DOCSLIB.ORG

Sok: Towards Grounding Censorship Circumvention in Empiricism

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Sok: Towards Grounding Censorship Circumvention in Empiricism 1 SoK: Towards Grounding Censorship Circumvention in Empiricism Michael Carl Tschantz⇤, Sadia Afroz⇤, Anonymous‡, and Vern Paxson⇤† ⇤International Computer Science Institute †University of California, Berkeley Abstract—E↵ective evaluations of approaches to circumventing approaches meeting their own evaluation criteria can succumb government Internet censorship require incorporating perspec- to vulnerabilities not considered by their evaluation (e.g., [1]). tives of how censors operate in practice. We undertake an extensive examination of real censors by surveying prior mea- Approach. To address this disconnect between evaluation and surement studies and analyzing field reports and bug tickets from the actual operating conditions of censorship circumvention practitioners. We assess both deployed circumvention approaches approaches, in this work we seek to ground the evaluation and research proposals to consider the criteria employed in their of circumvention approaches in empirical observations of real evaluations and compare these to the observed behaviors of real censors, identifying areas where evaluations could more faithfully censors. To do so, we systematically compare the behaviors of and e↵ectively incorporate the practices of modern censors. These real censors to the evaluation criteria used by circumvention- observations lead to an agenda realigning research with the approach designers. predominant problems of today. Our work systematizes the evaluation of approaches for censorship circumvention in four ways: I. Introduction 1) We collect data on real-world attacks to show the current Censorship circumvention research seeks to develop ap- state of censorship practice (Sections II and IV), proaches for facilitating access to banned Internet resources, a 2) We survey circumvention approaches and their eval- domain with a fundamentally adversarial nature arising from uations to illuminate the current state of evaluation the ongoing interactions between circumventors and censors. (Sections V and VI, respectively), Both parties find themselves locked in an arms race where each 3) We compare the evaluations designed to assess the ffi side must manage tradeo↵s between efficacy and expenditure. di culty of blocking an approach to the actual actions These tradeo↵s continually evolve in subtle ways as new of real censors (Section VII), technologies change the costs of various approaches. 4) We point to open research problems whose resolution Given this complexity, undertaking sound evaluation of will improve evaluation (Section VIII). potential circumvention approaches proves both crucial and Scope. We focus our discussion on censorship by governments difficult. Sound evaluation is crucial since, due to limited attempting to prevent subjects from accessing particular web resources, the developers of circumvention approaches cannot resources outside the government’s jurisdiction. The censor implement and deploy every prospective approach; they need seeks to detect and disrupt banned traffic by placing monitors criteria for selecting the most promising. It is difficult, on the at the edges of their network—just as customs inspectors other hand, because unidentified weaknesses in an approach intercept and examine physical goods at international borders. o↵er potential openings to censors, but worst-case analyses We also limit the types of circumvention we consider that presume censors will necessarily exploit such vulnerabil- to channel-based approaches that (1) bypass country-level ities ignore the realities of censors who aim to avoid blocking censors that monitor network traffic between two end points, profitable traffic while staying within their budget constraints. (2) communicate with resources outside the censors’ borders, Soundly incorporating these realities into evaluations requires and (3) enable low-latency connections (roughly, fast enough grounding in empirical observations of real censors. for web browsing). Our scope excludes concerns such as While the evaluation sections of research papers provide internal censorship of newspapers or disruption of entirely some insight into the promise of a given circumvention ap- domestic communication. Even so, the remaining space of proach, each paper employs its own evaluation methodology, censor activity and circumvention approaches is large, with 55 typically selected with the capabilities of the approach in mind approaches or evaluations of approaches [2–56] falling within but often not balanced against realistic models of censors. Fur- our scope. Figure 1 shows a generic model of censorship and thermore, such approach-oriented evaluations make it difficult circumvention under the