A group of researchers from the University of Michigan and the University of Waterloo have developed a proxy system called Telex that provides a method for users to circumvent state-level censorship of the Web. It uses an architecture that includes a proxy at the ISP level and uses connections to benign sites to disguise traffic going to censored sites. Threatpost editor Dennis Fisher spoke with J. Alex Halderman, one of the creators of the system, about its potential, its limits and what remains to be done before it can be deployed broadly.
Dennis Fisher: This is a really clever idea for addressing the problem of censorship. How long have you been working on this?
Halderman: It’s been in the works for a long time. From conception to prototype, it was about 18 months. We all had other things that we were working on and we took time out for those. It’s an idea that had a lot of contours that needed to be thought out and fleshed out, because it was so different from existing proxy-based tools. The kernel of the idea was to do something in the middle of the network. The engineering took some time, but working out how to do it with the ISPs was the hard part. We’re basically trying to replace one end of the HTTP connection with us, and there’s a lot of stuff that has to happen for that to work.
Fisher: You’ve been testing this yourselves in your lab for a few months. How is it working?
Halderman: I’ve been pretty surprised actually by how good the performance has been given the non-trivial work that’s involved in making this happen. But really, to build it at scale is going to require some cooperation from ISPs and maybe some government incentives to deploy it. We have a long way to go before we have something that the average user can do. A lot of the engineering is done and now it’s sort of organization and getting things going.
Fisher: Have you had any discussions with ISPs about deploying this?
Halderman: We have had some, but no one we can talk about just yet. There are some ISPs that are interested in the next step of testing. But there is still some engineering left to do. We’re taking a connection from a non-censored site and disguising data from a censored site as an innocuous connection. Getting details of the disguise right is tricky. The next round of engineering involves perfecting that and some of the lower level network characteristics. That involves more software development.
Fisher: What sort of other hurdles do you see to being able to deploy this eventually?
Halderman: We have to do more work to make this scale to the higher-speed links that the ISPs operate at. We were focusing mainly on getting the crypto right. What Telex does to change the problem, compared to other things with client software like Tor, we both have to get the software to the client with high integrity, to make sure that the censors can’t install something like spyware in it. But the advantage with Telex is that we don’t have to communicate any secrets that the censors aren’t also allowed to know. The censor is welcome to know everything at that point. It’s a much easier problem. Software distribution with integrity is possible.
Fisher: How are you anticipating getting the client software to users?
Halderman: There are a few things that we’ve been thinking about. There are new sites that can pop up at various trusted download providers that can be available at certain times so people can get it. We’re thinking about a sort of sneakernet distribution in social networks where you get it from people you trust. Tor is widely available in countries that censor the Web. They haven’t been able to stop that. They’ve had more success in targeting the proxies.
Fisher: Are you worried about the prospect of users’ machines being searched and just having the Telex software on there causing them problems?
Halderman: Yes, one approach is that you could run Telex from a USB stick and it doesn’t leave any files on your computer. You could have it running on a TrueCrypt partition on the USB stick and we know how to do deniable encryption so that you can’t tell whether an encrypted file has any contents in it.