modern browser" is what could be many programs. Instead, these are all rolled into one.

Your best bet would be naiveproxy. WG does not design with obfuscation in mind. Or you could use shadowsocks with v2ray instead.

If it still fails, try Outline VPN which Shadowsocks protocol made some attempt to evade detection. If you're only using browsers, https://github.com/klzgrad/naiveproxy can masquerade common traffic assuming your school doesn't use whitelist.