SSH encrypted tunnel to avoid Amazon snooping?

[MyPreciousss]

I searched around a bit, but all I got was this: https://www.mobileread.com/forums/sho...=111996&page=2
As you can see, the above post just digresses into tethering and dies... But sadly, without a solution.

So, here it is in full form:
We all know about the Amazon 'proxy' server through which all our 3G data is routed. Amazon can easily snoop on what's happening... So I was thinking of using my web host/computer as a second 'nested' proxy. i.e. All data between my Kindle and computer will be encrypted over SSH, thus reducing chances of Amazon snooping.

Is there a way to establish an SSH tunnel so that all 3G (Browser atleast) data is routed encrypted through my computer?

[dasmoover]

Yes, the usbnetwork package installs dropbear which supports local/remote port forwarding (use that to connect to an ssh server running apache with proxy software)
That should tunnel all browser requests sent to the home server proxy page.

[MyPreciousss]

Quote:

Originally Posted by dasmoover

That should tunnel all browser requests sent to the home server proxy page.

Can you explain the steps required? to tunnel all Kindle requests through that proxy?

or some links to start with?

[kenchy]

The information in the link you posted is incorrect. Just because they proxy the traffic on port 80 doesn't mean they can read the traffic. So if privacy is your main concern you could use a straight SSL proxy.

My understanding (and experience) is that plain SSH does not work over 3G. The amazon proxy checks all traffic for the kindle ID in the headers.

The information here is a good start. http://openduck.com/2010/11/27/hoora...ng-the-kindle/

I have a pre-patched corkscrew which I have been meaning to post for a while, which takes the kindle ID as an argument. Although I couldn't get it to work with dropbear so compiled the openssh client.

Once I did all that and got it working I realised I had no use for it so lost interest!

[thatworkshop]

Quote:

Originally Posted by kenchy

I have a pre-patched corkscrew which I have been meaning to post for a while, which takes the kindle ID as an argument. Although I couldn't get it to work with dropbear so compiled the openssh client.

Once I did all that and got it working I realised I had no use for it so lost interest!

I'm interested in this corkscrew. Can you provide it to the community please? Thanks.

[geekmaster]

Quote:

Originally Posted by cscat

I'm interested in this corkscrew. Can you provide it to the community please? Thanks.

Corkscrew with x-fsn support has primarily been used as a tethering tool to steal 3G service from amazon. Please do not post it here. Thanks.

[thatworkshop]

Quote:

Originally Posted by geekmaster

Corkscrew with x-fsn support has primarily been used as a tethering tool to steal 3G service from amazon. Please do not post it here. Thanks.

Oops sorry I didn't know about this, and this was definitely not my intention (actually I like Amazon and I promote not abusing their awesome service).

[geekmaster]

In my opinion, using the x-fsn header in an application that actually enhances the kindle, like building a better web browser that works on the kindle, is acceptable use. Using the x-fsn header to download unapproved files, or to export amazon 3G service to a non-Kindle computer (tethering) is unacceptable. Tools like corkscrew that supply 3G service to any application or external device fall into the second (unacceptable) category. You should build x-fsn support into each application that needs it, and follow the amazon rules about what content may be downloaded by their webkit browser. Of course, Wi-Fi access should bypass the amazon proxy and use the local Wi-Fi connection, to download unrestricted content. The application must be "3G-aware" and follow the rules when it uses 3G.

At least, that is my opinion. Just remember the Golden Rule here, and behave accordingly...

Thanks.