Skip to Content

Tool Makes It Easier to Evade Online Censors

New software makes Web traffic that’s banned in places like China or Iran appear as ordinary Internet use.
August 25, 2015

After the huge chemical explosion in Tianjin, China, this month, two cleanup efforts began. Amid the wreckage, first responders rescued people and doused fires. On the Web, China’s censors began deleting content suggesting the government could have done more to prevent or contain the disaster. Hundreds of websites and social-media accounts have now been shut down.

Improved censorship technology has made it harder for people in countries such as China, Iran, and Syria to bypass Internet controls and access uncensored information and services. Governments can now block anticensorship tools such as the Tor anonymity network or encrypted VPN connections, for example. But a new censorship evasion tool called Marionette may help reverse that trend.

Marionette helps Internet traffic that would normally be blocked masquerade as ordinary, permitted online behavior. It can be configured to make your activity emulate just about any type of “innocent” activity, such as online gaming or Skype, by analyzing samples of that kind of traffic. Marionette can even be programmed to respond in the right way to maintain its cover if actively probed by a censorship computer system, a tactic China sometimes uses to investigate suspicious connections before blocking them.

“It sort of levels the playing field,” says Scott Coull, a security researcher with security firm RedJack, who helped develop Marionette. “If China is updating its censorship, you can adapt, too.”

Coull hopes that Marionette will one day be integrated into the anonymity network Tor or the censorship evasion tool Lantern—two systems backed by the U.S. government and used by activists, government workers, and NGOs. He’s already talked with Tor developers about Marionette’s open-source code. The system was introduced in a paper at the USENIX Security conference in Washington, D.C., this month, and developed by Coull with Kevin Dyer and Thomas Shrimpton of Portland State University.

The chameleon approach to hiding Internet traffic has been tried before, but Marionette is a more flexible and accurate mimic. Tor already supports a censorship evasion method called Format Transforming Encryption, or FTE, which adjusts some properties of the data sent out by a computer to make them resemble a particular format, like that used by Skype. But FTE doesn’t tweak every facet of the data a censorship system might look for, or re-create the variation in the stream of data that someone truly using Skype or browsing the Web would produce, says Coull.

Marionette can do that, if properly programmed. And it can respond in the right way to maintain the illusion if probed by the kind of equipment used in some censorship systems to check suspect connections. Coull hopes that people will start creating and sharing settings for his tool so that just about anyone can pick one ready-made and hide from censorship.

Phillipa Gill, an assistant professor at Stony Brook University, is working on her own chameleon-style censorship system, which smuggles data by manipulating online games such as StarCraft. She says that Marionette’s flexibility introduces a useful new design for censorship tools. “There is a censorship arms race – tools like Tor come up with new ideas and then the censors respond to that,” she says. “Making your tools more evolvable like this is an interesting idea.”

However, Gill notes that going from a new idea to something that developers of tools such as Tor can offer to people takes time. “They need validation before you give it to people in countries where they could get arrested for using it,” she says.

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

This baby with a head camera helped teach an AI how kids learn language

A neural network trained on the experiences of a single young child managed to learn one of the core components of language: how to match words to the objects they represent.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.