Skip to main content

Songs on the Security of Networks
a blog by Michał "rysiek" Woźniak

Breaking the garden walls

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

UPDATED with Step 0 and FreedomBox reference; UPDATE 2: heartfelt thanks to Laura Arjona for the Spanish translation, now also featured here.

For some time now I have been pondering the best way to break people free from walled-gardens (like Facebook, Google+, Twitter, etc).

For all those services there are viable, free-as-in-freedom alternatives (Diaspora/Friendica, StatusNet, and many more). All those proprietary services are being heavily criticised (among others, for privacy violations, tricking or pushing their users, heavy-handed policies, censorship, nymwars).

And yet, people still overwhelmingly use them, instead of the libre, decentralised, federated alternatives. And yet, people still write software for them and base their business on them – and even when those closed services change their API policies and draw ire of developers, the developers themselves write petitions instead of simply diversifying.

There is a reason for that, and the reason is called Network Effect. In short – the more people use a given communication too, the more new people will use it.

Seems that there is no way out… However, I believe there is. But we have to subvert the network effect to do our bidding!

Step 0. Agreed protocols

We do have a problem with fragmentation. Fragmentation is not choice – it is a situation where you don’t know which of the incompatible service types to choose – in fact, it’s almost a kind of a walled-garden in and of itself.

Choice is what we have with e-mail: you can choose from a plethora of clients, servers, webmail providers, etc; however, regardless of whichever you choose, you are still able to seamlessly communicate with any other e-mail user, using any other combination.

Currently we have quite a few open, free, decentralised social media protocols that have similar functionality but not much interoperability. Before we can move on, we need to change that – and the only way to change that is to agree on one of those protocols and move from there.

I believe we should start a discussion on that and make the decision as soon as possible; and I call upon GNU Project, FSF, FSFE, and all other notable organisations promoting free/libre/open source software to partake in this discussion and throw their weight behind the protocols that would emerge as the agreed-upon solution.

Step 1. Awesome service

We need to build a service (and methods of creating new instances of it quickly and easily!) that integrates as many different service types as possible uder a single identity. I’m thinking at the very least:

Maybe a distro/remix, ready with everything one needs to just install it, enter some basic data and run? We need as many instances of that as possible, as fast as possible.

Of course, there already are valuable projects going in this direction, and we should support them. For example, FreedomBox, as pointed out by forteller; or SocialSwarm, as pointed out by march.

The problem with FreedomBox and SocialSwarm I see is that they are trying to make two hard transitions at once: from centralised to de-centralised, and from third-party-hosted to self-hosted. I believe this is a tad too an ambitious plan and it should be split into two separate steps. However, if we did Step 0 and Step 1 right, they both would have at least a part of their work done for them.

Step 2. Prison break

When we have where to send potential interested users, it’s time to start the campaing proper. For this we need a website, endorsed by as many privacy-advocating and FLOSS-evangelizing organisations and people as possible.

It would designate a single day each month, or each quarter, to be (e.g.) “Prison Break Day Q4 2012”. Users of walled-gardens could log-in on the website with their walled-garden accounts and pledge to (either, or both):

  • create an account on an analogous libre, decentralised service (i.e. StatusNet for Twitter users; Friendica for Facebook users);
  • close their walled-garden accounts;

…before or at the next “Prison Break Day”.

Info that they did pledge that would get automagically published on their walled-garden feeds for all their friends to see. As the “Prison Break Day” draws closer, at least one reminder would be sent to them – and to their feeds. Users then would be able to log-in with their libre OpenID to “claim” a given pledge and prove they made good on it. This would also get published on their walled-garden feeds.

To sweeten the deal, the libre services should be able to connect with walled-garden accounts and publish to them.

This would have the effect that people would see how many of their friends in walled-gardens are actually willing to make the switch. For some the amount of those would be enough to make good on their pledges and create the accounts; for some it would even give the incentive to close their walled-garden accounts.

Anyway, we would have the network effect working for us.

Yes, there is a Diaspora thread and Identica one for your commenting pleasure!

Melbourne CryptoParty video message

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

For some reason Asher Wolf asked me to record a short video message for Melbourne CryptoParty.

