Posted by Lorenzo Franceschi-Bicchierai 188.8.131.52 October 22, 2013 at 08:23:54:
In parts of the world where repressive governments control the Internet with unassailable firewalls, netizens don't see the same web that people in other countries can.
Now, Google wants to give people in these countries a tool to circumvent those invisible barriers, and defeat censorship. Called uProxy , it is meant to be an easy-to-use, peer-to-peer gateway to the open Internet. With uProxy installed, somebody in Iran could use a friend's Internet to connect with him or her.
Though Google announced uProxy on Monday at the Google_Ideas_Summit in New York, N.Y., the tool isn't ready to be made public yet, and the Internet giant isn't comfortable announcing a release date. First, it wants to roll it out for a few "trusted testers" to improve it and make it more secure.
"The reason it is closed source at the moment, the reason we're not open sourcing it right now, is exactly that we don't want people to start using it before, actually, it's safe and secure," said Lucas Dixon, the lead engineer at Google Ideas who has worked on the project.
When it's ready, uProxy will be released in the form of a browser extension for both Chrome and Firefox that will allow two people who know each other, and are already in touch via chat, Facebook or email, for example, to share their connection.
The user in Iran, for instance, would be able to ask a friend in the United States via chat to activate uProxy. The U.S. friend would click on the extension, and the Iranian user would receive a notification. After clicking on the notification and accepting the invitation, he or she would then be connected to the Internet, via secure channel, through the U.S. friend's connection.
"It's basically a personalized VPN [Virtual Private Network]," Dixon told Mashable in an interview.
And it doesn't appear to need a lot of expertise to run it, as opposed to other commercial VPNs. Yasmin Green, principal at Google Ideas, described it during the launch as something that simply requires "two clicks on my side to bypass a repressive regime."
The other difference is that uProxy won't depend on a centralized server or a commercial provider, so it won't be easily blocked by a government or other regime.
Dixon notes that it's important to remember what uProxy is not and does not do. It doesn't anonymize traffic like Tor, it doesn't allow for file sharing, and it doesn't provide encrypted, secure communications like tools Silent Circle and Cryptocat.
uProxy, which was seeded by Google Ideas, but mainly developed by researchers at the University of Washington, isn't the first tool of its kind. There are numerous projects and kinds of software that promise to circumvent firewalls and censorship, like the open-source project Lantern, whose developers contributed to uProxy through Brave New Software.
Before releasing uProxy to the public, Google will let Internet freedom organizations like OpenITP, which itself funds and develops censorship circumventions tools, to audit the code, Dixon said. Then they will release the code, open source, for the public to see.
For Eva Galperin, Global Policy Analyst at the digital rights advocacy group Electronic Frontier Foundation, Google's extremely cautious approach is a good sign.
"If we are worried about security and privacy of our tools," she said, "it is important that our tools be well audited and that our tools be open source."
uProxy certainly has great potential, but it remains to be seen when it will launch and how effective it will really be. Internet activists point to the cautionary tale of Haystack, another tool promoted to circumvent censorship in places like Iran.
It was at first widely lauded and hyped, before security researcher Jacob Appelbaum found serious holes in it. Vulnerabilities that could have put people in danger.
The tool was later disabled_and_abandoned .
uProxy is a browser extension that lets users share alternative more secure routes to the Internet. It's like a personalised VPN service that you set up for yourself and your friends. uProxy helps users protect each other from third parties who may try to watch, block, or redirect users’ Internet connections.
You might not realise it, but every time you connect to a website, your information takes many steps. For example it may travel from your computer to a Wi-Fi hotspot, to an Internet service provider, then on to an international gateway before arriving at the site. This journey matters because it is at each step that the connection may be blocked, surveilled or misdirected.
uProxy lets you provide a pathway for trusted friends to get safer, more private and more reliable access. You give access to a friend by email or chat. By accessing the Internet through uProxy, a friend's Internet connection is routed through your computer before continuing to the site they are visiting. uProxy helps avoid attacks on your friend's Internet connection. You can also use uProxy when you are travelling and worried about the security of your Internet connection. By using uProxy to route your connection back to your home computer, you can access the Internet as if you were in your own home.
uProxy has been developed at the University of Washington, with help from Brave New Software. The project was seeded by Google Ideas.
uProxy is being developed for Chrome and Firefox. We may expand to other browsers and to mobile in the future, depending on resources available.
