Practical Censorship Evasion Leveraging Content Delivery Networks

Total Page:16

File Type:pdf, Size:1020Kb

Practical Censorship Evasion Leveraging Content Delivery Networks Practical Censorship Evasion Leveraging Content Delivery Networks Hadi Zolfaghari Amir Houmansadr University of Massachusetts Amherst University of Massachusetts Amherst [email protected] [email protected] ABSTRACT censorship by refraining from DNS lookups for the censored CDNBrowsing is a promising approach recently proposed for content. Second, censors will refrain from IP blocking the censorship circumvention. CDNBrowsing relies on the fact CDN edge servers that host censored webpages since this will that blocking content hosted on public CDNs can poten- block all the other (potentially many) non-forbidden web- tially cause the censors collateral damage due to disrupting pages hosted on those edge servers as well. Finally, the use benign content publishers. In this work, we identify vari- of encryption by the hosting CDN providers (e.g., through ous low-cost attacks against CDNBrowsing, demonstrating HTTPS) can bypass DPI-based censorship mechanisms like that the design of practically unobservable CDNBrowsing keyword and URL filtering. systems is significantly more challenging than what thought In this paper, we show that despite being a promising new previously. We particularly devise unique website finger- direction for censorship circumvention, designing practical printing attacks against CDNBrowsing traffic, and discover CDNBrowsing systems is significantly more challenging than various forms of information leakage in HTTPS that can be previously suggested [21]. We demonstrate the possibility used to block the previously proposed CDNBrowsing sys- of various low-cost identification attacks tailored to CDN- tem. Motivated by the attacks, we design and implement Browsing, and demonstrate that the attacks can effectively a new CDNBrowsing system called CDNReaper, which de- detect and block CacheBrowser, the first CDNBrowsing sys- feats the discovered attacks. tem proposed by Holowczak et al. [21]. Specifically, our thor- By design, a CDNBrowsing system can browse only par- ough analysis of in-the-wild CDN systems shows that their ticular types of webpages due to its proxy-less design. We deployments of the HTTPS protocol leaks the identity of the perform a comprehensive measurement to classify popular websites being served to the clients, therefore, allowing the Internet websites based on their browsability by CDNBrowsing censors to block an unprotected CDNBrowsing system like systems. To further increase the reach of CDNBrowsing, we CacheBrowser. Additionally, we introduce a unique form devise several mechanisms that enable CDNBrowsing sys- of website fingerprinting attack against CDNBrowsing traf- tems to browse a larger extent of Internet webpages, partic- fic, and show its significantly high accuracy against Cache- ularly partial-CDN webpages. Browser with processing overheads two orders of magnitude lower than traditional website fingerprinting techniques [39]. We conclude that an effective CDNBrowsing system should 1. INTRODUCTION be tailored to every single CDN system it tries to leverage for Internet censorship continues to remain the biggest threat circumvention, as opposed to CacheBrowser's one-size-fits- to the Internet freedom across the globe [7,8, 25]. A re- all solution; this is due to the diversity of CDN deployments cent promising approach for censorship circumvention [21], as shown in our analysis. which we call CDNBrowsing, relies on the collateral damage To that end, we design and deploy a new CDNBrowsing of disrupting ubiquitous content delivery networks (CDN). system called CDNReaper that protects against the discov- In this approach, censored clients obtain a forbidden Inter- ered attacks. CDNReaper takes into account the specific net webpage that is hosted on a CDN network by connect- deployment of HTTPS by each real-world CDN system, and ing to some arbitrary edge server of the hosting CDN sys- implements CDN-aware mechanisms that remove the leaked tem|as opposed to obtaining it from the optimal CDN edge information about (forbidden) CDN destinations browsed by server identified through DNS resolution. This mechanism CDNReaper. Also, CDNReaper defeats the CDNBrowsing- is aimed at defeating the main censorship mechanisms as specific website fingerprinting attacks by making modifica- follows: First, CDNBrowsing clients bypass any DNS-based tions to the web objects requested by the censored clients. We have implemented CDNReaper as a fully functional, end- Permission to make digital or hard copies of all or part of this work for personal or user system. classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation By design, a CDNBrowsing system can only browse par- on the first page. Copyrights for components of this work owned by others than the ticular censored webpages, e.g., those hosted on specific CDN