Developer(s) | UltraReach [1] |
---|---|
Initial release | 2002 |
Stable release | 21.32 |
Operating system | Android, Microsoft Windows |
Available in | Chinese, English |
Type | Internet censorship circumvention |
License | Freeware |
Website | ultrasurf |
UltraSurf is a closed-source freeware Internet censorship circumvention product [2] created by UltraReach Internet Corporation. The software bypasses Internet censorship and firewalls using an HTTP proxy server, and employs encryption protocols for privacy.
The software was developed by two different groups of Falun Gong practitioners at the same time, one starting in the US in 2002 by expatriate Chinese. [2] The software was designed as a means of allowing internet users to bypass the Great Firewall of China. In 2011, UltraReach claimed to have as many as 11 million users worldwide.
UltraSurf is proprietary software; critics in the open-source community have expressed concern about the software's closed-source nature and alleged security through obscurity design. [3] [4]
In 2001, UltraReach was founded by members of Falun Gong. UltraSurf was created to allow internet users in China to evade government censorship and monitoring. [2] In 2011 UltraSurf reported over eleven million users worldwide. [5] During the Arab Spring, UltraReach recorded a 700 percent spike in traffic from Tunisia. [5] Similar traffic spikes occurred during times of unrest in other regions, such as Tibet and Burma during the Saffron Revolution. [2] However, a study by the United States Department of State found a very low level of usage of the software as of 2021, partially due to the software only being available on Windows. [6]
UltraSurf has received significant funding from the U.S. government. Originally, funding was provided through the U.S. State Department as well as the Broadcasting Board of Governors, which administered Voice of America and Radio Free Asia. [5] [7] However, this funding was revoked due to UltraSurf's refusal to comply with independent security audits.
In 2020, when Michael Pack was appointed as the head of the U.S. Agency for Global Media by Donald Trump, Pack and several conservative allies pushed for additional funding for UltraSurf through the Open Technology Fund, despite use of closed-source code and low number of users. UltraSurf was awarded $1.8 million in funding under Pack, despite the objections of several high-ranking officials who were subsequently fired. Pack's actions were later referred to the Inspector General of the Department of State as part of a criminal conspiracy. [8] [6]
UltraSurf is free to download and requires no installation. UltraSurf does not install any files on the user's computer and leaves no registry edits after it exits. [9] In other words, it leaves no trace of its use. To fully remove the software from the computer, a user needs only to delete the exe file named u.exe. It is only available on a Windows platform, runs through Internet Explorer by default, and has an optional plug-in for Firefox and Chrome. [10]
The UltraReach website notes that "Some anti-virus software companies misclassify UltraSurf as a malware or Trojan because UltraSurf encrypts the communications and circumvents internet censorship." [11] Some security companies have agreed to whitelist UltraSurf. [12] According to Appelbaum, the UltraSurf client uses anti-debugging techniques and also employs executable compression. [4] The client acts as a local proxy which communicates with the UltraReach network through what appears to be an obfuscated form of TLS/SSL. [4]
The software works by creating an encrypted HTTP tunnel between the user's computer and a central pool of proxy servers, enabling users to bypass firewalls and censorship. [9] UltraReach hosts all of its own servers. [9] The software makes use of sophisticated, proprietary anti-blocking technology to overcome filtering and censorship online. [9] According to Wired magazine, UltraSurf changes the "IP addresses of their proxy servers up to 10,000 times an hour." [2] On the server-side, a 2011 analysis found that the UltraReach network employed squid and ziproxy software, as well as ISC BIND servers bootstrapping for a wider network of open recursive DNS servers, the latter not under UltraReach control. [4]
UltraSurf is designed primarily as an anti-censorship tool but also offers privacy protections in the form of industry standard encryption, with an added layer of obfuscation built in. [13] UltraReach uses an internal content filter which blocks some sites, such as those deemed pornographic or otherwise offensive. [9] According to Wired magazine: "That's partly because their network lacks the bandwidth to accommodate so much data-heavy traffic, but also because Falun Gong frowns on erotica." [2] Additionally, the Falun Gong criticism website facts.org.cn, alleged to be operated by the Chinese government, is also unreachable through UltraSurf. [4]
Some technologists have expressed reservations about the UltraReach model, however. In particular, its developers have been criticized by proponents of open-source software for not allowing peer review of the tool's design, except at the discretion of its creators. Moreover, because UltraReach operates all its own servers, their developers have access to user logs. This architecture means that users are required to trust UltraReach not to reveal user data. [2] [9] UltraReach maintains that it keeps logs for a short period of time, and uses them only for the purpose of analyzing traffic for signs of interference or to monitor overall performance and efficacy; the company says it does not disclose user logs to third parties. [13] [2] According to Jacob Appelbaum with the Tor Project, this essentially amounts to an example of "privacy by policy". [4]
