One of the key learnings from recent events is that there is growing demand for privacy features. The Firefox Private Network is an extension which provides a secure, encrypted path to the web to protect your connection and your personal
information anywhere and everywhere you use your Firefox browser.
There are many ways that your personal information and data are exposed: online threats are everywhere, whether it's through phishing emails or data breaches. You may often find
yourself taking advantage of the free WiFi at the doctor's office, airport or a cafe. There can be dozens of people using the same network -- casually checking the web and getting social media updates. This leaves your personal information vulnerable to
those who may be lurking, waiting to take advantage of this situation to gain access to your personal info. Using the Firefox Private Network helps protect you from hackers lurking in plain sight on public connections. To learn more about Firefox Private
Network, its key features and how it works exactly, please take a look at this blog post .
As a Firefox user and account holder in the US, you can start testing the Firefox Private Network
today . A Firefox account allows you to be one of the first to test potential new products and services when we make them available in Europe, so sign up today
and stay tuned for further news and the Firefox Private Network coming to your location soon!
Golden Frog, a globally renowned virtual private network service, is announcing that their popular VyprVPN product is now an independently audited No Log VPN. Golden Frog enjoys a distinguished history as an advocate for privacy rights and standing up
against internet censorship.
Sunday Yokubaitis, CEO of Golden Frog said:
When Golden Frog first launched VyprVPN in 2008, the company practiced logging a minimal amount of VPN service data aimed
at improving customer experiences through speed, performance, reliability and troubleshooting. As our service has matured over the last decade, we have become more experienced with running a global VPN network and the necessity for minimal logging has
diminished. We have found better ways to improve performance and defeat fraudsters without needing a user's connection information.
Upon implementing the No Log policy, Golden Frog engaged Leviathan Security, a leading security
firm, to independently audit the VyprVPN servers. As a company, we have been very critical of VPN providers who advertise an anonymous, No Log VPN service but were later revealed to log customer data, said Yokubaitis. They use 'bait and switch'
The complete audit by Leviathan Security
VyprVPN produces no identifying logs without the user's consent.
The project revealed a limited number of issues that VyprVPN subsequently fixed.
Golden Frog can provide
VyprVPN users with the assurance the company is not logging their VPN activity.
Golden Frog assures its customers that the change in its logging policy will not affect the user experience nor the quality of the existing service. VyprVPN can now be used to circumvent censorship blocks put in place by governments
to access social media accounts and disseminate information freely, with users confident that absolutely none of their activity is being logged. No Log is publicly available for core VyprVPN apps with the exception of iOS, which will be released shortly.
Google's parent company Alphabet has rolled out a new tool aimed at defending against attacks on free speech around the globe.
Jigsaw announced the release of a new app, Intra , designed to protect Android users against the manipulation of DNS
resolutions, a commonly used practice among repressive regimes to prohibit users from accessing information deemed off-limits by the state.
In Iran, for example, certain websites redirect to a government censorship page. The same is true of
China's Great Firewall (GFW), which returns false and, often instead, seemingly erratic IP addresses in response to DNS queries to government-blocked domains. Hundreds of websites are likewise blocked in Pakistan.
Intra works, according to its
creators, by simply encrypting the user's connection to the DNS server. By default, it points to Google's own DNS servers but for users who prefer to use another ( Cloudflare or IBM's Quad9 , for example) those settings can be changed within the
According to CNET, DNS queries will be encrypted by default in an updated version of Android Pie. Reportedly, however, around 80 percent of Android users aren't using the latest version of the Android operating system. For those, Intra is now
available in Google Play
In April, Google and Amazon both dropped domain fronting from their web hosting services. Domain fronting is a technique used to bypass internet censorship, in places such as Iran , Russia, and China. Website requests to a censored site start their
journey across the internet as requests to Google or Amazon app servers. The final routing to the blocked site is only revealed once an encrypted connection is established. Of course internet censors can block Google and Amazon but this may
displease large numbers of internet users. Russia for example had to ban massive numbers of sites in attempt to block the encrypted messaging app Telegram which was employing domain fronting options.
Now, encrypted messaging platform Wickr is starting
to roll out a service to its users that includes domain fronting spread across a variety of infrastructure, meaning that customers and soon free users should be able to use the feature to circumvent censorship. Wickr CEO Joel Wallenstrom told
On top of encryption, there's also the availability part of security. You can't have one without the other.
Today we're releasing our latest desktop browser Brave 0.23 which features Private Tabs with Tor, a technology for defending against network surveillance. This new functionality, currently in beta,
integrates Tor into the browser and gives users a new browsing mode that helps protect their privacy not only on device but over the network. Private Tabs with Tor help protect Brave users from ISPs (Internet Service Providers), guest Wi-Fi providers,
and visited sites that may be watching their Internet connection or even tracking and collecting IP addresses, a device's Internet identifier.
Private Tabs with Tor are easily accessible from the File menu by clicking New Private
Tab with Tor. The integration of Tor into the Brave browser makes enhanced privacy protection conveniently accessible to any Brave user directly within the browser. At any point in time, a user can have one or more regular tabs, session tabs, private
tabs, and Private Tabs with Tor open.