author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or systems. We perform the first comprehensive analysis on the republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]. reach of CDNBrowsing systems by inspecting the top 10,000 CCS’16, October 24 - 28, 2016, Vienna, Austria Alexa websites and classifying them into various categories c 2016 Copyright held by the owner/author(s). Publication rights licensed to ACM. based on their readiness to be browsed by CDNBrowsing ISBN 978-1-4503-4139-4/16/10. $15.00 systems. To further expand the reach of CDNBrowsing, we DOI: http://dx.doi.org/10.1145/2976749.2978365 devise several mechanisms that enable CDNBrowsing sys- ufactured and sold by competing multinational technology tems to browse a larger scope of Internet webpages. In par- companies. Even the most advanced, state-of-the-art cir- ticular, we implement mechanisms to enable CDNBrowsing cumvention systems designed in the academia, such as Tor of partial-CDN websites, i.e., those with only some of their pluggable transports [16, 19, 31, 38, 40], are thwarted [20, 22, main content hosted on CDN, which constitute a large frac- 37] by competent state-level censors. tion of Internet webpages based on our study. For instance, some video streaming or Internet TV websites host their 2.2 CDNBrowsing Circumvention multimedia content on CDN networks, but not their front- CDNBrowsing is a new approach for censorship circum- page HTML. We particularly introduce content wrappers vention, recently proposed by Holowczak et al. [21] as a sys- and dynamic mirrors to enable CDNBrowsing of partial- tem called CacheBrowser. CDNBrowsing is based on the CDN websites, and demonstrate their feasibility for popular observation that webpages hosted on typical CDN platforms partial-CDN webpages like bbc.co.uk and tumblr.com. We share the same set of IP addresses. Therefore, to block a for- show that these mechanisms come with very small overheads bidden webpage hosted on a CDN system, the censors will compared to fully CDNBrowsable webpages. We also inves- not be able to use IP filtering since it will also block all the tigate how CDNReaper can be used for browsing websites (potentially many) non-forbidden webpages that are served hosted on private CDN networks, such as YouTube. through the same set of shared IP addresses. The censors, In summary, we make the following main contributions: however, may be able to use DNS interference to block • We identify various low-cost attacks tailored for CDN- access to specific forbidden CDN-hosted webpages. Fortu- Browsing systems, and demonstrate their effectiveness nately, such DNS interference can be easily circumvented: against CacheBrowser [21]. Particularly, we devise as Holowczak et al. show, typical CDN-hosted webpages can a CDNBrowsing-specific website fingerprinting attack be obtained from arbitrary CDN edge servers. Therefore, a that is two orders of magnitude faster than the state- censored client can ignore the DNS resolution stage (which of-the-art fingerprinting system of Wang et al. [39], is anyways interfered with by the censors) and directly re- despite its higher accuracy. quest the forbidden CDN website from some arbitrary CDN • We have designed and deployed an advanced CDN- edge server that the client already knows. Ignoring the DNS Browsing system called CDNReaper. Our system is resolution state by a CDNBrowsing client can potentially designed to defeat the CDNBrowsing-specific attacks degrade the QoS performance of the (otherwise censored) we discovered. We have implemented CDNReaper as a CDNBrowsing connection compared to regular connections fully functional system with Chrome and Firefox plug- (since DNS resolution is meant to identify the optimal CDN ins. We have also designed an advanced bootstrapper IP address), however, Holowczak et al. show that the per- for CDNReaper. Our bootstrapper is designed as a formance is still superior to that of traditional circumven- CDNBrowsable service itself, therefore it is highly un- tion systems like Tor. Finally, the use of encryption in blockable. HTTPS connections is meant to prevent the censors from • Through comprehensive evaluations, we classify the deep-packet inspection of HTTPS CDN content, there- top 10,000 Alexa websites into six categories based on fore, rendering URL/keyword filtering infeasible their readiness to be browsed through CDNBrowsing. • We have devised several mechanisms to extend the 2.3 Advantages of CDNBrowsing reach of CDNBrowsing. Particularly, we introduce CDNBrowsing is a new paradigm
Recommended publications
  • Poster: Introducing Massbrowser: a Censorship Circumvention System Run by the Masses
