Telecommunications

New system could make censorship of Internet sites virtually impossible

New system could make censorship of Internet sites virtually impossible
Telex could allow blocked sites such as YouTube to be accessed in censoring countries like China
Telex could allow blocked sites such as YouTube to be accessed in censoring countries like China
View 1 Image
Telex could allow blocked sites such as YouTube to be accessed in censoring countries like China
1/1
Telex could allow blocked sites such as YouTube to be accessed in censoring countries like China

Chinese citizens could once again enjoy LOL Cats on YouTube - as well as content critical of the communist government - if a new system developed by researchers at the University of Michigan (U-M) and the University of Waterloo (UW) in Canada were implemented. The researchers claim the system, called Telex, would thwart Internet censorship and make it virtually impossible for a censoring government to block individual sites by essentially turning the entire web into a proxy server.

While those looking to circumvent site blocks can currently route requests through a proxy server that acts as an intermediary from clients seeking to connect with blocked servers, censors are able to monitor the content of traffic on the whole network so they are able to eventually find and block the proxy too.

"It creates a kind of cat and mouse game," said J. Alex Halderman, assistant professor of computer science and engineering at U-M who was explaining this to his computer and network security class when he first hit upon the idea of tackling the problem in a different way.

The system he developed with his colleagues would first require users to install Telex software on their computer that Halderman says could be downloaded from an intermittently available website or borrowed from friends. ISPs outside the censoring nation would also need to deploy equipment called Telex stations.

When a user wanted to visit a blacklisted site, they would establish a secure connection to any HTTPS password-protected website that isn't blocked. This connection acts as a decoy and the Telex software marks it as a Telex request by inserting a secret-coded tag into the page headers. This tag utilizes a cryptographic technique called "public-key steganography."

"Steganography is hiding the fact that you're sending a message at all," Halderman said. "We're able to hide it in the cryptographic protocol so that you can't even tell that the message is there."

The user's request would then pass through routers at various ISPs, some of which would be Telex stations that would hold a private key that lets them recognize tagged connections from Telex clients. The stations would then divert the connections so that the user could get to any site on the Internet. Because the requests would need to pass through these Telex stations, the system would require large segments of the Internet, in the form of participating ISPs, to be involved.

"It would likely require support from nations that are friendly to the cause of a free and open Internet," Halderman said. "The problem with any one company doing this, for example, is they become a target. It's a collective action problem. You want to do it on a wide scale that makes connecting to the Internet almost an all or nothing proposition for the repressive state."

The researchers say they are the proof of concept stage and have developed software for researchers to experiment with. They've also put up a Telex station on a mock ISP in their lab and have been using it for daily browsing for the past four months. They've also tested it with a client in Beijing who was able to stream videos from YouTube even though the site is blocked there.

"This has the potential to shift the arms race regarding censorship to be in favor of free and open communication," said Halderman. "The Internet has the ability to catalyze change by empowering people through information and communication services. Repressive governments have responded by aggressively filtering it. If we can find ways to keep those channels open, we can give more people the ability to take part in free speech and access to information."

The U-M and UW researchers will present their paper on Telex at the USENIX Security Symposium in San Francisco on August 12.

13 comments
13 comments
Peter Cummuskey
Kinda sounds like a hyper-expensive version of Tor.
Adrien
This is poorly described.
Firstly, clients (browser) don\'t send pages, they retrieve them from the server. The server certainly isn\'t going to insert a tag.
I could believe the client could include a request header. However, to include a request header over an SSL connection, would require these \"telex\" machines to be able to see the unencrypted data. This suffers from the same problem any proxy finds when snooping on SSL, including having to on-the-fly generate spoofed certificates (that are trusted by the client) to mimic the real site\'s certificate. At best there will be countless certificate warnings for clients, but I guess that\'s no big issue.
What is more likely, is that the client overloads something into the SSL/TLS negotiation protocol, before any crypto is even set up.
Keep in mind that any intermediate keeping track of this exchange needs to be in the middle of both forward and reverse routing paths. Something that\'s not actually that common on the internet backbones. Packets from A->B commonly traverse different routes than B->A, so this won\'t work in those cases.
As for the claim of making it impossible to censor. That\'s patently incorrect. Using the same techniques, such ploys could be observed and blocked (and worse).
Stein Varjord
I have no clue about the functionality of this, but in my humble opinion, the fight against censorship is a good idea.
Citizens of obviously repressive states will of course have strong tools for change with an internet that is impossible to censor. That alone is enough reason to want it. In addition I do not trust that no other institutions, like seemingly \"free countries\" might want to try their influence, which, even if it was to be in good will, is a wrong thing to do.
There is of course lots of bad stuff on the net that I would prefer was not there, but the same is the case, in varying degrees, no matter where in society you look. Cleaning up one arena, if that was possible, only would create a false sense of security. Protection against bad stuff cannot be achieved by filtering the World. It must be achieved by learning to cope and trying to change the World into something better. Censorship of information makes nothing better, no matter what the intention is.
G Craig Vachon
Doesn\'t AnchorFree already do this for more than 5M users in China?
mhenriday
Just in time ! I see that the British Prime Minister, one David William Donald Cameron, is calling for an examination of whether the web and so-called social media should be censored or disabled in emergencies. No doubt my own government here in Sweden will, as is its wont, be closely watching these initiatives on the part of a nation ever ready to go to war for «human rights» and «democracy» in other parts of the world. Thus we may very well need to avail ourselves of the opportunities offered by Telex much sooner than we think - get cracking, you boffins !...
Henri
qwester
Security is not censorship. Today\'s political correctness mandate demands necessary discretion in the normal conduct of governance. Else we will have mob rule and anarchy and little else. China\'s control of the internet is to minimize the London type conflagrating protests that are spreading, via cell phone, across all of England.
Todd
Great for individuals versus ISPs, and Big Brother governments but what happens with - parents wanting to prevent their children from going to sites they feel are inappropriate - or companies who would rather employees focus on work rather than online gambling sites, porn sites, bomb making sites etc. - or secure government networks where I would not want employees going wherever on the web and putting the system, network and confidential data at risk.
There is and will be a legitimate need to offer some controls and restraints over what systems are able to connect to what sites. There will need to be some extra thought put in so sites can securely self identify and it can be electronically determined if access is acceptable.
Russell
I think that China would just block any https requests to websites outside the country. After all why would Chinese citizens need to do this anyway? They can\'t use foreign banks or anything that really needs https
Randolph Lee
The concept that we could have uncontrollable, untraceable, unmonitorable communication via the internet is one of the very, very few things that give me hope for humanity to avoid what is shaping up to be a future worse that the worst dystopian vision ever imagined.
Marc Tytus
This is positive if the government is trying to censor access to websites, but if the site owner censors their user-uploaded content (YouTube deleting uploaded videos, for example), or the government requires a website owner (Google, for example) to remove content, well then this wouldn\'t make a difference, right? Because the material isn\'t there to access, whether or not the user was able to gain access to the site.
So this is great technologically but in the near future, considering the direction we\'ve been moving in, this won\'t be as helpful as the article title and image made it seem to me at first.
Load More