The Brave browser already automatically blocks ads, trackers, cryptocurrency mining scripts, and other threats in order to protect users' privacy and security, and Brave's regular private tabs
do not save a user's browsing history or cookies. Private Tabs with Tor improve user privacy in several ways. It makes it more difficult for anyone in the path of the user's Internet connection (ISPs, employers, or guest Wi-Fi providers such as coffee
shops or hotels) to track which websites a user visits. Also, web destinations can no longer easily identify or track a user arriving via Brave's Private Tabs with Tor by means of their IP address. Users can learn more about how the Tor network works by
watching this video.
Private Tabs with Tor default to DuckDuckGo as the search engine, but users have the option to switch to one of Brave's other nineteen search providers. DuckDuckGo does not ever collect or share users'
personal information, and welcomes anonymous users without impacting their search experience 204 unlike Google which challenges anonymous users to prove they are human and makes their search less seamless.
In addition, Brave is
contributing back to the Tor network by running Tor relays. We are proud to be adding bandwidth to the Tor network, and intend to add more bandwidth in the coming months.
Pornhub, the dominant force amongst the world's porn websites, has sent a challenge to the BBFC's porn censorship regime by offering a free workaround to any porn viewer who would prefer to hide their tracks rather then open themselves up to the
dangers of offering up their personal ID to age verifiers.
And rather bizarrely Pornhub are one of the companies offering age verification services to porn sites who want to comply with UK age verification requirements.
its VPN service with references to UK censorship:
Browse all websites anonymously and without restrictions.
VPNhub helps you bypass censorship while providing secure and private access to
Internet. Access all of your favorite websites without fear of being monitored.
Hide your information and surf the Internet without a trace.
Enjoy the pleasure of protection with VPNhub. With full
data encryption and guaranteed anonymity, go with the most trusted VPN to protect your privacy anywhere in the world.
Free and Unlimited
Enjoy totally free and unlimited bandwidth on your device of
China's VPN ban came into effect on March 31, 2018, but virtual private network providers are still claiming their users have access to their services in the country.
NordVPN has reportied a lack of information from Chinese authorities about
how and when exactly the ban will be implemented. The company also said businesses have reported that so far there have been no announcements from authorities about the ban. The company commented:
We understand the
concern of local and international businesses in China, as well as the needs of scholars, scientists, students, and others who vitally need VPNs to freely access the World Wide Web,
Perhaps the rest of the world would well appreciate
Chinese VPN blocking, it must surely make trade a bit tougher for Chinese companies to be cut off from the world.
Today, most web browsers have private-browsing modes, in which they temporarily desist from recording the user's browsing history.
But data accessed during private browsing sessions can still end up tucked away in a computer's
memory, where a sufficiently motivated attacker could retrieve it.
This week, at the Network and Distributed Systems Security Symposium, researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) and
Harvard University presented a paper describing a new system, dubbed Veil, that makes private browsing more private.
Veil would provide added protections to people using shared computers in offices, hotel business centers, or
university computing centers, and it can be used in conjunction with existing private-browsing systems and with anonymity networks such as Tor, which was designed to protect the identity of web users living under repressive regimes.
"Veil was motivated by all this research that was done previously in the security community that said, 'Private-browsing modes are leaky -- Here are 10 different ways that they leak,'" says Frank Wang, an MIT graduate
student in electrical engineering and computer science and first author on the paper. "We asked, 'What is the fundamental problem?' And the fundamental problem is that [the browser] collects this information, and then the browser does its best
effort to fix it. But at the end of the day, no matter what the browser's best effort is, it still collects it. We might as well not collect that information in the first place."
Wang is joined on the paper by his two thesis
advisors: Nickolai Zeldovich, an associate professor of electrical engineering and computer science at MIT, and James Mickens , an associate professor of computer science at Harvard.
existing private-browsing sessions, Wang explains, a browser will retrieve data much as it always does and load it into memory. When the session is over, it attempts to erase whatever it retrieved.
But in today's computers, memory
management is a complex process, with data continuously moving around between different cores (processing units) and caches (local, high-speed memory banks). When memory banks fill up, the operating system might transfer data to the computer's hard
drive, where it could remain for days, even after it's no longer being used.
Generally, a browser won't know where the data it downloaded has ended up. Even if it did, it wouldn't necessarily have authorization from the operating
system to delete it.
Veil gets around this problem by ensuring that any data the browser loads into memory remains encrypted until it's actually displayed on-screen. Rather than typing a URL into the browser's address bar, the
Veil user goes to the Veil website and enters the URL there. A special server -- which the researchers call a blinding server -- transmits a version of the requested page that's been translated into the Veil format.
The Veil page
looks like an ordinary webpage: Any browser can load it. But embedded in the page is a bit of code -- much like the embedded code that would, say, run a video or display a list of recent headlines in an ordinary page -- that executes a decryption
algorithm. The data associated with the page is unintelligible until it passes through that algorithm.
Once the data is decrypted, it will need to be loaded in memory for as long as it's
displayed on-screen. That type of temporarily stored data is less likely to be traceable after the browser session is over. But to further confound would-be attackers, Veil includes a few other security features.
One is that the
blinding servers randomly add a bunch of meaningless code to every page they serve. That code doesn't affect the way a page looks to the user, but it drastically changes the appearance of the underlying source file. No two transmissions of a page served
by a blinding sever look alike, and an adversary who managed to recover a few stray snippets of decrypted code after a Veil session probably wouldn't be able to determine what page the user had visited.