    Poster: Introducing MassBrowser: A Censorship Circumvention System Run by the Masses Milad Nasr∗, Anonymous∗, and Amir Houmansadr University of Massachusetts Amherst fmilad,[email protected] ∗Equal contribution Abstract—We will present a new censorship circumvention sys- side the censorship regions, which relay the Internet traffic tem, currently being developed in our group. The new system of the censored users. This includes systems like Tor, VPNs, is called MassBrowser, and combines several techniques from Psiphon, etc. Unfortunately, such circumvention systems are state-of-the-art censorship studies to design a hard-to-block, easily blocked by the censors by enumerating their limited practical censorship circumvention system. MassBrowser is a set of proxy server IP addresses [14]. (2) Costly to operate: one-hop proxy system where the proxies are volunteer Internet To resist proxy blocking by the censors, recent circumven- users in the free world. The power of MassBrowser comes from tion systems have started to deploy the proxies on shared-IP the large number of volunteer proxies who frequently change platforms such as CDNs, App Engines, and Cloud Storage, their IP addresses as the volunteer users move to different a technique broadly referred to as domain fronting [3]. networks. To get a large number of volunteer proxies, we This mechanism, however, is prohibitively expensive [11] provide the volunteers the control over how their computers to operate for large scales of users. (3) Poor QoS: Proxy- are used by the censored users. Particularly, the volunteer based circumvention systems like Tor and it’s variants suffer users can decide what websites they will proxy for censored from low quality of service (e.g., high latencies and low users, and how much bandwidth they will allocate.
    [Show full text]
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield
    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
    [Show full text]
  • BRKSEC-2011.Pdf
    #CLUS About Garlic and Onions A little journey… Tobias Mayer, Technical Solutions Architect BRKSEC-2011 #CLUS Me… CCIE Security #14390, CISSP & Motorboat driving license… Working in Content Security & TLS Security tmayer{at}cisco.com Writing stuff at “blogs.cisco.com” #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda • Why anonymization? • Using Tor (Onion Routing) • How Tor works • Introduction to Onion Routing • Obfuscation within Tor • Domain Fronting • Detect Tor • I2P – Invisible Internet Project • Introduction to Garlic Routing • Conclusion #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Cisco Webex Teams Questions? Use Cisco Webex Teams (formerly Cisco Spark) to chat with the speaker after the session How 1 Find this session in the Cisco Events App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space Webex Teams will be moderated cs.co/ciscolivebot#BRKSEC-2011 by the speaker until June 18, 2018. #CLUS © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 Different Intentions Hide me from Government! Hide me from ISP! Hide me from tracking! Bypass Corporate Bypass Country Access Hidden policies restrictions (Videos…) Services #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Browser Identity Tracking does not require a “Name” Tracking is done by examining parameters your browser reveals https://panopticlick.eff.org #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Proxies EPIC Browser #CLUS BRKSEC-2011 © 2018 Cisco and/or its affiliates.
    [Show full text]
  • People's Tech Movement to Kick Big Tech out of Africa Could Form a Critical Part of the Global Protests Against the Enduring Legacy of Racism and Colonialism
    CONTENTS Acronyms ................................................................................................................................................ 1 1 Introduction: The Rise of Digital Colonialism and Surveillance Capitalism ..................... 2 2 Threat Modeling .......................................................................................................................... 8 3 The Basics of Information Security and Software ............................................................... 10 4 Mobile Phones: Talking and Texting ...................................................................................... 14 5 Web Browsing ............................................................................................................................ 18 6 Searching the Web .................................................................................................................... 23 7 Sharing Data Safely ................................................................................................................... 25 8 Email Encryption ....................................................................................................................... 28 9 Video Chat ................................................................................................................................... 31 10 Online Document Collaboration ............................................................................................ 34 11 Protecting Your Data ................................................................................................................
