DOCSLIB.ORG

I Want My Voice to Be Heard: IP Over Voice-Over-IP for Unobservable Censorship Circumvention

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
I Want My Voice to Be Heard: IP Over Voice-Over-IP for Unobservable Censorship Circumvention I want my voice to be heard: IP over Voice-over-IP for unobservable censorship circumvention Amir Houmansadr† Thomas Riedl‡ Nikita Borisov‡ Andrew Singer‡ †The University of Texas at Austin ‡University of Illinois at Urbana-Champaign [email protected] {triedl2,nikita,acsinger}@illinois.edu Abstract—Open communication over the Internet poses a overthrowing repressive regimes. In response to such threats, serious threat to countries with repressive regimes, leading repressive regimes make use of different technologies to them to develop and deploy censorship mechanisms within their restrict and monitor their citizens’ access to the Internet; i.e., networks. Unfortunately, existing censorship circumvention systems face difficulties in providing unobservable communi- they censor the Internet. Censorship devices leverage various cation with their clients; this highly limits their availability techniques [2], [3] ranging from simple IP address blocking as censors can easily block access to circumvention systems and DNS hijacking to the more complicated and resource- that make observable communication patterns. Moreover, the intensive deep packet inspection (DPI) in order to enforce lack of unobservability may pose serious threats to their their blocking and monitoring. Citizens identified as non- users. Recent research takes various approaches to tackle this problem, however they introduce new challenges, and the complying with the censors’ restrictions can face different provided unobservability is breakable. consequences ranging from Internet service disruption to In this paper we propose an easy-to-deploy and unobservable severe life-threatening punishments [4]. censorship-resistant infrastructure, called FreeWave. FreeWave To help censored users gain open access to the Internet works by modulating a client’s Internet traffic into acoustic different systems and technologies have been designed and signals that are carried over VoIP connections. Such VoIP connections are targeted to a server, the FreeWave server, that developed [5]–[11], generally referred to as censorship cir- extracts the tunneled traffic and proxies them to the uncensored cumvention tools. These systems are composed of computer Internet. The use of actual VoIP connections, as opposed to and networking technologies that allow Internet users to traffic morphing, allows FreeWave to relay its VoIP connections evade monitoring, blocking, and tracing of their activities. through oblivious VoIP nodes (e.g., Skype supernodes), hence We observe that the biggest challenge facing the existing keeping the FreeWave server(s) unobservable and unblockable. In addition, the use of end-to-end encryption, which is sup- circumvention systems is the lack of “unobservability”: ported/mandated by most VoIP providers like Skype, prevents while these systems can, under certain conditions, circum- censors from distinguishing FreeWave’s VoIP connections from vent censorship they are not effectively able to hide the regular VoIP connections. fact that their users are making use of them [5]–[9]. For To utilize a VoIP connection’s throughput efficiently we instance, the Tor [8] anonymity network is not able to design communications encoders tailored specifically for VoIP’s lossy channel. We prototype FreeWave over Skype, the most effectively evade censorship as a censor can block all of popular VoIP system. We show that FreeWave is able to the publicly advertised IP addresses of Tor relays. This has reliably achieve communication throughputs that are sufficient two major consequences: first, users caught (by censors) for web browsing, even when clients are far distanced from the leveraging these circumvention systems may face various FreeWave server. We also validate FreeWave’s communication punishments such as imprisoning. Second, and even more unobservability against traffic analysis and standard censorship techniques. catastrophic, this lack of unobservability usually leads to the lack of availability; i.e., circumvention systems with Keywords-Internet Censorship; Circumvention; VoIP; observable communication are easily blocked by censors. Censors proactively [12] look for Internet services that I. INTRODUCTION help with censorship circumvention and either block any The Internet is playing an ever-increasing role in con- access to them by their citizens, or leave them (partially) necting people from across the world, facilitating the free open to identify their users. In particular, censors rigorously circulation of speech, ideas and information. This poses look for IP addresses belonging to circumvention technolo- serious threats to repressive regimes as it elevates