Ultrasurf for ipad8/17/2023 ![]() “Invisible: Leaves no traces on the user’s computer, and its traffic is indistinguishable from normal access to HTTPS sites” - refuted in Section 5.12.“Unblockable: Client uses wide array of discovery mechanisms to find an available proxy server and, when necessary, to switch/hop to avoid tracking/blocking” - refuted in Section 6.8.“Untraceable” - refuted in Section 6.10.“change IP addresses a million times an hour” - refuted in Section 6.1.Ultrasurf hides your IP address, clearsīrowsing history, cookies, and more.” - refuted in Section 6.2 and Section 6.3. “Protect your privacy online with anonymous surfing and browsing.“employs a decoying mechanism to thwart any tracing effort of its communication with its infrastructure.” - refuted in Section 5.13.“Ultrasurf enables users to browse any website freely” - refuted in Section 3.1.This paper addresses the following claims by UltraReach and other Ultrasurf advocates about the Ultrasurf client and Ultrasurf network: The main substance of the paper takes the time to refute nearly all of the claims that UltraReach makes on their website about their software Ultrasurf: We recommend against the use of Ultrasurf for anonymity, security, privacy and Internet censorship circumvention. ![]() The vulnerabilities presented in this paper are not merely theoretical in nature they may present life-threatening danger in hostile situations. In particular, BlueCoat sells software and hardware solutions with such capabilities that have been deployed in Syria and other countries. We find that it is possible to monitor and block the use of Ultrasurf using commercial off-the-shelf software. We cover client bootstrapping methods, censorship and censorship resistance, anonymity, user tagging by Ultrasurf and other parties, cryptographic internals and other previously unknown or undiscovered details about the Ultrasurf client and the Ultrasurf network. We present the results of reverse engineering the Ultrasurf client program, give an in-depth study of the known Ultrasurf network, especially those portions that interface in some way with the client or the Internet, and discuss network signatures that would allow an adversary to detect its use on a network. This report gives a technical analysis of the Ultrasurf software and network. Ultrasurf is a proxy-based program promoted for Internet censorship circumvention. I have serious concerns about ongoing security issues for the users of Ultrasurf and that is my primary reason for wishing to perform and release this research for all to see. I believe it is important to ensure that the issues discovered and discussed in my paper are resolved and that users are not kept in harm's way. However, for various reasons, I've had to sit silently on this report for nearly four full months after our December meeting. Our meeting was overall quite positive and in fact led me to write notes that may become a second paper. Ultrasurf updated their website to change a number of their security, privacy and anonymity claims they did not actually remove all of the bogus claims, merely the most egregious statements. I had a face to face meeting in early December of 2011 to discuss my findings with the lead developer of Ultrasurf and to give them time to fix the problems that I discovered. I believe that coordinated disclosure is reasonable in most cases and I ensured that Ultrasurf was notified long before the publication of this blog post. Newer versions appear to have different, not yet blocked, addresses baked into the program. As of early April 2012, an independent tester confirmed many of my findings from China the versions of Ultrasurf tested did directly connect to blocked addresses and did not in-fact work at all. Additionally, a number of interesting data points in my research paper came from interception devices in Syria. Most of my research was done while traveling in Brazil, Canada, Germany, and very small amount of it was performed in the US. My report is available for download from the following link: Unfortunately for them, I found their claims to be overstated and I found a number of serious problems with Ultrasurf. Ultrasurf is software produced by the UltraReach company for censorship circumvention, privacy, security and anonymity. Additionally, a few people had asked me what I thought of the software and in order to form an opinion, I decided to dig deeper. My interest in reverse engineering Ultrasurf comes entirely because I have seen people promoting it without also offering evidence that it is safe. ![]() This research was performed as a labor of love and it was funded work. I'm still learning and while I have a lifetime of learning to do on the topic, I chose to audit Ultrasurf as a challenge. In the summer of 2011, I spent a few months learning how to effectively reverse engineer Windows software.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |