App developers try to stay 1 step ahead of government censors in 'intelligence game' - Action News
Home WebMail Friday, November 29, 2024, 09:09 PM | Calgary | -16.8°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

App developers try to stay 1 step ahead of government censors in 'intelligence game'

As censorship circumvention software improves, some governments are more determined than ever to curb its use.

As network monitoring tools get more sophisticated, app developers work on new ways to stay unnoticed

A message from the Chinese police on the proper use of the internet is seen at an internet cafe in Beijing. Earlier this year, China announced its intent to block all unregulated virtual private network services by February 2018. (Ng Han Guan/AP)

Michael Hull recalls a time when frustrating Chinese government censors was as simple as bringing another server online.

Hull's company develops acensorship circumvention tool called Psiphon, popularin countries such as China, where access to information online is tightly controlled. It used to be that when the addresses pointing to Psiphon's servers were discovered and blocked, Hull would simply bring a new server with a new address online until that server, too, was found. And on and on it would go.

But times have changed. As software designed to evade censors and software blocks hasimproved, sohas the technology used by governmentsto curb its use.

Hull's app was one of numerous services removed from Apple's Chinese App Store over the weekend at the behest of the country's government, which announced its intent to block all such unregulated services by February 2018.

On Sunday, the Russian government also announced the signing of a new law banning the use of virtual private network (VPN)services and anonymity software as ofNov. 1.

For service providers, putting circumvention software into the hands of users has always been a challenge. But in the midst of such aggressive crackdowns, there is added pressure to ensure their software will continue to work in the face of increasingly sophisticated countermeasures that require more novel workarounds to defeat.

"It's becoming less of a cat and mouse game, and more of an intelligence game," Hull said.

Traffic in disguise

In places such as China, gone are the days when sidestepping simple keyword filters or application-specific blocks required little more than a VPN or the anonymous browser Tor. Internet filtering technology used in some countries has reached a point where it can detect and block the evasion tools themselves.

As a result, there is a handful ofefforts to develop new and improved evasion tools that, to a censor, don't look like evasion tools at all a practice called traffic obfuscation. The goal is to take connections to sites and services that might otherwise be blockedand make them look more or less the same as connections to content that's approved.

Sometimes, the process is a sort of bait and switch. A user might look like they're merely visiting Amazon or Google, but their connection is actually redirected toblocked content. Other times, the traffic itself is disguised to look like the traffic of an unblocked app, such as Skype, or randomized in a way that looks unlike anything the censor has previously seen.

At the University of Waterloo, PhD student Cecylia Bocovich and professor Ian Goldberg have been developing an experimental technique called Slitheen that hides censored content inside requests for images and videos from approved sites. The hidden content is made tolookas close as possible to the approved content as it travels across the network, making the evasion even harder to detect.

However, there are often shortcomings with such techniques, which is why services like Psiphon, as well as Lantern and VyperVPN, useseveral different approaches to routing and obscuring traffic designed to evade a variety of censorship techniques that can vary between countries and network operators. Thisapproachhas made them especially effective in places such as China, at least for now.

"They just sort of throw out the kitchen sink of techniques," said Nathan Freitas, a fellow at Harvard University'sBerkman Center for Internet and Society, and a developer of a mobile Tor-based web browser for Android phones. "So China basically gave up trying to block all of these techniques and said, 'Let's just block the app, and Apple will do it for us.'"

App stores 'a weak link'

Multiple VPN service providers have said in recent days that their apps are no longer available in Apple's Chinese App Store. It's not the first time an app has been removed, but the scope and scale of the crackdown is significant. In a statement, Apple saidit was "required to remove some VPN apps in China that do not meet the new regulations."

It'sa decision that some believe could set a bad precedent for future requests by governments elsewhere in the world even Western countriesthat aren't typically lumped into the same category as Russia or Iran.

The U.K. government, for example, recently announced it willrequire individuals to register and submit proof of their age before they canaccess pornographicwebsites.

"What is that going to mean for people who are using platforms to access pornwebsitesanonymously?" saidEvaBlum-Dumontet,a research officer atPrivacy International.

In other words, might the U.K.follow China's lead and target circumventionappsthat help citizens to flaunt its content laws?Blum-Dumontetsays it's a reminder not to think of censorship as something that only happens incountries with reputations for being repressive.

Unlike Android, whose users can configure their phones to accept applications from outside the official Google App Store, Apple only allows apps that it has approved. (Aly Song/Reuters)

Although the appsthat were banned in Chinaremain available in other countries' App Stores, Freitas says the decision is still a big blow. Unlike Android users, who can configure their phones to accept applications from outside the official Googleapp store, Apple only allows apps that it has approved.

This meansiPhone or iPad users who might have previously been able to access an unrestricted internet with little more than an app will now have to turn to more complicated workarounds, or other devices entirely.

"The App Stores are a weak link in all of this stuff," Freitassaid. He's not sure how far governments will go in blocking new and novel evasion tools in particular, ones that rely on traffic obfuscation.

But one thing is clear:"Apple provides a quick shortcut."