Activists are creating and deploying “circumvention tools” allowing users to share information securely and anonymously in order to fight increasing governmental censorship.
The censoring of information online is one of the greatest dangers to free speech on the Internet today. Many countries filter a wide variety of information of social and political significance, sometimes under the guise of ‘national security’. This problem is on the rise as the methods being used by governments have become more sophisticated and more resources are being allocated to the practice of censoring content.
But activists and free expression advocates have not been sitting back. As the practice of Internet filtering spreads throughout the world, so does access to the “circumvention tools” that have been created, deployed and publicised by activists, programmers and volunteers The process of bypassing filtering and blocking websites is often called censorship circumvention, or simply circumvention. Some of these tools also allow users to share information securely and anonymously.
How content filtering happens
On the Internet, content filtering (or information filtering) is the use of technology to screen and exclude from access Web pages or e-mail that is deemed objectionable.
Since computers are connected first of all to ISPs (Internet Service Providers), filtering of information usually happens directly at the ISP level. However, it is also possible for information coming directly from a user’s computer to be accessed by a third party. Each computer has a unique identifier called an “IP address”. If someone manages to get full access to that IP address, they can identify the user’s home/office address, device type and operating system – and possibly the users’ names and any servers they are connected to as well. This allows these third parties to install viruses, “steal” information and block users out of their own servers. And it can be used by governments to block “objectionable” websites or communications.
In response, a number of technical solutions to counteract Internet censorship have been implemented. The majority of these rely on an encrypted connection from the user’s computer to a trusted server located outside the blocked network.
Encryption is the process of encoding messages or information in such a way that only authorised parties can read it.
This ‘trusted’ server relays requests to censored websites and returns responses to the user over another encrypted connection. Many of those trusted servers are conveniently located in countries that do not filter the Internet.
Since government agencies in charge of Internet censorship might eventually discover some of these trusted servers, their IP address may be added to a blacklist and they will no longer work. Luckily, it usually takes some time before they are blocked and it’s almost impossible to identify all of the servers.
Those who create and update circumvention tools use one or both of the following methods:
– A network of hidden servers which are more difficult to identify. Tor is an example of such a network.
– A connection with trusted servers called “VPN proxies”. A popular tool that uses proxy technology is Psiphon.
Although there are other anti-censorship tools, these two, given also their ease of use, can be considered among the most popular and we’ll explain their respective features.
Tor is a powerful anonymous proxy service to the Internet run by volunteers, which helps users hide information such as their location and other personal information. Tor allows users to access websites which some governments block – e.g. YouTube which has been inaccessible inside Pakistan since 2010. Tor played a major role in dissident movements in hotspots such as Iran, Egypt, Bahrain, and Syria; after Edward Snowden’s revelations of widespread surveillance by intelligence agencies in the U.S. and elsewhere, the usage of Tor increased dramatically in a number of other countries as well.
The Tor network disguises a user’s identity by moving traffic across different Tor servers called “nodes”, so that it cannot be traced back to the user. A third party that tries to tracethe communication path would see traffic coming from random nodes on the Tor network, rather than from the originating computer.
To access the Tor network, one just needs to download and run the Tor browser (https://www.torproject.org/download/download-easy.html), available for almost all Operating Systems. Everything a user does in the browser goes through the Tor network and doesn’t need any setup or configuration. Unfortunately, since the data has to travel through a number of nodes, the connection can be slightly slower.
The nodes have to be hosted somewhere and volunteers around the world can donate bandwidth to networks such as Tor. For example, a number of American libraries have been signing up to help join the Tor network.
One thing to bear in mind is that although Tor provides anonymity for the user, that doesn’t mean that it automatically guarantees security. If the web connection doesn’t go through HTTPS (note the “S” at the end of HTTP), everything the user sees or inputs on the browser can still be monitored by third parties who infiltrate the network. An HTTPS connection, instead, guarantees the encryption of the content during the browsing session.
In some countries, the usage of Tor is forbidden and there could be legal consequences if authorities were to find the Tor browser installed on a user’s computer.
Psiphon is a tool for computers running Microsoft Windows and Android phones, designed specifically to evade Internet censorship. Unlike tools such as Tor, Psiphon employs a variety of technical tricks rather than one specific design to help users evade online censorship.
The beauty of the Psiphon system lies in the fact that it uses multiple transport systems, so that if one protocol is blocked by a censor, the app will diagnose the fastest available alternative connection automatically.
HTTPS is the secure version of the HTTP protocol used to access websites. HTTPS stops censors from reading your web traffic, so they cannot tell what keywords are being sent, or which individual web page you are visiting (censors can still see the domain names of all websites you visit).
All Psiphon services can be accessed online. To use Psiphon one does need to download and run a small executable file. This will start a scan of all the available servers and, once connected, users will know that all their Internet traffic is then tunnelling through the Psiphon network. This then allows them to access blocked or censored sites.
The threat model for Psiphon is access to blocked content, and this is what the software was designed to do. It is not a completely anonymising tool. It may incidentally do these things by virtue of being a very good circumvention tool, but it ultimately depends on how intensively the adversary wants to look. Users for whom privacy or anonymity is key are encouraged to use Tor in conjunction with Psiphon.
Right now many countries are dedicating more resources to censoring, often cooperating with each other. The development of new blocking and filtering technologies leads to a need for more and more circumvention efforts. In an ideal scenario, in the future users would have access to a circumvention tool that is effective in all circumstances. However currently there is a lot of fragmentation so we won’t see that kind of holistic solution anytime soon. Even if there won’t be any magic bullet that addresses all circumvention needs, there will be many tools which address specific needs (secure file sharing, browsing, instant messaging, etc.), and it will be difficult for governments to block them.
Recent events have led to more people becoming aware of Internet censorship and the need for secure online communications. At the same time people understand that circumvention tools can help others across the globe. This is what’s driving them to contribute to the expansion of the current anti-censorship networks.
This article was republished from IFEX.