If the combination of
run-time decryption and code obfuscation doesn't give the user an adequate sense of security, Veil offers an even harder-to-hack option. With this option, the blinding server opens the requested page itself and takes a picture of it. Only the picture is
sent to the Veil user, so no executable code ever ends up in the user's computer. If the user clicks on some part of the image, the browser records the location of the click and sends it to the blinding server, which processes it and returns an image of
the updated page.
The back end
Veil does, of course, require web developers to create Veil versions of their sites. But Wang and his colleagues have designed a compiler that performs this conversion
automatically. The prototype of the compiler even uploads the converted site to a blinding server. The developer simply feeds the existing content for his or her site to the compiler.
A slightly more demanding requirement is the
maintenance of the blinding servers. These could be hosted by either a network of private volunteers or a for-profit company. But site managers may wish to host Veil-enabled versions of their sites themselves. For web services that already emphasize the
privacy protections they afford their customers, the added protections provided by Veil could offer a competitive advantage.
"Veil attempts to provide a private browsing mode without relying on browsers," says Taesoo
Kim, an assistant professor of computer science at Georgia Tech, who was not involved in the research. "Even if end users didn't explicitly enable the private browsing mode, they still can get benefits from Veil-enabled websites. Veil aims to be
practical -- it doesn't require any modification on the browser side -- and to be stronger -- taking care of other corner cases that browsers do not have full control of."
Firefox is working to protect users from censorship and government control of the Internet. Firefox 59 will recognize new peer to peer internet protocols such as Dat Project, IPFS, and Secure Scuttlebutt, allowing companies to develop extensions which
will deliver the Internet in a way governments will find difficult to control, monitor and censor.
Mozilla believes such freedom is a key ingredient of a healthy Internet, and has sponsored other projects which would offer peer to peer wireless
internet which cuts out Internet Service Providers.
While a peer to peer system would never be as fast and easy as a client-server system as we have at present, it does provide a baseline level of service which government and ISPs could not go
below, or risk increasing number of users defecting, which means the mere existence of these systems helps everyone else, even if they never become widespread.
Mozilla has always been a
proponent of decentralization , recognizing that it is a key ingredient of a healthy Internet. Starting with Firefox 59, several protocols that support decentralized architectures are approved for use by extensions. The newly approved protocols are:
Firefox itself does not implement these protocols, but having them on the approved list means the browser recognizes them as valid protocols and extensions are free to provide implementations.
A group of international broadcasters have come together to support a new website that aims to help internet users around the world access news and information.
The Broadcasting Board of Governors (US), the BBC (UK), Deutsche Welle (Germany) and
France M39dias Monde (France) have co-sponsored the Bypass Censorship website: bypasscensorship.org
Bypass Censorship provides internet users information on how to
access and download security-conscious tools which will enable them to access news websites and social media blocked by governments.
When governments try to block these circumvention tools, the site is updated with information to help users stay
ahead of the censors and maintain access to news sites.
BBG CEO, John F. Lansing said:
The right to seek, and impart, facts and ideas is a universal human right which many repressive governments seek to control.
This website presents an incredible opportunity to provide citizens around the world with the resources they need to access a free and open internet for uncensored news and information essential to making informed decisions about their lives and
The broadcasters supporting the Bypass Censorship site are part of the DG7 group of media organisations which are consistent supporters of UN resolutions on media freedom and the safety of journalists.
After several days of radio silence, VPN provider PureVPN has responded to criticism that it provided information which helped the FBI catch a cyberstalker. In a fairly lengthy post, the company reiterates that it never logs user activity. What it does
do, however, is log both the real and assigned 'anonymous' IP addresses of users accessing its service.
In a fairly lengthy statement, PureVPN begins by confirming that it definitely doesn't log what websites a user views or what content he or she
downloads. However, that's only half the problem. While it doesn't log user activity (what sites people visit or content they download), it does log the IP addresses that customers use to access the PureVPN service. These, given the right circumstances,
can be matched to external activities thanks to logs carried by other web companies.
If for instance a user accesses a website of interest to the authorities, then that website, or various ISPs involved in the route can see the IP address doing
the accessing. And if they look it up, they will find that it belongs to PureVPN. They would then ask PureVPN to identify the real IP address of the user who was assigned the observed PureVPN IP address at the time it was observed.
Now, if PureVPN
carried no logs -- literally no logs -- it would not be able to help with this kind of inquiry. That was the case last year when the FBI approached Private Internet Access for information and the company was unable to assist .
But in this case,
PureVPN does keep the records of who was assigned each IP address and when, and so the user can be readily identified (albeit with the help of the user's ISP too).
It is for this
reason that in TorrentFreak's annual summary of no-logging VPN providers , the very first question we ask every single company reads as follows:
Do you keep ANY logs which would allow you to match an IP-address and a
time stamp to a user/users of your service? If so, what information do you hold and for how long?
Clearly, if a company says yes we log incoming IP addresses and associated timestamps, any claim to total user
anonymity is ended right there and then.
While not completely useless (a logging service will still stop the prying eyes of ISPs and similar surveillance, while also defeating throttling and site-blocking), if you're a
whistle-blower with a job or even your life to protect, this level of protection is entirely inadequate.
