Today, most web browsers have private-browsing modes, in which they temporarily desist from recording the user's browsing history.
But data accessed during private browsing sessions can still end up tucked away in a computer's memory, where a sufficiently motivated attacker could retrieve it.
This week, at the Network and Distributed Systems Security Symposium, researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) and Harvard University presented a paper describing a new system, dubbed Veil, that makes
private browsing more private.
Veil would provide added protections to people using shared computers in offices, hotel business centers, or university computing centers, and it can be used in conjunction with existing private-browsing systems and with anonymity networks such as
Tor, which was designed to protect the identity of web users living under repressive regimes.
"Veil was motivated by all this research that was done previously in the security community that said, 'Private-browsing modes are leaky -- Here are 10 different ways that they leak,'" says Frank Wang, an MIT graduate student in
electrical engineering and computer science and first author on the paper. "We asked, 'What is the fundamental problem?' And the fundamental problem is that [the browser] collects this information, and then the browser does its best effort to
fix it. But at the end of the day, no matter what the browser's best effort is, it still collects it. We might as well not collect that information in the first place."
Wang is joined on the paper by his two thesis advisors: Nickolai Zeldovich, an associate professor of electrical engineering and computer science at MIT, and James Mickens , an associate professor of computer science at Harvard.
With existing private-browsing sessions, Wang explains, a browser will retrieve data much as it always does and load it into memory. When the session is over, it attempts to erase whatever it retrieved.
But in today's computers, memory management is a complex process, with data continuously moving around between different cores (processing units) and caches (local, high-speed memory banks). When memory banks fill up, the operating system might
transfer data to the computer's hard drive, where it could remain for days, even after it's no longer being used.
Generally, a browser won't know where the data it downloaded has ended up. Even if it did, it wouldn't necessarily have authorization from the operating system to delete it.
Veil gets around this problem by ensuring that any data the browser loads into memory remains encrypted until it's actually displayed on-screen. Rather than typing a URL into the browser's address bar, the Veil user goes to the Veil website and
enters the URL there. A special server -- which the researchers call a blinding server -- transmits a version of the requested page that's been translated into the Veil format.
The Veil page looks like an ordinary webpage: Any browser can load it. But embedded in the page is a bit of code -- much like the embedded code that would, say, run a video or display a list of recent headlines in an ordinary page -- that executes
a decryption algorithm. The data associated with the page is unintelligible until it passes through that algorithm.
Once the data is decrypted, it will need to be loaded in memory for as long as it's displayed on-screen. That type of temporarily stored data is less likely to be traceable after the browser session is over. But to further confound would-be
attackers, Veil includes a few other security features.
One is that the blinding servers randomly add a bunch of meaningless code to every page they serve. That code doesn't affect the way a page looks to the user, but it drastically changes the appearance of the underlying source file. No two
transmissions of a page served by a blinding sever look alike, and an adversary who managed to recover a few stray snippets of decrypted code after a Veil session probably wouldn't be able to determine what page the user had visited.
If the combination of run-time decryption and code obfuscation doesn't give the user an adequate sense of security, Veil offers an even harder-to-hack option. With this option, the blinding server opens the requested page itself and takes a
picture of it. Only the picture is sent to the Veil user, so no executable code ever ends up in the user's computer. If the user clicks on some part of the image, the browser records the location of the click and sends it to the blinding server,
which processes it and returns an image of the updated page.
The back end
Veil does, of course, require web developers to create Veil versions of their sites. But Wang and his colleagues have designed a compiler that performs this conversion automatically. The prototype of the compiler even uploads the converted site to
a blinding server. The developer simply feeds the existing content for his or her site to the compiler.
A slightly more demanding requirement is the maintenance of the blinding servers. These could be hosted by either a network of private volunteers or a for-profit company. But site managers may wish to host Veil-enabled versions of their sites
themselves. For web services that already emphasize the privacy protections they afford their customers, the added protections provided by Veil could offer a competitive advantage.
"Veil attempts to provide a private browsing mode without relying on browsers," says Taesoo Kim, an assistant professor of computer science at Georgia Tech, who was not involved in the research. "Even if end users didn't explicitly
enable the private browsing mode, they still can get benefits from Veil-enabled websites. Veil aims to be practical -- it doesn't require any modification on the browser side -- and to be stronger -- taking care of other corner cases that browsers
do not have full control of."
Firefox is working to protect users from censorship and government control of the Internet. Firefox 59 will recognize new peer to
peer internet protocols such as Dat Project, IPFS, and Secure Scuttlebutt, allowing companies to develop extensions which will deliver the Internet in a way governments will find difficult to control, monitor and censor.
Mozilla believes such freedom is a key ingredient of a healthy Internet, and has sponsored other projects which would offer peer to peer wireless internet which cuts out Internet Service Providers.
While a peer to peer system would never be as fast and easy as a client-server system as we have at present, it does provide a baseline level of service which government and ISPs could not go below, or risk increasing number of users defecting,
which means the mere existence of these systems helps everyone else, even if they never become widespread.