scope we use. to compare across di↵erent approaches, or to determine how well an evaluation predicts real-world performance. Prototyped Overview. We first take a detailed look at the arms race between Tor and China as an illustration of the cat-and-mouse ‡ This coauthor chooses to forgo identification in protest of the IEEE nature of censorship and circumvention (Section II). After Security and Privacy Symposium’s acceptance of support from the US covering related work (Section III), we broaden our view by National Security Agency. While it pains us for his significant contributions to the work to go unrecognized here, we respect the heartfelt principles that examining censorship incidents involving other channel-based led him to his position. circumvention approaches (Section IV). Inside Outside used is too wide for any one list to cover all use cases, or Instructions for a single study to attempt to comprehensively rank them. Circumventor's website Rather, we hope to provide a systematic method of thinking 1 about evaluation that will guide evaluators of circumvention Identifiers 2 Circumvention service approaches in their selection of appropriate criteria on a case- by-case basis. Also, we do not intend for this work to discount the utility Monitor Forwarder Destination of forward-looking studies that anticipate the more advanced 3 censors of the future. Rather, we aim to make the tradeo↵s User clear: some approaches considered by research are likely years ahead of the point where their overhead is justified Fig. 1. An illustration of the type of censorship we study. First, censored by actual censors e↵ectively blocking less advanced methods; users within a censor’s jurisdiction gather information about how to use an meanwhile, censors block deployed approaches using simple approach, which may include a program download. Second, the users gain attacks. We hope this observation inspires the research com- various identifiers, such as IP addresses and passwords. Third, they run their traffic through a client-side program that applies various transformations to munity towards also providing tools for preventing simpler hide the true destination and content. In the case of a banned destination, the attacks, which would yield immediate benefits for many real approach sends the obscured traffic to some allowed destination that acts as users. a forwarder to the real destination. We make details and our database available at http://internet-freedom-science.org/circumvention-survey/ Next, we provide a survey of channel-based censorship circumvention (Section V) and its evaluation (Section VI). II. Illustrating the Problem Space: Unlike other surveys on circumvention [57–59], we do not Tor and the Great Firewall focus on comparing the approaches themselves, but rather on comparing their evaluations. We enumerate the criteria that The problem space we consider has both disparate aspects the developers of each approach used in their evaluations. We and a complicated arms-race-driven evolution. In this section find little commonality in the evaluation methods employed. we frame the space through the lens of the Tor anonymity While some diversity is to be expected given that approaches system and the “Great Firewall” (GFW), the primary national di↵er in goals and intended deployment environments, we censorship apparatus of China. The conflict between these two find no globally organizing principles guiding the selection actors is representative of the larger world of censorship and ↵ ↵ of evaluation criteria. circumvention, and o ers us a way of introducing di erent notions and the associated terminology we will use in our We focus on the criteria related to detecting circumventing discussion, as well as providing some of the grounding in traffic and compare them to the actions of real censors (Sec- real-life censorship that underlies many of our perspectives. tion VII). We observe that system designers tend to emphasize censor capabilities that may become important in the future, Tor provides a convenient focus due to the relatively ex- but not seen in practice today, with little assessment on actual tensive documentation of its censorship and circumvention detection techniques used by current censors. In particular, we counter-responses. We mined blog posts, bug reports, and the Tor Project’s public documentation to identify the censorship identify three disconnects between practice and research: events that underlie our narrative. A progression emerges: Tor, 1) Real censors attack how users discover and set up which was not originally designed for circumvention, is used channels, whereas research often centers on channel to evade the GFW. The censor blocks the Tor website and the usage, servers that make up the anonymity network; Tor responds 2) Real censors prefer cheap passive monitoring or more with mirrors and secret entry servers.
