[liberationtech] Haystack Q&A

Behdad Esfahbod behdad.esfahbod at gmail.com
Thu Sep 2 10:03:26 PDT 2010 

Austin's response to Morozov is available here:

  http://blog.austinheap.com/brain-dead-journalism/

On 09/02/10 12:50, Behdad Esfahbod wrote:
> And if people haven't seen it yet, here is Evengy Morozov's take on Haystack:
> 
> http://neteffect.foreignpolicy.com/posts/2010/09/02/hay_what
> 
> behdad
> 
> On 08/30/10 18:36, Steve Weis wrote:
>> Hello. I have been following Haystack a bit and subscribed to
>> liberationtech to see this response. My interest is as a cryptographer
>> and security engineer. I requested technical information about
>> Haystack and was declined. At this point, I have seen no meaningful
>> details nor know of any other researchers or security professionals
>> who vouch for it.
>>
>> I have read two justifications why the client software is being kept
>> secret. The first is that publishing the client would reveal their
>> methods of circumventing filters. The second, from this response, is
>> that it would cause a surge in traffic and overwhelm their server.
>>
>> In the first case, expecting client software to remain secret is
>> naive, especially when dealing with persistent and well-funded
>> adversaries. If security hinges on there being no leaked copies and no
>> compromised users, then the game is over. As is the case in general,
>> if Haystack connects to a known set of servers or has a distinct
>> traffic pattern, running it could make it easier to identify and
>> target users.
>>
>> As for the claim that releasing the client would overwhelm their
>> network with traffic, certainly you could require authentication and
>> distribute anonymous access credentials to the end users. If the
>> system is that fragile and centralized, how do you prevent the
>> adversary from conducting a denial of service attack? It's a losing
>> game if you are relying on the location of that server being kept a
>> secret.
>>
>> Even if we concede that the clients will not be released publicly and
>> the source remains closed, it would be prudent to have independent
>> experts audit the system design and implementation. It is easy to
>> incorrectly implement cryptography and create vulnerabilities. Any
>> remote exploits in the client would also be a significant risk.
>>
>> I hope that more details will be forthcoming.
>>
>> On Fri, Aug 27, 2010 at 11:57 AM, Leila Zia <leilaz at stanford.edu> wrote:
>>>   My first e-mail to Austin went only to him and not the list. as a result,
>>> his reply to me came only to me, not the list. I am sending you all the
>>> reply since couple of you asked. Sorry about the confusion and the delay. I
>>> was away from internet for couple of days.
>>>
>>> Best,
>>> Leial
>>>
>>> Austin's reply:
>>> Haystack is *not* available for wide spread distribution in the slightest.
>>> We work with a hand-picked (and friend-of-friend,
>>> friend-of-friend-of-friend) network of Iran-focused activist groups --
>>> generally people one of the members of our team know or trust in real life.
>>> If we were to post Haystack online right now, our network would be crushed
>>> with demand.
>>> Being an all volunteer organization and still having to pay for our
>>> bandwidth, fundraise, etc makes it very difficult to meet the huge demand
>>> there is for anti-censorship software in Iran.
>>> Additionally, our network is locked down to only accept connections from the
>>> IP blocks registered to Iran. That way, if a copy gets out, our resources
>>> won't be drained by those in other countries looking to mask their
>>> activities online.
>> _______________________________________________
>> liberationtech mailing list
>> liberationtech at lists.stanford.edu
>>
>> Should you need to change your subscription options, please go to:
>>
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>

More information about the liberationtech mailing list