Circumvent Internet censorship without external apps or services #4
Labels
attribute-censorship-circumvention
enhancement
New feature or request
feedback wanted
Extra attention is needed
Executive summary
Internet apps are responsible for the transport of the data they produce and consume, so circumventing Internet censorship requires a system-wide tool on the user's device (e.g., Tor, VPNs) or a custom technology built into an app (and/or the servers it talks to).
By contrast, Awala apps delegate the transport of their data to the local Android/desktop gateway, whose sole job is to connect the local apps to the outside world using the best network available. So it makes sense for it to also be responsible for circumventing censorship when using the Internet, so that Awala users, couriers and service providers will never have to worry about Internet censorship.
Tackling this issue soon is very important for three reasons:
This is a meta issue for all the changes we'd have to make to the Awala protocol suite and/or Relaycorp's implementations.
Background
Internet censorship is implemented differently by country, and even by ISPs within the same country. This requires us to employ a variety of technologies and techniques -- some of which may have to be limited to certain countries/regions if they incur a performance penalty, for example.
Fortunately, today we can leverage the amazing work by the Internet Freedom community, who's been documenting censorship techniques and designing/developing circumvention tools. We'll achieve the goal of this issue by building on the their work and contributing back when possible.
Techniques and technologies
We already have plans to support the following technologies, not just to circumvent censorship, but also to improve privacy and scalability:
cloudflare-dns.com
) can't be resolved.To circumvent censorship when necessary, we may use the following technologies/techniques in certain cases -- starting with the ones that seem more robust, easier to implement and less likely to cause performance/UX issues:
It might be good to consider Pluggable Transports as a stopgap solution, but whilst think they're great for regular Internet traffic (i.e, RPCs), I think integrating them in a Delay-Tolerant Network like Awala will involve some pretty serious shoehorning -- and I believe the techniques above offer equal or better UX/performance anyway.
We should also consider how to onboard users when they can't download the desktop/Android gateways (see also #1). For example: People who haven't yet installed the desktop/Android gateway should be able to send an email to something like
download+windows@awala.network
to get an automatic reply with an installer (instead of the full app, as that'd take up more than 10 MiB). The installer itself should be able to bypass Internet censorship too.Challenges
I've identified the following (surmountable) challenges:
Drawbacks
Compared to VPNs
I can't think of any disadvantage to circumventing Internet censorship via Awala compared to using VPNs, nor can I think of a single reason why placing a VPN in front of a gateway or courier app would be useful.
Putting censorship circumvention aside:
Compared to Tor
I believe Awala would be at least as effective as Tor at circumventing censorship and it'd be more performant, but Tor would still provide better privacy because the user's IP address is never revealed to the target server. Consequently, many whistleblowers, activists and journalists may still prefer Tor -- Until a reputable third party agrees to operate an Awala-Internet Gateway with a strict no-logs policy (which Relaycorp is extremely unlikely to do).
Limitations
The above can only work if the global Internet is at least partially reachable to end users or intermediaries. It's also less likely to work if the censor employs an allowlist approach where only selected IP addresses can be reached, unless the allowed services can be exploited (e.g., email).
The text was updated successfully, but these errors were encountered: