Workshop Program

August 6, 2012

9:00 a.m.–10:30 a.m. Monday


How the Great Firewall of China is Blocking Tor

Philipp Winter and Stefan Lindskog, Karlstad University

Internet censorship in China is not just limited to the web: the Great Firewall of China prevents thousands of potential Tor users from accessing the network. In this paper, we investigate how the blocking mechanism is implemented, we conjecture how China’s Tor blocking infrastructure is designed and we propose circumvention techniques. Our work bolsters the understanding of China’s censorship capabilities and thus paves the way towards more effective circumvention techniques.

Available Media

One-Way Indexing for Plausible Deniability in Censorship Resistant Storage

Eugene Y. Vasserman, Kansas State University; Victor Heorhiadi, University of North Carolina at Chapel Hill; Nicholas Hopper and Yongdae Kim, University of Minnesota

 The fundamental requirement for censorship resistance is content discoverability — it should be easy for users to find and access documents, but not to discover what they store locally, to preserve plausible deniability. We describe a design for "one-way indexing" to provide plausibly-deniable content search and storage in a censorship resistant network without requiring out-of-band communication, making a file store searchable and yet self-contained. Our design supports publisher-independent replication, content-oblivious replica maintenance, and automated garbage collection.

Available Media

Bootstrapping Communications into an Anti-Censorship System

Patrick Lincoln, Ian Mason, Phillip Porras, and Vinod Yegneswaran, SRI International; Zachary Weinberg, CMU/SRI International; Jeroen Massar, William Allen Simpson, and Paul Vixie, ISC; Dan Boneh, Stanford University

Adversary-resistant communication bootstrapping is a fundamental problem faced by many circumvention (anti-censorship) systems such as Tor. Censoring regimes actively harvest and block published Tor entry points and bridge nodes. More recently, some countries have resorted to reactive (follow-up) probing of the destination hosts of outbound encrypted traffic to identify unpublished Tor nodes. We present the design of a new architecture for bypassing censorship, called DEFIANCE, that extends Tor with resilience to both active harvesting and network scanning attacks. The first goal is accomplished using the DEFIANCE Rendezvous Protocol (RP), and the second is achieved using a novel handshake that we call Address-Change Signaling (ACS). We describe prototype implementations of both components, discuss the limits of our architecture, and evaluate what it would take for a determined adversary to defeat our system. While we develop our prototype components over Tor, their design can be easily extended to other circumvention systems.

Available Media
10:30 a.m.–11:00 a.m. Monday
11:00 a.m.–Noon Monday


vpwns: Virtual Pwned Networks

Jacob Appelbaum, University of Washington; Marsh Ray, PhoneFactor, Inc.; Ian Finder and Karl Koscher, University of Washington

User-accessed Virtual Private Network systems allow authorized users remote access to protected or otherwise privileged networks while avoiding dependence on ISPs along the route for data confidentiality and integrity. This direct expression of the internet’s end-to-end principle of security is generally accepted as a highly successful design.

VPN services and technology advertising censorship circumvention, resistance to data retention, and anonymity as features are proliferating rapidly. But it is unclear that these security properties were included in the original design requirements of VPN protocols and product implementations. Experience with dedicated anonymity networks (e.g., Tor) shows that strong anonymity is not achieved by accident. The ‘P’ in VPN notwithstanding, not all privacy methods are equal or strongly anonymizing, which opens opportunities for attackers when VPN-based systems are used for anonymity or even simple censorship circumvention.

This paper evaluates VPN anonymity, security and privacy features including identity, geographic location, confidentiality of communications, and generalized security issues such as reachability and prevention of network tampering. We find many popular VPN products are susceptible to a variety of practical user deanonymization attacks. Weaknesses stem from lack of security analysis of the composition of VPNs, applications, and the TCP/IP stack on each respective operating system. Although we describe some potential mitigations for vendors, the primary goal of this paper is to raise awareness of the inherent risks which come from repurposing off-the-shelf VPN systems to provide strong anonymity.

Available Media

Protecting Free and Open Communications on the Internet Against Man-in-the-Middle Attacks on Third-Party Software: We’re FOCI’d

Jeffrey Knockel and Jedidiah R. Crandall, University of New Mexico

In this position paper, we argue that the potential for man-in-the-middle attacks on third-party software is a significant threat to free and open communications on the Internet (FOCI). The FOCI community has many challenges ahead, from the failure of the SSL system to protect Internet users from states that control the Internet to the challenges inherent in measuring and cataloging Internet censorship. It is already well-known in the community that man-in-the-middle attacks are a threat, and such attacks are already being used by nation states. 

