Defeating Internet Blocking With Lahana VPN-Tor Bridge

As the anti-government protests in Turkey have escalated in the last few days, privacy activists and security experts have begun working on ways to help people inside Turkey get reliable access to the Internet and privacy tools such as Tor. A security researcher over the weekend released a new tool called Lahana that enables users to quickly build a VPN server on Amazon’s EC2 cloud platform and provide access to the Internet and the Tor anonymity service for other users.

Lahana is the work of Steve Lord, a security researcher in the U.K., who said he was watching the unrest in Turkey unfold and began noticing reports of services such as Facebook and Twitter being blocked there. Social media networks have emerged as important tools for activists in a number of countries and have played a role in demonstrations in places such as Egypt and Syria in the past. Lord said he wanted to develop a way for people to still have clear access to the Internet when needed.

“I was following the Turkish protests and started to see reports of Facebook and Twitter being blocked from landline Internet connections and wanted to do something hopefully helpful. It turns out that mobile connections at least aren’t as heavily filtered but as it turns out, Lahana appears to give users a totally clean Internet feed making it ideal for regular people too,” Lord said via email. “It also gave me the opportunity to spend more time playing with tor and with VPNs, something I’ve been meaning to get around to doing.”

Lahana comprises a set of scripts that users can upload to an Amazon EC2 Free Tier instance. The scripts will automatically build a Lahana node, which functions as a VPN-to-Tor bridge. Once the node is established, the owner can then share the hostname, username, password and secret with others, either selectively or publicly. Users then can connect to the node and all of their Internet traffic will run through Tor and out through a Tor exit node. There is a step-by-step guide for users who want to configure their iPhones to use a Lahana node.

The system does not provide user secrecy, Lord says, and users who are concerned with secrecy should use Tor on its own, although that requires the installation of the Tor software.

“Tor is much better at providing secrecy but needs software installed. The VPN is cryptographically weak compared to a certificate-based VPN but I wanted something as easy as possible to set up a client. This way you can get privacy at the destination address (they can’t tell where the VPN is or where you are as long as the browser doesn’t leak), and accessing web sites or other protocols such as Email or Jabber instant messaging over Tor is the same as using the Internet. If you’re worried about being identified, use Tor instead if you can. If you’re worried about being blocked, use Lahana,” Lord said.

The Lahana system was rolled out over the weekend, and Lord said he already is working on an update that he plans to push out later on Monday to help improve the utility of it.

“Later today I’m rolling out an update that will make any deployed Lahana node a Tor bridge similar to Tor Cloud. It’s a pretty easy change but will hopefully help more people. After that I’m going to try porting it to Xen and maybe OpenVZ so people can use cheap low end VPS systems and get the cost down to hopefully under $10 a year to run,” Lord said.

Lord, who is one of the founder’s of 44CON in London, said there is already a section on Reddit set up where users can share the information on new Lahana nodes. By Monday morning, there already were several nodes shared in both Europe and the United States.

Image from the Flickr photostream of Sjcockell.

Suggested articles