Mozilla has always been a proponent of decentralization , recognizing that it is a key ingredient of a healthy Internet. Starting with Firefox 59, several protocols that support decentralized architectures are approved for
use by extensions. The newly approved protocols are:
Firefox itself does not implement these protocols, but having them on the approved list means the browser recognizes them as valid protocols and extensions are free to provide implementations.
A group of international broadcasters have come together to support a new website that aims to help internet users around the world access news and information.
The Broadcasting Board of Governors (US), the BBC (UK), Deutsche Welle (Germany) and France M39dias Monde (France) have co-sponsored the Bypass Censorship website: bypasscensorship.org
Bypass Censorship provides internet users information on how to access and download security-conscious tools which will enable them to access news websites and social media blocked by governments.
When governments try to block these circumvention tools, the site is updated with information to help users stay ahead of the censors and maintain access to news sites.
BBG CEO, John F. Lansing said:
The right to seek, and impart, facts and ideas is a universal human right which many repressive governments seek to control. This website presents an incredible opportunity to provide citizens around the world with the resources they need to
access a free and open internet for uncensored news and information essential to making informed decisions about their lives and communities.
The broadcasters supporting the Bypass Censorship site are part of the DG7 group of media organisations which are consistent supporters of UN resolutions on media freedom and the safety of journalists.
After several days of radio silence, VPN provider PureVPN has responded to criticism that it provided information which helped the
FBI catch a cyberstalker. In a fairly lengthy post, the company reiterates that it never logs user activity. What it does do, however, is log both the real and assigned 'anonymous' IP addresses of users accessing its service.
In a fairly lengthy statement, PureVPN begins by confirming that it definitely doesn't log what websites a user views or what content he or she downloads. However, that's only half the problem. While it doesn't log user activity (what sites people
visit or content they download), it does log the IP addresses that customers use to access the PureVPN service. These, given the right circumstances, can be matched to external activities thanks to logs carried by other web companies.
If for instance a user accesses a website of interest to the authorities, then that website, or various ISPs involved in the route can see the IP address doing the accessing. And if they look it up, they will find that it belongs to PureVPN. They
would then ask PureVPN to identify the real IP address of the user who was assigned the observed PureVPN IP address at the time it was observed.
Now, if PureVPN carried no logs -- literally no logs -- it would not be able to help with this kind of inquiry. That was the case last year when the FBI approached Private Internet Access for information and the company was unable to assist .
But in this case, PureVPN does keep the records of who was assigned each IP address and when, and so the user can be readily identified (albeit with the help of the user's ISP too).
It is for this reason that in TorrentFreak's annual summary of no-logging VPN providers , the very first question we ask every single company reads as follows:
Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user/users of your service? If so, what information do you hold and for how long?
Clearly, if a company says yes we log incoming IP addresses and associated timestamps, any claim to total user anonymity is ended right there and then.
While not completely useless (a logging service will still stop the prying eyes of ISPs and similar surveillance, while also defeating throttling and site-blocking), if you're a whistle-blower with a job or even your life to protect, this level
of protection is entirely inadequate.
A new tool wants to make it easy to track internet outages and help people learn how to circumvent them.
The Open Observatory of Network Interference (OONI), which monitors networks for censorship and surveillance, is launching Ooniprobe, a mobile app to test network connectivity and let you know when a website is censored in your area.
The app tests over 1,200 websites, including Facebook ( FB , Tech30 ) , Twitter ( TWTR , Tech30 ) and WhatsApp.
Created in 2012 under the Tor Project, OONI monitors networks in more than 90 countries through its desktop and hardware trackers, which are available to anyone. It publishes censorship data on its site . The organization has confirmed censorship
cases in a number of countries, including Russia, Saudi Arabia, Turkey, Ethiopia and Sudan.
The website has recently introduced a mobile app so that OONI can reach more people potentially affected by internet outages, especially in emerging markets where smartphones are more common than computers.
Opera has become the first major browser to add a free VPN client to its web browser. The VPN offers AES-256 encryption and allows users to browse the Internet privately. In addition, the free VPN also helps to circumvent website blockades.
The company has added a free and unlimited VPN to the developer version of its browser. This means that users can browse the web securely at the flick of a switch .
The VPN connection is provided by the Canadian VPN service SurfEasy, which like many other VPNs keeps no logs. SurfEasy was acquired by Opera last year and VP of Marketing Steve Kelly tells TorrentFreak that privacy and censorship were the main reasons
to add the free VPN to Opera. Kelly said:
Everyone deserves to surf privately online if they want to. Today, it is too difficult to maintain privacy when using the web, and way too many people experience roadblocks online, like blocked content..
By releasing an integrated, free and unlimited VPN in the browser, we make it simple for people to enhance their privacy and access the content they want.
Opera's in-browser VPN uses AES-256 encryption and SurfEasy says that the initial response has been very strong. The network is prepared to handle hundreds of thousands of simultaneous connections without any problems.