You can watch the message on YouTube (sorry for the quality, this was my first self-recorded video message). I would strongly suggest to listen and watch messages from other great people. How I landed in such a cool bunch is a mystery to be solved…

Anyway, the text of what I was trying to say is below, for your enjoyment as you compare and contrast it with what I actually did say.

Hi there,

My name is Mike (also known as rysiek) from Warsaw Hackerspace in Poland. You might remember me from such hacktivist initiatives as Anti-ACTA campaign in Europe and the Telecomix jellyfish collective.

I was asked to share with you my view why crypto is important.

It’s important, because privacy is important.

It’s important, because being certain you know who can (and who cannot) read the message you sent is important.

For some reason we do put snail-mail letters in envelopes, hiding them from the eyes of good people working at post offices. And yet, we keep on sending our most private, most intimate, most important information in unencrypted e-mails and via unencrypted internet messaging services, putting them right in front of preying eyes of data-mining corporations, our beloved government officials and security agencies.

Had any government in the developed world announced that they are opening, reading and censoring snail-mail on post offices, people would riot.

And yet when Internet filtering schemes are pushed – in the name of fighting the dreaded paedonazis or saving our dear entertainment industry from themselves – general public often doesn’t seem to notice nor care, doesn’t seem to make the connect between the phrase “Internet filtering” and words “censorship” and “surveilance”.

One of the reasons ACTA was so explosive in Poland was because we remember. Most of Poles alive today had a taste of a totalitarian regime. Some faught hard against it. “Censorship” and “surveilance” are not just abstract terms for us. They are often part of family history.

So, here’s something from a Polish guy, 22 years after a totalitarian state was abolished here: if you want to know why crypto is important, just consider for a moment why you put your last snail-mail in an envelope.

Thanks and have a great CryptoParty!

On sailor's sensitivity, or "the starry heavens above me"

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

Thee who never had the chance to marvel at night skies somewhere far from civilised world – and due to light pollution this is getting ever harder these days – will probably never undarstand Kant’s quote:

Two things fill the mind with ever new and increasing admiration and awe, the more often and steadily we reflect upon them: The starry heavens above me and the moral law within me.

I have yet again spent a few days sailing the sea; nowhere can one find such a breathtaking sight of starry sky, as in the middle of the sea at night. Could anyone be impervious to it?..

Sea sailing is neither easy nor effortless pastime; and working as a sailor on a sailing ship of old was incomparably harder, severe and demanding. C. S. Forrester in his Horatio Hornblower series doesn’t leave much to the imagination: inhumane conditions; unrelenting weather; heartless commanders with indisputable power over life and death; never-ending missions lasting months or years… Sailors had to be hardened and tough – or their days at sea ended fast (often at the bottom, with a cannoball or two at their feet).

Still, hadn’t the the night sky at sea (as awe-inspiring then as now, no doubt) moved the sailors’ of times past sea-hardened hearts as it moves and inspires seagoers today? Wasn’t there often, under the hard outer shell, a (very peculiar, but nonetheless) sensitivity?

Listen to sea shanties and you will find both the hardiness and the sensitivity. Just like the Königsberg philosopher’s quote, however, these will be hard to find and grasp, and appreciate, if you’ve never been to sea at night.

Black PR around Polish e-Textbooks

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

Black PR campaign against e-textbooks in Poland that trundles through polish media is a premeditated attack against our right to education. For years now open education resources proponents have been fighting for resources available on permissive, or “libre”, licenses, allowing for copying, remixing and spreading them around – so that teachers are not afraid to make a copy of an application used in class or a textbook needed for their homework. This freedom is jeopardized by particular interests of a couple of publishing companies.*

Much has been said lately in Poland about (or rather, mainly against) the plan to bring electronic textbooks and open education resources to Polish public schools. What is worth noting: while the critique was usually aimed at financial, technical or procedural issues, the real source of ire for those behind this campaign are, in fact, the libre licenses themselves.

What are libre licenses

In almost every textbook on one of the first or last pages you will find the text “all rights reserved”. It’s a reminder that they are also covered by copyright laws, and that rightsowners’ (publishers’, authors’) express consent is required to copy, redistribute or modify it.

