Amid Second Ban, Psiphon Keeps WhatsApp On in Brazil

Psiphon Team

5/9/2016

In December, Psiphon blogged about a previous blocking event in Brazil, available here.

Psiphon use surged again in Brazil in response to another nationwide suspension of WhatsApp messaging service. On May 2nd, Brazilian state judge Marcel Maia Montalvão issued an order to block WhatsApp for 72 hours. The judge is seeking user data from WhatsApp as part of a criminal investigation. The five main mobile operators were ordered to block the messaging service, beginning at Monday at 2 p.m. local time.

In response to the recent suspension of WhatsApp services, company CEO Jan Koum posted a message to Facebook stating, “Yet again millions of innocent Brazilians are being punished because a court wants WhatsApp to turn over information we repeatedly said we don’t have. Not only do we encrypt messages end-to-end on WhatsApp to keep people’s information safe and secure, we also don't keep your chat history on our servers. When you send an end-to-end encrypted message, no one else can read it – not even us.”

The suspension was overturned by another judge on Tuesday following an appeal from WhatsApp’s lawyers, allowing WhatsApp to resume services in Brazil.

In March, Judge Montalvão ordered the arrest of Facebook executive Diego Dzodan on charges of obstructing justice after WhatsApp failed to deliver messages subpoenaed in the criminal investigation. A day later, an appeals judge overturned that order and Dzodan was released. Although WhatsApp is owned by Facebook Inc, the two companies operate separately.

During a press conference that followed, Dzodan stated that WhatsApp is unable to turn over the data because it doesn’t store users’ messages after they’ve been delivered. In addition, the messaging service uses end-to-end encryption and messages cannot be intercepted.

Using Psiphon, Brazil’s WhatsApp users were able to retain or restore access to the application. The Psiphon user base in Brazil tripled within the first 24h of the ban. Brazil’s Globonews network recommended Psiphon to circumvent the blocking.

Psiphon in Brazil: bytes per hour, 29 April – 4 May 2016

This case demonstrates that in response to censorship, blocking, and other restrictions, internet users will turn to known tools that connect them to content and to each other.

You can stay in touch with Psiphon via Twitter and Facebook for ongoing updates.

Psiphon Renders VoIP Blocking in Morocco Obsolete

Psiphon Team

3/7/2016

On January 5th, Moroccans discovered Voice over IP (VoIP) services were blocked over 3G and 4G mobile networks. Popular free calling services over Viber, Skype, Facetime, and Whatsapp no longer worked. Upset Internet subscribers voiced their displeasure immediately through online campaigns. Days later, the regulating body for telecommunication in Morocco justified the blocking with claims that the services violate Moroccan regulations, stating that telecom companies have the right to shut down any service they want, for financial or commercial reasons.

Dissatisfied Moroccans increased pressure, protesting with a boycott against three major telecom companies responsible for the blocking. On other fronts, people shared circumvention tools which made the blocking nearly obsolete. Psiphon use tripled in Morocco during the first week of the block and user numbers doubled every week afterwards. Psiphon’s free, open source circumvention tool was advertised in Arabic and French on social media channels in Morocco by ASL19, a human rights organization that localizes circumvention tools into Arabic and other languages. Word of Psiphon’s availability and resilience quickly spread throughout the country. After a month, the telecoms rescinded their decision due to ongoing pressure from unhappy subscribers and the ineffectiveness of the blocking due to circumvention tools.

Morocco’s telecom providers reinstated the ban on 26 February, prompting rapid response from Moroccan netizens including large-scale social media mobilization led byth3professional.com blogger Amine Raghib and an online petition urging Head of Government Abdelilah Benkirane to lift the ban on VoIP services. At the time of writing, VoIP services have been reinstated on wi-fi but remain blocked on 3G and 4G connections. The petition has received over 10,000 signatures.

A joint statement issued by the Moroccan telecom providers claimed the decision was made because of the “negative impact” free calls have on the telecommunications industry.

VoIP blocking is not particular to Morocco. Many MENA region countries block the services, often justifying censorship measures on national security grounds. Governments repeatedly argue that they cannot monitor and surveil these communication tools. VoIP services are blocked in Saudi Arabia, United Arab Emirates, Oman, Kuwait, Qatar, and Egypt. Like Morocco, blocking measures in these countries is often primarily for economic reasons. In many countries, telephone costs are prohibitively high and VoIP services offer some financial relief. Banning VoIP services creates a need amongst citizens to bypass blocking. The Moroccan VoIP ban is only one of the most recent examples of circumvention tool users created by the large-scale censorship of a relied-upon communications service.