The Electronic Frontier Foundation (EFF) has released Privacy Badger 1.0, a browser extension that blocks some of the sneakiest trackers that try to spy on your Web browsing habits.
More than a quarter of a million users have already installed the alpha and beta releases of Privacy Badger. The new Privacy Badger 1.0 includes blocking of certain kinds of super-cookies and browser fingerprinting -- the latest ways that some parts of
the online tracking industry try to follow Internet users from site to site.
EFF Staff Technologist Cooper Quintin, lead developer of Privacy Badger said:
It's likely you are being tracked by advertisers and other third parties online. You can see some of it when it's happening, such as ads that follow you around the Web that seem to reflect your past browsing history. Those echoes from your past mean you
are being tracked, and the records of your online activity are distributed to other third parties -- all without your knowledge, control, or consent. But Privacy Badger 1.0 will spot many of the trackers following you without your permission, and will
block them or screen out the cookies that do their dirty work.
Privacy Badger 1.0 works in tandem with the new Do Not Track (DNT) policy, announced earlier this week by EFF and a coalition of Internet companies. Users can set the DNT flag -- in their browser settings or by installing Privacy Badger -- to signal that
they want to opt-out of online tracking. Privacy Badger won't block third-party services that promise to honor all DNT requests.
EFF Chief Computer Scientist Peter Eckersley, leader of the DNT project said:
With DNT and Privacy Badger 1.0, Internet users have important new tools to make their desires about online tracking known to the websites they visit and to enforce those desires by blocking stealthy online tracking and the exploitation of their reading
history. It's time to put users back in control and stop surreptitious, intrusive Internet data collection. Installing Privacy Badger 1.0 helps build a leaner, cleaner, privacy-friendly Web.
In an original initiative designed to circumvent website blocking by governments that violate human rights, Reporters Without Borders is using the technique known as mirroring to duplicate the censored sites and place the copies on the servers of
Internet giants such as Amazon, Microsoft and Google. In these 11 countries that are "Enemies of the Internet," blocking the servers of these Internet giants in order to make the mirror sites inaccessible would deprive thousands of companies of
essential services. The economic and political cost would be too high. Our nine sites are therefore protected against censorship.
Reporters Without Borders is renting bandwidth for this operation that will gradually be used up as more and more people visit the mirror sites. We are therefore asking Internet users to help pay for additional bandwidth so that the mirror sites will be
available for as long as possible.
The nine mirror sites created by Reporters Without Borders
To help make freely-reported news and information available in these countries, all Internet users are invited to join in this operation by posting this list on social networks with the
A UK developer has created a new and free service that not only silently unblocks any website without falling foul of the law, but one that will eventually become available to all under a GPL 3.0 license.
People browsing the internet in censored spaces such as UK public WiFi will soon be able to access the web using the internet connection of friends in censorship-free zones of the web.
Google has thrown its weight behind an idea that lets people circumvent censorship by using the internet connection of a friend.
A collaboration between the University of Washington in Seattle and non-profit firm Brave New Software, uProxy lets users share their internet connection with friends on social networks through a browser extension.
When both parties have the uProxy extension installed, one can forge an encrypted link through the other person's browser and out onto the internet via their social network connection. As well as giving people access to censored content, it could allow
people in the UK to watch the US version of Netflix via a US friend's connection, for example, or those in the US to log in to the BBC iPlayer to catch the latest episode of Sherlock. Or if you want to read Melon Farmers on the train then you can use
your home connection.
So far it has only been tested in a closed trial for selected users, but its developers promise to open up the code to curious security researchers. This will also ease fears that any back door may have been left open for authorities such as the US
National Security Agency to access and spy on users' browsing habits. Censors can't stop uProxy simply by blocking social networking websites either because, instead of the standard web, it accesses the contact lists via background, hard-to-block online
UProxy was funded by Google's charitable arm, Google Ideas, and the firm is also helping in its development.
Another Brave New Software project, Lantern also relies on your social network to find a trusted computer to connect to the wider internet. Unlike uProxy, it can use friends of friends, widening the pool of potential proxies.
A Domain Name Server translates the human readable URL (eg melonfarmers.co.uk) into the IP address (eg, 206.292.1.17) use by computers on the internet.
This Domain Name System has recently become a censorship tool eg by the US who have been frequently banning websites by ensuring that US DNS servers refuse to look up a banned URL. The US had threatened to introduce even more broad powers with the
introduction of the SOPA legislation.
In a response to growing attempts at censorship, various alternative DNS systems have been proposed with an emphasis on those that can't be meddled with by the authorities. The latest, called ODDNS, comes out of France.
As its name suggests, ODDNS (Open and Decentralized DNS) is an open and decentralized DNS system running on the P2P (Peer-to-Peer) model. It's creator, web developer Jimmy Rudolf, told PCinpact he invented the system with two specific aims in mind.
The first, and of most interest to people fighting censorship, is to show governments that it is not possible to prevent people from talking.
