2014-tan-censorship
findings extracted from this paper
-
The paper argues that the advantage in the censor-vs-circumvention arms race lies with the censor due to fundamental asymmetry: a nation state controls centralized communication infrastructure while dissidents depend on it. Standalone anti-censorship tools therefore face a structurally disadvantaged security posture that iterative patching cannot overcome.
-
Centralized communication architectures have a single global point of failure: governments can leverage centralization to surveil with or without operator cooperation, as demonstrated by the Snowden revelations about Skype, Facebook, and Google. A compromised broker in a centralized design enables monitoring and censorship that spans all users of the service.
-
The paper sketches a decentralized DHT-based communication protocol where all payloads are encrypted in TLS and explicit redirection enables a form of onion routing. Because the censor cannot distinguish censored from non-censored streams, it is forced into a binary choice: block all protocol traffic (overblocking) or allow all of it.
-
If a communication protocol is regularly used for business and commerce, blocking it may be too politically and economically costly for a censor. The paper posits that censorship resistance achieved as a side-effect of widespread general adoption is harder to defeat than a niche protocol designed solely to circumvent censorship.
-
Known attacks on existing circumvention tools include steganographic detection, enumeration of decoy-router locations, and machine-learning traffic classifiers. The paper acknowledges these defeat current approaches (Infranet, Collage, Telex, SkypeMorph, Freewave) and argues that no iterative patch can neutralize the censor's long-term structural advantage.