their gies (e.g., HTTP/SOCKS proxies) and add them to the IP citizens’ awareness and provides them a powerful medium blacklists maintained by their censoring firewalls [2], [13]. to arrange coordinated opposition movements. The recent Consequently, citizens under repressive regimes often find it unrest in the Middle East [1] demonstrates the very strong difficult to access the existing circumvention systems. For power of the Internet in arranging nation-wide protests instance, the popular Tor network has frequently been/is that, in several cases, resulted in revolutionizing or even blocked by several repressive regimes [12], [14]. To provide unobservable circumvention different ap- upstream channel for its operation since its circumvented proaches have been taken by the research community. Sev- traffic is unidirectional. eral systems [5], [7], [15] provide unobservability by pre- As another recent trend, several proposals have sought sharing secrets with their intended clients. The Tor system, unobservability by integrating circumvention into the In- for instance, has recently deployed Tor bridges [15], which ternet infrastructure [10], [11]. For instance Telex [10] are volunteer proxies whose IP addresses are distributed and Cirripede [11] conceal the circumvented traffic inside among Tor users in a selective manner. This makes Tor the regular HTTPS traffic thanks to friendly ISPs that bridges less prone to be identified by censors, as compared deflect/manipulate the intercepted connections. The real- to the publicly-advertised Tor entry nodes, however there world deployment of such circumvention systems requires are serious challenges in distributing their IP addresses collaboration of several trusted ISPs that make software among users [16], [17]. In a similar manner, Infranet [5] and/or hardware modifications to their infrastructure; this and Collage [7] aim for unobservability by pre-sharing some does not seem to be realized in short-time until there are secret information with their users. This, however, is neither enough financial/political motives for the ISPs. Moreover, scalable nor effective as it is challenging to share secrets a recent study [32] shows that an adversary capable of with a large number of real users, while keeping them secret changing routing decisions is able to block these systems. from censors at the same time [18]–[20]. In this paper we propose FreeWave, a censorship circum- As another approach to provide unobservability, several vention infrastructure that is highly unobservable (hence, systems use various obfuscation techniques. For instance, highly available). The main idea of FreeWave, as shown in Ultrasurf [21] and Psiphon [22] try to confuse content Figure 1, is to tunnel Internet traffic inside non-blocked VoIP filtering tools by obfuscating their design and traffic patterns. communications by modulating them into acoustic signals Such obfuscation, however, jeopardizes users’ security, as that are carried over VoIP connections. For a censored user analyzed in a recent study [23]. Appelbaum et al. propose to use FreeWave for circumvention, she needs to setup a pluggable transports [24] for Tor, a platform that allows one VoIP account with a public VoIP provider, and also to install to build protocol-level obfuscation plugins for Tor traffic. FreeWave’s client software on her machine. Part of the These plugins obfuscate a Tor client’s traffic to Tor bridges FreeWave system is a FreeWave server that listens on several by shaping it to look like another protocol that is allowed by publicly advertised VoIP IDs to serve FreeWave clients. censors. Obfsproxy [25] is the first Tor pluggable transport. To make a FreeWave connection, a user’s FreeWave client It adds an additional layer of encryption to Tor traffic to software makes VoIP connections to FreeWave server’s VoIP obfuscate Tor’s content identifiers, like the TLS parameters; IDs. The client and server, then, tunnel the circumvented however, it does not remove Tor’s statistical patterns like Internet traffic inside the established VoIP connections, by packet timings and sizes. Murdoch et al. [26] mention sev- modulating network packets into acoustic signals carried by eral weaknesses for obfsproxy, including being susceptible the established VoIP connections. to either an active or passive attacker who has recorded We claim that FreeWave provides strong unobservability the initial key exchange. StegoTorus [27] provides better by performing two kinds of obfuscations: traffic obfuscation, unblockability, but comes with a much higher overhead and server obfuscation. First, as FreeWave tunnels Internet [26]. SkypeMorph [28] morphs Tor traffic into Skype video traffic inside actual, encrypted VoIP connections, its traffic calls in order to make it undetectable against deep-packet patterns are very hard to be distinguished from benign inspection and statistical analysis.
Load more

Recommended publications
  • Reporters Without Borders TV5 Monde Prize 2015 Nominees
    Reporters Without Borders ­ TV5 Monde Prize 2015 Nominees Journalist Category Mahmoud Abou Zeid, aka Shawkan (Egypt) “I am a photojournalist, not a criminal,” Shawkan wrote from Tora prison in February. “My ​ ​ ​ indefinite detention is psychologically unbearable. Not even animals would survive in these conditions." ​ Shawkan is an Egyptian freelance photojournalist who has been in pre­trial detention for more than 760 days. He was arrested on 14 August 2013 while providing the US photojournalism agency Demotix and the US digital media company Corbis with coverage of ​ ​ ​ ​ the violence used to disperse demonstrations by deposed President Mohamed Morsi’s supporters in Rabiaa Al­Awadiya Square. Three journalists were killed that day in connection with their work Aged 28, Shawkan covered developments in Egypt closely from Mubarak’s fall to Morsi’s overthrow and on several occasions obtained striking shots of the popular unrest. His detention became illegal in August of this year because, under Egyptian law, pre­trial detention may surpass two years only in exceptional cases. Few people in Egypt have ever been held pending trial as long as him. A date has finally been set for the start of his trial, 12 December 2015, when he will be prosecuted before a Cairo criminal court along with more than 700 other defendants including members of the Muslim Brotherhood, which was declared a terrorist organization in December 2013. Many charges have been brought against him without any evidence, according to his lawyer, Karim Abdelrady. The most serious include joining a banned organization [the Muslim Brotherhood], murder, attacking the security forces and possession of weapons.
    [Show full text]
  • Webproxy, DNS Hijacking, Layer Seven Level Security Approach: to Protect SAAS from Web Based DDOS and Web Service Based DDOS Attacks in Cloud
    International Journal of Engineering Research & Technology (IJERT) ISSN: 2278-0181 Vol. 2 Issue 2, February- 2013 Webproxy, DNS Hijacking, Layer Seven Level Security Approach: To Protect SAAS From Web based DDOS and Web Service Based DDOS Attacks In Cloud S.Tamilselvi1, Dr.S.Tamilarasi2,S.Loganathan3 1. M. tech , ISCF, Dr.mgr educational and research institute, chennai 2. Associate Professor, CSE, Dr.mgr educational and research institute, chennai 3.Assistant Professor, ECE, Paavai Engineering College , Namakkal, Tamil Nadu ABSTRACT Cloud services offers platform services, software services, infrastructure services via web services. Cloud computing is an emerging trend in business these type of services increases vulnerability which world. Provide services to its customers on demand, invite attackers. common vulnerabilities are services like Infrastructure services , Platform services , Software services , Network services so Security level attacks: on. Resources are maintained in the virtualIJERT IJERT datacenters for both private and public clouds. Saas 1. Dictionary attacks contains web application services, windows 2. Brute force attacks application services, tools services, console 3. Spoofing application services, third party software services so 4. Credential theft on. In web application services web based distributed 5. Password cracking denial and web services based distributed denial of attack is easily implemented hacker because web Management level attacks: application transmitted through hypertext transfer protocol and web services through XML, WSDL .In 1. Credential theft 2. Elevation of privileges this paper we introduce DNS hijacking security, Web 3. luring proxy implementation, application level security to resolve web based and web services based distributed Infrastructure layer security attacks: denial of service attacks. 1.
    [Show full text]
  • Internet Censorship and Resistance May 15, 2009 1 / 32 Historical Censorship
    INTERNET CENSORSHIP AND RESISTANCE Joseph Bonneau [email protected] (thanks to Steven Murdoch) Computer Laboratory Gates Scholars' Symposium 2010 Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 1 / 32 Historical Censorship He who controls the past controls the future, and he who controls the present controls the past —George Orwell, Nineteen Eighty Four, 1949 Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 2 / 32 Historical Censorship He who controls the past controls the future, and he who controls the present controls the past —George Orwell, Nineteen Eighty Four, 1949 Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 2 / 32 Information as a Human Right Everyone has the right to freedom of opinion and expres- sion; this right includes freedom to hold opinions without inter- ference and to seek, receive and impart information and ideas through any media and regardless of frontiers. —Article 19, UN Declaration of Human Rights (1948) Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 3 / 32 Information as a Human Right The final freedom, one that was probably inherent in what both President and Mrs. Roosevelt thought about and wrote about all those years ago, ... is the freedom to connect—the idea that governments should not prevent people from con- necting to the internet, to websites, or to each other... a new information curtain is descending across much of the world. —Hillary Clinton, US Secretary of State (2010) Joseph Bonneau (University of Cambridge) Internet Censorship and Resistance May 15, 2009 3 / 32 The Internet Dream The Net treats censorship as damage and routes around it.