The second, of interest to anyone who owns and maintain their own domain names, is to take back control of them.
ODDNS is an application which allows everyone running the software to share information about domain names with each other, a bit like how a P2P network functions. ODDNS can supplement or even replace regular DNS.
Because domain names and related IP addresses are shared among peers in the network, they can no longer be censored.
Still under development, as expected the source code to ODDNS is licensed under GNU GPLv3. PCinpact reports that the current ODDNS website will be updated next week and the first beta release of the software will follow shortly after.
Tor is a popular program which enables people suffering internet censorship to view the entire unobstructed internet. It's basically a proxy server which encrypts the outgoing packets so that they can't be snooped on. Unfortunately, these data packets
can still be identified so the traffic can therefore still be blocked.
Computer scientists have now come up with a way to mask these data packets as Skype traffic. This makes it near impossible for the government to block the data packets. If a government were to block Skype, there would be a massive outcry from other
governments and the citizens themselves.
The goal is to make the traffic look like some other protocol that they are not willing to block, Ian Goldberg, a professor at the Cheriton School of Computer Science at the University of Waterloo, told Ars.
SkypeMorph, as the application is called, uses traffic shaping to convert Tor packets into User Datagram Protocol packets to avoid detection. The traffic shaping also mimics the sizes and timings of packets produced by normal Skype video conversations to
further mask the connection from suspicion.
Ethical hacker Ankit Fadia's book is shocking, entertaining, educational and inspiring all at the same time! He dedicates it To A Free and Unblocked Internet .
Seriously, even I learned a lot and I've been circumventing government Internet censorship in Thailand and teaching others how to for the past six years.
When I met the author, Ankit Fadia, in Bangkok a few weeks ago, I asked him the only important question: Everything? Surely that's exaggeration. He told me, of course it was, and that his book was mostly intended to help users circumvent school
and workplace blocking.
After studying How to Unblock EVERYTHING on the Internet!, I just can't agree with him. Ankit pretty much covers everything I can think of. His Chapter 9 on multiple formats for a webpage's IP address is nothing short of brilliant. Turns out there are
far more formats to which that URL can be converted than government could employ people to block (see below). For my work against censorship, this is the most important chapter in How to Unblock EVERYTHING on the Internet!
Data smuggling software could help citizens in countries operating repressive net filters visit any site they want.
Developed by US computer scientists the software, called Telex, hides data from banned websites inside traffic from sites deemed safe.
So far, Telex is only a prototype but in tests it has been able to defeat Chinese web filters.
Telex was developed to get around the problem that stops other anti-censorship technologies being more effective, said Dr Alex Halderman, who has worked on Telex since early 2010. Many existing anti-censorship systems involve connecting to a server or
network outside the country in which a user lives. This approach relies on spreading information about these servers and networks widely enough that citizens hear about them but not so much that censors can find out and block them.
Telex turns this approach on its head, said Dr Halderman: Instead of having some server outside the network that's participating we are doing it in the core of the network. .
When a user wants to visit a banned site they initially point their web browser at a safe site. As they connect, Telex software installed on their PC puts a tag or marker on the datastream being sent to that safe destination.
Net routers outside the country recognise that the datastream has been marked and re-direct a request to a banned site. Data from censored webpages is piped back to the user in a datastream disguised to resemble that from safe sites.
Circumvention tools are made both by non-governmental organizations and commercial companies. This is not only to support press freedom
or activism, but also based on the simple philosophy that all information on the internet should always be available to everyone. Below is a summary of the 11 best-known tools.
Developed by the Tor Project
. Worldwide, the best-known circumvention and security tool.
Pros: Easily available and easy to use. Good technical support.
Cons: Makes connections slow.
Developed by the University of Toronto’s CitizenLab
. Connections run via different servers in different countries, making origins hard to trace. Works on the basis of invitation by Psiphon to counter abuse.
Pros: No need to download software. Handy for use in internet cafés.
Cons: Invitation is a built-in security shell, but also an obstacle for users who don’t know anyone to arrange an invitation for them. Psiphon has no official security certificate. Makes connections slow.
Developed by Ultrareach
, partner of the Global Internet Freedom Consortium. Works as a program in Windows.
Pros: Easy to use. Leaves no trace when uninstalled.
Cons: Has a bad name because it was said to have distributed viruses in the past.
Developed by Reichert Network Solutions
. Software is free, but possibilities are limited. Possible to pay for an upgrade.
Pros: Good technical support.
Cons: Possibilities of free version limited, especially for sending data.
Developed by JonDonym
, a commercial branch of the University of Dresden.
Pros: Portable, so suitable for use in internet cafés. Reliable service, open source code. Design faults can be corrected.
Cons: Still in the test phase. Makes connections slower.
Developed by World’s Gate, Inc., partner of Global Internet Freedom Consortium
. Not only provides secure connections, but also enables encryption.
Pros: Multiple secure routes, easy to install.