[Edited 2016-03-10]

Amid Rampant Blocking of Popular Platforms, Ugandans Find Their Way

Psiphon Team

2/25/2016

On February 18th, Ugandans went to the polls for national elections to contest the fifth consecutive term and 30-year reign of President Yoweri Museveni in what some observers predicted would be his most competitive election yet.

In the lead-up to the election, international media outlets raised concern about a consolidation of power by the ruling party and growing climate of intimidation. A report by Human Rights Watch documented myriad threats to free expression among journalists, media groups, and civil society organizations, and the Committee to Protect Journalists chronicled a series of repressive measures in the weeks preceding the election.

The morning of election day, widespread reports decried the full-scale blocking of popular social media (Facebook, Twitter), instant messaging (WhatsApp), and money transfer (Mobile Money) platforms. Mobile telecommunications provider MTN tweeted that the blocking had been ordered via directive from the Uganda Communications Commission, the national regulatory body due to threats posed to public order and safety.

View image on Twitter

 Follow

MTN Uganda 

✔@mtnug

The UCC has directed MTN to disable all SocialMedia & MobileMoney services due to a threat to Public Order & Safety.

6:49 PM - 18 Feb 2016

 
•  348348 Retweets
 
•  6666 likes

President Museveni explained in a television interview “Some people misuse those pathways. You know how they misuse them – telling lies… if you want a right then use it properly.”

Ugandans rapidly turned to VPN software and other proxy tools in order to bypass the blocking, with an estimated 1.4 million downloads for Android. Psiphon use increased dramatically as netizens connected through the circumvention network to restore their right to communicate and access information.

View image on Twitter

 Follow

Psiphon Inc. @PsiphonInc

Uganda netizens can trust Psiphon for access to the open internet, free DL at https://psiphon.ca/en/download.html …#UgandaDecides

11:16 PM - 18 Feb 2016

 
•  2424 Retweets
 
•  3232 likes

Psiphon statistics indicate growth in hourly connections during the blocking period of up to 25 times baseline usage.

Psiphon’s involvement has received ongoing coverage including the online newspaper The Daily Dot. In an interview, CEO Karl Kathuria told Smartmonkey TV “before the shutdown we had a very low number of users in Uganda. After the shutdown, those who knew about our software started posting about it and there was a big jump on our network... it will go up again much faster next time.”

The case demonstrates that in response to censorship, blocking, and other restrictions, internet users will turn to known tools that connect them to content and to each other.

You can stay in touch with Psiphon via Twitter and Facebook for ongoing updates.

Psiphon usage surges as Brazil blocks WhatsApp

Psiphon Team

12/18/2015

At 9PM ET on December 16th WhatsApp was blocked in Brazil. The ban came after a judge ordered that the messenger app be blocked for 48 hours when the company refused to hand over private user information related to a criminal case. For months, Brazilian telecommunications companies have been attempting to shut down WhatsApp because it provides free messaging and voice services. WhatsApp is the most popular messenger service in Brazil and telecoms blame it for luring millions away from paid cell phone use.

Internet users in Brazil reacted strongly to the ban, criticizing the decision to block WhatsApp widely on social media. Millions turned to alternate messenger services and shared circumvention techniques over social media. Psiphon was praised by people in Brazil for being free, open source, and able to keep them connected throughout the blocking event. Psiphon’s surge capacity was able to cope with the increased demand, with peak data use of more than 8x that of a normal day. Psiphon's unique users in Brazil went from 54,000 on December 16 to 946,000 on December 17.

Less than a day after the block was put in place, a second judge overturned the lower court’s decision and WhatsApp was unblocked. He stated that “it does not seem reasonable that millions of users be affected” because WhatsApp refused to disclose user information. While the surge use of Psiphon settled quickly, more than twice the expected amount of data was being served hours after the block was lifted.

Psiphon in Brazil: bytes per hour, 14-17 December 2015

---

Update: In May 2016 Brazil blocked WhatsApp again, and again users turned to Psiphon.

Psiphon Gives Global Boost to BFI Flare Film Festival 2015

Psiphon Team

4/27/2015

From March 25 - 31, Psiphon partnered with British Council to deploy the BFI Flare #FiveFilms4Freedom campaign, a global digital human rights initiative and history’s first global, digital LGBT cinematic event. A leader in contemporary LGBT cinema for 29 years, BFI Flare 2015 sought to encourage the world to watch a film together, and show that love is a basic human right.

