[e-privacy] Psiphon - censorship circumvention

[Andrea Glorioso]

http://psiphon.civisec.org/faq1.html

What is psiphon?

psiphon  is a censorship  circumvention solution  that allows users to
access blocked  sites    in    countries  where  the    Internet    is
censored.  psiphon  turns a  regular  home  computer into a  personal,
encrypted server capable  of    retrieving and displaying   web  pages
anywhere

When will psiphon be released?

psiphon software   will   be released  on   December  1st, 2006,  with
subsequent  releases to be provided   as new features  are added  over
time.

Who will use psiphon?

psiphon  operates through   networks   of trust.  There  are   psiphon
providers who install and administer  a psiphon server (psiphonode) in
an  uncensored country, and psiphon users  (psiphonites) who login and
access the server from a country that censors the Internet.

What are psiphonodes, psiphonode administrators and psiphonites??

A psiphonode is a psiphon server that  is operated by an administrator
residing in an uncensored country (this is an integration of 'psiphon'
and 'Node'). The  psiphonode administrator is responsible for creating
and managing    user  accounts and running    the   psiphon server.  A
psiphonite is a psiphon    user, residing within a jurisdiction   that
blocks  arbitrary web sites, and  utilizes a psiphonode residing in an
uncensored jurisdiction.

How does psiphon work?

psiphon  acts  as a   "web    proxy" for  authenticated   psiphonites,
retrieving requested web   pages  and  displaying  them in   a  user's
browser.  psiphon uses a secure,  encrypted  connection to receive web
requests from the psiphonite to the psiphonode who then transports the
results back to  the psiphonite. There  is  no connection  between the
psiphonite and the requested website, as psiphon transparently proxies
the request through the psiphonode's  computer allowing the psiphonite
to browse blocked websites seamlessly.

How do psiphonites connect to psiphon?

psiphonites   go to their  psiphonodes'   machine using  a unique  web
address.  The first page  displayed is the  user login. The psiphonite
must login with  a valid username and password,  given to them by  the
psiphonode  administrator.  After authentication, the  psiphon  server
displays a  toolbar at the  top of the  page where  the psiphonite can
then enter  a website to   browse. When using psiphon,  the psiphonite
does not have to install any software or change any browser settings.

What do you mean, "the user does not have to install any software"?

After a  successful login to the  psiphon server, the user  enters the
website address they  would like to visit,  and psiphon takes  care of
the rest. With a regular  Internet browser, the psiphonite simply logs
in  and requests   and views   the website   entered  in the   psiphon
toolbar. No software is installed on the end user's machine.

How do users find out about psiphon and how is psiphon distributed?

Anyone who wants to  become a psiphon   provider and is located in  an
uncensored country will be able to  download the psiphon software from
the psiphon website.  After installation, the psiphonode administrator
sends a unique web address to people in need that he or she personally
knows and trusts in censored countries.

Even if the psiphon  website is blocked it  does not  affect psiphon's
distribution   model.   psiphon   is  completely   decentralized; each
psiphonode is independent of all others. The distribution of access to
personal psiphon servers is based on  social networks. Each psiphonode
administrator grows his/her private  network based on social relations
of trust.

What is a social network?

A social network is  a  structure of  nodes  - usually individuals  or
organizations - that   have ties between   them, such as  families  or
groups of friends or  colleagues. psiphon leverages social networks as
the  discovery  mechanism.   The  psiphonode  administrator  and   the
psiphonite(s)  have a trust relationship  and the web address is known
only  to these trusted people.  Each network of psiphonode/psiphonites
chooses how to grow the network. It can be small and extremely private
or  large and relatively   semi-private.  It depends on the   specific
context and needs of the psiphonites.

Can psiphon be blocked?

With publicly accessible   circumvention systems one  must assume that
the censors can also  discover and subsequently  block access to these
systems. The difference with psiphon - a personal system - is that the
web address is only sent  to a few, trusted,  people. In that way, the
censors  cannot  easily  find and  block the  location  of the psiphon
server.

What happens when the psiphon provider's computer is turned off?

When a psiphon provider's  computer is down  or off the psiphon  users
will no longer have access to psiphon. psiphon users will need to wait
until the psiphon provider's computer is back up and running again.

psiphon   will inform psiphon   providers if their network information
changes (e.g. after rebooting the  computer). When network information
changes, psiphon providers  will need  to  supply their psiphon  users
with the new psiphon web-address.

Note  for  advanced users: Future   releases  of psiphon will  contain
functionality  that  allows for optional  redundancy. In  the same way
that psiphon providers and users  extend their network based on social
relations of trust, psiphon providers  in a social network can arrange
peering agreements to act as a backup psiphon  server for each other's
users.

Is psiphon anonymous?

psiphon is  not an anonymous software  program. psiphon  users are not
anonymous from the   psiphon  provider. Although  traffic  between the
psiphon user and psiphon provider is  encrypted, psiphon providers can
potentially monitor everything that is done  by the psiphon users they
host.