A new tool wants to make it easy to track internet outages and help people learn how to circumvent them.
The Open Observatory of Network Interference (OONI), which monitors networks for censorship and surveillance, is launching Ooniprobe, a mobile
app to test network connectivity and let you know when a website is censored in your area.
The app tests over 1,200 websites, including Facebook ( FB , Tech30 ) , Twitter ( TWTR , Tech30 ) and WhatsApp.
Created in 2012 under the Tor
Project, OONI monitors networks in more than 90 countries through its desktop and hardware trackers, which are available to anyone. It publishes censorship data on its site . The organization has confirmed censorship cases in a number of countries,
including Russia, Saudi Arabia, Turkey, Ethiopia and Sudan.
The website has recently introduced a mobile app so that OONI can reach more people potentially affected by internet outages, especially in emerging markets where smartphones are more
common than computers.
Opera has become the first major browser to add a free VPN client to its web browser. The VPN offers AES-256 encryption and allows users to browse the Internet privately. In addition, the free VPN also helps to circumvent website blockades.
company has added a free and unlimited VPN to the developer version of its browser. This means that users can browse the web securely at the flick of a switch .
The VPN connection is provided by the Canadian VPN service SurfEasy, which like many
other VPNs keeps no logs. SurfEasy was acquired by Opera last year and VP of Marketing Steve Kelly tells TorrentFreak that privacy and censorship were the main reasons to add the free VPN to Opera. Kelly said:
deserves to surf privately online if they want to. Today, it is too difficult to maintain privacy when using the web, and way too many people experience roadblocks online, like blocked content..
By releasing an integrated, free
and unlimited VPN in the browser, we make it simple for people to enhance their privacy and access the content they want.
Opera's in-browser VPN uses AES-256 encryption and SurfEasy says that the initial response has been very strong.
The network is prepared to handle hundreds of thousands of simultaneous connections without any problems.
The Electronic Frontier Foundation (EFF) has released Privacy Badger 1.0, a browser extension that blocks some of the sneakiest trackers that try to spy on your Web browsing habits.
More than a quarter of a million users have
already installed the alpha and beta releases of Privacy Badger. The new Privacy Badger 1.0 includes blocking of certain kinds of super-cookies and browser fingerprinting -- the latest ways that some parts of the online tracking industry try to follow
Internet users from site to site.
EFF Staff Technologist Cooper Quintin, lead developer of Privacy Badger said:
It's likely you are being tracked by advertisers and other third parties online.
You can see some of it when it's happening, such as ads that follow you around the Web that seem to reflect your past browsing history. Those echoes from your past mean you are being tracked, and the records of your online activity are distributed to
other third parties -- all without your knowledge, control, or consent. But Privacy Badger 1.0 will spot many of the trackers following you without your permission, and will block them or screen out the cookies that do their dirty work.
Privacy Badger 1.0 works in tandem with the new Do Not Track (DNT) policy, announced earlier this week by EFF and a coalition of Internet companies. Users can set the DNT flag -- in their browser settings or by installing Privacy
Badger -- to signal that they want to opt-out of online tracking. Privacy Badger won't block third-party services that promise to honor all DNT requests.
EFF Chief Computer Scientist Peter Eckersley, leader of the DNT
With DNT and Privacy Badger 1.0, Internet users have important new tools to make their desires about online tracking known to the websites they visit and to enforce those desires by blocking stealthy
online tracking and the exploitation of their reading history. It's time to put users back in control and stop surreptitious, intrusive Internet data collection. Installing Privacy Badger 1.0 helps build a leaner, cleaner, privacy-friendly Web.
In an original initiative designed to circumvent website blocking by governments that violate human rights, Reporters Without Borders is using the technique known as mirroring to duplicate the censored sites and place the copies on the servers of
Internet giants such as Amazon, Microsoft and Google. In these 11 countries that are "Enemies of the Internet," blocking the servers of these Internet giants in order to make the mirror sites inaccessible would deprive thousands of companies of
essential services. The economic and political cost would be too high. Our nine sites are therefore protected against censorship.
Reporters Without Borders is renting bandwidth for this operation that will gradually be used up as
more and more people visit the mirror sites. We are therefore asking Internet users to help pay for additional bandwidth so that the mirror sites will be available for as long as possible.
The nine mirror sites created by Reporters Without Borders
To help make freely-reported news and
information available in these countries, all Internet users are invited to join in this operation by posting this list on social networks with the #CollateralFreedom
A UK developer has created a new and free service that not only silently unblocks any website without falling foul of the law, but one that will eventually become available to all under a GPL 3.0 license.
People browsing the internet in censored spaces such as UK public WiFi will soon be able to access the web using the internet connection of friends in censorship-free zones of the web.
Google has thrown its weight behind an idea that lets people
circumvent censorship by using the internet connection of a friend.
A collaboration between the University of Washington in Seattle and non-profit firm Brave New Software, uProxy lets users share their internet connection with friends on social
networks through a browser extension.
When both parties have the uProxy extension installed, one can forge an encrypted link through the other person's browser and out onto the internet via their social network connection. As well as giving people
access to censored content, it could allow people in the UK to watch the US version of Netflix via a US friend's connection, for example, or those in the US to log in to the BBC iPlayer to catch the latest episode of Sherlock. Or if you want to read
Melon Farmers on the train then you can use your home connection.