In an April 2012 report, Appelbaum further criticized UltraSurf for its use of internal content filtering (including blocking pornographic websites), and for its willingness to comply with subpoenas from U.S. law enforcement officials. [4] Appelbaum's report also noted that UltraSurf pages employed Google Analytics, which had the potential to leak user data, and that its systems were not all up to date with the latest security patches and did not make use of forward security mechanisms. [4] Furthermore, Appelbaum claims that "The UltraSurf client uses Open and Free Software including Putty and zlib. The use of both Putty and zlib is not disclosed. This use and lack of disclosure is a violation of the licenses." [4] In a response posted the same day, UltraReach wrote that it had already resolved these issues. They asserted that Appelbaum's report had misrepresented or misunderstood other aspects of its software. UltraReach also argued that the differences between the software approaches to Internet censorship represented by Tor and UltraSurf were at base philosophical and simply different approaches to censorship circumvention. [13] A top-secret NSA presentation revealed as part of the 2013 global surveillance disclosures dismisses this response by UltraSurf as "all talk and no show". [14]
A 2021 review of UltraSurf by TechRadar described UltraSurf as "capable yet slow", and cautioned that the software "cannot increase your online privacy, and should not be considered or used as an online security tool". [15]
A 2021 audit by the United States Department of State found that UltraSurf relies on outdated technologies from 2013, which would be "trivial for a moderate-budget adversary" to defeat. [6]
An Internet filter is software that restricts or controls the content an Internet user is capable to access, especially when utilized to restrict material delivered over the Internet via the Web, Email, or other means. Such restrictions can be applied at various levels: a government can attempt to apply them nationwide, or they can, for example, be applied by an Internet service provider to its clients, by an employer to its personnel, by a school to its students, by a library to its visitors, by a parent to a child's computer, or by an individual user to their own computers. The motive is often to prevent access to content which the computer's owner(s) or other authorities may consider objectionable. When imposed without the consent of the user, content control can be characterised as a form of internet censorship. Some filter software includes time control functions that empowers parents to set the amount of time that child may spend accessing the Internet or playing games or other computer activities.
In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and possibly performance in the process.
Privoxy is a free non-caching web proxy with filtering capabilities for enhancing privacy, manipulating cookies and modifying web page data and HTTP headers before the page is rendered by the browser. Privoxy is a "privacy enhancing proxy", filtering web pages and removing advertisements. Privoxy can be customized by users, for both stand-alone systems and multi-user networks. Privoxy can be chained to other proxies and is frequently used in combination with Squid among others and can be used to bypass Internet censorship.
SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded. A SOCKS server accepts incoming client connection on TCP port 1080, as defined in RFC 1928.
The Great Firewall is the combination of legislative actions and technologies enforced by the People's Republic of China to regulate the Internet domestically. Its role in internet censorship in China is to block access to selected foreign websites and to slow down cross-border internet traffic. The Great Firewall operates by checking transmission control protocol (TCP) packets for keywords or sensitive words. If the keywords or sensitive words appear in the TCP packets, access will be closed. If one link is closed, more links from the same machine will be blocked by the Great Firewall. The effect includes: limiting access to foreign information sources, blocking foreign internet tools and mobile apps, and requiring foreign companies to adapt to domestic regulations.
A dark net or darknet is an overlay network within the Internet that can only be accessed with specific software, configurations, or authorization, and often uses a unique customized communication protocol. Two typical darknet types are social networks, and anonymity proxy networks such as Tor via an anonymized series of connections.
Privacy software, also called privacy platform, is software built to protect the privacy of its users. The software typically works in conjunction with Internet usage to control or limit the amount of information made available to third parties. The software can apply encryption or filtering of various kinds.
Psiphon is a free and open-source Internet censorship circumvention tool that uses a combination of secure communication and obfuscation technologies, such as a VPN, SSH, and a Web proxy. Psiphon is a centrally managed and geographically diverse network of thousands of proxy servers, using a performance-oriented, single- and multi-hop routing architecture.