At the moment, uProxy is in a limited release to trusted testers who can help make it as reliable, secure and private as possible. In the coming months, the trusted tester program will also be rolled out to more users. You sign up for the extended rollout of the trusted tester program by going to http://uproxy.org/
We are working on making uProxy as secure and private as it can be. uProxy's trusted tester program is intended to get user feedback and fix bugs before releasing it more widely.
Insecure connections to the Internet introduce many risks. For example, when using a Wi-Fi hotspot, if you visit a site that doesn't use encryption, other people on the same network may be able to see what websites you go to, and what information you send and receive. It's worrying that even some email providers still don't use encryption; What this means is that on insecure connections to the Internet, any part of the pathway from your computer to final site on the Internet will be able to read your email, and may even be able to modify it.
uProxy routes one user's connection to the Internet via a friend they trust. Both users have to have uProxy installed. uProxy is intended to allow one user, with a safer and more secure connection to the Internet, to share their connection to the Internet with trusted friends and family, or even with themselves when they travel. By encrypting the connection between the two users, uProxy makes it much harder for an intermediate step on the journey to watch, block or misdirect traffic.
uProxy is a bit like a (Virtual Private Network) VPN such as OpenVPN, or other types of proxy services. But setting up a VPN service can be rather complicated. uProxy makes it easy to provide your friends and your family with a way to get access from a location that you trust. For instance, you may trust your ISP provider at your home and want to access the Internet from there when you use an untrusted WiFi hotspot.
There are many differences, depending on the exact details of the proxy service you want to compare uProxy to. But the main difference is that uProxy not a centralized service, so it cannot be blocked in one place. It runs on your browser, so it moves with you. Users selectively share their Internet connection with trusted friends. The proxy also lives only as long as the friend is running uProxy in their web-browser. If your friend fully closes their web-browser or turns off their computer while you are using their computer to get access to the Internet, the uProxy connection will stop. When they open their browser again, you will be able to start using them as a proxy service again.
There are two ways to use uProxy (or VPNs or other proxies).
If you are providing a someone with access, then you have to trust that they will use your Internet connection legally. You are responsible for their online activity. Because you cannot see what a friend is doing on your Internet connection, you should think carefully before you give someone access to your Internet connection. If you are behind a corporate or restricted network, you should also check with your network administrators and technical support magicians to make sure you are not opening a security hole into the normally restricted network.
On the other hand, if you are using uProxy to get access to the Internet from someone, you also have to trust them. If their computer is at an insecure WiFi hotspot, you will not necessarily be making your Internet connection any more private or secure. Moreover, you need to trust the proxy services you use, because the proxy service has the technical capacity to block, misdirect, and manipulate your Internet traffic. Even if you trust the location from which you are connecting to the Internet, make sure you know how to stay safe and secure online.
uProxy is not designed to be an anonymizing service. Services like Tor provide a much stronger guarantee that a user's IP address is hidden from from the target site as well as intermediaries. uProxy does not provide such a guarantee.
One of the ways uProxy connects you through your friends, is by connecting to existing chat networks, such as Facebook or Google Hangouts. uProxy can use a chat network to discover new friends and setup peer-to-peer proxying from your friends. If a user does so, then the chat network can see that the user has uProxy installed. A user's chat contacts may also see this.
To anyone on the same local network (e.g. WiFi hotspot) the uProxy connection looks like an encrypted connection to another user on the Internet. There’s no uProxy-specific mark on traffic that identifies the traffic as being sent by uProxy. We'd like the traffic to look no different from a networked video game or Internet phone calls. Protocol detection and protocol obfuscation are both very active research fields. We are very interested in this and will be following it closely.
uProxy is not a file sharing tool. uProxy only proxies your web browser traffic.
The source code will be released by the University of Washington under the Apache 2 license after the trusted tester phase is completed. If you would like to get involved sooner go to http://uproxy.org/
There are standard ways to restrict access with a school or corporate network. For example, when they control the hardware, they can restrict the installation of extensions. They need to do this already in order to stop traditional proxying extensions.
ags: censorship, Internet freedom, proxy, uProxy