So far it has only been tested in a closed trial for selected users, but its developers promise to open up the code to curious security researchers. This will also ease fears that
any back door may have been left open for authorities such as the US National Security Agency to access and spy on users' browsing habits. Censors can't stop uProxy simply by blocking social networking websites either because, instead of the standard
web, it accesses the contact lists via background, hard-to-block online processes.
UProxy was funded by Google's charitable arm, Google Ideas, and the firm is also helping in its development.
Another Brave New Software project, Lantern also
relies on your social network to find a trusted computer to connect to the wider internet. Unlike uProxy, it can use friends of friends, widening the pool of potential proxies.
A Domain Name Server translates the human readable URL (eg melonfarmers.co.uk) into the IP address (eg, 206.292.1.17) use by computers on the internet.
This Domain Name System has recently become a censorship tool eg by the US who have been
frequently banning websites by ensuring that US DNS servers refuse to look up a banned URL. The US had threatened to introduce even more broad powers with the introduction of the SOPA legislation.
In a response to growing attempts at censorship,
various alternative DNS systems have been proposed with an emphasis on those that can't be meddled with by the authorities. The latest, called ODDNS, comes out of France.
As its name suggests, ODDNS (Open and Decentralized DNS) is an open and
decentralized DNS system running on the P2P (Peer-to-Peer) model. It's creator, web developer Jimmy Rudolf, told PCinpact he invented the system with two specific aims in mind.
The first, and of most interest to people fighting censorship, is to show governments that it is not possible to prevent people from talking.
The second, of interest to anyone who owns and maintain their own domain names, is to take
back control of them.
ODDNS is an application which allows everyone running the software to share information about domain names with each other, a bit like how a P2P network functions. ODDNS can supplement or even replace regular DNS.
Because domain names and
related IP addresses are shared among peers in the network, they can no longer be censored.
Still under development, as expected the source code to ODDNS is licensed under GNU GPLv3. PCinpact reports that the current ODDNS website will be updated
next week and the first beta release of the software will follow shortly after.
Tor is a popular program which enables people suffering internet censorship to view the entire unobstructed internet. It's basically a proxy server which encrypts the outgoing packets so that they can't be snooped on. Unfortunately, these data
packets can still be identified so the traffic can therefore still be blocked.
Computer scientists have now come up with a way to mask these data packets as Skype traffic. This makes it near impossible for the government to block the data packets.
If a government were to block Skype, there would be a massive outcry from other governments and the citizens themselves.
The goal is to make the traffic look like some other protocol that they are not willing to block, Ian Goldberg, a
professor at the Cheriton School of Computer Science at the University of Waterloo, told Ars.
SkypeMorph, as the application is called, uses traffic shaping to convert Tor packets into User Datagram Protocol packets to avoid detection. The traffic
shaping also mimics the sizes and timings of packets produced by normal Skype video conversations to further mask the connection from suspicion.
Ethical hacker Ankit Fadia's book is shocking, entertaining, educational and inspiring all at the same time! He dedicates it To A Free and Unblocked Internet .
Seriously, even I learned a lot and I've been
circumventing government Internet censorship in Thailand and teaching others how to for the past six years.
When I met the author, Ankit Fadia, in Bangkok a few weeks ago, I asked him the only important question: Everything?
Surely that's exaggeration. He told me, of course it was, and that his book was mostly intended to help users circumvent school and workplace blocking.
After studying How to Unblock EVERYTHING on the Internet!, I just can't
agree with him. Ankit pretty much covers everything I can think of. His Chapter 9 on multiple formats for a webpage's IP address is nothing short of brilliant. Turns out there are far more formats to which that URL can be converted than government could
employ people to block (see below). For my work against censorship, this is the most important chapter in How to Unblock EVERYTHING on the Internet!
Data smuggling software could help citizens in countries operating repressive net filters visit any site they want.
Developed by US computer scientists the software, called Telex, hides data from banned websites inside traffic from sites deemed
So far, Telex is only a prototype but in tests it has been able to defeat Chinese web filters.
Telex was developed to get around the problem that stops other anti-censorship technologies being more effective, said Dr Alex Halderman,
who has worked on Telex since early 2010. Many existing anti-censorship systems involve connecting to a server or network outside the country in which a user lives. This approach relies on spreading information about these servers and networks widely
enough that citizens hear about them but not so much that censors can find out and block them.
Telex turns this approach on its head, said Dr Halderman: Instead of having some server outside the network that's participating we are doing it in
the core of the network. .
When a user wants to visit a banned site they initially point their web browser at a safe site. As they connect, Telex software installed on their PC puts a tag or marker on the datastream being sent to that safe
Net routers outside the country recognise that the datastream has been marked and re-direct a request to a banned site. Data from censored webpages is piped back to the user in a datastream disguised to resemble that from safe sites.
Circumvention tools are made both by non-governmental organizations and commercial companies. This is not only to support press freedom or activism, but also based on the simple philosophy that all information on the internet should always be available
to everyone. Below is a summary of the 11 best-known tools.
• Tor Developed by the Tor Project . Worldwide, the best-known circumvention and security
tool. Pros: Easily available and easy to use. Good technical support. Cons: Makes connections slow.
