Ultrasurf

Last updated

UltraSurf
Developer(s) UltraReach [1]
Initial release2002
Stable release
21.32
Operating system Android, Microsoft Windows
Available inChinese, English
Type Internet censorship circumvention
License Freeware
Website ultrasurf.us [2]

UltraSurf is a freeware Internet censorship circumvention product [3] created by UltraReach Internet Corporation. The software bypasses Internet censorship and firewalls using an HTTP proxy server, and employs encryption protocols for privacy.

Contents

The software was developed by two different groups of Falun Gong practitioners at the same time, one starting in the US in 2002 by expatriate Chinese. [3] The software was designed as a means of allowing internet users to bypass the Great Firewall of China. In 2011, UltraReach claimed to have as many as 11 million users worldwide. The tool has been described as "one of the most important free-speech tools on the Internet" by Wired , and as the "best performing" circumvention tool by Harvard University in a 2007 study; [4] a 2011 study by Freedom House ranked it fifth. [5] Critics in the open-source community, George Turner Says, have expressed concern about the software's closed-source nature and alleged security through obscurity design; UltraReach says their security considerations mean they prefer third party expert review to open source review. [6]

Overview

In 2001, UltraReach was founded by Chinese dissidents in Silicon Valley. Shortly after, UltraSurf was created to allow internet users in China to evade government censorship and monitoring. [3] As of 2011 UltraSurf reported over eleven million users worldwide. [7] During the Arab Spring, UltraReach recorded a 700 percent spike in traffic from Tunisia. [7] Similar traffic spikes occur frequently during times of unrest in other regions, such as Tibet and Burma during the Saffron Revolution. [3] Wired magazine in 2010 called UltraSurf "one of the most important free-speech tools on the Internet" for enabling citizens to access and share information from oppressed countries during times of humanitarian or human rights crises. [3]

UltraReach was one of a dozen circumvention tools evaluated by a Freedom House-funded report based on user experience from China in 2010, which include Hotspot Shield, Tor, and Freegate. [8]

UltraSurf is funded, in part, through contracts with the U.S. government's Broadcasting Board of Governors, which administers Voice of America and Radio Free Asia. [7] [9] As of 2012, UltraReach has had difficulty serving its growing user base due to insufficient funding. [10]

Operation

Client software

UltraSurf is free to download [11] and requires no installation. UltraSurf does not install any files on the user's computer and leaves no registry edits after it exits. [4] In other words, it leaves no trace of its use. To fully remove the software from the computer, a user needs only to delete the exe file named u.exe. It is only available on a Windows platform, runs through Internet Explorer by default, and has an optional plug-in for Firefox and Chrome. [12]

The UltraReach website notes that "Some anti-virus software companies misclassify UltraSurf as a malware or Trojan because UltraSurf encrypts the communications and circumvents internet censorship." [13] Some security companies have agreed to whitelist UltraSurf. [14] According to Appelbaum, the UltraSurf client uses anti-debugging techniques and also employs executable compression. [15] The client acts as a local proxy which communicates with the UltraReach network through what appears to be an obfuscated form of TLS/SSL. [15]

UltraSurf servers

The software works by creating an encrypted HTTP tunnel between the user's computer and a central pool of proxy servers, enabling users to bypass firewalls and censorship. [4] UltraReach hosts all of its own servers. [4] The software makes use of sophisticated, proprietary anti-blocking technology to overcome filtering and censorship online. [4] According to Wired magazine, UltraSurf changes the "IP addresses of their proxy servers up to 10,000 times an hour." [3] On the server-side, a 2011 analysis found that the UltraReach network employed squid and ziproxy software, as well as ISC BIND servers bootstrapping for a wider network of open recursive DNS servers, the latter not under UltraReach control. [15]

UltraSurf is designed primarily as an anti-censorship tool but also offers privacy protections in the form of industry standard encryption, with an added layer of obfuscation built in. [6] UltraReach uses an internal content filter which blocks some sites, such as those deemed pornographic or otherwise offensive. [4] According to Wired magazine: "That's partly because their network lacks the bandwidth to accommodate so much data-heavy traffic, but also because Falun Gong frowns on erotica." [3] Additionally, the Falun Gong criticism website facts.org.cn, alleged to be operated by the Chinese government, is also unreachable through UltraSurf. [15]