Load more

Recommended publications
  • Uila Supported Apps
    Uila Supported Applications and Protocols updated Oct 2020 Application/Protocol Name Full Description 01net.com 01net website, a French high-tech news site. 050 plus is a Japanese embedded smartphone application dedicated to 050 plus audio-conferencing. 0zz0.com 0zz0 is an online solution to store, send and share files 10050.net China Railcom group web portal. This protocol plug-in classifies the http traffic to the host 10086.cn. It also 10086.cn classifies the ssl traffic to the Common Name 10086.cn. 104.com Web site dedicated to job research. 1111.com.tw Website dedicated to job research in Taiwan. 114la.com Chinese web portal operated by YLMF Computer Technology Co. Chinese cloud storing system of the 115 website. It is operated by YLMF 115.com Computer Technology Co. 118114.cn Chinese booking and reservation portal. 11st.co.kr Korean shopping website 11st. It is operated by SK Planet Co. 1337x.org Bittorrent tracker search engine 139mail 139mail is a chinese webmail powered by China Mobile. 15min.lt Lithuanian news portal Chinese web portal 163. It is operated by NetEase, a company which 163.com pioneered the development of Internet in China. 17173.com Website distributing Chinese games. 17u.com Chinese online travel booking website. 20 minutes is a free, daily newspaper available in France, Spain and 20minutes Switzerland. This plugin classifies websites. 24h.com.vn Vietnamese news portal 24ora.com Aruban news portal 24sata.hr Croatian news portal 24SevenOffice 24SevenOffice is a web-based Enterprise resource planning (ERP) systems. 24ur.com Slovenian news portal 2ch.net Japanese adult videos web site 2Shared 2shared is an online space for sharing and storage.
    [Show full text]
  • Threat Modeling and Circumvention of Internet Censorship
    Threat modeling and circumvention of Internet censorship David Fifield September 27, 2017 Abstract Research on Internet censorship is hampered by a lack of adequate models of censor behavior, encompassing both censors' current practice and their likely future evolution. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not only as a set of capabilities| such as the ability to monitor network traffic—but also as a set of priorities constrained by resource limitations. A circumvention system designed under inadequate assumptions runs the risk of being either easily blocked, or impractical to deploy. My thesis research will be concerned with developing empirically informed censor models and practical, effective circumvention systems to counter them. My goal is to move the field away from seeing the censorship problem as a cat-and-mouse game that affords only incre- mental and temporary advancements. We should instead state the hypotheses and assumptions under which our circumvention designs will work|with the designs being more or less practical depending on how well the hypotheses and assumptions match the behavior of real-world censors. 1 Thesis My research is about Internet censorship and how to make it ineffective. To this end, I am interested in building useful models of real-world censors as they exist today and may exist in the future, for the purpose of building circumvention systems that are not only sound in theory but also effective in practice. 1 2 Scope Internet censorship is an enormous topic. My thesis research is concerned with one important case of it: the border firewall.
    [Show full text]
  • Internet Censorship and Resistance May 15, 2009 1 / 32 Historical Censorship
    INTERNET CENSORSHIP AND RESISTANCE Joseph Bonneau [email protected] (thanks to Steven Murdoch) Computer Laboratory Gates Scholars' Symposium 2010 Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 1 / 32 Historical Censorship He who controls the past controls the future, and he who controls the present controls the past —George Orwell, Nineteen Eighty Four, 1949 Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 2 / 32 Historical Censorship He who controls the past controls the future, and he who controls the present controls the past —George Orwell, Nineteen Eighty Four, 1949 Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 2 / 32 Information as a Human Right Everyone has the right to freedom of opinion and expres- sion; this right includes freedom to hold opinions without inter- ference and to seek, receive and impart information and ideas through any media and regardless of frontiers. —Article 19, UN Declaration of Human Rights (1948) Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 3 / 32 Information as a Human Right The final freedom, one that was probably inherent in what both President and Mrs. Roosevelt thought about and wrote about all those years ago, ... is the freedom to connect—the idea that governments should not prevent people from con- necting to the internet, to websites, or to each other... a new information curtain is descending across much of the world. —Hillary Clinton, US Secretary of State (2010) Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 3 / 32 The Internet Dream The Net treats censorship as damage and routes around it.
