Ultrasurf

UltraSurf is a freeware Internet censorship circumvention product created by UltraReach Internet Corporation. The software bypasses Internet censorship and firewalls using an HTTP proxy server, and employs encryption protocols for privacy.

UltraSurf
Developer(s)UltraReach[1]
Initial release2002
Stable release
19.02 / 15 February 2019 (2019-02-15)
Operating systemMicrosoft Windows
Available inEnglish
TypeInternet censorship circumvention
LicenseFreeware
Websiteultrasurf.us[2]

The software was developed by two different groups of Falun Gong practitioners at the same time, one starting in the US in 2002 by expatriate Chinese.[3] The software was designed as a means of allowing internet users to bypass the Great Firewall of China. It currently boasts as many as 11 million users worldwide. The tool has been described as "one of the most important free-speech tools on the Internet" by Wired, and as the "best performing" circumvention tool by Harvard University in a 2007 study;[4] a 2011 study by Freedom House ranked it fourth.[5] Critics in the open-source community, George Turner Says, have expressed concern about the software's closed-source nature and alleged security through obscurity design; UltraReach says their security considerations mean they prefer third party expert review to open source review.[6]

Overview

In 2001, UltraReach was founded by Chinese dissidents in Silicon Valley. Shortly after, UltraSurf was created to allow internet users in China to evade government censorship and monitoring.[3] As of 2011 UltraSurf reported over eleven million users worldwide.[7] During the Arab Spring, UltraReach recorded a 700 percent spike in traffic from Tunisia.[7] Similar traffic spikes occur frequently during times of unrest in other regions, such as Tibet and Burma during the Saffron Revolution.[3] Wired magazine in 2010 called UltraSurf "one of the most important free-speech tools on the Internet" for enabling citizens to access and share information from oppressed countries during times of humanitarian or human rights crises.[3]

UltraSurf is funded, in part, through contracts with the U.S. government's Broadcasting Board of Governors, which administers Voice of America and Radio Free Asia.[7] As of 2012, UltraReach has had difficulty serving its growing user base due to insufficient funding.[8]

Operation

Client software

UltraSurf is free to download and requires no installation. UltraSurf does not install any files on the user's computer and leaves no registry edits after it exits.[4] In other words, it leaves no trace of its use. To fully remove the software from the computer, a user needs only to delete the exe file named u.exe. It is only available on a Windows platform, runs through Internet Explorer by default, and has an optional plug-in for Firefox and Chrome.[9]

The UltraReach website notes that "Some anti-virus software companies misclassify UltraSurf as a malware or Trojan because UltraSurf encrypts the communications and circumvents internet censorship."[10] Some security companies have agreed to whitelist UltraSurf.[11] According to Appelbaum, the UltraSurf client uses anti-debugging techniques and also employs executable compression.[12] The client acts as a local proxy which communicates with the UltraReach network through what appears to be an obfuscated form of TLS/SSL.[12]

UltraSurf servers

The software works by creating an encrypted HTTP tunnel between the user's computer and a central pool of proxy servers, enabling users to bypass firewalls and censorship.[4] UltraReach hosts all of its own servers.[4] The software makes use of sophisticated, proprietary anti-blocking technology to overcome filtering and censorship online.[4] According to Wired magazine, UltraSurf changes the "IP addresses of their proxy servers up to 10,000 times an hour."[3] On the server-side, a 2011 analysis found that the UltraReach network employed squid and ziproxy software, as well as ISC BIND servers bootstrapping for a wider network of open recursive DNS servers, the latter not under UltraReach control.[12]

UltraSurf is designed primarily as an anti-censorship tool but also offers privacy protections in the form of industry standard encryption, with an added layer of obfuscation built in.[6] UltraReach uses an internal content filter which blocks some sites, such as those deemed pornographic or otherwise offensive.[4] According to Wired magazine: "That's partly because their network lacks the bandwidth to accommodate so much data-heavy traffic, but also because Falun Gong frowns on erotica."[3] Additionally, the Falun Gong criticism website facts.org.cn, alleged to be operated by the Chinese government, is also unreachable through UltraSurf.[12]

Evaluation

In a 2007 study, Harvard University's Berkman Center for Internet & Society found UltraSurf to be the "best performing" of all tested circumvention tools during in-country tests, and recommended it for widespread use. In particular, the report found that UltraSurf effectively bypassed various forms of censorship and blocking, include IP block, DNS block, and keyword filtering. It was also the fastest tool during in-country tests, and was noted for being easy to use and install with a simple user interface.[4] The report noted, however, that UltraReach is designed primarily as a circumvention product, rather than as an anonymity tool, and suggested that users concerned about anonymity should disable browser support for active content when using UltraSurf.[4]