Cons: Has to be installed on your computer from the Consortium website. Repressive governments block the site, making the software hard to get hold of.
Google Cache, Reader en Translation
Developed by Google. Handy for picking up information, not suitable for distribution from a security point of view.
Pros: Accessible from any location, as long as Google and Gmail are available.
Cons: Connection isn’t secure.
Developed by Garden Networks for Information Freedom
, has a long history in circumvention software for users in China.
Pros: Suitable for Microsoft Windows. User can send information using GTunnel via Tor or Skype. This double security makes internet traffic securer and more anonymous, but also slower. This can be a disadvantage in countries where internet runs via
Cons: Limited number of servers available, especially in Taiwan.
Developed by Dynamic Internet Technology (DIT)
. Works using a limited number of proxy servers in Taiwan and the US.
Pros: Easy to use and can be stored on a USB stick, so also suitable for internet cafés.
Cons: More than one version of the same software available. Status unclear. Limited number of servers. Questionable security.
Developed by Dynamic Internet Technology (DIT)
. Originally for China, but now also used in Iran. Works on the basis of proxy servers.
Pros: Easy to use.
Cons: Proxy servers aren’t secure. Analysts can easily find out who’s using Dynaweb. No scientific data on Dynaweb’s effectiveness. Unclear what the developers do with users’ personal details.
Originally developed by AnchorFree
. For users of unsecured WiFi connections, not specifically for people in countries with repressive governments. Hotspot Shield also carries unsolicited advertising.
Pros: Connection via VPN.
Chinese internet users suspect that their government is interfering with the method they have been using to tunnel under
the Great Firewall to prevent them connecting with the outside world.
Since 6 May, a number of users says that internet connections via China Telecom, the largest telephone company, and China Unicom have become unstable , with intermittent access when trying to access sites in foreign countries using a
virtual private network (VPN). Even Apple's app store has been put off-limits by the new blocks, according to reports.
The disruption has mainly affected corporate connections such as universities while home connections that use standard broadband systems have been unaffected, according to the prominent Chinese technology blogger William Long.
Normally traffic flowing over VPN connections is secure because it is encrypted, meaning that the Chinese authorities were unable to detect what content was flowing back and forth over it. A VPN connection from a location inside China to a site
outside China would effectively give the same access as if the user were outside China.
According to Global Voices Advocacy, a pressure group that defends free speech online, the disruption follows new systems put in place in the Great Firewall -- in fact monitoring software on the routers that direct internet traffic within
and across China's borders. The new software appears to be able to detect large amounts of connections being made to overseas internet locations.
The problem has become so bad that some universities and businesses have told their users not to try to use VPNs, and only to visit work-related sites; to do otherwise could lead to trouble for the company and the users involved.
Mozilla officials have refused a US government request to ban a Firefox add-on that helps people to access sites that use internet domain names seized earlier this year.
The Firefox add-on, available on Mozilla.org, made it easy for users to access sites that used some of the confiscated addresses. It did this by redirecting them to substitute domain names that were out of the reach of US courts, such as those with
a .de top level domain.
You simply type Demoniod.com into your browser as usual, the add-on's authors wrote in an FAQ explaining how it works. The browser sends the address to the add-on, the add-on checks if Demoniod.com is on the list of sites to be redirected
and immediately redirects you to the mirror site.
US officials alleged MafiaaFire circumvented their seizure order and asked Mozilla to remove it. The open-source group, in not so many words, said no. Our approach is to comply with valid court orders, warrants, and legal mandates, but in this
case there was no such court order, Harvey Anderson of Mozilla explained.
A vocal chorus of lawmakers and policy wonks have decried the domain seizures, arguing that the ex parte actions are a serious power grab that threaten the stability of the internet. If the US government can confiscate addresses it doesn't agree
with, what's to stop China or any other country from doing the same thing?
The seizure of file-sharing related domain names by the US Government hasn't been as effective as the entertainment industries had hoped since many of them simply continued their operations under new domains. To make these type of domain
transitions go more smoothly, an anonymous group has coded a simple Firefox add-on that automatically redirects users to these new homes.
ICE director John Morton confirmed last week that the seizures will continue in the coming years. But at the same time the authorities amp up their anti-piracy efforts, those in opposition are already coming up with ways to bypass them.
One of these initiatives is the MAFIAA Fire add-on for Firefox. The plugin, which will support the Chrome browser at a later stage too, maintains a list of all the domains that ICE (hence the fire) has seized and redirects their users to an
alternative domain if the sites in question have set one up.
The U.S. government has developed technology that can cut through Web censorship barriers in countries like China and deliver news and information to people who don't have currently have access to it.
The Feed Over Email (FOE) system, outlined in a recent report by the Broadcasting Board of Governors, uses email to transport censored data to end users. A server encodes the required internet data (pages, files, applications, RSS feeds etc) and encodes
them into an email. The end user runs a client program to decode the data into familiar internet formats.