• Psiphon Developed by the University of Toronto’s CitizenLab
. Connections run via different servers in different countries, making origins hard to trace. Works on the basis of invitation by Psiphon to counter abuse. Pros: No need to download software. Handy for use in internet cafés. Cons:
Invitation is a built-in security shell, but also an obstacle for users who don’t know anyone to arrange an invitation for them. Psiphon has no official security certificate. Makes connections slow.
• Ultrasurf Developed by
Ultrareach , partner of the Global Internet Freedom Consortium. Works as a program in Windows. Pros: Easy to use. Leaves no trace when uninstalled. Cons: Has a bad name
because it was said to have distributed viruses in the past.
• YourFreedom Developed by Reichert Network Solutions . Software is free, but
possibilities are limited. Possible to pay for an upgrade. Pros: Good technical support. Cons: Possibilities of free version limited, especially for sending data.
• JAP Developed by
JonDonym , a commercial branch of the University of Dresden. Pros: Portable, so suitable for use in internet cafés. Reliable service, open source code. Design
faults can be corrected. Cons: Still in the test phase. Makes connections slower.
• Gpass Developed by World’s Gate, Inc., partner of Global
Internet Freedom Consortium . Not only provides secure connections, but also enables encryption. Pros: Multiple secure routes, easy to install. Cons: Has to be installed on your computer from the Consortium website. Repressive governments
block the site, making the software hard to get hold of.
• Google Cache, Reader en Translation : Developed by Google. Handy for picking up information, not suitable for distribution from a security point of view. Pros:
Accessible from any location, as long as Google and Gmail are available. Cons: Connection isn’t secure.
• GTunnel Developed by Garden Networks for
Information Freedom , has a long history in circumvention software for users in China. Pros: Suitable for Microsoft Windows. User can send information using GTunnel via Tor or Skype. This double security makes internet traffic securer and more
anonymous, but also slower. This can be a disadvantage in countries where internet runs via dial-up connections. Cons: Limited number of servers available, especially in Taiwan.
• Freegate Developed by
Dynamic Internet Technology (DIT) . Works using a limited number of proxy servers in Taiwan and the US. Pros: Easy to use and can be stored on a USB stick, so also suitable for
internet cafés. Cons: More than one version of the same software available. Status unclear. Limited number of servers. Questionable security.
• Dynaweb Developed by
Dynamic Internet Technology (DIT) . Originally for China, but now also used in Iran. Works on the basis of proxy servers. Pros: Easy to use. Cons: Proxy servers aren’t secure.
Analysts can easily find out who’s using Dynaweb. No scientific data on Dynaweb’s effectiveness. Unclear what the developers do with users’ personal details.
• Hotspot Shield Originally developed by
AnchorFree . For users of unsecured WiFi connections, not specifically for people in countries with repressive governments. Hotspot Shield also carries unsolicited advertising.
suited for use in non-democratic countries.
Chinese internet users suspect that their government is interfering with the method they have been using to tunnel under the Great Firewall to prevent them connecting with the outside world.
Since 6 May, a number of users says that internet
connections via China Telecom, the largest telephone company, and China Unicom have become unstable , with intermittent access when trying to access sites in foreign countries using a virtual private network (VPN). Even Apple's app store
has been put off-limits by the new blocks, according to reports.
The disruption has mainly affected corporate connections such as universities while home connections that use standard broadband systems have been unaffected, according to the
prominent Chinese technology blogger William Long.
Normally traffic flowing over VPN connections is secure because it is encrypted, meaning that the Chinese authorities were unable to detect what content was flowing back and forth over it. A VPN
connection from a location inside China to a site outside China would effectively give the same access as if the user were outside China.
According to Global Voices Advocacy, a pressure group that defends free speech online, the disruption follows
new systems put in place in the Great Firewall -- in fact monitoring software on the routers that direct internet traffic within and across China's borders. The new software appears to be able to detect large amounts of connections being made to
overseas internet locations.
The problem has become so bad that some universities and businesses have told their users not to try to use VPNs, and only to visit work-related sites; to do otherwise could lead to trouble for the
company and the users involved.
Mozilla officials have refused a US government request to ban a Firefox add-on that helps people to access sites that use internet domain names seized earlier this year.
The Firefox add-on, available on Mozilla.org, made it easy for users to
access sites that used some of the confiscated addresses. It did this by redirecting them to substitute domain names that were out of the reach of US courts, such as those with a .de top level domain.
You simply type Demoniod.com into your
browser as usual, the add-on's authors wrote in an FAQ explaining how it works. The browser sends the address to the add-on, the add-on checks if Demoniod.com is on the list of sites to be redirected and immediately redirects you to the mirror
US officials alleged MafiaaFire circumvented their seizure order and asked Mozilla to remove it. The open-source group, in not so many words, said no. Our approach is to comply with valid court orders, warrants, and legal mandates,
but in this case there was no such court order, Harvey Anderson of Mozilla explained.
A vocal chorus of lawmakers and policy wonks have decried the domain seizures, arguing that the ex parte actions are a serious power grab that threaten the
stability of the internet. If the US government can confiscate addresses it doesn't agree with, what's to stop China or any other country from doing the same thing?
The seizure of file-sharing related domain names by the US Government hasn't been as effective as the entertainment industries had hoped since many of them simply continued their operations under new domains. To make these type of domain transitions
go more smoothly, an anonymous group has coded a simple Firefox add-on that automatically redirects users to these new homes.