Libre licenses invert this situation, by expressly and unequivocally giving such consent to anybody interested in doing so, as long as they retain proper attribution of authorship. No need to ponder if it is legal to share libre licensed music (e.g. downloaded from Jamendo) nor if we can re-use a Wikipedia article – libre licenses these sites sport for the content are a loud and clear “sure thing, go ahead!”

This, for reasons that should be pretty obvious, has a lot of sense in education. Open education resources allow teachers and students to use, re-use, modify, improve, supplement and share – or even publish their own versions of them! – without the fear of running afoul of complicated copyright laws. It is the proven model behind, for example, free software and Wikipedia – however, when used in in education, apart from providing for better, more complete and upt-to-date learning materials, it also helps foster deeper student and teacher involvement in the process.

And of course, parents (especially of more than one child) could also feel the purely financial advantage such model offers them, as instead of buying, year by year, new textbooks, they could just download the updated version. All this is possible with libre licensing of education resources.

Almost everybody engaged in education – students, parents, teachers – libre licenses are a huge step forward. They allow creativity to thrive, save money, enable updating of the resources by third parties (instead of writing them anew from scratch each time) and fight the digital exclusion (anybody can prepare a braille version without even having to ask for permission), while at the same time giving students practical idea on how copyright law works.

However, such culture of sharing is (at least seemingly) incompatible with business models of large publishing companies, hence the current black PR campaign against e-textbooks. The question remains: should such a purely business issue be a problem of students, parents and teachers?

Libre business

Regardless of what the publishers would like you to think, there are several examples of business models perfectly compatible with libre licensing and open education resources.

It is because they are libre-licensed, open education resources can (and should!) be used and improved upon by the publishers, regardless of who was the original author. There is not a single reason why the publishers cannot prepare professional printed versions, after all many parents will prefer them to printing at home! Textbooks will need appropriate exercise books, tests, other materials – and thanks to the libre license of the textbook any publisher will have the ability of preparing those.

Publishers could even prepare specially adapted versions for certain class profiles – removing unneeded material and extending upon certain relevant sections. Not only can they do that – this possibility is in and of itself one of the reasons for creating open education resources.

Conjuration of reality

Publishing business does not want to acknowledge all that, because it spells changes. Instead of trying to find new business models, new ways of operating, compatible with libre licenses (and the future of education in Poland) – publishers prefer to treat open education resources as a “problem” that needs “solving”, using lawyers and PR agencies.

Changes will inevitably come, regardless of how those opposed to them try to conjure the reality. Respected education centres around the world also see that: Harvard University asked its staff to publish their work on libre licenses, instead of in science periodicals sporting proprietary licensing schemes. This will supposedly allow it to save 3.5 million dollars each year, at the same time rising availability of scientific research within the scientific community and well beyond it.

Polish education has a chance to not only follow this example, but go further. Polish libre-licensed e-textbooks is already commented broadly in education communities around the world. As far as open education goes, Poland can become a true leader.

Should, then, profits of a few publishing businesses stand in the way of better, more affordable and modern education?

Hypochristian Love

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

Australian Christian Lobby, in a tweet already deleted (wonder why, don’t they stand behind their convictions?), likened gay marriage and gay love to zoophilia and paedophilia. I like how this particular argument pops up here and there from the “Christian” side.

I like how such religious groups compare sex between two willing adult humans to sex with animals, implying that at least one party to it is no better than an animal – while still vehemently opposing the theory of evolution, saying that suggesting that humans come from monkeys somehow “strips humans of their dignity”. Because obviously calling people “animals” doesn’t.

I like how they compare homosexuality to paedophilia, regardless that homosexual sex (just as heterosexual sex) is sex between consenting adults, while paedophilia seems to be more often then not sex between a clergyman and a non-consenting child.

And I like how Catholic clergy claims this is a “family issue”, and that same-sex marriage is a danger to “family values”, while having absolutely no experience in building marriages and families of their own at all.

Finally, I like how they do that while “spreading the Christian message of Love”. I can admire a good troll.