The government hopes that FOE will allow people to receive the latest news from censored Web sites and also complement existing anti-censorship tools, according to the report. People also can use the tool to download other anti-censorship software, such
Tor, Freegate, or Ultrasurf.
The technology was tested between February and June 2010 in the Chinese cities of Hong Kong, Beijing, and Shenzhen and performed well in all tests, according to the report. However, the agency said it's unclear how it will work when
The U.S. has undertaken previous efforts to help bypass government Internet censorship, but the report marks the first public disclosure of technological efforts to do so.
Reporters Without Borders have launched the world's first Anti-Censorship Shelter in Paris for use by foreign journalists, bloggers and dissidents who are refugees or just passing through as a place where they can learn how to circumvent
Internet censorship, protect their electronic communications and maintain their anonymity online.
At a time when online filtering and surveillance is becoming more and more widespread, we are making an active commitment to an Internet that is unrestricted and accessible to all by providing the victims of censorship with the means of
protecting their online information, Reporters Without Borders said.
Never before have there been so many netizens in prison in countries such as China, Vietnam and Iran for expressing their views freely online, the press freedom organisation added. Anonymity is becoming more and more important for those
who handle sensitive data.
Reporters Without Borders and the communications security firm XeroBank have formed a partnership in order to make high-speed anonymity services, including encrypted email and web access, available free of charge to those who user the Shelter.
By connecting to XeroBank through a Virtual Private Network (VPN), their traffic is routed across its gigabit backbone network and passes from country to country mixed with tens of thousands of other users, creating a virtually untraceable
high-speed anonymity network.
This network will be available not only to users of the Shelter in Paris but also to their contacts anywhere in the world and to all those – above all journalists, bloggers and human rights activists – who have been identified by Reporters Without
Borders. They will be able to connect with the XeroBank service by means of access codes and secured, ready-to-use USB flash drives that can be provided on request.
XeroBank is a communications security firm that has cornered the market on one of the rarest commodities in the world: online privacy. It specializes in communication solutions that protect its clients from all eavesdroppers.
The best-known free encryption and censorship circumvention software is also available to users of the Shelter, along with manuals and Wiki entries on these issues. A multimedia space is planned for journalists and Internet users who want to film
and send videos.
The Shelter will eventually also have a dedicated website for hosting banned content. Egyptian blogger Tamer Mabrouk's reports on the pollution of Egypt's lakes, which are banned in his country, and articles that are banned in Italy by its new
phone-tap law will all have a place in what is intended to be a refuge for those who still being censored.
The Shelter is open from 10 a.m. to 6 p.m. Monday to Friday. Anyone wanting to use it should make a reservation by sending an email to email@example.com.
A browser that bypasses internet censors has become the most popular way to access the Internet in Kazakhstan, a Central Asian state
where sites critical of the government are often blocked.
The Norwegian developed Opera browser made by Opera Software has increased its market share sharply in the ex-Soviet state since it began to allow downloads of compressed web pages via a server outside the country, a feature designed to speed
The Opera browser is now the most popular in the country with a market share of 32%, beating out rival products from Google, Microsoft and Apple, according to statistics for March from Web analytics firm StatCounter.
The new version of Opera introduced last year, Opera 10, allows users to view otherwise inaccessible Web pages using its Opera Turbo feature designed to speed up browsing over slow connections.
Kazakhstan introduced a law last year allowing local courts to block access to Web sites whose content has been deemed illegal, a step that human rights groups say amounts to censorship.
Some of the most popular blogging websites such as Livejournal.com and Google-run Blogger.com are now inaccessible to most of Kazakhstan's 3.2 million Internet users.
Media Guardian's Innovator of the year is Austin Heap who helped create Haystack, a system for beating Iranian web censorship
Austin Heap followed the last Iranian results on Twitter, and recognised that Iran's censorship had stepped up. He sent a tweet to fellow computer geeks and made contact with Daniel Colascione, based in Buffalo, New York.
The pair worked for 72 hours without sleep to deconstruct the filtering methods of the Iranian telecommunications agency. Then they created Haystack, a censorship workaround that directed requests from computers in Iran through servers elsewhere in the
world, hidden in a stream of innocent-looking traffic. They also devised technology to protect the identities of Haystack's users. All this made it possible for people on the ground in Iran to reach blocked sites safely and securely, to organise inside
the country and communicate with the world.
Haystack immediately turned Heap himself into a target: the Iranian government blocked his blog, and he received death threats via Twitter and even over the phone. At times he required 24-hour police protection.
Haystack, funded by voluntary donations, landed him an invitation to the US state department, and audiences with political parties in the UK including the Labour party. As much as we've tried to innovate with technology, he said, during a recent
trip to London, I think the real innovators of the year are the people with their phones, the people on the streets, the people in Iran and the other people around the world who are standing up for the human rights that they deserve. We can give them
the tools, but without the people, the tools are useless.
Heap continues to work with Haystack, and has a list of countries, from Australia to Afghanistan, that he will be tackling next.