Evaluation

In a 2007 study, Harvard University's Berkman Center for Internet & Society found UltraSurf to be the "best performing" of all tested circumvention tools during in-country tests, and recommended it for widespread use. In particular, the report found that UltraSurf effectively bypassed various forms of censorship and blocking, include IP block, DNS block, and keyword filtering. It was also the fastest tool during in-country tests, and was noted for being easy to use and install with a simple user interface. [4] The report noted, however, that UltraReach is designed primarily as a circumvention product, rather than as an anonymity tool, and suggested that users concerned about anonymity should disable browser support for active content when using UltraSurf. [4]

A 2011 report by the U.S.-based human rights group Freedom House ranked UltraSurf fourth overall among censorship circumvention and privacy tools, as measured by a combination of performance, usability, support and security. In particular, the tool was recommended for users interested in downloading or viewing information, who required a relatively high degree of privacy, and who favored a fast connection speed. [5]

Some technologists have expressed reservations about the UltraReach model, however. In particular, its developers have been criticized by proponents of open-source software for not allowing peer review of the tool's design, except at the discretion of its creators. Moreover, because UltraReach operates all its own servers, their developers have access to user logs. This architecture means that users are required to trust UltraReach not to reveal user data. [3] [4] UltraReach maintains that it keeps logs for a short period of time, and uses them only for the purpose of analyzing traffic for signs of interference or to monitor overall performance and efficacy; the company says it does not disclose user logs to third parties. [6] [3] According to Jacob Appelbaum with the Tor Project, this essentially amounts to an example of "privacy by policy". [15]

In an April 2012 report, Appelbaum further criticized UltraSurf for its use of internal content filtering (including blocking pornographic websites), and for its willingness to comply with subpoenas from U.S. law enforcement officials. [15] Appelbaum's report also noted that UltraSurf pages employed Google Analytics, which had the potential to leak user data, and that its systems were not all up to date with the latest security patches and did not make use of forward security mechanisms. [15] Furthermore, Appelbaum claims that "The UltraSurf client uses Open and Free Software including Putty and zlib. The use of both Putty and zlib is not disclosed. This use and lack of disclosure is a violation of the licenses." [15] In a response posted the same day, UltraReach wrote that it had already resolved these issues. They asserted that Appelbaum's report had misrepresented or misunderstood other aspects of its software. UltraReach also argued that the differences between the software approaches to Internet censorship represented by Tor and UltraSurf were at base philosophical and simply different approaches to censorship circumvention. [6] A top-secret NSA presentation revealed as part of the 2013 global surveillance disclosures dismisses this response by UltraSurf as "all talk and no show". [16]

See also

Related Research Articles

An Internet filter is software that restricts or controls the content an Internet user is capable to access, especially when utilized to restrict material delivered over the Internet via the Web, Email, or other means. Content-control software determines what content will be available or be blocked.

<span class="mw-page-title-main">Proxy server</span> Computer server that makes and receives requests on behalf of a user

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

China censors both the publishing and viewing of online material. Many controversial events are censored from news coverage, preventing many Chinese citizens from knowing about the actions of their government, and severely restricting freedom of the press. China's censorship includes the complete blockage of various websites, apps, video games, inspiring the policy's nickname, the "Great Firewall of China", which blocks websites. Methods used to block websites and pages include DNS spoofing, blocking access to IP addresses, analyzing and filtering URLs, packet inspection, and resetting connections.

<span class="mw-page-title-main">Privoxy</span> Non-caching proxy server

Privoxy is a free non-caching web proxy with filtering capabilities for enhancing privacy, manipulating cookies and modifying web page data and HTTP headers before the page is rendered by the browser. Privoxy is a "privacy enhancing proxy", filtering web pages and removing advertisements. Privoxy can be customized by users, for both stand-alone systems and multi-user networks. Privoxy can be chained to other proxies and is frequently used in combination with Squid among others and can be used to bypass Internet censorship.

SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.

The Great Firewall is the combination of legislative actions and technologies enforced by the People's Republic of China to regulate the Internet domestically. Its role in internet censorship in China is to block access to selected foreign websites and to slow down cross-border internet traffic. The Great Firewall operates by checking transmission control protocol (TCP) packets for keywords or sensitive words. If the keywords or sensitive words appear in the TCP packets, access will be closed. If one link is closed, more links from the same machine will be blocked by the Great Firewall. The effect includes: limiting access to foreign information sources, blocking foreign internet tools and mobile apps, and requiring foreign companies to adapt to domestic regulations.

