back to article Doctor Who-inspired proxy transmogrifies politically sensitive web to avoid gov censorship

Computer boffins in Canada are working on anti-censorship software called Slitheen that disguises disallowed web content as government-sanctioned pablum. They intend for it to be used in countries where network connections get scrutinized for forbidden thought. Slitheen – named after Doctor Who aliens capable of mimicking …

  1. keithpeter Silver badge
    Windows

    Double edged?

    "Goldberg anticipates that Slitheen will be available as open source within a year."

    Have I understood this correctly? Could the software be used to frame someone? e.g. making entirely innocent content have the same profile as $notallowedcontent?

    1. Anonymous Coward
      Childcatcher

      Re: Double edged?

      "Could the software be used to frame someone? e.g. making entirely innocent content have the same profile as $notallowedcontent?"

      The traffic streams could be made to look naughty at many external points but the browser cache would show legit content. If the state/ISP was going to frame someone they could simply fabricate evidence in the old fashioned way, or simply not bother and make it up.

      What this thing does is try to allow someone to remain cloaked without looking obvious. VPNs are the usual cloak of choice but they do stand out, as do things like IP over DNS and other cunning ideas.

    2. Paul 129
      Angel

      Re: Double edged?

      For this to work you need a GOOD ISP?!?! performing a man in the middle attack.

      These kids are sweet, please keep them innocent for as long as possible.

    3. Mage Silver badge
      Alert

      Re: Double edged?

      Worse, it can be used by State controlled infrastructure or malware installed on a router, to redirect your traffic. It makes Man In The Middle Attacks easier.

      Also on the client it aids browser hijacking.

      Unless I've totally misunderstood this, it's a totally naive and stupid idea.

  2. Your alien overlord - fear me

    North Korea, China etc will just blacklist the so-called 'friendly' ISP's entire IP range so their countrymen/women won't even be able to watch funny cat videos. Plus, if it's open sourced, I wonder who might read it ?

    1. Anonymous Coward
      Childcatcher

      "North Korea, China etc will just blacklist the so-called 'friendly' ISP's "

      The blacklist for most Norks even allowed to see a computer is effectively !RFC1918. Basically the entire country languishes in an intranet.

      1. Adrian 4

        What makes you think it's intended for NOK etc ?

        The heaviest internet snooping is closer to home.

    2. Sir Sham Cad

      If the "good ISP" lives beyond the State's borders then it may take a circuitous route but the traffic could still hit the good ISPs router and hence action the stealthy Wikipedia slurp as well as actioning the original catslol.swf request. Unless I've completely misunderstood how this works and the good ISP is specified in the traffic somehow rather than being there in case the request trips over their router.

      Why the hell an ISP would ever want to do this escapes me, though.

  3. Chris King

    "Slitheen", eh ?

    So, is this thing going to fall apart if soaked in vinegar, and will it make my network packets smell like farts ?

  4. shodanbo

    Possible security issue?

    Or, could it be used to redirect code pulls, and therefore bypass cross domain protections that keep insecure or unwanted code from executing?

  5. Blinkered

    Yer - Cross site scripting that was something that immediately popped into my mind - something largely banished from the design level and also mitigated at the Browser level these days... but if it can all be mimicked and redirected it could be open season for anyone prepared to play with the OpenSource .

  6. Charles 9

    How would this work if, for example, the ONLY TLS credentials permitted on a subject's computer belong to the state, and that ALL traffic, encrypted or not, runs through state proxies and routers as a general rule (think corporate proxies, only larger)?

    1. DJ Smiley

      Indeed, this would require the backbone ISP's to cooperate, and concidering the new rules and laws they are already facing, I doubt they want someone checking about this as well.

  7. Anonymous Coward
    Anonymous Coward

    Rumor has it

    That the "resistance" in DPRK uses carrier pigeons aka RFC 2549

    The uSD chips are sent using the time honored method of hashing the data with harmless landscape, river etc pictures, aka steganography using the least significant bit but at least 2/3 of the drives are needed to decrypt the data correctly or it just looks like pictures taken on a cheap camera common to many inexpensive smart phones.

    Wonder how much data an Asian hornet can carry, in the form of a bare chip or some other method (nanoSD?!)

  8. Anonymous Coward
    Anonymous Coward

    My hovercraft is full of eels

    I fear the 'good guys' more than the 'bad guys these days.

  9. Anonymous Coward
    Anonymous Coward

    So what keeps the censor from noting the cryptographic tag and flagging the sender as dissident?

    Is not the state infrastructure able to find the tag just like the 'GOOD' ISP?

    1. TRT Silver badge

      Because...

      the packet CONTENTS are not open for easy inspection, due to SSL, merely the source, destination, route and size.

      1. Charles 9

        Re: Because...

        Thing is, what if the state is running an SSL proxy, meaning the ONLY keys the end-user have belong to the state, a la a corporate secure proxy?

  10. Mahhn

    Just goes to show

    Earths governments are so corrupt, that to be a real journalist you have to use the internet like a terrorist.

  11. Stevie

    Bah!

    So the content of a document now no longer has anything to do with the metadata sent with it?

    Excellent! I see no downside.

    Hang on, what's this bit in the Constitution of the United States that talks about the opiate of the masses?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like