Haystack is a new program designed to provide unfiltered internet access to the people of Iran. The software package is compatible with Windows, Mac and Unix systems, and specifically targets the Iranian government's web filtering
Haystack is not an ordinary proxy system. It employs a sophisticated mathematical formula to hide users' real Internet traffic inside a continuous stream of innocuous-looking requests. In addition to providing anonymity, Haystack
uses strong cryptography, ensuring that even if users' traffic is detected, it cannot be read. Trying to find and decipher our users' traffic amidst all the other traffic on the web really is like trying to find a needle in the proverbial Haystack.
Haystack, a company that has created software designed to circumvent Iranian government censors, has stopped testing its program amid criticism of faulty security.
Haystack founder Austin Heap said in an interview Monday that concerns about how his much-touted software program works and whether it is secure are valid.
For the time being, we are going to stop human testing and rely instead on machine testing, Heap said.
He said in a blog Monday that the software is being reviewed by a third party and testing will resume if it passes muster.
The move comes after Foreign Policy (a division of The Washington Post Co.) technology writer Evgeny Morozov and engineers said that lax security in the Haystack program could hurt users in Iran by exposing them to government authorities.
A basement in the gray, Gothic heart of the University of Toronto is home to the CSI of cyberspace. We are doing free expression forensics, says Ronald Deibert, director of the Citizen Lab.
Deibert and his team of academics and students investigate in real time governments and companies that restrict what we see and hear on the Internet. They are also trying to help online journalists and bloggers slip the shackles of censorship and
surveillance. Deibert is a co-founder of the OpenNet Initiative (ONI), a project of the Citizen Lab in collaboration with the Berkman Center for Internet and Society at Harvard Law School. ONI tracks the blocking and filtering of the Internet around the
We are testing in 71 countries, says Deibert. We are testing all the time. We are the technical hub of ONI.
We started out in 2002 with China, said Jillian York, project coordinator for Berkman. The work evolved, and then with Cuba we cracked it . However, as Citizen Lab and Berkman gained expertise and resources so did the censors they battled.
We are now onto third-generation controls, York said of Internet censorship. The first generation was simple filtering, IP blocking in China, for example. The second generation was surveillance, which ranged from placing spies or
closed-circuit cameras in Internet cafés to installing tracking software on computers themselves. The third generation controls combine all the above. We see it in China, Syria, and Burma. It's a very broad approach, York laments.
ONI's research and public awareness-raising provides just one weapon in the increasingly sophisticated armory that bloggers need to deploy against government encroachment. Some free-speech campaigners engage across a wide battlefront, taking on
authorities in Tunisia or Pakistan, for example, to keep blogging and video platforms open. Others, like Deibert, devise tools for an individual user to tunnel beneath a firewall or slip past a digital spy undetected. He helped develop Psiphon, a free,
open source application that channels data through a network of proxies to circumvent censorship. Anyone can use it. It's fast and there's nothing to download onto your computer for the Internet police to find, said Deibert.
It's a game of digital cat-and-mouse with authorities hunting down circumvention nodes, and Psiphon switching to an alternate as soon as a node is compromised. Citizen Lab launched Psiphon in December 2006 but did not have the resources to develop it
further. So in May this year, Deibert and another ONI founder, Rafal Rohozinski, spun it off as a commercial enterprise. It is still free to users but charges companies to deliver their blocked content. Clients so far include the BBC and the U.S.
government-funded Broadcasting Board of Governors. Social networking platforms such as Twitter and Facebook have been a boon to Psiphon and other circumvention tools like Tor, spreading node connection information among bloggers and journalists. This was
evident during the media crackdown in Iran that followed the disputed June presidential elections, when Twitter proved difficult to shut down.
Chinese authorities has begun blocking the intermediate nodes and servers, directory services on the basis of the Tor anonymizing their IP addresses.
In the columns of Tor's blog can be read that the great firewall (GFW) is blocking communication with about 80% of the Tor node. Author of note also admitted that it was expected this turn of events.
Already in the middle of last year, China blocked Tor website. Therefore, the operator of the website and its creators tried to be the protection of the new Tor servers, to prevent the Chinese authorities to get into the list of public nodes - the
intention is apparently failed.
Although the establishment of an anonymous connection is still possible using the remaining 20% of the nodes, but such an operation takes a long time. Author of this blog entry advises users that you run a Tor private goals (so-called bridge
relays) if they want to help Chinese colleagues. This kind of goals do not appear on public lists, and thus difficult to find and block.
The U.S. government is covertly testing technology in China and Iran that lets residents break through screens set up by their governments to limit access to news on the Internet.
The feed over email (FOE) system delivers news, podcasts and data via technology that evades web-screening protocols of restrictive regimes, said Ken Berman, head of IT at the U.S. government's Broadcasting Board of Governors, which is testing the
The news feeds are sent through email accounts including those operated by Google Inc, Microsoft Corp's Hotmail and Yahoo Inc.