A dark net or darknet is an overlay network within the Internet that can only be accessed with specific software, configurations, or authorization, and often uses a unique customized communication protocol. Two typical darknet types are social networks, and anonymity proxy networks such as Tor via an anonymized series of connections.

<span class="mw-page-title-main">Psiphon</span> Free and open-source internet circumvention tool

Psiphon is a free and open-source Internet censorship circumvention tool that uses a combination of secure communication and obfuscation technologies, such as a VPN, SSH, and a Web proxy. Psiphon is a centrally managed and geographically diverse network of thousands of proxy servers, using a performance-oriented, single- and multi-hop routing architecture.

<span class="mw-page-title-main">Freegate</span>

Freegate is a software application developed by Dynamic Internet Technology (DIT) that enables internet users from mainland China, South Korea, North Korea, Syria, Vietnam, Iran, United Arab Emirates, Germany, New Zealand, Australia, and the United Kingdom among others, to view websites blocked by their governments. The program takes advantage of a range of proxy servers called Dynaweb. This allows users to bypass Internet firewalls that block web sites by using DIT's Peer-to-peer (P2P)-like proxy network system. FreeGate's anti-censorship capability is further enhanced by a new, unique encryption and compression algorithm in the versions of 6.33 and above. Dynamic Internet Technology estimates Freegate had 200,000 users in 2004. The maintainer and CEO of DIT is Bill Xia.

<span class="mw-page-title-main">Internet censorship</span> Legal control of the internet

Internet censorship is the legal control or suppression of what can be accessed, published, or viewed on the Internet. Censorship is most often applied to specific internet domains but exceptionally may extend to all Internet resources located outside the jurisdiction of the censoring state. Internet censorship may also put restrictions on what information can be made internet accessible. Organizations providing internet access – such as schools and libraries – may choose to preclude access to material that they consider undesirable, offensive, age-inappropriate or even illegal, and regard this as ethical behaviour rather than censorship. Individuals and organizations may engage in self-censorship of material they publish, for moral, religious, or business reasons, to conform to societal norms, political views, due to intimidation, or out of fear of legal or other consequences.

Anonymizer, Inc. is an Internet privacy company, founded in 1995 by Lance Cottrell, author of the Mixmaster anonymous remailer. Anonymizer was originally named Infonex Internet. The name was changed to Anonymizer in 1997 when the company acquired a web based privacy proxy of the same name developed by Justin Boyan at Carnegie Mellon University School of Computer Science. Boyan licensed the software to C2Net for public beta testing before selling it to Infonex. One of the first web privacy companies founded, Anonymizer creates a VPN link between its servers and its users computer, creating a random IP address, rather than the one actually being used. This can be used to anonymously report a crime, avoid spam, avoid Internet censorship, keep the users identity safe and track competitors, among other uses.

<span class="mw-page-title-main">Tor (network)</span> Free and open-source anonymity network based on onion routing

Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic via a free, worldwide, volunteer overlay network that consists of more than seven thousand relays.

The Golden Shield Project, also named National Public Security Work Informational Project, is the Chinese nationwide network-security fundamental constructional project by the e-government of the People's Republic of China. This project includes a security management information system, a criminal information system, an exit and entry administration information system, a supervisor information system, a traffic management information system, among others.

<span class="mw-page-title-main">Tails (operating system)</span> Linux distribution for anonymity and privacy

Tails, or "The Amnesic Incognito Live System," is a security-focused Debian-based Linux distribution aimed at preserving Internet privacy and anonymity. It connects to the Internet exclusively through the anonymity network Tor. The system is designed to be booted as a live DVD or live USB and never writes to the hard drive or SSD, leaving no digital footprint on the machine unless explicitly told to do so. It can also be run as a virtual machine, with some additional security risks.

Internet censorship circumvention, also referred to as going over the wall or scientific browsing in China, is the use of various methods and tools to bypass internet censorship.

Flash proxy is a pluggable transport and proxy which runs in a web browser. Flash proxies are an Internet censorship circumvention tool which enables users to connect to the Tor anonymity network via a plethora of ephemeral browser-based proxy relays. The essential idea is that the IP addresses contingently used are changed faster than a censoring agency can detect, track, and block them. The Tor traffic is wrapped in a WebSocket format and disguised with an XOR cipher.

