The Register‘s Thomas Claburn on a new tool being developed in Canada to aid internet users in countries with hard censorship access material their governments don’t want them to see:
Computer boffins in Canada are working on anti-censorship software called Slitheen that disguises disallowed web content as government-sanctioned pablum. They intend for it to be used in countries where network connections get scrutinized for forbidden thought.
Slitheen – named after Doctor Who aliens capable of mimicking humans to avoid detection – could thus make reading the Universal Declaration of Human Rights look like a lengthy refresher course in North Korean juche ideology or a politically acceptable celebration of cats.
In a presentation last October, Cecylia Bocovich, a University of Waterloo PhD student developing the technology in conjunction with computer science professor Ian Goldberg, said that governments in countries such as China, Iran, and Pakistan have used a variety of techniques to censor internet access, including filtering by IP address, filtering by hostname, protocol-specific throttling, URL keyword filtering, active probing, and application layer deep packet inspection.
In an email to The Register, Goldberg said the software is based on the concept of decoy routing.
“The basic idea behind decoy routing is that the (censored) user’s computer makes an Internet connection to some non-censored (‘overt’) site, such as a site with cute cat videos,” said Goldberg. “However, it embeds a hidden cryptographic tag in its connection, which only a particular Internet router somewhere on the path between the user and the cute cat site can see. That router, seeing the tag, then redirects the traffic to a censored (‘covert’) site, say Wikipedia.”
As Bocovich and Goldberg explain in a paper [PDF] they co-authored, these tags make the web session’s master TLS secret available to a cooperating ISP. This allows the ISP to conduct what amounts to a friendly man-in-the-middle attack by having a network relay it controls open a proxy connection to the censored website.