<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<meta charset="utf-8">
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"
id="docs-internal-guid-1437e203-8f6e-a416-1981-35f88b9084ef"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">Hi
Arturo and all,</span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">When
it comes to ethics of soliciting measurements and informed
consent, I have a different take which has been my research
topic over the past years. There are many reasons why I think
that directly measuring censorship is scary. First of all, you
need to acquire reliable vantage points to run your
measurements. Volunteering one’s machine to foreign researchers,
or operating a device on their behalf, might be viewed by the
government as espionage. Besides, many regions, especially
places where we don’t have good infrastructure, have a limited
number of companies/volunteers (if any) that allow foreigners to
rent computers inside the country. All the current direct
approaches, such as RIPE Atlas [1] or other distributed
platforms or volunteers running Raspberry Pis are often easy to
spot and data collected from them may not be reliable. For
example, regarding China, we showed [2] that censorship is
different in CERNET (China Education and Research Network)
compared to other ISPs.</span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">When
it comes to measuring connectivity, I believe that it is better
to involve the whole country in doing the measurements rather
than volunteers whose safety is at stake. Therefore, I have
developed effective methods for remotely measuring Internet
censorship around the world, without requiring access to any of
the machines whose connectivity is tested to or from. These
techniques are based on novel network inference channels, a.k.a
idle scans. That is, given two arbitrary IP addresses on the
Internet that meet some simple requirements such as global IPID
behaviour, our proposed technique can discover packet drops
(e.g., due to censorship) between the two remote machines, as
well as infer in which direction the packet drops are occurring.
Here are more references to read [3,4]. Basically, for one of
the idle scans (hybrid idle scan), we only create unsolicited
packets (a bunch of SYNACK and RST segments) between two remote
IPs, and look at the changes in the global IPID variable to
infer whether censorship is happening and if so, in which
direction packets are dropped.</span><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">
</span><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">
</span><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">
</span><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">
</span><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">
</span><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">
</span></p>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">Back
to my main point, why I am trying so hard to convince you that
we also need to use side channels and how this relates to
ethics, well, here is the story: The discussion you brought up
has been discussed heavily in academia in the past six months
after two papers got rejected from the IMC conference because of
ethics. One of them was my paper [2] after having received good
reviews on the technical contribution. Here is the link to the
reviews: </span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;"><a class="moz-txt-link-freetext" href="https://imc2014.cs.wisc.edu/hotcrp/paper/243?cap=0243a2kWYrwVqbv0">https://imc2014.cs.wisc.edu/hotcrp/paper/243?cap=0243a2kWYrwVqbv0</a></span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">I
personally just got an email with above link from IMC, and
because of having had a single-entry visa, I couldn’t attend IMC
or the Citizen Lab workshop where a lot of the discussions about
ethics were taking place. The ethical issues that usually come
up are two: First, using idle scans, no consent from users is
collected. Second, censors could mistakenly assume that two
machines measured by us are deliberately communicating with each
other. This could have negative consequences if a censor
believes that a user is communicating with a sensitive or
forbidden IP address. </span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">In
response to the latter argument, it is unlikely that a censor
would come to such a conclusion as only RST segments are created
from a client inside a country to a server and only SYN/ACK
segments are sent from a server to a client inside the censoring
country. An adversary would not witness a full TCP handshake,
let alone any actual data transfer. <br>
</span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">One
mitigation technique that I have been focusing on is to use
routers instead of end points for the side channel measurements.<br>
<br>
</span></p>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">If
you or anyone else is interested in using these techniques, I am
more than happy to help.</span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">Roya</span></p>
<br>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">[1]
</span><a href="http://cartography.io/"
style="text-decoration:none;"><span
style="font-size:15px;font-family:Arial;color:#1155cc;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:underline;vertical-align:baseline;">http://cartography.io/</span></a></p>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">[2]
<a class="moz-txt-link-freetext" href="http://arxiv.org/abs/1410.0735">http://arxiv.org/abs/1410.0735</a></span></p>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">[3]<a class="moz-txt-link-freetext" href="http://arxiv.org/pdf/1312.5739v1.pdf">http://arxiv.org/pdf/1312.5739v1.pdf</a></span></p>
<p dir="ltr"
style="line-height:1.15;margin-top:0pt;margin-bottom:0pt;"><span
style="font-size:15px;font-family:Arial;color:#000000;background-color:transparent;font-weight:normal;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;">[4]<a class="moz-txt-link-freetext" href="http://www.usenix.org/event/sec10/tech/full_papers/Ensafi.pdf">http://www.usenix.org/event/sec10/tech/full_papers/Ensafi.pdf</a></span></p>
<br>
</body>
</html>