    [Show full text]
  • Blocking-Resistant Communication Through Domain Fronting
    Proceedings on Privacy Enhancing Technologies 2015; 2015 (2):46–64 David Fifield*, Chang Lan, Rod Hynes, Percy Wegmann, and Vern Paxson Blocking-resistant communication through domain fronting Abstract: We describe “domain fronting,” a versatile 1 Introduction censorship circumvention technique that hides the re- mote endpoint of a communication. Domain fronting Censorship is a daily reality for many Internet users. works at the application layer, using HTTPS, to com- Workplaces, schools, and governments use technical and municate with a forbidden host while appearing to com- social means to prevent access to information by the net- municate with some other host, permitted by the cen- work users under their control. In response, those users sor. The key idea is the use of different domain names at employ technical and social means to gain access to the different layers of communication. One domain appears forbidden information. We have seen an ongoing conflict on the “outside” of an HTTPS request—in the DNS re- between censor and censored, with advances on both quest and TLS Server Name Indication—while another sides, more subtle evasion countered by more powerful domain appears on the “inside”—in the HTTP Host detection. header, invisible to the censor under HTTPS encryp- Circumventors, at a natural disadvantage because tion. A censor, unable to distinguish fronted and non- the censor controls the network, have a point working fronted traffic to a domain, must choose between allow- in their favor: the censor’s distaste for “collateral dam- ing circumvention traffic and blocking the domain en- age,” incidental overblocking committed in the course of tirely, which results in expensive collateral damage.
    [Show full text]
  • X-XSS- Protection
    HTTP SECURITY HEADERS (Protection For Browsers) BIO • Emmanuel JK Gbordzor ISO 27001 LI, CISA, CCNA, CCNA-Security, ITILv3, … 11 years in IT – About 2 years In Security Information Security Manager @ PaySwitch Head, Network & Infrastructure @ PaySwitch Head of IT @ Financial Institution Bug bounty student by night – 1st Private Invite on Hackerone Introduction • In this presentation, I will introduce you to HyperText Transfer Protocol (HTTP) response security headers. • By specifying expected and allowable behaviors, we will see how security headers can prevent a number of attacks against websites. • I’ll explain some of the different HTTP response headers that a web server can include in a response, and what impact they can have on the security of the web browser. • How web developers can implement these security headers to make user experience more secure A Simple Look At Web Browsing Snippet At The Request And Response Headers Browser Security Headers help: ➢ to define whether a set of security precautions should be activated or Why deactivated on the web browser. ➢ to reinforce the security of your web Browser browser to fend off attacks and to mitigate vulnerabilities. Security ➢ in fighting client side (browser) attacks such as clickjacking, Headers? injections, Multipurpose Internet Mail Extensions (MIME) sniffing, Cross-Site Scripting (XSS), etc. Content / Context HTTP STRICT X-FRAME-OPTIONS EXPECT-CT TRANSPORT SECURITY (HSTS) CONTENT-SECURITY- X-XSS-PROTECTION X-CONTENT-TYPE- POLICY OPTIONS HTTP Strict Transport Security (HSTS)
    [Show full text]
  • Download Or Upload
    DocuSign Envelope ID: ECF321E3-5E94-4153-9254-2A048AFD03E4 Student Name ______________________________Sergey Frolov _______ Student ID___________________********* ___ Doctoral______________ Degree in ______________________________Computer Science _____________________________ Thesis Title: Practical Countermeasures against Network Censorship Have you performed research involving human subjects which requires approval from the Institutional Review Board (IRB)? ___ Yes ___X No IRB Protocol Number ________________ Have you used live animals, animal tissue, or observational animal work which requires approval from the Institutional Animal Care and Use Committee (IACUC)? ___ Yes ___X No IACUC Protocol Number _______________ Attach the final copy of thesis/dissertation for committee review. While formatting changes may be requested by the Graduate School, the content of the attached document should be final. Approvals: Committee Chair Name ______________________________________________________Eric Wustrow Signature _____________________________________ Date Signed _________________11/15/2020 Committee Member Name ______________________________________________________Sangtae Ha Signature _____________________________________ Date Signed _________________11/10/2020 The final copy of this thesis has been examined by the signatories, and we find that both the content and the form meet acceptable presentation standards of scholarly work in the above- mentioned discipline. DocuSign Envelope ID: ECF321E3-5E94-4153-9254-2A048AFD03E4 Practical Countermeasures
    [Show full text]
  • Open Source Software As Intangible Capital: Measuring the Cost and Impact of Free Digital Tools Preliminary Draft October 31, 20181 Carol A