Note: Do not use  psiphon  for anything you do   not want the  psiphon
provider to be able to see.

When psiphon   users visit websites through   the psiphon server their
identity and location is hidden from the web-site.

Note for advanced users: To maximize  protection against the discovery
of the psiphon  user's true IP  address, all scripting languages, such
as JavaScript and ActiveX, should be turned off in the user's browser.

Can   a psiphon user  be   monitored by their  government or  Internet
Service Provider (ISP)?

Yes, your government and/or ISP can always monitor which web sites you
visit.

When you use psiphon, your government and/or ISP can only see that you
connected to another computer, not  the sites you visit. psiphon makes
it difficult for anyone to determine that you are using psiphon

Am I safe using psiphon?

psiphon encryption  provides    strong protection against   electronic
eavesdropping. However, there is a known attack that attempts to trick
users into  accepting  a  forged certificate  (see  'Man-in-the-middle
attack' below). If psiphonites follow instructions provided, regarding
certificate fingerprint validation, this attack can be averted.

Secondly, using an encrypted connection to  a home computer in another
country may indicate to  a government that a censored-bypassing system
is being used.

Note: Bypassing censorship may  violate law. Serious thought should be
given to the risks involved and potential consequences.

What languages will psiphon be in?

Having multi-lingual interfaces     for psiphon is a   priority.   The
intention is  for  psiphon to be available   in as  many  languages as
possible. More information  will   be  provided closer  to   psiphon's
release date.

What operating systems will psiphon work on?

Windows, Linux (Mac conversion still underway)

How much does psiphon cost?

psiphon is free.

Is psiphon open source?

Yes. psiphon will be released under GPL open source license.

Can I access my email with psiphon?

psiphon is designed to provide safe,  secure web browsing for users in
censored countries. Most webmail can be accessed through psiphon.

Can I use instant messenger/chat, VOIP, Skype with psiphon?

No. psiphon is intended for  Internet website browsing only. But, most
web-based tools and services are available through psiphon.

Can I edit my blog with psiphon?

psiphon is intended for Internet website browsing only. Most Web-based
tool and services are available through psiphon. Therefore psiphon can
be used to edit most blogs.

When does beta testing begin?

Beta testing to the public will begin in the summer of 2006.

For advanced users:

Can my use of psiphon be detected?

From a technical perspective  traffic  between the psiphonode  and the
psiphonite is identical to  normal HTTPS (encrypted) traffic. Although
many sites only use HTTPS during the login process many sites, such as
email  providers and banking services, use  HTTPS for extended periods
of time,   as does psiphon.   The differences  are  that psiphon  uses
self-signed certificates and  connections  to  home computers,  rather
than signed certificates     and domain names.  However,   unless  the
attacker has the  private psiphon URL  it cannot be  easily determined
that psiphon is being used.

The   key   to detecting  psiphon  is   infiltration   of  the psiphon
administrator's social network.

Is psiphon susceptible to a Man-In-The-Middle-Attack (MITM)?

While   a  MITM attack  can  be  attempted against  any specific HTTPS
connection, manual key  fingerprint identification is integral  to the
proper use of  psiphon. Anytime a psiphon URL   is sent to a  user the
certificate fingerprint is also included.  The psiphon user only needs
to verify the fingerprint one time.

The key  to a MITM attack  is to trick the user  into accepting a fake
certificate. If the user properly verifies the certificate fingerprint
on the first connection to psiphon the MITM attack can be defended.

What options are available for advanced users (customization)?

A psiphonode administrator will be  able to customize the port  number
that the server runs  on as well as  the  content that appears  at the
"index" page. An HTTPS connection can  actually run on any port number
although 443 is the default. Some ISPs block particular ports and some
users may choose to run psiphon on a non-standard port.

The "index" page  is the page that  appears when one connects directly
to the   server's  root  path  -  not  the psiphon  URL.  An  attacker
monitoring a users connection,  at  an ISP  for example, can  directly
connect to any IP addresses that the user  connects to in order to see
what content is there. Each psiphon URL has a  unique file path, which
is encrypted  so  this attacker  cannot connect to   the psiphon login
page, only  to  the IP address.  If the  provider modifies the "index"
page  the  attacker will  see completely  innocuous   content if  they
connect to psiphon.

Who is behind psiphon?

psiphon is part of the CiviSec  Project run by the  Citizen Lab at the
Munk Centre   for    International Studies  at   the   University   of
Toronto. The CiviSec Project is funded by the Open Society Institute.

The Director of the Citizen Lab is Prof. Ronald J. Deibert.

The graphic design for psiphon is produced by Agent 5 Design.

--
      Andrea Glorioso || http://people.digitalpolicy.it/sama/cv/
          M: +39 348 921 4379	     F: +39 051 930 31 133
       "Truth is a relationship between a theory and the world;
       beauty is a relationship between a theory and the mind."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.winstonsmith.org/pipermail/e-privacy/attachments/20070131/622e4f12/attachment.pgp>