On Monday, Heap announced that Haystack would halt distribution and testing with users in Iran until the security concerns were resolved. He wrote, “We have begun contacting users of Haystack to tell them to cease using the program. We will not resume testing until this third party review is completed and security concerns are addressed in an open and transparent way.”
Neither Heap nor other Censorship Research Center employees, nor members of the board of directors, could be reached for comment. But Colascione, Haystack’s lead developer, published a public resignation letter acknowledging that Appelbaum’s concerns were justified. “It is as bad as Appelbaum makes it out to be,” Colascione wrote, adding that the version in circulation was intended only for testing, never for distribution and actual use.
Appelbaum says that he was able to obtain and run a copy of Haystack days after Heap claimed to have stopped supporting the software, suggesting that the organization isn’t in control of how widely it’s being distributed.
It’s alarming that Heap and his colleagues did not accept more help from people established in the field of censorship circumvention, says Ross Anderson, chair of the U.K.-based Foundation for Information Policy Research and a professor of security engineering at the University of Cambridge.
Anderson says it’s very difficult to design censorship circumvention tools that work properly, and the creators of such tools need to be well-versed in the risks and pitfalls. “There’s a lot of bloody history, and there’s a lot of relevant research,” he says.
The challenges go beyond simply providing access to restricted websites, Anderson says. Tools need to protect users’ anonymity, and avoid creating evidence that could be damning if it fell into the hands of government officials.
A poorly designed tool can single a user out, Anderson says. He likens it to being the only one to show up to a party wearing a mask. He warns that, because Haystack doesn’t appear to be in wide use, authorities could assume that anyone who does have a copy is a high-value target and should be arrested.
The Berkman Center for Internet and Society at Harvard University has previously conducted tests of censorship circumvention tools, both in the lab and in countries that filter Internet content, to determine how effective tools are at circumventing censorship, how secure they are, and how easy they are to use. Berkman researcher Ethan Zuckerman says that he hopes Haystack’s founders will allow a version of the tool to be tested later this year, the next time the center plans to evaluate such tools.