    Open Source Software as Intangible Capital: Measuring the Cost and Impact of Free Digital Tools Preliminary Draft October 31, 20181 Carol A. Robbins*(1), Gizem Korkmaz (2), José Bayoán Santiago Calderón (3), Daniel Chen (2), Claire Kelling (4) , Stephanie Shipp (2), Sallie Keller (2) Abstract Open source software is everywhere, both as specialized applications nurtured by devoted user communities, and as digital infrastructure underlying platforms used by millions daily, yet its value and impact are not currently measured (with small exceptions). We develop an approach to document the scope and impact of open source software created by all sectors of the economy: businesses, universities, government research institutions, nonprofits, and individuals. We use a bottom-up approach to measure subset of OSS projects and languages, collecting data on open source software languages R, Python, Julia, and JavaScript, as well as from the Federal Government’s code.gov website. Using lines of code and a standard model to estimate package developer time, we convert lines of code to resource cost. We estimate that the resource cost for developing R, Python, Julia, and JavaScript exceeds $3 billion dollars, based on 2017 costs. Applying this approach to open source software available on code.gov results in an estimated value of more than $1 billion, based on 2017 costs, as a lower bound for the resource cost of this software. We analyze the dependencies between software packages through network analysis and estimate re-use statistics. This reuse is one measure of relative impact. Key words: Open Source Software, Intangibles, Network Analysis National Center for Science and Engineering Statistics, National Science Foundation; 2) Social & Decision Analytics Division, Biocomplexity Institute & Initiative, University of Virginia; 3) Claremont Graduate University; 4) Pennsylvania State University 1 An earlier version of this paper was presented August 21, 2018 at the International Association for Research on Income and Wealth.
    [Show full text]
  • Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications
    Domain Shadowing: Leveraging Content Delivery Networks for Robust Blocking-Resistant Communications Mingkui Wei Cybersecurity Engineering George Mason University, Fairfax, VA, 22030 Abstract according to the Host header but have the TLS connection still appear to belong to the allowed domain. The blocking- We debut domain shadowing, a novel censorship evasion resistance of domain fronting derives from the significant technique leveraging content delivery networks (CDNs). Do- “collateral damage”, i.e., to disable domain fronting, the censor main shadowing exploits the fact that CDNs allow their cus- needs to block users from accessing the entire CDN, resulting tomers to claim arbitrary domains as the back-end. By set- in all domains on the CDN inaccessible. Because today’s ting the front-end of a CDN service as an allowed domain Internet relies heavily on web caches and many high-profile and the back-end a blocked one, a censored user can access websites also use CDNs to distribute their content, completely resources of the blocked domain with all “indicators”, includ- blocking access to a particular CDN may not be a feasible ing the connecting URL, the SNI of the TLS connection, and option for the censor. Because of its strong blocking-resistant the Host header of the HTTP(S) request, appear to belong power, domain fronting has been adopted by many censorship to the allowed domain. Furthermore, we demonstrate that evasion systems since it has been proposed [24, 28, 34, 36]. domain shadowing can be proliferated by domain fronting, In the last two years, however, many CDNs began to disable a censorship evasion technique popularly used a few years domain fronting by enforcing the match between the SNI and ago, making it even more difficult to block.
    [Show full text]
  • Identifying Javascript Skimmers on High-Value Websites
    Imperial College of Science, Technology and Medicine Department of Computing CO401 - Individual Project MEng Identifying JavaScript Skimmers on High-Value Websites Author: Supervisor: Thomas Bower Dr. Sergio Maffeis Second marker: Dr. Soteris Demetriou June 17, 2019 Identifying JavaScript Skimmers on High-Value Websites Thomas Bower Abstract JavaScript Skimmers are a new type of malware which operate by adding a small piece of code onto a legitimate website in order to exfiltrate private information such as credit card numbers to an attackers server, while also submitting the details to the legitimate site. They are impossible to detect just by looking at the web page since they operate entirely in the background of the normal page operation and display no obvious indicators to their presence. Skimmers entered the public eye in 2018 after a series of high-profile attacks on major retailers including British Airways, Newegg, and Ticketmaster, claiming the credit card details of hundreds of thousands of victims between them. To date, there has been little-to-no work towards preventing websites becoming infected with skimmers, and even less so for protecting consumers. In this document, we propose a novel and effective solution for protecting users from skimming attacks by blocking attempts to contact an attackers server with sensitive information, in the form of a Google Chrome web extension. Our extension takes a two-pronged approach, analysing both the dynamic behaviour of the script such as outgoing requests, as well as static analysis by way of a number of heuristic techniques on scripts loaded onto the page which may be indicative of a skimmer.