    [Show full text]
  • Etsi Ts 129 173 V14.0.0 (2017-03)
    ETSI TS 129 173 V14.0.0 (2017-03) TECHNICAL SPECIFICATION Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; Location Services (LCS); Diameter-based SLh interface for Control Plane LCS (3GPP TS 29.173 version 14.0.0 Release 14) 3GPP TS 29.173 version 14.0.0 Release 14 1 ETSI TS 129 173 V14.0.0 (2017-03) Reference RTS/TSGC-0429173ve00 Keywords GSM,LTE,UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N° 348 623 562 00017 - NAF 742 C Association à but non lucratif enregistrée à la Sous-Préfecture de Grasse (06) N° 7803/88 Important notice The present document can be downloaded from: http://www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https://portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI.
    [Show full text]
  • The Limits of Commercialized Censorship in China
    The Limits of Commercialized Censorship in China Blake Miller∗ September 27, 2018 Abstract Despite massive investment in China's censorship program, internet platforms in China are rife with criticisms of the government and content that seeks to organize opposition to the ruling Communist Party. Past works have attributed this \open- ness" to deliberate government strategy or lack of capacity. Most, however, do not consider the role of private social media companies, to whom the state delegates information controls. I suggest that the apparent incompleteness of censorship is largely a result of principal-agent problems that arise due to misaligned incentives of government principals and private media company agents. Using a custom dataset of annotated leaked documents from a social media company, Sina Weibo, I find that 16% of directives from the government are disobeyed by Sina Weibo and that disobedience is driven by Sina's concerns about censoring more strictly than com- petitor Tencent. I also find that the fragmentation inherent in the Chinese political system exacerbates this principal agent problem. I demonstrate this by retrieving actual censored content from large databases of hundreds of millions of Sina Weibo posts and measuring the performance of Sina Weibo's censorship employees across a range of events. This paper contributes to our understanding of media control in China by uncovering how market competition can lead media companies to push back against state directives and increase space for counterhegemonic discourse. ∗Postdoctoral Fellow, Program in Quantitative Social Science, Dartmouth College, Silsby Hall, Hanover, NH 03755 (E-mail: [email protected]). 1 Introduction Why do scathing criticisms, allegations of government corruption, and content about collective action make it past the censors in China? Past works have theorized that regime strategies or state-society conflicts are the reason for incomplete censorship.
    [Show full text]
  • AUTHENTICATION TECHNIQUES for HETEROGENEOUS TELEPHONE NETWORKS by BRADLEY GALLOWAY REAVES a DISSERTATION PRESENTED to the GRADUA
    AUTHENTICATION TECHNIQUES FOR HETEROGENEOUS TELEPHONE NETWORKS By BRADLEY GALLOWAY REAVES A DISSERTATION PRESENTED TO THE GRADUATE SCHOOL OF THE UNIVERSITY OF FLORIDA IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY UNIVERSITY OF FLORIDA 2017 © 2017 Bradley Galloway Reaves For Sarah ACKNOWLEDGMENTS Iamonlywritingthistodaybecauseofthemultitudeoffamily,friends,teachers,and colleagues who helped get me here. This journey began in high school, when Mrs. Reid, my English teacher, suggested that I would make a good college professor. I wasn’t sure about the idea until my second programming class in college. I loved programming, so I would do the lab assignments at home, then show up in the lab to demonstrate the project to the TA. My work for the week was done, but I didn’t leave the lab. Instead, I stayed for the next few hours helping other students when they needed help with the programming assignments. It became the best part of my week, and I realized that there was no career I wanted more than to be a professor of computing. Having a goal and knowing what it takes to achieve it are two very di↵erent things. At the time I knew I needed a PhD, but nothing of what it took to get one. Luckily, I had wonderfully supportive professors and advisors who told me what it took, and one in particular helped me take the first steps toward a research career. Tommy Morris was a new professor at Mississippi State, and after teaching my digital design class o↵ered me a (paid!) position in his research lab.
