Ultrasurf: Difference between revisions

UltraSurf

Developer(s)	UltraReach[1]
Initial release	2002
Stable release	21.32
Operating system	Android, Microsoft Windows
Available in	Chinese, English
Type	Internet censorship circumvention
License	Freeware
Website	ultrasurf.us

UltraSurf is a closed-source freeware Internet censorship circumvention product^[2] created by UltraReach Internet Corporation. The software bypasses Internet censorship and firewalls using an HTTP proxy server, and employs encryption protocols for privacy.

The software was developed by two different groups of Falun Gong practitioners at the same time, one starting in the US in 2002 by expatriate Chinese.^[2] The software was designed as a means of allowing internet users to bypass the Great Firewall of China. In 2011, UltraReach claimed to have as many as 11 million users worldwide.

UltraSurf is proprietary software; critics in the open-source community have expressed concern about the software's closed-source nature and alleged security through obscurity design.^[3][4]

Overview

In 2001, UltraReach was founded by members of Falun Gong. UltraSurf was created to allow internet users in China to evade government censorship and monitoring.^[2] In 2011 UltraSurf reported over eleven million users worldwide.^[5] During the Arab Spring, UltraReach recorded a 700 percent spike in traffic from Tunisia.^[5] Similar traffic spikes occurred during times of unrest in other regions, such as Tibet and Burma during the Saffron Revolution.^[2] However, a study by the United States Department of State found a very low level of usage of the software as of 2021, partially due to the software only being available on Windows.^[6]

Government Funding

UltraSurf has received significant funding from the U.S. government. Originally, funding was provided through the U.S. State Department as well as the Broadcasting Board of Governors, which administered Voice of America and Radio Free Asia.^[5][7] However, this funding was revoked due to UltraSurf's refusal to comply with independent security audits.

In 2020, when Michael Pack was appointed as the head of the U.S. Agency for Global Media by Donald Trump, Pack and several conservative allies pushed for additional funding for UltraSurf through the Open Technology Fund, despite use of closed-source code and low number of users. UltraSurf was awarded $1.8 million in funding under Pack, despite the objections of several high-ranking officials who were subsequently fired. Pack's actions were later referred to the Inspector General of the Department of State as part of a criminal conspiracy.^[8][6]

Operation

Client software

UltraSurf is free to download and requires no installation. UltraSurf does not install any files on the user's computer and leaves no registry edits after it exits.^[9] In other words, it leaves no trace of its use. To fully remove the software from the computer, a user needs only to delete the exe file named u.exe. It is only available on a Windows platform, runs through Internet Explorer by default, and has an optional plug-in for Firefox and Chrome.^[10]

The UltraReach website notes that "Some anti-virus software companies misclassify UltraSurf as a malware or Trojan because UltraSurf encrypts the communications and circumvents internet censorship."^[11] Some security companies have agreed to whitelist UltraSurf.^[12] According to Appelbaum, the UltraSurf client uses anti-debugging techniques and also employs executable compression.^[4] The client acts as a local proxy which communicates with the UltraReach network through what appears to be an obfuscated form of TLS/SSL.^[4]

UltraSurf servers

The software works by creating an encrypted HTTP tunnel between the user's computer and a central pool of proxy servers, enabling users to bypass firewalls and censorship.^[9] UltraReach hosts all of its own servers.^[9] The software makes use of sophisticated, proprietary anti-blocking technology to overcome filtering and censorship online.^[9] According to Wired magazine, UltraSurf changes the "IP addresses of their proxy servers up to 10,000 times an hour."^[2] On the server-side, a 2011 analysis found that the UltraReach network employed squid and ziproxy software, as well as ISC BIND servers bootstrapping for a wider network of open recursive DNS servers, the latter not under UltraReach control.^[4]

UltraSurf is designed primarily as an anti-censorship tool but also offers privacy protections in the form of industry standard encryption, with an added layer of obfuscation built in.^[13] UltraReach uses an internal content filter which blocks some sites, such as those deemed pornographic or otherwise offensive.^[9] According to Wired magazine: "That's partly because their network lacks the bandwidth to accommodate so much data-heavy traffic, but also because Falun Gong frowns on erotica."^[2] Additionally, the Falun Gong criticism website facts.org.cn, alleged to be operated by the Chinese government, is also unreachable through UltraSurf.^[4]