    [Show full text]
  • OSS: Using Online Scanning Services for Censorship Circumvention
    OSS: Using Online Scanning Services for Censorship Circumvention David Fifield1, Gabi Nakibly2, and Dan Boneh1 1 Computer Science Department, Stanford University 2 National EW Research & Simulation Center, Rafael { Advanced Defense Systems Ltd. Abstract. We introduce the concept of a web-based online scanning service, or OSS for short, and show that these OSSes can be covertly used as proxies in a censorship circumvention system. Such proxies are suitable both for short one-time rendezvous messages and bulk bidirectional data transport. We show that OSSes are widely available on the Internet and blocking all of them can be difficult and harmful. We measure the number of round trips and the amount of data that can be pushed through various OSSes and show that we can achieve throughputs of about 100 KB/sec. To demonstrate the effectiveness of our approach we built a system for censored users to communicate with blocked Tor relays using available OSS providers. We report on its design and performance. 1 Introduction Nowadays many nations regularly filter Internet traffic by blocking news sites, social networking sites, search sites, and even public mail sites like Gmail. The OpenNet Initiative, which tracks public reports of Internet filtering, lists a large number of countries that filter Internet traffic. Over half of the 74 countries tested in 2011 imposed some degree of filtering on the Internet [1]. In response, several proxy systems have emerged to help censored users freely browse the Internet. Most notable among these is Tor [2], which, while originally designed to provide anonymity, has also seen wide use in circumvention.
    [Show full text]
  • Design of a Blocking-Resistant Anonymity System DRAFT
    Design of a blocking-resistant anonymity system DRAFT Roger Dingledine Nick Mathewson The Tor Project The Tor Project [email protected] [email protected] Abstract Internet censorship is on the rise as websites around the world are increasingly blocked by government-level firewalls. Although popular anonymizing networks like Tor were originally designed to keep attackers from tracing people’s activities, many people are also using them to evade local censorship. But if the censor simply denies access to the Tor network itself, blocked users can no longer benefit from the security Tor offers. Here we describe a design that builds upon the current Tor network to provide an anonymiz- ing network that resists blocking by government-level attackers. 1 Introduction and Goals Anonymizing networks like Tor [11] bounce traffic around a network of encrypting relays. Unlike encryption, which hides only what is said, these networks also aim to hide who is communicat- ing with whom, which users are using which websites, and similar relations. These systems have a broad range of users, including ordinary citizens who want to avoid being profiled for targeted advertisements, corporations who don’t want to reveal information to their competitors, and law en- forcement and government intelligence agencies who need to do operations on the Internet without being noticed. Historical anonymity research has focused on an attacker who monitors the user (call her Alice) and tries to discover her activities, yet lets her reach any piece of the network. In more modern threat models such as Tor’s, the adversary is allowed to perform active attacks such as modifying communications to trick Alice into revealing her destination, or intercepting some connections to run a man-in-the-middle attack.
    [Show full text]
  • Peer-To-Peer Protocol and Application Detection Support
    Peer-to-Peer Protocol and Application Detection Support This appendix lists all the protocols and applications currently supported by Cisco ASR 5500 ADC. • Supported Protocols and Applications, page 1 Supported Protocols and Applications This section lists all the supported P2P protocols, sub-protocols, and the applications using these protocols. Important Please note that various client versions are supported for the protocols. The client versions listed in the table below are the latest supported version(s). Important Please note that the release version in the Supported from Release column has changed for protocols/applications that are new since the ADC plugin release in August 2015. This will now be the ADC Plugin Build number in the x.xxx.xxx format. The previous releases were versioned as 1.1 (ADC plugin release for December 2012 ), 1.2 (ADC plugin release for April 2013), and so on for consecutive releases. New in this Release This section lists the supported P2P protocols, sub-protocols and applications introduced in the ADC Plugin release for December 1, 2017. ADC Administration Guide, StarOS Release 21.6 1 Peer-to-Peer Protocol and Application Detection Support New in this Release Protocol / Client Client Version Group Classification Supported from Application Release 6play 6play (Android) 4.4.1 Streaming Streaming-video ADC Plugin 2.19.895 Unclassified 6play (iOS) 4.4.1 6play — (Windows) BFM TV BFM TV 3.0.9 Streaming Streaming-video ADC Plugin 2.19.895 (Android) Unclassified BFM TV (iOS) 5.0.7 BFM — TV(Windows) Clash Royale
    [Show full text]
  • Everyone's Guide to Bypassing Internet Censorship
    EVERYONE’S GUIDE TO BY-PASSING INTERNET CENSORSHIP FOR CITIZENS WORLDWIDE A CIVISEC PROJECT The Citizen Lab The University of Toronto September, 2007 cover illustration by Jane Gowan Glossary page 4 Introduction page 5 Choosing Circumvention page 8 User self-assessment Provider self-assessment Technology page 17 Web-based Circumvention Systems Tunneling Software Anonymous Communications Systems Tricks of the trade page 28 Things to remember page 29 Further reading page 29 Circumvention Technologies Circumvention technologies are any tools, software, or methods used to bypass Inter- net filtering. These can range from complex computer programs to relatively simple manual steps, such as accessing a banned website stored on a search engine’s cache, instead of trying to access it directly. Circumvention Providers Circumvention providers install software on a computer in a non-filtered location and make connections to this computer available to those who access the Internet from a censored location. Circumvention providers can range from large commercial organi- zations offering circumvention services for a fee to individuals providing circumven- tion services for free. Circumvention Users Circumvention users are individuals who use circumvention technologies to bypass Internet content filtering. 4 Internet censorship, or content filtering, has become a major global problem. Whereas once it was assumed that states could not control Internet communications, according to research by the OpenNet Initiative (http://opennet.net) more than 25 countries now engage in Internet censorship practices. Those with the most pervasive filtering policies have been found to routinely block access to human rights organi- zations, news, blogs, and web services that challenge the status quo or are deemed threatening or undesirable.