    [Show full text]
  • By Israa Alsars
    QATAR UNIVERSITY COLLEGE OF ENGINEERING [Free Chain: Enabling Freedom of Expression through Public Blockchains ] BY ISRAA ALSARSOUR A Thesis Submitted to the Faculty of the College of Engineering in Partial Fulfillment of the Requirements for the Degree of Masters of Science in Computing Masters of Science in Computing June 2021 © 2021 Israa Alsarsour. All Rights Reserved. COMMITTEE PAGE The members of the Committee approve the Thesis of Israa Alsarsour defended on 19/04/2021. Qutaiba M. Malluhi Thesis/Dissertation Supervisor Abdelaziz Bouras Committee Member Aiman Erbad Committee Member Devrim Unal Committee Member Approved: Khalifa Nasser Al-Khalifa, Dean, College of Engineering ii ABSTRACT ALSARSOUR, ISRAA SALEM, Masters : June :2021, Masters of Science in Computing Title: Free Chain: Enabling Freedom of Expression through Public Blockchains Supervisor of Thesis: Qutaibah M, Malluhi. Everyone should have the right to expression and opinion without interference. Nevertheless, Internet censorship is often misused to block freedom of speech. The distributed ledger technology provides a globally shared database geographically dispersed and cannot be controlled by a central authority. Blockchain is an emerging technology that enabled distributed ledgers and has recently been employed for building various types of applications. This thesis demonstrates a unique application of blockchain technologies to create a platform supporting freedom of expression. The thesis adopts permissionless and public blockchains to leverage their advantages of providing an on-chain immutable and tamper-proof publication medium. The study shows the blockchain potential for delivering a censorship-resistant publication platform. The thesis presents and evaluates possible methods for building such a system using the Bitcoin and Ethereum blockchain networks.
    [Show full text]
  • Bigfix Inventory Open Source Licenses and Notices
    The HCL license agreement and any applicable information on the web download page for HCL products refers Licensee to this file for details concerning notices applicable to code included in the products listed above ("the Program"). Notwithstanding the terms and conditions of any other agreement Licensee may have with HCL or any of its related or affiliated entities (collectively "HCL"), the third party code identified below is subject to the terms and conditions of the HCL license agreement for the Program and not the license terms that may be contained in the notices below. The notices are provided for informational purposes. Please note: This Notices file may identify information that is not used by, or that was not shipped with, the Program as Licensee installed it. IMPORTANT: HCL does not represent or warrant that the information in this NOTICES file is accurate. Third party websites are independent of HCL and HCL does not represent or warrant that the information on any third party website referenced in this NOTICES file is accurate. HCL disclaims any and all liability for errors and omissions or for any damages accruing from the use of this NOTICES file or its contents, including without limitation URLs or references to any third party websites. <<Begin Inventory Application Notices>> License Library Description License Reference Reference Type Copyrights Homepage Download Link Author Apache 2.0 ant-1.7.0.jar Apache Ant https://repo.maven.apache.org/maven2/org/apache/ant/ant/1.7.0/ant- 1.7.0.pom POM file "1999-2006 Copyright 1999-2006 The Apache Software Foundation 2002 Copyright 2002 Landmark" https://repo.maven.apache.org/maven2/org/apache/ant/ant/1.7.0/ant- 1.7.0.jar Apache Software Foundation Apache 2.0 cglib-nodep-2.2.2.jar Code generation library with shaded ASM dependecies POM file http://cglib.sourceforge.net/ https://repo.maven.apache.org/maven2/cglib/cglib-nodep/2.2.2/cglib- nodep-2.2.2.jar Apache 2.0 commons-codec-1.4.jar "The codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal.
    [Show full text]