ICE director John Morton confirmed last week that the seizures will continue in the coming years. But at the same time
the authorities amp up their anti-piracy efforts, those in opposition are already coming up with ways to bypass them.
One of these initiatives is the MAFIAA Fire add-on for Firefox. The plugin, which will support the Chrome browser at a
later stage too, maintains a list of all the domains that ICE (hence the fire) has seized and redirects their users to an alternative domain if the sites in question have set one up.
The U.S. government has developed technology that can cut through Web censorship barriers in countries like China and deliver news and information to people who don't have currently have access to it.
The Feed Over Email (FOE) system, outlined in
a recent report by the Broadcasting Board of Governors, uses email to transport censored data to end users. A server encodes the required internet data (pages, files, applications, RSS feeds etc) and encodes them into an email. The end user runs a client
program to decode the data into familiar internet formats.
The government hopes that FOE will allow people to receive the latest news from censored Web sites and also complement existing anti-censorship tools, according to the report. People also
can use the tool to download other anti-censorship software, such Tor, Freegate, or Ultrasurf.
The technology was tested between February and June 2010 in the Chinese cities of Hong Kong, Beijing, and Shenzhen and performed well in all tests,
according to the report. However, the agency said it's unclear how it will work when publicly available.
The U.S. has undertaken previous efforts to help bypass government Internet censorship, but the report marks the first public
disclosure of technological efforts to do so.
A browser that bypasses internet censors has become the most popular way to access the Internet in Kazakhstan, a Central Asian state where sites critical of the government are often blocked.
The Norwegian developed Opera browser made by Opera
Software has increased its market share sharply in the ex-Soviet state since it began to allow downloads of compressed web pages via a server outside the country, a feature designed to speed browsing.
The Opera browser is now the most popular in
the country with a market share of 32%, beating out rival products from Google, Microsoft and Apple, according to statistics for March from Web analytics firm StatCounter.
The new version of Opera introduced last year, Opera 10, allows users to
view otherwise inaccessible Web pages using its Opera Turbo feature designed to speed up browsing over slow connections.
Kazakhstan introduced a law last year allowing local courts to block access to Web sites whose content has been deemed illegal,
a step that human rights groups say amounts to censorship.
Some of the most popular blogging websites such as Livejournal.com and Google-run Blogger.com are now inaccessible to most of Kazakhstan's 3.2 million Internet users.
A basement in the gray, Gothic heart of the University of Toronto is home to the CSI of cyberspace. We are doing free expression forensics, says Ronald Deibert, director of the Citizen Lab.
Deibert and his team of academics and students
investigate in real time governments and companies that restrict what we see and hear on the Internet. They are also trying to help online journalists and bloggers slip the shackles of censorship and surveillance. Deibert is a co-founder of the OpenNet
Initiative (ONI), a project of the Citizen Lab in collaboration with the Berkman Center for Internet and Society at Harvard Law School. ONI tracks the blocking and filtering of the Internet around the globe.
We are testing in 71 countries, says Deibert.
We are testing all the time. We are the technical hub of ONI.
We started out in 2002 with China, said Jillian York, project coordinator for Berkman. The work evolved, and then with Cuba we cracked it . However, as Citizen Lab
and Berkman gained expertise and resources so did the censors they battled.
We are now onto third-generation controls, York said of Internet censorship. The first generation was simple filtering, IP blocking in China, for example. The second generation was surveillance, which ranged from placing spies or closed-circuit cameras in Internet cafés to installing tracking software on computers themselves.
The third generation controls combine all the above. We see it in China, Syria, and Burma. It's a very broad approach, York laments.
ONI's research and public awareness-raising provides just one weapon in the increasingly sophisticated
armory that bloggers need to deploy against government encroachment. Some free-speech campaigners engage across a wide battlefront, taking on authorities in Tunisia or Pakistan, for example, to keep blogging and video platforms open. Others, like
Deibert, devise tools for an individual user to tunnel beneath a firewall or slip past a digital spy undetected. He helped develop Psiphon, a free, open source application that channels data through a network of proxies to circumvent censorship. Anyone can use it. It's fast and there's nothing to download onto your computer for the Internet police to find,
It's a game of digital cat-and-mouse with authorities hunting down circumvention nodes, and Psiphon switching to an alternate as soon as a node is compromised. Citizen Lab launched Psiphon in December 2006 but did not have the
resources to develop it further. So in May this year, Deibert and another ONI founder, Rafal Rohozinski, spun it off as a commercial enterprise. It is still free to users but charges companies to deliver their blocked content. Clients so far include the
BBC and the U.S. government-funded Broadcasting Board of Governors. Social networking platforms such as Twitter and Facebook have been a boon to Psiphon and other circumvention tools like Tor, spreading node connection information among bloggers and
journalists. This was evident during the media crackdown in Iran that followed the disputed June presidential elections, when Twitter proved difficult to shut down.
Chinese authorities has begun blocking the intermediate nodes and servers, directory services on the basis of the Tor anonymizing their IP addresses.
In the columns of Tor's blog can be read that the great firewall (GFW) is
blocking communication with about 80% of the Tor node. Author of note also admitted that it was expected this turn of events.