We have people testing it in China and Iran, said Berman, whose agency runs Voice of America. He provided few details on the new system, which is in the early stages of testing. He said some secrecy was important to avoid detection by the two
New software aiming to circumvent web censorship in the Middle East and beyond was recently launched at a summit on blogging in Cairo. The tool "Al-Kasir" - meaning "the circumventer" in Arabic, is now
available for public use
in its first test version.
Developer Walid Al-Saqaf, a Sweden-based Yemeni, said he is using the device to work around government web censorship.
The tool also performs periodic checks on censored sites to track whether they remain constantly blocked or if the filtering is lifted at times. Meanwhile, users of the program can report information about filtering and blocking in their respective
While primarily intended for use in Arab countries like Syria, Tunisia, and Yemen where web censorship is widely imposed, Al-Kasir can be used in any country.
Al-Saqaf explained the process of using the tool to access blocked websites.
When you open the program, you will get information about your ISP, country, etc. If someone using the same ISP as you had already reported through Al-Kasir about a blocked website and that website got approved (by the moderators), then it will be
accessible by you. If not, then you could report a blocked website and then it will be moderated and if approved, it will be accessible by you as well as everyone else using Al-Kasir and accessing the Internet through your ISP.
Al-Saqaf told MENASSAT that the program only circumvents human-moderated websites that have been blocked by governments due to political or informational reasons: In other words, the program allows access to human rights and activist websites,
political websites, discussion groups, and social groups. It was a tough decision to make but it was necessary because otherwise, the bandwidth and the legal constraints would be costly.
The guide outlines several methods of protecting one's identity in order to avoid retaliation and can considerably reduce the risks that a blogger's identity will be linked to his or her online writings through technical means.
In order to provide you with the most up to date information on how to blog anonymously, the guide has been updated once again so that all the tips are compatible with Tor's recent updates.
This update introduces the Tor Browser Bundle, an open source version of a portable browser developed by Tor Project, that lets you use Tor with zero install. Tor Browser is a great pre-configured Tor bundle with self contained Mozilla Firefox browser
for USB drives or any other portable media (SD Card, Hard Drives, Compact Flash Card).
If you're going to pursue your blogging activities primarily from shared computers (like cybercafe computers) or if you're unable to install software on a computer, please follow the steps on how to run Tor Browser Bundle without needing to install any
The update includes tips on how to acquire the Tor bundle if your internet connection blocks access to the Tor website. It also includes tips on what to do if you encounter problems connecting to the Tor network.
Please link to it, download it and help disseminate this important information. Feel free as well to help us translating the guide into your own language.
Herdict Web crowd sources reports from users to discover, in real time, what users around the world are experiencing in terms of internet website blocking.
Herdict is a named coned from joining ‘herd' and ‘verdict.'
Using Herdict Web, anyone anywhere can report websites as accessible or inaccessible. Herdict Web aggregates reports in real time, permitting participants to see if inaccessibility is a shared problem, giving them a better sense of potential reasons for
why a site is inaccessible. Trends can be viewed over time, by site and by country.
Herdict Web is the brainchild of Professor Jonathan Zittrain (The Future of the Internet: And How to Stop It) and is part of The Berkman Center for Internet & Society.
Scroogle is a web service that disguises the Internet address of users who want to run Google searches anonymously.
Scroogle also gives users the option of having all communication between their computer and the search page be SSL encrypted.
The tool was created by Google critic Daniel Brandt who was concerned about Google collecting information on users, and set up Scroogle to filter searches through his servers before going to Google: I don't save the search terms and I delete all my
logs every week. So even if the feds come around and ask me questions I don't know the answer because I don't have the logs any more. I don't associate the search terms with the user's address at all, so I can't even match those up.
Traffic has doubled every year and as of December 2007, Scroogle had passed 100,000 visitors a day.
Besides anonymous searches, the tool allows users to perform Google searches without receiving Google advertisements. There is support for 28 languages, and the tool is available as a browser plug-in.
Regular web users can now access anonymously-published websites that are masked by Tor's hidden services thanks to a new tool called
The tool, created by former Reddit developer Aaron Swartz and WikiScanner creator Virgil Griffith, enables people to view these hidden websites (designated by the .onion domain suffix) without diving into Tor, which can be a pain for casual surfers.
The creators hope that the existence of tor2web will encourage more organizations to publish content anonymously through Tor, now that such a heavy access restriction has been lifted.
The Tor project is most famous as a tool that allows Internet surfers to access websites privately and anonymously from within the onion router. Put simply, it works by passing your requests to another node that acts as a middleman between you and
a website, which in turn passes the request onto other nodes, and so on. Every step is encrypted except for the final exit node to the content server connection, and the network is run almost entirely by volunteers.
Tor's hidden services allow web publishers to publish content anonymously so that law enforcement (and general snoopers) can't detect where the information is coming from. The only problem with publishing websites under Tor is that they can only be
accessed from within Tor, meaning that the available audience at any given time is infinitesimally small compared to the overall Internet-using population. This is the problem that Swartz and Griffith hope to address with tor2web.