In this paper we discuss our experiences discovering two vulnerabilities in software update mechanisms (in Impulse SafeConnect and Sun Java). What surprised us was the relative ease of finding such vulnerabilities and exploiting them. Our argument is that automated tools are needed to help users manage this threat more effectively because the threat involves many third-party applications from many small vendors.

Available Media
Noon–1:30 p.m. Monday
1:30 p.m.–3:00 p.m. Monday


Inferring Mechanics of Web Censorship Around the World

John-Paul Verkamp and Minaxi Gupta, Indiana University

While mechanics of Web censorship in China are well studied, those of other countries are less understood. Through a combination of personal contacts and Planet-Lab nodes, we conduct experiments to explore the mechanics of Web censorship in 11 countries around the world, including China. Our work provides insights into the diversity of modus operandi of censors around the world and can guide future work on censorship evasion.

Available Media

OONI: Open Observatory of Network Interference

Arturo Filastò and Jacob Appelbaum, The Tor Project

OONI, the Open Observatory of Network Interference, is a global observation network which aims to collect high quality data using open methodologies, using Free and Open Source Software (FL/OSS) to share observations and open data about the various types, methods, and amounts of network tampering in the world.

Furthermore, OONI is a human rights observation project – observation is a fundamental requirement for the advancement of knowledge and OONI aims to ensure that the tools to make such observations are freely available to all. With the belief that unfettered access to information is an intrinsic human right, OONI seeks to observe levels of surveillance, censorship, and network discrimination in order for people worldwide to have a clearer understanding of the ways in which their access to information and speech is monitored, censored or otherwise filtered.

The end goal of OONI is to collect data which will show an accurate topology of network surveillance, interference and outright censorship. Through this data, it will be possible to draw conclusions about how the internet functions from any location where an OONI probe is present. This data includes which websites are censored, or which services have been tampered with, and by whom. The data also includes information about the observer and will attempt to classify the results. We use the term filternet to describe network connections that are under measurable surveillance, tampering, or subject to censorship.

Available Media

Whiskey, Weed, and Wukan on the World Wide Web: On Measuring Censors' Resources and Motivations

Nicholas Aase and Jedidiah R. Crandall, University of New Mexico; Alvaro Diaz, Universidad de Granada, Spain; Jeffrey Knockel, University of New Mexico; Jorge Ocana Molinero, Universidad de Granada, Spain; Jared Saia, University of New Mexico; Dan Wallach, Rice University; Tao Zhu, Independent Researcher

The ability to compare two instances of Internet censorship is important because it is the basis for stating what is or is not justified in terms of, for example, international law or human rights. However these comparisons are challenging, even when comparing two instances of the same kind of censorship within the same country.

In this position paper, we use examples of Internet censorship in three different contexts to illustrate the importance of the elements of motivation, resources, and time in Internet censorship. We argue that, while all three of these elements are challenging to measure and analyze, Internet censorship measurement and analysis is incomplete without all three.

The contexts we draw examples from are: public wireless networks in Albuquerque, New Mexico, USA; microblogging in China; and, chat programs in China.

Available Media
3:00 p.m.–3:30 p.m. Monday
3:30 p.m.–4:30 p.m. Monday


Internet Filtering in Liberal Democracies

Yana Breindl and Joss Wright, Oxford Internet Institute

Liberal democracies are increasingly considering internet filtering as a means to assert state control over online information exchanges. A variety of filtering techniques have been implemented in Western states to prevent access to certain content deemed harmful. This development poses a series of democratic and ethical questions, particularly when states introduce regulation mandating ISPs to block online content. In this work we examine the debates surrounding filtering that have played out in two key European states, France and Germany, focusing on the arguments used by opponents and proponents of internet blocking. We use these to explain and analyse the outcomes of both cases and, more broadly, the various challenges posed by internet blocking to democracy.

Available Media

Communications Disruption & Censorship under International Law: History Lessons

Jonathon W. Penney, University of Oxford/Citizen Lab & Centre for Global Security Studies, University of Toronto

With Internet censorship on the rise around the world, a variety of tools have proliferated to assist Internet users to circumvent such censorship. However, there are few studies examining the implications of censorship circumvention under international law, and its related politics. This paper aims to help fill some of that void, with an examination of case studies wherein global communications technologies have been disrupted or censored—telegram cable cutting and censorship, high frequency radio jamming, and direct broadcast satellite blocking—and how the world community responded to that disruption or censorship through international law and law making. In addition to illustrating some of the law and politics animating global communications censorship, I extrapolate lessons and insights for the challenges posed by Internet censorship today, such as the international legality of censorship circumvention, the nature of censorship justifications, and the potential liabilities for those engaged in censorship resistance under newly emerging doctrines of international law.

Available Media
4:30 p.m.–5:30 p.m. Monday