Freegate is a software application developed by Dynamic Internet Technology (DIT) that enables internet users to view websites blocked by their governments. The program takes advantage of a range of proxy servers called Dynaweb. This allows users to bypass Internet firewalls that block web sites by using DIT's Peer-to-peer (P2P)-like proxy network system. FreeGate's anti-censorship capability is further enhanced by a new, unique encryption and compression algorithm in the versions of 6.33 and above. Dynamic Internet Technology estimates Freegate had 200,000 users in 2004. The maintainer and CEO of DIT is Bill Xia.
Internet censorship is the legal control or suppression of what can be accessed, published, or viewed on the Internet. Censorship is most often applied to specific internet domains but exceptionally may extend to all Internet resources located outside the jurisdiction of the censoring state. Internet censorship may also put restrictions on what information can be made internet accessible. Organizations providing internet access – such as schools and libraries – may choose to preclude access to material that they consider undesirable, offensive, age-inappropriate or even illegal, and regard this as ethical behavior rather than censorship. Individuals and organizations may engage in self-censorship of material they publish, for moral, religious, or business reasons, to conform to societal norms, political views, due to intimidation, or out of fear of legal or other consequences.
An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable. It is a proxy server computer that acts as an intermediary and privacy shield between a client computer and the rest of the Internet. It accesses the Internet on the user's behalf, protecting personal information of the user by hiding the client computer's identifying information such as IP addresses. Anonymous proxy is the opposite of transparent proxy, which sends user information in the connection request header. Commercial anonymous proxies are usually sold as VPN services.
Tor is a free overlay network for enabling anonymous communication. Built on free and open-source software and more than seven thousand volunteer-operated relays worldwide, users can have their Internet traffic routed via a random path through the network.
The Global Internet Freedom Consortium is a consortium of organizations that develop and deploy anti-censorship technologies for use by Internet users in countries whose governments restrict Web-based information access. The organization was reportedly begun in 2001 by Chinese-born scientists living in the United States reacting against Chinese government oppression of the Falun Gong.
The Golden Shield Project, also named National Public Security Work Informational Project, is the Chinese nationwide network-security fundamental constructional project by the e-government of the People's Republic of China. This project includes a security management information system, a criminal information system, an exit and entry administration information system, a supervisor information system, a traffic management information system, among others.
Internet censorship circumvention, also referred to as going over the wall or scientific browsing in China, is the use of various methods and tools to bypass internet censorship.
Flash proxy is a pluggable transport and proxy which runs in a web browser. Flash proxies are an Internet censorship circumvention tool which enables users to connect to the Tor anonymity network via a plethora of ephemeral browser-based proxy relays. The essential idea is that the IP addresses contingently used are changed faster than a censoring agency can detect, track, and block them. The Tor traffic is wrapped in a WebSocket format and disguised with an XOR cipher.
Hotspot Shield is a public VPN service operated by AnchorFree, Inc. Hotspot Shield was used to bypass government censorship during the Arab Spring protests in Egypt, Tunisia, and Libya.
uProxy was an extension for Chrome and Firefox, which allowed users to access the Internet via a web proxy. This project has been superseded by Outline VPN. The extension works by enabling a user to share their Internet connection with someone else. Google Ideas provided funding for the development which was carried out by the University of Washington and Brave New Software — the same organization behind the anti-censorship tool Lantern. The extension is intended to allow users to get more secure access to the Internet without being monitored. It is free/libre software under Apache license 2.0. The software has been discontinued, stating on their website " uProxy was an open source project led by the University of Washington and seeded by Jigsaw. Although the project is no longer supported, the code is still available on GitHub."
Lantern is a free internet censorship circumvention tool that operates in some of the most extreme censorship environments, such as China, Iran, and Russia. It uses wide variety of protocols and techniques that obfuscate network traffic and/or co-mingle traffic with protocols censors are reluctant to block. It also uses domain fronting. It is not an anonymity tool like Tor.
The Open Technology Fund (OTF) is an American nonprofit corporation that aims to support global Internet freedom technologies. Its mission is to "support open technologies and communities that increase free expression, circumvent censorship, and obstruct repressive surveillance as a way to promote human rights and open societies." As of November 2019, the Open Technology Fund became an independent nonprofit corporation and a grantee of the U.S. Agency for Global Media. Until its formation as an independent entity, it had operated as a program of Radio Free Asia.