    [Show full text]
  • Analysis of Effect of Zfone Security on Video Call Service in Wireless Local Area Network
    International Journal of Computer Techniques -– Volume 6 Issue 6,November 2019 ANALYSIS OF EFFECT OF ZFONE SECURITY ON VIDEO CALL SERVICE IN WIRELESS LOCAL AREA NETWORK Arip Solehudin 1 Bayu Priyatna 2 Nono Heryana 3 Teknik Informatika Fakultas Ilmu Komputer School of Engineering and Computer Science Sistem Informasi Fakultas Ilmu Komputer Universitas Singaperbangsa Karawang Universitas Buana Perjuangan Karawang Universitas Singaperbangsa Karawang Karawang, Indonesia Karawang, Indonesia Karawang, Indonesia [email protected] [email protected] [email protected] Abstract—Along with the development of WLAN (Wireless VoIP LAN that uses cable began to move using wireless Local Area Network) network technology, many services that network technology, namely wireless. The use of wireless used cable networks began to migrate to wireless networks. networks as a medium for the flow of data makes VoIP VoIP (Voice over Internet Protocol) is one service implemented services can be used in several communication technology in wireless local area networks. However, VoIP that uses tools such as personal computers, laptops, and smartphones. wireless technology as a data stream media Video Call service has a high risk of tapping pictures. To avoid tapping pictures, The use of VoIP technology that is implemented on you can add a security system to the service, one of which is to WLAN networks with video call services found in VoIP use Zfone security. With him adding a security system that will facilities is an excellent solution for conducting influence the work of Video Call services on the quality of conversations at affordable costs compared to the VoIP service.
    [Show full text]
  • CPON-HFC Light Link Direct® FTTH Node
    ® 969 Horsham Road CPON-HFC Light Link Direct FTTH Node Horsham, Pennsylvania 19044 USA 1 GHz Two Way FTTH Customer Premises Node Description Features The Light Link® Direct CPON-HFC customer Delivers full bandwidth CATV services to 1 GHz. premises optical node for FTTH networks offering The duplex unit is suitable for advanced DOCSIS full bandwidth cable television delivery, plus broad- with Telephony and Internet. band access via DOCSIS cable modems. High-performance optical receiver for CATV deliv- ery over glass (fibre) with 110 NTSC channels or Fiber-to-the-home (FTTH) is a reality today. The 91 PAL channels capacity. CPON-HFC is designed as an economic single port Suitable for transmission of PAL or NTSC ana- PBN CPON-HFC Light Link node customer premise deployment providing sim- logue TV channels as well as DVB-C or DVB-T plex or full duplex RF connectivity. digital television standards. Wide optical input range permits easy installation Employing leading edge designs for optical and without on-site alignment. electronic circuitry inside a die-cast metal housing, Optional return path transmitter to suit DOCSIS the CPON-HFC provides top class services and compliant cable modems and RF based pay-per- permits easy installation in home wiring closets or view systems. other confined spaces. Powered by either a direct coax 11 ~ 16 Vdc feed or DC power port. The core of the CPON-HFC is a high performance The compact and sturdy enclosure fits easily into low-noise optical receiver module for CATV to 1 wiring closets or network termination boxes. GHz, together with an optional return path transmit- ter module.
    [Show full text]
  • Zfone: a New Approach for Securing Voip Communication
    Zfone: A New Approach for Securing VoIP Communication Samuel Sotillo [email protected] ICTN 4040 Spring 2006 Abstract This paper reviews some security challenges currently faced by VoIP systems as well as their potential solutions. Particularly, it focuses on Zfone, a vendor-neutral security solution developed by PGP’s creator, Phil Zimmermann. Zfone is based on the Z Real-time Transport Protocol (ZRTP), which is an extension of the Real-time Transport Protocol (RTP). ZRTP offers a very simple and robust approach to providing protection against the most common type of VoIP threats. Basically, the protocol offers a mechanism to guarantee high entropy in a Diffie- Hellman key exchange by using a session key that is computed through the hashing several secrets, including a short authentication string that is read aloud by callers. The common shared secret is calculated and used only for one session at a time. However, the protocol allows for a part of the shared secret to be cached for future sessions. The mechanism provides for protection for man-in-the-middle, call hijack, spoofing, and other common types of attacks. Also, this paper explores the fact that VoIP security is a very complicated issue and that the technology is far from being inherently insecure as many people usually claim. Introduction Voice over IP (VoIP) is transforming the telecommunication industry. It offers multiple opportunities such as lower call fees, convergence of voice and data networks, simplification of deployment, and greater integration with multiple applications that offer enhanced multimedia functionality [1]. However, notwithstanding all these technological and economic opportunities, VoIP also brings up new challenges.