Psiphon helped maximize the global impact of the campaign, connecting the festival’s LGBT filmmakers and their stories to audiences in 135 countries around the world, in some of the most heavily censored societies — places where freedom of expression is not a given, in particular for members of the LGBT community. According to #FiveFilms4Freedom Director Alan Gemmell, the initiative “was a truly ground-breaking way to support freedom and equality all over the world and showcase some of our finest short filmmakers… we’re incredibly proud that our campaign reached tens of millions of people and that we were able to show solidarity with people around the world who risk their lives everyday just to live and love.”

Through the Psiphon platform, more than 5 million viewers were made aware of the festival, and viewed the landing page 13 million times.

The partnership was a litmus test of Psiphon’s capabilities as a publishing platform, and demonstrated its power to connect diverse international audiences to culturally-relevant content, to each other, and to a global conversation on a massive scale.

Psiphon CEO Karl Kathuria was pleased with the outcome. “We are really excited to have helped raise awareness of this film festival,” he said. “Many people using our software are in countries where it can be difficult to access LGBT content, so this is a unique opportunity to connect them with #FiveFilms4Freedom and help them to join in with the conversation over social media.”

Kathuria confirmed that Psiphon will continue to pursue future initiatives in art, cinema, and other cultural activities. “As a content delivery tool, our technology holds substantial and untapped potential to engage a global audience, regardless of information controls that might be imposed on them. Psiphon will be pursuing several more opportunities to promote and distribute content for cinematic events over the remainder of 2015.”

#FiveFilms4Freedom will return in 2016 with an expanded international programme. Psiphon’s free and open source software continues to be available for Windows desktops and Android mobile devices, helping people all over the world connect with each other over the open internet.

To learn more about the #FiveFilms4Freedom project, visit: http://film.britishcouncil.org/our-projects/2015/fivefilms4freedom
To learn more about BFI Flare, visit: http://www.bfi.org.uk/flare
To learn more about the British Council, visit: http://www.britishcouncil.org/

You can also stay in touch with Psiphon via Twitter and Facebook.

Independent Security Assessment of Psiphon 3

Psiphon Team

10/15/2014

At Psiphon, we’re committed to open source development. We talked about this in a previous blog post, and you can access our code repository here.

We were recently offered the chance to take this openness a step further with a formal security audit of our Windows and Android products, to be carried out by iSEC Partners. As part of our effort to be transparent in the way we operate, we are pleased to publish this report in full, which you can access here.

Overall, we are very happy with the results of the security audit, and for it to be recognized that we are "actively invested in ensuring the security of [our] users". We have already addressed the one High Severity item uncovered by iSEC Partners, and will continue to address the other recommendations over time.

The main findings of the report are:

• Psiphon follows most industry best-practices and takes measures to mitigate against attacks where it cannot.
• Most findings were suggestions to further improve the system, particularly in relation to the growth in the number of people using the software.
• No inherent architecture flaws were discovered.
• One High Severity issue was found, related to automated server patching. We have now deployed automated server patching using Ansible.
• Longer-term recommendations are being considered, and where appropriate built in to our development plans.

One particular finding of interest is the recognition by iSEC Partners that there is a potential for security issues related to the browser that we use for browser-only mode. We wrote about that recently when a new security flaw in the browser was discovered, and have already taken steps to mitigate against it.

We were very pleased to be given the opportunity to engage with this security review. We hope that you will find this report interesting, and that it will reassure you of our commitment to providing first-class software that will always be open source and secure.

Android Browser Same Origin Policy Bypass Security Vulnerability (CVE-2014-6041)

Psiphon Team

9/18/2014

A severe security vulnerability in the Android AOSP browser has been disclosed: http://www.rafayhackingarticles.net/2014/08/android-browser-same-origin-policy.html

The Psiphon team has determined that the built-in browser ("browser-only mode") in our Psiphon app is affected, on Android versions 3.0 to 4.3, through its use of Android AOSP browser via the WebView component. There is no known mitigation for this security vulnerability other than to disable JavaScript in our built-in browser WebView components.

We are releasing Psiphon for Android version 62 which will disable JavaScript in the built-in browser on these versions of Android. We plan to leave this restriction in place until a less disruptive, effective mitigation becomes available; or the Android AOSP browser becomes widely patched.