Already in the middle of last year, China blocked Tor website. Therefore, the operator of the website and its creators
tried to be the protection of the new Tor servers, to prevent the Chinese authorities to get into the list of public nodes - the intention is apparently failed.
Although the establishment of an anonymous connection is still possible using the
remaining 20% of the nodes, but such an operation takes a long time. Author of this blog entry advises users that you run a Tor private goals (so-called bridge relays) if they want to help Chinese colleagues. This kind of goals do not appear on public
lists, and thus difficult to find and block.
The U.S. government is covertly testing technology in China and Iran that lets residents break through screens set up by their governments to limit access to news on the Internet.
The feed over email (FOE) system delivers news, podcasts
and data via technology that evades web-screening protocols of restrictive regimes, said Ken Berman, head of IT at the U.S. government's Broadcasting Board of Governors, which is testing the system.
The news feeds are sent through email accounts
including those operated by Google Inc, Microsoft Corp's Hotmail and Yahoo Inc.
We have people testing it in China and Iran, said Berman, whose agency runs Voice of America. He provided few details on the new system, which is in the early
stages of testing. He said some secrecy was important to avoid detection by the two governments.
New software aiming to circumvent web censorship in the Middle East and beyond was recently launched at a summit on blogging in Cairo. The tool "Al-Kasir" - meaning "the circumventer" in Arabic, is now
available for public use in its first test version.
Developer Walid Al-Saqaf, a Sweden-based Yemeni, said he is using the device to work around government web censorship.
The tool also performs periodic checks on censored sites to track whether they remain constantly blocked or if the filtering is lifted at times. Meanwhile, users of the program can report information about filtering and blocking in their respective countries.
While primarily intended for use in Arab countries like Syria, Tunisia, and Yemen where web censorship is widely imposed, Al-Kasir can be used in any country.
Al-Saqaf explained the process of using the tool to access blocked websites.
When you open the program, you will get information about your ISP, country, etc. If someone using the same ISP as you had already reported through Al-Kasir about a blocked website and that website got approved (by the moderators), then it
will be accessible by you. If not, then you could report a blocked website and then it will be moderated and if approved, it will be accessible by you as well as everyone else using Al-Kasir and accessing the Internet through your ISP.
Al-Saqaf told MENASSAT that the program only circumvents human-moderated websites that have been blocked by governments due to
political or informational reasons: In other words, the program allows access to human rights and activist websites, political websites, discussion groups, and social groups. It was a tough decision to make but it was necessary because otherwise, the
bandwidth and the legal constraints would be costly.
guide outlines several methods of protecting one's identity in order to avoid retaliation and can considerably reduce the risks that a blogger's identity will be linked to his or her online writings through technical means.
In order to provide
you with the most up to date information on how to blog anonymously, the guide has been updated once again so that all the tips are compatible with Tor's recent updates.
This update introduces the Tor Browser Bundle, an open source version of a
portable browser developed by Tor Project, that lets you use Tor with zero install. Tor Browser is a great pre-configured Tor bundle with self contained Mozilla Firefox browser for USB drives or any other portable media (SD Card, Hard Drives, Compact
If you're going to pursue your blogging activities primarily from shared computers (like cybercafe computers) or if you're unable to install software on a computer, please follow the steps on how to run Tor Browser Bundle without
needing to install any software.
The update includes tips on how to acquire the Tor bundle if your internet connection blocks access to the Tor website. It also includes tips on what to do if you encounter problems connecting to the Tor network.
Please link to it, download it and help disseminate this important information. Feel free as well to help us translating the guide into your own language.
Herdict Web crowd sources reports from users to discover, in real time, what users around the world are experiencing in terms of internet website blocking.
Herdict is a named coned from joining ‘herd' and ‘verdict.'
Using Herdict Web,
anyone anywhere can report websites as accessible or inaccessible. Herdict Web aggregates reports in real time, permitting participants to see if inaccessibility is a shared problem, giving them a better sense of potential reasons for why a site is
inaccessible. Trends can be viewed over time, by site and by country.
Herdict Web is the brainchild of Professor Jonathan Zittrain (The Future of the Internet: And How to Stop It) and is part of The Berkman Center for Internet & Society.
Regular web users can now access anonymously-published websites that are masked by Tor's hidden services thanks to a new tool called tor2web.com .
The tool, created by former
Reddit developer Aaron Swartz and WikiScanner creator Virgil Griffith, enables people to view these hidden websites (designated by the .onion domain suffix) without diving into Tor, which can be a pain for casual surfers.
The creators hope that
the existence of tor2web will encourage more organizations to publish content anonymously through Tor, now that such a heavy access restriction has been lifted.
The Tor project is most famous as a tool that allows Internet surfers to access
websites privately and anonymously from within the onion router. Put simply, it works by passing your requests to another node that acts as a middleman between you and a website, which in turn passes the request onto other nodes, and so on. Every
step is encrypted except for the final exit node to the content server connection, and the network is run almost entirely by volunteers.
Tor's hidden services allow web publishers to publish content anonymously so that law enforcement (and
general snoopers) can't detect where the information is coming from. The only problem with publishing websites under Tor is that they can only be accessed from within Tor, meaning that the available audience at any given time is infinitesimally small
compared to the overall Internet-using population. This is the problem that Swartz and Griffith hope to address with tor2web.