Evaluation

Some technologists have expressed reservations about the UltraReach model, however. In particular, its developers have been criticized by proponents of open-source software for not allowing peer review of the tool's design, except at the discretion of its creators. Moreover, because UltraReach operates all its own servers, their developers have access to user logs. This architecture means that users are required to trust UltraReach not to reveal user data.^[2][9] UltraReach maintains that it keeps logs for a short period of time, and uses them only for the purpose of analyzing traffic for signs of interference or to monitor overall performance and efficacy; the company says it does not disclose user logs to third parties.^[13][2] According to Jacob Appelbaum with the Tor Project, this essentially amounts to an example of "privacy by policy".^[4]

In an April 2012 report, Appelbaum further criticized UltraSurf for its use of internal content filtering (including blocking pornographic websites), and for its willingness to comply with subpoenas from U.S. law enforcement officials.^[4] Appelbaum's report also noted that UltraSurf pages employed Google Analytics, which had the potential to leak user data, and that its systems were not all up to date with the latest security patches and did not make use of forward security mechanisms.^[4] Furthermore, Appelbaum claims that "The UltraSurf client uses Open and Free Software including Putty and zlib. The use of both Putty and zlib is not disclosed. This use and lack of disclosure is a violation of the licenses."^[4] In a response posted the same day, UltraReach wrote that it had already resolved these issues. They asserted that Appelbaum's report had misrepresented or misunderstood other aspects of its software. UltraReach also argued that the differences between the software approaches to Internet censorship represented by Tor and UltraSurf were at base philosophical and simply different approaches to censorship circumvention.^[13] A top-secret NSA presentation revealed as part of the 2013 global surveillance disclosures dismisses this response by UltraSurf as "all talk and no show".^[14]

A 2021 review of UltraSurf by TechRadar described UltraSurf as "capable yet slow", and cautioned that the software "cannot increase your online privacy, and should not be considered or used as an online security tool".^[15]

A 2021 audit by the United States Department of State found that UltraSurf relies on outdated technologies from 2013, which would be "trivial for a moderate-budget adversary" to defeat.^[6]

See also

• Internet censorship
• Internet censorship circumvention
• Internet censorship in the People's Republic of China
• Bypassing content-control filters
• Bypassing the Great Firewall of China
• Freegate

References

1. "About Ultrasurf and Ultrareach - Internet Freedom, Privacy, and Security". Ultrasurf.us. Retrieved 2 April 2019.
2. Beiser, Vince (1 November 2010). "Digital Weapons Help Dissidents Punch Holes in China's Great Firewall". Wired. Vol. 18, no. 11. ISSN 1059-1028. Archived from the original on 29 March 2011. Retrieved 15 June 2022.
3. "Ultrasurf Is Malware". Wilders Security Forums. Retrieved 5 June 2024.
4. Jacob Appelbaum, “Technical analysis of the UltraSurf proxying software”, Tor Project, 16 April 2012. Blog announcement with updates.
5. Anne Applebaum, “Why has the State Department run into a firewall on Internet freedom?”, Washington Post, 4 April 2011.
6. Folkenflik, David (14 April 2021). "Falun Gong, Steve Bannon And The Trump-Era Battle Over Internet Freedom".
7. Lau, Thomas (10 February 2006). "Internet Development and Information Control in the People's Republic of China - Updated February 10, 2006". Congressional Research Service Report for the United States Congress, February 10, 2006, table 1. | International Broadcasting Bureau Funding for Counter-Censorship Technology. Retrieved 29 December 2023.
8. Allen-Ebrahimian, Bethany (23 June 2020). "In media agency shakeup, conservative groups push for Falun Gong-backed internet tools". Axios.
9. Hal Roberts, Ethan Zuckerman, John Palfrey, '2007 Circumvention Landscape Report', Berkman Center of Law and Society, Harvard University. 5 March 2009.
10. UltraSurf, “Your Security”.
11. UltraSurf, “User Center” Archived 18 July 2017 at the Wayback Machine.
12. "Developer denies software to beat Chinese censors is malicious: UltraSurf programmer says the software acts suspiciously, but it's just trying to put one over on the Great Firewall of China" Archived 30 August 2009 at the Wayback Machine, Tim Greene, Network World, 28 August 2009.
13. UltraSurf, "Tor's critique of UltraSurf: A reply from the UltraSurf developers" Archived 18 January 2016 at the Wayback Machine, 16 April 2012. Retrieved 28 April 2012.
14. "Tor: 'The king of high-secure, low-latency anonymity'". The Guardian. 4 October 2013.
15. updated, Sead Fadilpašić last (29 September 2020). "Ultrasurf review". TechRadar. Retrieved 5 June 2024.

External links

• Official website
• How to Bypass Internet Censorship, a FLOSS Manual, 10 March 2011, 240 pp.