Heartbleed and Psiphon

Psiphon Team

4/11/2014

The Heartbleed bug: http://heartbleed.com/

Summary of Heartbleed impact on Psiphon:

• Some Psiphon servers were using affected versions of OpenSSL, leaving the Python web server vulnerable to the Heartbleed attack. Data at risk, within the web server component process, included Psiphon network topology information and network usage statistics in addition to web server key material.
• The SSH/SSH+ Psiphon tunnels were not at risk. User traffic flowing through the Psiphon servers was not at risk. VPN Psiphon tunnels were potentially at risk for man-in-the-middle attacks as the per-session authentication secret is in Python web server memory.
• On April 8, 2014, OpenSSL patches were applied to all affected Psiphon servers. In addition, all affected servers had their non-SSH/SSH+ capabilities revoked (out-of-band updates to all clients), ensuring clients will not attempt to use potentially compromised web server key material outside of the secure tunnel.
• The Windows client does not use OpenSSL and is not affected by the Heartbleed attack.
• The Android client does not use OpenSSL for its tunnel, but does use Android Java SSL for its web requests to Psiphon web servers and Amazon S3. As Android version 4.1.1 is affected by Heartbleed, our app on this particular version of Android remains vulnerable to Amazon, Psiphon servers, or a man-in-the-middle peeking at app memory.
• The email auto-responder server had the affected version of OpenSSL. The attack against it would be to get it to make a SSL connection to a remote mail server (by sending an email request from an address that uses that server), which could then peek into the memory of the mail server. This could potentially expose email content, including addresses. The OpenSSL patches were applied April 8, 2014.
• The feedback processing server had the affected version of OpenSSL. It may have used that library (via Python + Boto) to make SSL connections to Amazon AWS services and Google Gmail server. This means that Amazon or Google could have accessed user feedback data. However, it should be noted that this data is already hosted in Amazon EC2 and a subset of this data is emailed to us via Gmail. The OpenSSL patches were applied April 8, 2014.
• https://psiphon.ca was not using an affected version of OpenSSL.

A Technical Description of Psiphon

Psiphon Team

3/13/2014

Here's an update to address two recent questions: in simple terms, what is Psiphon and how does it differ from a VPN service; and, what has changed since the technical design document was last updated.

Psiphon 3 is a centrally managed, geographically diverse network of 1000s of proxy servers. Most of our infrastructure is hosted with cloud providers. Psiphon 3 is a "one hop" architecture with secure link encryption between clients and servers. We offer clients for the most popular platforms: Windows, Android, and iOS (in alpha).

Psiphon is open source. Our service offers a strong privacy policy; there are no user accounts and user network addresses are not logged.

Psiphon differs from standard VPN services in a couple of key ways:

• We deploy strategies to distribute subsets of servers to users aiming to provide each user with a handful of servers they can reach while not revealing the entire network to one user. To achieve this goal, the size of our network -- and in particular the diversity of our network addresses -- isn't simply a function of our traffic load.
• We use protocol obfuscation to bypass DPI blocking.

Psiphon's technical design document is out-of-date and what follows is a very brief summary of major technical changes we've implemented since the project launched in 2011.

• We added the obfuscated SSH protocol to mitigate DPI fingerprinting. This fully random-looking protocol is deployed with a unique obfuscation key per Psiphon server.
• We added an optional HTTP prefix to our protocol to mitigate DPI-based whitelisting of HTTP traffic. This simple prefix is sufficient for regex-based DPI (nDPI and l7-filter) to classify Psiphon traffic as HTTP; and was sufficient to defeat an actual adversary at the time we deployed it.
• We added remote server lists to augment the embedded and discovery servers concepts. While discovery happens only when connected to an existing server, remote server lists can be downloaded even when all servers are blocked. Remote server lists are distributed on S3 and accessed via https://s3.amazonaws.com without a distinguishing bucket name in the URL. In this way, it is difficult for an adversary to block our remote server lists without blocking all of S3 or implementing HTTPS traffic analysis.
• Email is now a major client propagation mechanism. We have an auto-responder that returns links and attachments to custom sponsor/channel Psiphon clients depending on the email address users send to.
• We released an Android client in 2012. The first version included an embedded browser based on Android's WebView. In 2012/2013 we added support for whole device tunneling, which tunnels all Android apps through Psiphon. We have an iptables whole device mode (for rooted Android 2.2+ devices); and a whole device mode that uses Android's VpnService with tun2socks (for any Android 4+ device). Additional features added include egress region selection and proxy chaining.
• We have an iOS client now in alpha testing. This app has an embedded browser.
• Our in-app feedback mechanism sends us messages and optional diagnostics from users. This system has helped us debug many platform issues and blocking issues.
• Changes to discovery algorithms: our discovery algorithms evolve as part of an ongoing process of optimizing our network. Major changes include sharing discovery servers across propagation channels; and adding time-of-day as a dimension.
• Optimizations to connection algorithms: our clients now launch connections to many servers at once when connecting, and keep the "best" connection. This assists in load balancing as well as reducing user wait time as individual blocked servers do not stall the connection sequence.
• Client auto-upgrade was enhanced to use incremental download and to use out-of-band download sites (authenticated with digital signatures). These changes made it more likely that a new client can be distributed at a time of blocking.

