Psiphon Program By Amine Moubtasim.

Slides:

Advertisements

Similar presentations

ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.

Advertisements

How the Internet Works Course Objectives Introduce the various web browsers Introduce some new terms Explain the basic Internet to PC hookup  ISP  Wired.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Introducing K12Planet.com What is K12Planet.com? Who can access it? Is it secure? What do I need to use it? Can I control the information I see?

IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Anonymity on the Internet Jess Wilson. Anonymizing Proxy What is a proxy? – An intermediary between you and the internet How does it make you anonymous?

Eric Kilroy. Introduction  Virtual Private Network A way to connect to a private network through a public network such as the internet.

Web server security Dr Jim Briggs WEBP security1.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

IST346:  Web Services. Today’s Agenda  Learn the basics of how the Web works  Understand various web service architectures  Address scaling, security,

Secure Remote Access to an Internal Web Server Christian Gilmore, David Kormann, and Aviel D. Rubin ATT Labs - Research “The security policy usually amounts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Proxy servers By Akshit Y10. What is a proxy server O A proxy server is a computer that offers a computer network service to allow clients to make indirect.

11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.

By : Windi Widiastuti XII TKJ  DEFINITION.

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Human-Computer Interface Course 5. ISPs and Internet connection.

Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.

Australian Access Federation Robert Hazeltine Identity and Access Management Enterprise Systems Office.

PIZZA WEB PAGE May 28, FOR TODAY  Review Vocabulary Words (take out your worksheets!)  Pizza Web Page  Research more tags  Turn in your homework!

Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

System Administration and Maintenance. Proxy Server 1 Purpose – – To separate internal network from internet (NAT) To cache often used content User control:

WHAT IS A WEBSITE AND HOW TO GET YOUR BUSINESS ONLINE Anna Gabali – 30/07/ MKLC.

Module 11: Remote Access Fundamentals

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

Here you are at your computer, but you don’t have internet connections. Your ISP becomes your link to the internet. In order to get access you need to.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.

Review 2 Chapters 7, 8, 9. 2  Define a network and its purpose.  Explain how communications technologies are used in our every day lives.  Understand.

Protecting Students on the School Computer Network Enfield High School.

How to use Remote Desktop and Remote Support. What is remote desktop? Remotely control your computer from another office, from home, or while traveling.

The group will focus on the design of a “smart” device. This includes researching the best method of design and fabricating the design to create a working.

Grid Chemistry System Architecture Overview Akylbek Zhumabayev.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Web Design (1) Terminology. Coding ‘languages’ (1) HTML - Hypertext Markup Language - describes the content of a web page CSS - Cascading Style Sheets.

Networking Components Michelle Vega Network System Administrations LTEC /026 Mr. West.

Students using a proxy? Then block everything!. What is a Proxy A Proxy server is a server that takes requests from clients, fulfill the requests and.

McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.

Ten Common Computer Problems That Can Easily Be Fixed By: Sam Merrifield.

Activity 4 Protecting Ourselves. Keeping Safe There are lots of different ways we can be at risk on the Internet. How can we protect ourselves and keep.

Introduction to Computers Lesson 8B. home Ways to Connect to the Internet Direct connection Remote terminal connection Gateway connection LAN Modem High-speed.

NETWORKING & SYSTEM UPDATES

Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–

Understand Internet Security LESSON Security Fundamentals.

General Concerns on WWW Security Name: Huaying Chen ID# Instructor: Dr Mort Anvari.

UNIT-3 Performance Evaluation UNIT-3 IT2031. Web Server Hardware and Performance Evaluation Key question is whether a company should host their own Web.

Firewalls Priyanka Verma & Jessica Wong. What is it? n A firewall is a collection of security measures designed to prevent unauthorised electronic access.

The hidden part of TDSS Sergey (k1k) Golovanov, Malware Expert Global Research and Analysis Team Kaspersky Lab.

Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.

IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.

PROXY SERVER Kalyani Ravi. A proxy server is essentially an electronic gatekeeper, residing between an organization's internal network and the Internet,

Our Mission. Computer Purchasing Website Design and Development Services.

E-Commerce & Bank Security By: Mark Reed COSC 480.

ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Best Facebook Proxy Login Sites

E Safety & Security Tools 13 th March 2009 Martin Quinn - The Westfield Centre.

BUILD SECURE PRODUCTS AND SERVICES

(A CORPORATE NETWORK APPROACH)

TECHNOLOGY GUIDE THREE

Some Common Terms The Internet is a network of computers spanning the globe. It is also called the World Wide Web. World Wide Web It is a collection of.

Providing Network Services

SEC 340 Education for Service/tutorialrank.com

Firewalls Jiang Long Spring 2002.

Online Learning.

DD Sir-Infomatics Web Development Part-1.