    [Show full text]
  • Everyone's Guide to Bypassing Internet Censorship
    EVERYONE’S GUIDE TO BY-PASSING INTERNET CENSORSHIP FOR CITIZENS WORLDWIDE A CIVISEC PROJECT The Citizen Lab The University of Toronto September, 2007 cover illustration by Jane Gowan Glossary page 4 Introduction page 5 Choosing Circumvention page 8 User self-assessment Provider self-assessment Technology page 17 Web-based Circumvention Systems Tunneling Software Anonymous Communications Systems Tricks of the trade page 28 Things to remember page 29 Further reading page 29 Circumvention Technologies Circumvention technologies are any tools, software, or methods used to bypass Inter- net filtering. These can range from complex computer programs to relatively simple manual steps, such as accessing a banned website stored on a search engine’s cache, instead of trying to access it directly. Circumvention Providers Circumvention providers install software on a computer in a non-filtered location and make connections to this computer available to those who access the Internet from a censored location. Circumvention providers can range from large commercial organi- zations offering circumvention services for a fee to individuals providing circumven- tion services for free. Circumvention Users Circumvention users are individuals who use circumvention technologies to bypass Internet content filtering. 4 Internet censorship, or content filtering, has become a major global problem. Whereas once it was assumed that states could not control Internet communications, according to research by the OpenNet Initiative (http://opennet.net) more than 25 countries now engage in Internet censorship practices. Those with the most pervasive filtering policies have been found to routinely block access to human rights organi- zations, news, blogs, and web services that challenge the status quo or are deemed threatening or undesirable.
    [Show full text]
  • Shedding Light on Mobile App Store Censorship
    Shedding Light on Mobile App Store Censorship Vasilis Ververis Marios Isaakidis Humboldt University, Berlin, Germany University College London, London, UK [email protected] [email protected] Valentin Weber Benjamin Fabian Centre for Technology and Global Affairs University of Telecommunications Leipzig (HfTL) University of Oxford, Oxford, UK Humboldt University, Berlin, Germany [email protected] [email protected] ABSTRACT KEYWORDS This paper studies the availability of apps and app stores across app stores, censorship, country availability, mobile applications, countries. Our research finds that users in specific countries do China, Russia not have access to popular app stores due to local laws, financial reasons, or because countries are on a sanctions list that prohibit ACM Reference Format: Vasilis Ververis, Marios Isaakidis, Valentin Weber, and Benjamin Fabian. foreign businesses to operate within its jurisdiction. Furthermore, 2019. Shedding Light on Mobile App Store Censorship. In 27th Conference this paper presents a novel methodology for querying the public on User Modeling, Adaptation and Personalization Adjunct (UMAP’19 Ad- search engines and APIs of major app stores (Google Play Store, junct), June 9–12, 2019, Larnaca, Cyprus. ACM, New York, NY, USA, 6 pages. Apple App Store, Tencent MyApp Store) that is cross-verified by https://doi.org/10.1145/3314183.3324965 network measurements. This allows us to investigate which apps are available in which country. We primarily focused on the avail- ability of VPN apps in Russia and China. Our results show that 1 INTRODUCTION despite both countries having restrictive VPN laws, there are still The widespread adoption of smartphones over the past decade saw many VPN apps available in Russia and only a handful in China.
    [Show full text]
  • Psiphon User Guide
    PSIPHON USER GUIDE Psiphon is a free and open source web proxy that helps internet users bypass content-filtering systems used by governments in countries like China, Iran, Saudi Arabia, and Vietnam. It was developed by the Citizen Lab's CiviSec Project at the University of Toronto and was first released in December 2006. In this how to guide, learn how to provide a proxy service to someone behind a firewall with psiphon . If you are behind a firewall and want to learn how to connect to psiphon and access blocked content, check out this how to guide . Psiphon, unlike other circumvention services, is not intended to be a public, open proxy service. It’s based on a “web of trust” system so psiphon nodes are harder to block. What this means is that a person in an unrestricted location (one that is not behind a firewall) provides a psiphon proxy service to a person they are familiar with who is going online in a place where online access is limited. This is known as a psiphonode . A psiphonite is a psiphon user living in a censored country. The psiphonite connects to a psiphonode (set up by someone they know and trust) to access information freely. NOTE: Psiphon only works on Windows and Linux. There is no Mac version yet. Step 1. First, you should be in a location where you have open access to the internet. You should know someone in another location where access is limited. You will be providing a psiphonode for this person. Tip! If you do not know any psiphon users, but still want to provide a psiphonode, you can find users on psiphon’s Facebook page or Twitter page.
    [Show full text]