"Who We Are" added to the About page

Karl Kathuria

1/30/2014

We feel that it's important that you (and everyone who uses our software) know that Psiphon is a team of actual people working hard to give you access to the open Internet. So we've updated our About page to help you get to know us better.

Psiphon and the 2013 Iranian Election

Karl Kathuria

10/28/2013

Psiphon has over a million active users every week. People use our software to get news, information and social media content that they would otherwise not be able to see. We offer apps for Windows and Android devices, mostly distributed through partnerships with news broadcasters and human rights organisations.

This year, we’ve made a particularly big impact in Iran, coinciding with their Presidential election. Iran has always been a big challenge for us, and it’s also where we see the most people using our software. In a normal week, we see as many as 1.5 million unique users connect to our network from inside Iran. There are somewhere around 45 million people connected to the network in Iran, which accounts for 60% of the population.

We knew that the election period was going to cause some problems, but had no idea exactly what we would face. First, as early as March there were reports that VPN software was being blocked inside the country, as reported on Wired magazine’s site. Psiphon stayed available throughout this period, and in fact the user base doubled in just four weeks. We brought many more servers online to cope with the additional load on our network.

Then, at the beginning of May, the disruption to the Internet in Iran was brought to a whole new level. We saw a sudden spike in connections, suggesting that the software was rapidly disconnecting and reconnecting. With help from Collin Anderson and ASL19, we learned that SSL connections were being cut after 60 seconds, and all connections to sites outside of Iran were being severely throttled.

People using Psiphon were still able to connect and see some content, but had a heavily degraded experience. Psiphon’s built-in feedback mechanism allowed people to provide diagnostic information that helped us further -- we were receiving feedback at the rate of thousands of messages per day, all containing vital clues that could help us get back to normal.

Our development team rapidly released an update to Psiphon that provided the first workaround. Six further releases followed in the weeks leading up to the election. Psiphon’s software automatically updates, and these releases were pushed directly to the end users. At least half of our user base had the upgrade within a day of it being released, and by the time of the election, 90% of Psiphon users were connecting with known working versions.

Psiphon’s goal for the period of the election was to try and keep our network alive, so that anyone with an Internet connection was still able to get to the content they wanted to see. As many as 500 active servers were used to achieve this, on diverse networks, with close monitoring by the technical teams to ensure the system was available throughout that time.

Reports from Iran suggest that the throttling of SSL, and blocking of all non-HTTP traffic, was increased for the election period, and most specifically on June 14, the day of the election itself. Psiphon’s software remained available throughout this period. Although there was a reduction in traffic caused by the extreme throttling, there were still over 400,000 connections made by 125,000 unique users.

Psiphon also distributed content for projects set up to support Iranians specifically over the election period. These include The Global Dialogue and We Choose, projects offering a platform through which the Iranian Internet audience could discuss matters related to the election, and vote on candidates in a secure, open and fair process.

You can read a lot more technical detail about the election period in a report from our colleagues at ASL19.

What of the future in Iran? We’ve seen some encouraging signs from Hassan Rouhani, such as his openness to social media, but our user base is still growing, and so are the reports we’re getting of sites being blocked. Last week, Deutsche Welle’s new Director General, Peter Limbourg, called on Rouhani to stop blocking his organization’s Persian site. He also praised the work that we are doing at Psiphon to distribute DW content into Iran.

This month, we’re also starting two new partnerships with Manoto 1 and Radio Zamaneh. Both of these broadcasters have a large audience of Farsi speakers, and are trying to get their content seen and heard in Iran. We’re very pleased to be working with these broadcasters, and know that this will help to bring news, information and social media content to even more Iranians.