How to Scale a Paywall by Proxy

The most touted feature of the public Internet is, and has always been, free access to information.  Whether that information is porn, what your friends are eating for lunch, or why your government is choosing to drop bombs on funeral goers is irrelevant.  The point is that the information is out there, you can get to it, and it’s as free as used condoms at a Greyhound bus station.  Except when it isn’t.

Since Capitalism can’t let anything go un-capitalized, there was a need to stop the ravenous masses from devouring the free lunch buffet of data swirling around in the tube-y netherworld that is the Internet.  And so Capitalist God created the paywall, and it was annoying as all fucking hell because you really want to read that article but they won’t fucking let you and nothing is fucking fair any more.  Calm down and fear not my child, for I shall show you the way up and over this devious machination of free market sourced technology.  Well probably anyway….

See there are two major types of paywalls: hard ones and soft ones.  Hard ones block access to all users until you pay the cyber-toll.  These are rare because this heavy handed approach will decimate your online audience and is worthless unless your content is worth something to enough people willing to pay for it.  For example, if I did this with The Daily Segfault even my own mother wouldn’t read it.  So of course, the only entities willing to do this are large media outlets, typically well read newspapers like the New York Times or the Wall Street Journal who have brand recognition, content people are willing to pay for, and steadily declining revenue streams.  Occasionally very desperate non-profits like WIkileaks do this, but it usually doesn’t end wellAs a side note: do donate to Wikileaks they do good work and really do deserve what ever money you can chuck at them.

Those hard paywalls I can’t help you with, and it should also be noted that the approach I will show you to scale paywalls may not work in every instance as not all paywalls are built the same way.  Thankfully though, most paywalls are of the soft variety and most of these use the same method for blocking us e-rabble.  A “soft” paywall is one that, instead of blocking you outright, will allow you to make a certain number of visits to the cherished content before it gets all bitchy and demands that you pony up the cash if you want to keep reading.  The key vulnerability in this system is that the site has to remember who you are, or else it might just block someone who isn’t a mooching, good-for-nothing, sack-o-shit, 47%-er.

So obviously the key here is to just stop being you.  Basically the way most sites determine if you are you is by checking the IP address of where your request to view the content is coming from.  The content protecting server then checks it’s database to see if you have consumed the dataz too frequently and need to be blocked, otherwise it lets you view the content for free this time and increments the number of times you visited the site in the database by 1.  Now you could scale a soft paywall by bypassing the organization’s firewall, executing an escalation of privilege attack, accessing the server’s database file, and resetting the value for the block counter to 0.  However, this is a lot of work and more than just a tad illegal for trying to view a side-boob article on the Huffington Post.

breaking news: look at that side boob!

BREAKING NEWS: Look at that side boob!

The answer is a lot simpler than that, although admittedly less sexy.  In the words of Mr. McGuire in “The Graduate”, “I just want to say one word to you. Just one word…proxies“.  A proxy is a very simple but powerful concept for hackers and anyone who just wants to be more anonymous on the internet.  Basically a proxy is just a server that makes a request of another server on your behalf.  So for example, if your work blocks but not (or one of the bijillion public proxy servers like it), you can go to said proxy and ask it to go to facebook for you.  It does this and then sends your computer the stuff you wanted from facebook.  Since this data is coming from the proxy and not the blocked site your companies router has no idea that you’re wasting time on facebook when you should be wasting time working.  Word of warning: obviously if you are going to be proxying personal information (like passwords, home address, etc) you better damn well trust your proxy, because they will have access to everything you send through the proxy.

So let’s try this out.  Our vict…err…helpful assistant today will be the website of my local media institution, the  Unless you have your own proxy server set up, you’re going to need a proxy.  Thankfully the helpful folks over at Public Proxy Servers have a database of public proxy servers.  As you can see from the picture here, the Orlando Sentinel will block you after you reached “your allowance of free articles”.  So to re-up your allowance it is time to become Mr. by going to said site and typing in the URL of the article you want to see, such as,0,6681231.story.

Before and after the proxy pwn’ing…do note how the URL on the second picture is NOT the

It really is that simple.  Go surf the free web seas!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s