Your computer is the client

Presentation transcript:

Psiphon Program By Amine Moubtasim

Today’s Discussion What is Psiphon? How does Psiphon work? Is Psiphon anonymous? Is it safe to use Psiphon? Who is behind Psiphon?

Key terms Psiphonode Psiphonode administrator Psiphonite A psiphonode is a psiphon server that is operated by an administrator residing in an uncensored country (this is an integration of 'psiphon' and 'Node'). The psiphonode administrator is responsible for creating and managing user accounts and running the psiphon server. A psiphonite is a psiphon user, residing within a jurisdiction that blocks arbitrary web sites, and utilizes a psiphonode residing in an uncensored jurisdiction.

What is Psiphon? Psiphon is a Program that allows users to access blocked sites It turn a home computer into a personal server Psiphon was originally designed in Python *Psiphon is a program that allows users to access blocked sites in countries where the internet is censored. *It turns a regular home computer into a personal, encrypted server capable of retrieving and displaying web pages anywhere. *Psiphon was originally implemented in Python, but has been re-designed and re-written in C++, and designed as a cross-platform, user friendly proxy server tool which uses a https protocol to transfer data. With a user name and password, people in countries that use Internet content filtering can send encrypted requests for information to a trusted computer located in another country and receive encrypted information in return. As https protocol is widely used for secure communication over the Internet (from web mail to Internet banking), no government can block https traffic without further restricting its citizens' ability to use the web

How Psiphon work? Psiphon works through social network It acts as a web proxy There is no connection between the Psiphonite and the requested website *Psiphon works through social networks. A net user in an uncensored country can download the program to their computer, which transforms it into an access point. *They can then give contacts in censored countries a unique web address, login and password, which enables the restricted users to freely browse the web through an encrypted connection to the proxy server. * even if the psiphon website is blocked, it does not affect psiphon’s distribution model. Psiphon is completely decentralized; each psiphonode is independent of all others. * it acts as a web proxy for authenticated psiphonites, retrieving requested web pages and displaying them in a user’s browser. * There is no connection between the Psiphonite and the requested website, as psiphon transparently proxies the request through the psiphonode’s computer allowing the psiphonite to browse blocked websites seamlessly. * Psiphonites go to their psiphonodes’ machine using a unique web address. The first page displayed is the user login. The psiphonite must login with a valid username and password given to them by the psiphonode administrator. After authentication the server displays a toolbar at the top of the page where psiphonite can then enter the website they want to browse.

Is Psiphon Anonymous? Psiphon is not an anonymous software program Users can be monitored by the ISP or Government Psiphon uses HTTPS for extended period of time *psiphon is not an anonymous software program. psiphon users are not anonymous from the psiphon provider. Although traffic between the psiphon user and psiphon provider is encrypted, psiphon providers can potentially monitor everything that is done by the psiphon users they host. When psiphon users visit websites through the psiphon server their identity and location is hidden from the web-site *Note: Do not use psiphon for anything you do not want the psiphon provider to be able to see. *Yes, your government and/or ISP can always monitor which web sites you visit. When you use psiphon, your government and/or ISP can only see that you connected to another computer, not the sites you visit. psiphon makes it difficult for anyone to determine that you are using psiphon. Note: bypassing censorship may violate law. Serious thought should be given to the risks involved and potential consequences. *From a technical perspective traffic between the psiphonode and the psiphonite is identical to normal HTTPS (encrypted) traffic. Although many sites only use HTTPS during the login process many sites, such as email providers and banking services, use HTTPS for extended periods of time, as does psiphon. The differences are that psiphon uses self-signed certificates and connections to home computers, rather than signed certificates and domain names. However, unless the attacker has the private psiphon URL it cannot be easily determined that psiphon is being used. The key to detecting psiphon is infiltration of the psiphon administrator's social network. *Note for advanced users: To maximize protection against the discovery of the psiphon user's true IP address, all scripting languages, such as JavaScript and ActiveX, should be turned off in the user's browser.

Is it safe to use Psiphon? Its encryption provides strong protection against electronic eavesdropping The use of small trusted network makes it more difficult for eavesdropping *The Citizen Lab said the system provides strong protection against "electronic eavesdropping" because censors or ISPs can only see that end users are connected to another computer and not view the sites that are being visited. *It added that using small trusted networks as a delivery mechanism will make it more difficult for censors to find and shut down psiphon.

Who is behind Psiphon? Psiphon is part of the CiviSec Project run by the Citizen Lab at the Munk Center for international studies at the U. of Toronto It is funded by the Open Society Institute Which is a private operating and grant-making foundation, aims to shape public policy to promote democratic governance, human rights, and economic, legal, and social reform. On a local level, OSI implements a range of initiatives to support the rule of law, education, public health, and independent media.

Demonstration http://psiphon.civisec.org/PsiphonAug232006.html