Some new Layout Goodness

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

Because Firefox 13 decided to b0rk the layout of this brag, I finally got around to get back to work on it. And as Firefox 14 has already fixed this bug, instead of working on a work-around I was able to implement some of the missing stuff.

So, we finally have a menu – right there in the top-right corner. And boy am I proud of this one! Not a single line of JavaScript, pure CSS3 (esp. transitions). There you will find the home button, Table of Contents, language selector and an additional link to (up until now available only through the site’s main title) the About section.

Apart from that every entry now has a “back to top” link at the very end.

Obviously there is still a lot of work ahead of me, including both things that need fixes (like the “next page”/“previous page” links that are not exactly properly aligned) and things that need to be implemented from scratch (e.g. mobile devices layout; interface translations).

Party 2.0

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

Thinking about political parties, we think of behemoths, huge amalgamates of people and philosophies, preying on contemporary political events and social sentiments on their way to power. Power treated as an aim in and of itself, as the main reason and sense of the party’s existence. Political programmes of such huge organisations are usually gargantuan texts containing gigantic amounts of information on the official party line concerning seemingly every possible issue.

This causes problems. First of all, the machiavellian approach, want of complete, total power – as only by wielding it it is possible to push through with such complex system of ideas.

Secondly, this in practice bars the voters from making informed, rational decisions in the voting booth: how can they navigate in such a vast labyrinth of party programmes? And even if they could, they usually end up finding out they agree with social agenda of Party A, but only Party B has a sane economical one. Go and try to vote!

This, then, ends with a choice made on completely insubstantial grounds, either by subscribing to some populist agenda or hooking up on one of the many substitute topics (like gay marriage, that should by the way have been legalized a long time a go, under any of the proposed names; or abortion debate in which the level of informed, merit-based discussion is next to naught). That, or voting on a particular candidate that turned up in some form of a survey, “matching” candidate’s answers against voter’s views.

Is it finally time for Political Parties 2.0, then?

I believe so. It’s high time for single task parties, created with the aim of introducing a small set of well-defined, particular changes to reality (e.g. “reforming the copyright law to allow free of charge, legal, non-commercial sharing and remixing of culture”). Parties viewed from beginning till the very end as mere tools, not as aims in and of themselves; parties that seek and use many different methods of achieving their goals – as it’s possible to introduce change without entering the Parliament.

And, what’s as important – parties that are managed differently. Enough already with the parties of charismatic leaders that make almost all important decisions and push their own agendas using party members’ energy and time. Time for direct democracy, for example in the form of Liquid Democracy. We need parties that make decisions in maximally inclusive ways; ones that every member of has valid say, whom will vote according to party policy within the party “task” not because he has to, but because his true aim is, in fact, introducing this particular change in reality.

Such small, task-oriented parties also seem an interesting offer to those that feel that societies get too antagonised by the large, traditional political forces. They will more eagerly work together on issues that are not part of their particular “task”; possible they would also vote for what other task-oriented parties propose, as long as it’s not conflicting with their particular task.

To be able to avoid a task-oriented party becoming a traditional behemoth, such parties should also sport a clause in their statutes that would automagically dissolve them upon achieving their goals.

Party as a system hack

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

Today I would like to talk about hacking the system, but not a computer one. I do feel, you see, that the current political system (in, mind you, which I include media) is inherently hackable as far as introducing concrete, well-defined changes into reality is concerned; it can be done by political parties that do not even have to win any elections – as long as the issues at hand are clearly defined.

How? It’s easy.

Let’s try this on the example of copyright reform, which undoubtedly is dearly needed, and yet is not to be found (as far as I know) in any large party’s political programme. It’s a very visible issue lately (thanks to ACTA, but not only) that the general public has spoken out about quite loudly and clearly, yet no big political party seems to know how to go about it.

It should be enough, now, to simply create a political party which would have a single stated aim: change the copyright law. Such a party would have almost no chances of entering the Parliament; however, as it would be a political party, media would instantly get interested, and its name would spring up at an occasion where copyright reform, “piracy” and similar topics is discussed.

If such a party had a well-defined aim and actions that need to be undertaken to achieve it (i.e. which laws need to be changed, and how), and if it had well thought-through arguments those so-called “serious” parties would start to consider this small party a threat to at least some part of their political base. And while the chances of it entering the Parliament would still be close to nil, the “large” parties – fighting over every opinion poll point – would likely find it unacceptable.