    [Show full text]
  • Promoting Global Internet Freedom: Government and Industry Initiatives
    Promoting Global Internet Freedom: Government and Industry Initiatives (name redacted) Specialist in Internet and Telecommunications Policy June 1, 2016 Congressional Research Service 7-.... www.crs.gov R41837 Promoting Global Internet Freedom: Government and Industry Initiatives Summary Modern communication tools such as the Internet provide a relatively inexpensive, accessible, easy-entry means of sharing ideas, information, and pictures around the world. In a political and human rights context, in closed societies when the more established, formal news media is denied access to or does not report on specified news events, the Internet has become an alternative source of media, and sometimes a means to organize politically. The openness and the freedom of expression allowed through social networking sites, as well as the blogs, video sharing sites, and other tools of today’s communications technology, have proven to be an unprecedented and often disruptive force in some closed societies. Governments that seek to maintain their authority and control the ideas and information their citizens receive are often caught in a dilemma: they feel that they need access to the Internet to participate in commerce in the global market and for economic growth and technological development, but fear that allowing open access to the Internet potentially weakens their control over their citizens. Internet freedom can be promoted in two ways, through legislation that mandates or prohibits certain activities, or through industry self-regulation. Past legislation has been aimed at prohibiting or requiring the reporting of the sale of Internet technologies and provision of Internet services to “Internet-restricting countries” (as determined by the State Department).
    [Show full text]
  • Shedding Light on Mobile App Store Censorship
    Shedding Light on Mobile App Store Censorship Vasilis Ververis Marios Isaakidis Humboldt University, Berlin, Germany University College London, London, UK [email protected] [email protected] Valentin Weber Benjamin Fabian Centre for Technology and Global Affairs University of Telecommunications Leipzig (HfTL) University of Oxford, Oxford, UK Humboldt University, Berlin, Germany [email protected] [email protected] ABSTRACT KEYWORDS This paper studies the availability of apps and app stores across app stores, censorship, country availability, mobile applications, countries. Our research finds that users in specific countries do China, Russia not have access to popular app stores due to local laws, financial reasons, or because countries are on a sanctions list that prohibit ACM Reference Format: Vasilis Ververis, Marios Isaakidis, Valentin Weber, and Benjamin Fabian. foreign businesses to operate within its jurisdiction. Furthermore, 2019. Shedding Light on Mobile App Store Censorship. In 27th Conference this paper presents a novel methodology for querying the public on User Modeling, Adaptation and Personalization Adjunct (UMAP’19 Ad- search engines and APIs of major app stores (Google Play Store, junct), June 9–12, 2019, Larnaca, Cyprus. ACM, New York, NY, USA, 6 pages. Apple App Store, Tencent MyApp Store) that is cross-verified by https://doi.org/10.1145/3314183.3324965 network measurements. This allows us to investigate which apps are available in which country. We primarily focused on the avail- ability of VPN apps in Russia and China. Our results show that 1 INTRODUCTION despite both countries having restrictive VPN laws, there are still The widespread adoption of smartphones over the past decade saw many VPN apps available in Russia and only a handful in China.
    [Show full text]
  • Psiphon User Guide
    PSIPHON USER GUIDE Psiphon is a free and open source web proxy that helps internet users bypass content-filtering systems used by governments in countries like China, Iran, Saudi Arabia, and Vietnam. It was developed by the Citizen Lab's CiviSec Project at the University of Toronto and was first released in December 2006. In this how to guide, learn how to provide a proxy service to someone behind a firewall with psiphon . If you are behind a firewall and want to learn how to connect to psiphon and access blocked content, check out this how to guide . Psiphon, unlike other circumvention services, is not intended to be a public, open proxy service. It’s based on a “web of trust” system so psiphon nodes are harder to block. What this means is that a person in an unrestricted location (one that is not behind a firewall) provides a psiphon proxy service to a person they are familiar with who is going online in a place where online access is limited. This is known as a psiphonode . A psiphonite is a psiphon user living in a censored country. The psiphonite connects to a psiphonode (set up by someone they know and trust) to access information freely. NOTE: Psiphon only works on Windows and Linux. There is no Mac version yet. Step 1. First, you should be in a location where you have open access to the internet. You should know someone in another location where access is limited. You will be providing a psiphonode for this person. Tip! If you do not know any psiphon users, but still want to provide a psiphonode, you can find users on psiphon’s Facebook page or Twitter page.
    [Show full text]
  • Threat Modeling and Circumvention of Internet Censorship by David Fifield
    Threat modeling and circumvention of Internet censorship By David Fifield A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor J.D. Tygar, Chair Professor Deirdre Mulligan Professor Vern Paxson Fall 2017 1 Abstract Threat modeling and circumvention of Internet censorship by David Fifield Doctor of Philosophy in Computer Science University of California, Berkeley Professor J.D. Tygar, Chair Research on Internet censorship is hampered by poor models of censor behavior. Censor models guide the development of circumvention systems, so it is important to get them right. A censor model should be understood not just as a set of capabilities|such as the ability to monitor network traffic—but as a set of priorities constrained by resource limitations. My research addresses the twin themes of modeling and circumvention. With a grounding in empirical research, I build up an abstract model of the circumvention problem and examine how to adapt it to concrete censorship challenges. I describe the results of experiments on censors that probe their strengths and weaknesses; specifically, on the subject of active probing to discover proxy servers, and on delays in their reaction to changes in circumvention. I present two circumvention designs: domain fronting, which derives its resistance to blocking from the censor's reluctance to block other useful services; and Snowflake, based on quickly changing peer-to-peer proxy servers. I hope to change the perception that the circumvention problem is a cat-and-mouse game that affords only incremental and temporary advancements.
    [Show full text]
  • Free Cgi Proxy Script
    Free cgi proxy script click here to download There have been many other proxy software scripts in the past, such as Glype, PHProxy, CGIProxy, Surrogafier, ASProxy, Zelune but all have either perished. This CGI script (or other) acts as an HTTP, HTTPS, or FTP proxy. Here's a demo (username "free", password "speech"), that lets you browse. Surf the web with phpMyProxy. phpMyProxy is a free, light and powerful php proxy script programed by www.doorway.ru If you use this template, keep the link to Free CSS Templates intact. cgi proxy script free download. Guacamole Install Script The script installs dependencies and configure the OS automatically for you in order to obtain. FREE CGI Web Proxy List contains list of cgi/php proxies that are publicly accessed at the moment. Public CGI (Web, PHP) anonymous proxy free list. WEB/WWW servers) servers running a proxy in the form of a CGI script/program (Common. Are you looking to start your own PHP/CGI/Perl web proxy site? We have created an up-to-date list of free and working web-based proxy scripts available for. Proxy website with hosted proxy bypass scripts. Proxy scripts (also known as CGI proxies) work by modifiying the content of the requested page to send subsequent requests back to All are powerful, easily customizable and free. Download CGIProxy. This CGI script (or other) acts as an HTTP, HTTPS, or FTP proxy. Through it, you can retrieve any resource that is accessible from the. start your proxy site with these 3 great free proxy scripts.
    [Show full text]