A 2011 report by the U.S.-based human rights group Freedom House ranked UltraSurf fourth overall among censorship circumvention and privacy tools, as measured by a combination of performance, usability, support and security. In particular, the tool was recommended for users interested in downloading or viewing information, who required a relatively high degree of privacy, and who favored a fast connection speed.[5]

Some technologists have expressed reservations about the UltraReach model, however. In particular, its developers have been criticized by proponents of open-source software for not allowing peer review of the tool's design, except at the discretion of its creators. Moreover, because UltraReach operates all its own servers, their developers have access to user logs. This architecture means that users are required to trust UltraReach not to reveal user data.[3][4] UltraReach maintains that it keeps logs for a short period of time, and uses them only for the purpose of analyzing traffic for signs of interference or to monitor overall performance and efficacy; the company says it does not disclose user logs to third parties.[6][3] According to Jacob Appelbaum with the Tor Project, this essentially amounts to an example of "privacy by policy".[12]

In an April 2012 report, Appelbaum further criticized UltraSurf for its use of internal content filtering (including blocking pornographic websites), and for its willingness to comply with subpoenas from U.S. law enforcement officials.[12] Appelbaum's report also noted that UltraSurf pages employed Google Analytics, which had the potential to leak user data, and that its systems were not all up to date with the latest security patches and did not make use of forward security mechanisms.[12] Furthermore, Appelbaum claims that "The UltraSurf client uses Open and Free Software including Putty and zlib. The use of both Putty and zlib is not disclosed. This use and lack of disclosure is a violation of the licenses."[12] In a response posted the same day, UltraReach wrote that it had already resolved these issues. They asserted that Appelbaum's report had misrepresented or misunderstood other aspects of its software. UltraReach also argued that the differences between the software approaches to Internet censorship represented by Tor and UltraSurf were at base philosophical and simply different approaches to censorship circumvention.[6] A top-secret NSA presentation revealed as part of the 2013 global surveillance disclosures dismisses this response by UltraSurf as "all talk and no show".[13]

Due to restrictions imposed by some organizations, McAfee VirusScan is flagging some Ultrasurf versions as a potentially unwanted program, avoiding its execution on those machines.

gollark: Well, I still prefer PotatOS superglobal mutex™ and bureacratohazardous documentation™ technology.
gollark: Ah.
gollark: &sys exec return 4
gollark: But why *spinlocks*?
gollark: Due to some config stuff, AutoBotRobot can access SPUDNET directly without going through the main osmarks.tk proxying gateway, so it has magic powers.

See also

References

  1. "About Ultrasurf and Ultrareach - Internet Freedom, Privacy, and Security". Ultrasurf.us. Retrieved 2 April 2019.
  2. "Download Ultrasurf".
  3. Vince Beiser, Digital Weapons Help Dissidents Punch Holes in China's Great Firewall, Wired, 1 November 2010.
  4. Hal Roberts, Ethan Zuckerman, John Palfrey, '2007 Circumvention Landscape Report', Berkman Center of Law and Society, Harvard University. 5 March 2009.
  5. “Leaping Over the Firewall: A Review of Censorship Circumvention Tools”, Cormac Callanan, Hein Dries-Ziekenheiner, Alberto Escudero-Pascual, and Robert Guerra, Freedom House, 2011.
  6. UltraSurf, "Tor's critique of UltraSurf: A reply from the UltraSurf developers" Archived 18 January 2016 at the Wayback Machine, 16 April 2012. Retrieved 28 April 2012.
  7. Anne Applebaum, “Why has the State Department run into a firewall on Internet freedom?”, Washington Post, 4 April 2011.
  8. "Tools to skirt web censors swamped by demand, James Ball, The Washington Post via The Independent, 22 October 2012. Retrieved 24 July 2013.
  9. UltraSurf, “Your Security”.
  10. UltraSurf, “User Center”.
  11. "Developer denies software to beat Chinese censors is malicious: UltraSurf programmer says the software acts suspiciously, but it’s just trying to put one over on the Great Firewall of China" Archived 30 August 2009 at the Wayback Machine, Tim Greene, Network World, 28 August 2009.
  12. Jacob Appelbaum, “Technical analysis of the UltraSurf proxying software”, Tor Project, 16 April 2012. Blog announcement with updates.
  13. "Tor: 'The king of high-secure, low-latency anonymity'". The Guardian. 4 October 2013.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.