The easiest way out of this conundrum for those large parties is, of course, copying – by simply incorporating the particular aim of this small party in their political programmes and preparing well their argumentation (for or against).

This, of course, will make the chances of entering the Parliament by the small party even smaller, but by now that’s irrelevant: the postulate has just entered big parties programmes; even more, by taking part in debates on the issue they themselves make it more prominent. And that’s exactly what the doctor ordered.

Because suddenly a topic that was completely absent from political debate is prominently featured in it, including getting into parties’ programmes. If the small party founders did their job well and the aim was well and clearly defined (which usually is not the case with the majority of political programme wording), it’s quite possible to hold the big parties accountable for it – still using the small party as the boogeyman when needed.

Are corporations dangerous only in collusion with governments?

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

One of the moments that made RightsCon Rio great: instead of attending one of the lectures, I had a tough, intense discussion with Thor Halvorssen of and Paulo Rená on… well, on a few topics really, including where do fundamental/human rights come from (are they inherent to every single human being or are they a by-product of society) and whether or not corporations are becoming a threat to those rights on their own (without government “help” in this regard).

The former is a topic well trodden by many thinkers. The latter is what I would like to summarize here, as I deem it’s both important and timely.

The issue arose while discussing a different one (which is important by itself, and which I will cover soon). What the topic boils down to is this question:
Multinational corporations are behemoths, some have more money and hard assets than many governments; hence, power of those corporations is becoming less and less accountable to any society. Is this dangerous in and of itself, or only when such corporations “get in bed” with governments?

I am willing to concede that governments are inherently dangerous; I am willing to concede that the most evil that corporations did up until today was, as Thor put it, “when corporations were in bed with governments”. And I am willing to concede that the military monopoly, held by governments, is one of the most important reasons for that.

However, I am also deeply concerned that what we see here is the game changing before our very eyes. Corporations – which cannot be called the most ethical entities on this Earth – are now amassing more power than many governments, and some are already building their own armies. I feel it is probable that military monopoly will be broken soon.

A historical analogy

Polish history in the 17th and 18th century is a good analogy here.

Simplifying quite a bit – Polish nobility had vast personal liberties and had substantial say in government affairs for centuries. Over the years, magnates (the highest class of nobility) gathered more and more power in their (private) hands while Polish Army was mainly based on “pospolite ruszenie” – forces mobilised from Polish gentry.

At some point military power in disposal of several magnates was enough to challenge the military power of the King, by gradually claiming their sole rule and own laws over their territories. This led to the magnates-led nobility revolting against the government and internal struggles in the country.

Finally, it resulted in loss of independence and dismantling the Polish-Lithuanian Commonwealth, once formidable force in Europe and the world, by bordering states.

Modern-day nobility

What is interesting is that we can see a very similar storm brewing today when it comes to multinational corporations.

They are, in fact, being treated like modern-day gentry. They have been granted vast privileges (corporate personhood, “money is speech” verdict in the US, etc.). They do have much say in governmental affairs (through lobbying, revolving door techniques and other means). Similarly to nobility, they cannot be imprisoned and court proceedings are slanted in their favour, if only because of huge legal teams and vast coffers they have at their disposal.

They amass more money and information, and hence power, than many governments. They have their own armies in the form of security agencies. And it’s not a government that knows how to build the newest jet fighter or the best rocket launcher – the corporations do.

They feel authorised to rule their “subjects” – employees and private clients – just as magnates ruled theirs; its the means that changed: now instead of decrees they issue Terms of Service, EULAs and internal regulations.

From this there is just a single small step to be made towards an overt corporatocracy. And already some corporations are asserting their own rule over certain areas. Just like Polish magnates did in the eve of internal troubles.

Danger ahead

Hence, I see the situation becoming extremely dangerous in two scenarios:

  • either a corporation will gain powers that exceed powers of governments, including breaking the military monopoly, and then will use those powers to their own ends;
  • or, maybe, the more power a corporation has, the more likely it becomes that it will “go to bed” with a government.