<span class="mw-page-title-main">VPN blocking</span>

VPN blocking is a technique used to block the encrypted protocol tunneling communications methods used by virtual private network (VPN) systems. Often used by large organizations such as national governments or corporations, it can act as a tool for computer security or Internet censorship by preventing the use of VPNs to bypass network firewall systems.

<span class="mw-page-title-main">Lantern (software)</span> Internet censorship circumvention software

Lantern is a free internet censorship circumvention tool that operates in some of the most extreme censorship environments, such as China, Iran, and Russia. It uses wide variety of protocols and techniques that obfuscate network traffic and/or co-mingle traffic with protocols censors are reluctant to block. It also uses domain fronting. It is not an anonymity tool like Tor.

Internet censorship in Switzerland is regulated by the Federal Supreme Court of Switzerland on a case by case basis. Internet services provided by the registered with BAKOM Internet service providers (ISPs) are subject to a "voluntary recommendation" by the Federal Supreme Court of Switzerland, which requires blocking of websites just after 18 December 2007. As of October 2015, this might change soon and additional topics like Online gambling are on the focus now.

<span class="mw-page-title-main">Domain fronting</span> Technique for Internet censorship circumvention

Domain fronting is a technique for Internet censorship circumvention that uses different domain names in different communication layers of an HTTPS connection to discreetly connect to a different target domain than is discernable to third parties monitoring the requests and connections.

References

  1. "About Ultrasurf and Ultrareach - Internet Freedom, Privacy, and Security". Ultrasurf.us. Retrieved 2 April 2019.
  2. "Download Ultrasurf".
  3. 1 2 3 4 5 6 7 8 9 Beiser, Vince (1 November 2010). "Digital Weapons Help Dissidents Punch Holes in China's Great Firewall". Wired. Vol. 18, no. 11. ISSN   1059-1028. Archived from the original on 29 March 2011. Retrieved 15 June 2022.
  4. 1 2 3 4 5 6 7 8 9 Hal Roberts, Ethan Zuckerman, John Palfrey, '2007 Circumvention Landscape Report', Berkman Center of Law and Society, Harvard University. 5 March 2009.
  5. 1 2 “Leaping Over the Firewall: A Review of Censorship Circumvention Tools”, Cormac Callanan, Hein Dries-Ziekenheiner, Alberto Escudero-Pascual, and Robert Guerra, Freedom House, 2011.
  6. 1 2 3 4 UltraSurf, "Tor's critique of UltraSurf: A reply from the UltraSurf developers" Archived 18 January 2016 at the Wayback Machine , 16 April 2012. Retrieved 28 April 2012.
  7. 1 2 3 Anne Applebaum, “Why has the State Department run into a firewall on Internet freedom?”, Washington Post, 4 April 2011.
  8. "Leaping Over the Firewall: A Review of Censorship Circumvention Tools" (PDF). freedomhouse.org.
  9. Lau, Thomas (10 February 2006). "Internet Development and Information Control in the People's Republic of China - Updated February 10, 2006". Congressional Research Service Report for the United States Congress, February 10, 2006, table 1. | International Broadcasting Bureau Funding for Counter-Censorship Technology. Retrieved 29 December 2023.
  10. "Tools to skirt web censors swamped by demand, James Ball, The Washington Post via The Independent, 22 October 2012. Retrieved 24 July 2013.
  11. "UltraSurf". TechSpot. 30 November 2023. Retrieved 29 December 2023.
  12. UltraSurf, “Your Security”.
  13. UltraSurf, “User Center” Archived 18 July 2017 at the Wayback Machine .
  14. "Developer denies software to beat Chinese censors is malicious: UltraSurf programmer says the software acts suspiciously, but it's just trying to put one over on the Great Firewall of China" Archived 30 August 2009 at the Wayback Machine , Tim Greene, Network World, 28 August 2009.
  15. 1 2 3 4 5 6 7 8 Jacob Appelbaum, “Technical analysis of the UltraSurf proxying software”, Tor Project, 16 April 2012. Blog announcement with updates.
  16. "Tor: 'The king of high-secure, low-latency anonymity'". The Guardian . 4 October 2013.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.