[liberationtech] Haystack Q&A

Behdad Esfahbod behdad at behdad.org
Thu Sep 2 09:50:35 PDT 2010 

And if people haven't seen it yet, here is Evengy Morozov's take on Haystack:

http://neteffect.foreignpolicy.com/posts/2010/09/02/hay_what

behdad

On 08/30/10 18:36, Steve Weis wrote:
> Hello. I have been following Haystack a bit and subscribed to
> liberationtech to see this response. My interest is as a cryptographer
> and security engineer. I requested technical information about
> Haystack and was declined. At this point, I have seen no meaningful
> details nor know of any other researchers or security professionals
> who vouch for it.
> 
> I have read two justifications why the client software is being kept
> secret. The first is that publishing the client would reveal their
> methods of circumventing filters. The second, from this response, is
> that it would cause a surge in traffic and overwhelm their server.
> 
> In the first case, expecting client software to remain secret is
> naive, especially when dealing with persistent and well-funded
> adversaries. If security hinges on there being no leaked copies and no
> compromised users, then the game is over. As is the case in general,
> if Haystack connects to a known set of servers or has a distinct
> traffic pattern, running it could make it easier to identify and
> target users.
> 
> As for the claim that releasing the client would overwhelm their
> network with traffic, certainly you could require authentication and
> distribute anonymous access credentials to the end users. If the
> system is that fragile and centralized, how do you prevent the
> adversary from conducting a denial of service attack? It's a losing
> game if you are relying on the location of that server being kept a
> secret.
> 
> Even if we concede that the clients will not be released publicly and
> the source remains closed, it would be prudent to have independent
> experts audit the system design and implementation. It is easy to
> incorrectly implement cryptography and create vulnerabilities. Any
> remote exploits in the client would also be a significant risk.
> 
> I hope that more details will be forthcoming.
> 
> On Fri, Aug 27, 2010 at 11:57 AM, Leila Zia <leilaz at stanford.edu> wrote:
>>   My first e-mail to Austin went only to him and not the list. as a result,
>> his reply to me came only to me, not the list. I am sending you all the
>> reply since couple of you asked. Sorry about the confusion and the delay. I
>> was away from internet for couple of days.
>>
>> Best,
>> Leial
>>
>> Austin's reply:
>> Haystack is *not* available for wide spread distribution in the slightest.
>> We work with a hand-picked (and friend-of-friend,
>> friend-of-friend-of-friend) network of Iran-focused activist groups --
>> generally people one of the members of our team know or trust in real life.
>> If we were to post Haystack online right now, our network would be crushed
>> with demand.
>> Being an all volunteer organization and still having to pay for our
>> bandwidth, fundraise, etc makes it very difficult to meet the huge demand
>> there is for anti-censorship software in Iran.
>> Additionally, our network is locked down to only accept connections from the
>> IP blocks registered to Iran. That way, if a copy gets out, our resources
>> won't be drained by those in other countries looking to mask their
>> activities online.
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
> 
> Should you need to change your subscription options, please go to:
> 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>

More information about the liberationtech mailing list