Either way, we end up in a situation in which it is the power of the corporation that is the extreme and immediate danger to our personal liberties and human rights. We need to be clear on that and acknowledge it.

Proxies! Proxies everywhere!

This is an ancient post, published more than 4 years ago.
As such, it might not anymore reflect the views of the author or the state of the world. It is provided as historical record.

Another follow-up after the RightsCon and OpenITP conferences in Rio – during OpenITP workshop session an interesting idea has been floated as an case-study in the Game Theory and Censorship working group:
if every (or most; or just many) HTTPS-enabled webservers on the Internet were configured as open proxies, this could provide invaluable additional layer of security and resilience for anti-censorship and anti-surveillance tools, like TOR; and would be very useful in and of itself.

As Lucas Dixon of Google Ideas pointed out, this idea was being discussed informally on and off during at least the last year or so.

I love the idea, and I believe it is worth some serious thought. Should this become reality, it would be close to impossibru to selectively censor the Internet, especially by oppressive regimes (like the USA or China), as to accomplish that they would need to effectively censor all HTTPS communication with all such HTTPS-enabled open proxies. I’d like to see the US censoring

Good reasons

Imagine a world in which you could use any public-facing HTTPS server as an anonymous proxy just by telling your operating system or application to use it so. No need to set-up TOR and the traffic not only looks like valid HTTPS traffic, it actually is valid HTTPS traffic to a valid HTTPS host.

Because it’s end-to-end encrypted, censorship and surveillance tools have no way of distinguishing it from normal traffic to this particular website, save for a MITM attack (this does happen, but adds another layer of complexity and needed effort to the censor’s system). Surveillance is still possible via getting server logs from the proxy operator, but that’s much harder than simply listening-in all the time.

While the TOR project does a stellar job in obscuring their traffic so it’s hard to tell from HTTPS, a simple list of operating TOR nodes is enough to prove problematic – as China’s example shows. In this case it’s a legitimate website doing the proxying, hence a regime would have to actually block the website instead of trying to find TOR traffic and block that.

This would mean that the choice that a regime has is either to block the whole HTTPS Internet; invest in complicated MITM attacks (that either require a compromised CA, or are completely visible to users); or accept the fact that they cannot selectively censor the Internet anymore.

And do keep in mind that selective blocking and filtering is active in many western democracies, including Italy or Great Britain. This could prove an invaluable tool for Internet users from those countries too.

Bad excuses

Now, let’s try to poke holes in the notion, shall we?

Obviously the first and biggest problem that comes to mind is the NIMBY-esque statement of any server admin worth their salt:
I do not want my server’s IP showing up in some child-porn server’s logs, and am not at all interested in partaking in all the law enforcement fun fun fun related to that later.

Or put it a bit differently – there will be abusers, period.

Thankfully, we already have an example of such a situation, and I am talking, of course, about TOR exit nodes. Admins make the decision whether to run a TOR exit node on their servers with this very consideration in their minds, and many do decide to run it. There are two reasons for that:

  • catering to the needs of dissidents and human rights activists in oppressive regimes is a honourable, humane thing to do, and the occasional abuser can be considered a poor excuse not to do it;
  • we have logs to prove that it is not us that initiated the “unlawful” connection, and the more widespread the practice is, the better standing we have to explain that we cannot be held liable for what other people do with our service.

Both of those work for TOR, and I see no reason for them not to work in this case.

I think that this is the biggie, the rest are technicalities – i.e. how much bandwidth and processing power can you provide for the open proxy part of your server is a technical question every admin would have to answer for themselves.

So what about TOR?

In no way am I advocating doing the above instead of operating a TOR exit node or bridge; if you can run TOR, do! If not, HTTPS ubiquitous anonymous proxies is a complementary measure that helps in some scenarios.

It does not provide strong anonymity, so it doesn’t help much against surveillance (the logs are being kept by the proxy operators!) and thus cannot in any way be viewed as TOR replacement. From regular user’s point of view, however, it is easier to set-up and integrate with their browsing habits – it hence can cater to the needs of some of the users that found TOR too complicated to set-up and use, but still need a way to circumvent certain kinds of censorship.