uProxy: a Social Proxy for your Browser Raymond Cheng, Will Scott, - PowerPoint PPT Presentation

uProxy: a Social Proxy for your Browser Raymond Cheng, Will Scott, Aaron Gallant, Tom Anderson, Arvind Krishnamurthy University of Washington Seattle, WA, USA with help from our friends at Google Ideas 1/19

Takeaways ● Users need more control over their paths on the Internet ● uProxy is a browser extension that lets users securely tunnel traffic through a friend’s computer 2/19

Opte Project 3/19

Takeaways ● Users need more control over their paths on the Internet ● uProxy is a browser extension that lets users securely tunnel traffic through a friend’s computer 4/19

5/19

Universal Encryption has yet to come Attacks, surveillance Firesheep 3/15 6/19

Washington Post 7/19

8/19

9/19

Partial Internet Outages are Common ● Measured 2M outages over 2 months ○ 79% were partial ● 10% of outages lasted over 10 minutes ● Variety of causes: route convergence delays, pathological routing policies, misconfiguration, prefix hijacking, route injection, router bugs, DDoS Katz-Bassett, Ethan, et al. "LIFEGUARD: Practical repair of persistent route failures." ACM SIGCOMM Computer Communication Review 42.4 (2012): 395-406. 10/19

Why now? 11/19

Why now? Social networks 11/19

Why now? Social networks Widely Available Platforms 11/19

Why now? Social networks Web Standards Widely Available Platforms 11/19

Centralized proxies + Filter + Failures + Surveil + Manipulate/Misdirect Legend Connection to proxy Censors see connection to YouTube Unfettered connection 12/19 3 Users in unsafe environment

Centralized proxies + Filter + Failures + Surveil + Manipulate/Misdirect Proxy Server Problems w/Proxies : Legend + Scale: easy to find & block Connection to proxy everyone + Trust: users need to trust Censors see proxy (e.g. password theft), and connection to YouTube proxy needs to trust users (e.g. Unfettered connection illegal activity) 12/19 3 Users in unsafe environment

uProxy: an experiment in distributed proxying ? 1. XMPP/Chat/Email/Social 3. Share your internet connects users; HTML5 connection’s security WebRTC transports data; and access with trusted encryption and obfuscation, friends and family. hides data from attackers. 2. Access and security through social network-based trust; also potential to cache/speed up connection. … Users in safer environment Users in unsafe environment 13/19 4

User Experience Design Mocks Explanatory intro screens Connect to social networks Home Screen 14/19 5.1

User Experience Request Access (Alex) Accept Request (Roothu) Connection Active (Alex) 15/19 5.2

User Experience Active Connection Stop access Settings 16/19 5.3

Architecture uProxy Serving Device (Bob) uProxy Client Device (Alice) Web-browser Web-browser uProxy UI uProxy UI Displays status & sets display status Browser's proxy to localhost:port (4) Stun uProxy Core uProxy Core Servers proxies TCP requests coming in localhost SOCKS proxy @ on WebRTC the to external TCP (3) localhost:port service (5) Transport Social Social Transport WebRTC DTLS/UDP+Obf (1) (6) (2) TCP/IP Service Social network (YouTube, NYT, Chat contacts Guardian, etc) (e.g. XMPP) Luchaup, Daniel, et al. "LibFTE: a toolkit for constructing practical, format-abiding encryption schemes." 17/19 9 Proceedings of the 23rd USENIX conference on Security Symposium . USENIX Association, 2014.

Progress 2013 - Initial support for reliable WebRTC data channels - Prototype demonstrated at Google Ideas Summit 2014 - UX redesign - Chrome/Firefox extensions - Staff up team - Security reviews - Open source on GitHub - Obfuscated WebRTC 18/19

Looking Ahead Publish to the WebStore uProxy Mobile Client uProxy for Cloud Plugin support - social networks - alternate network transport protocols - proxy service interfaces 19/19

uProxy: Share Your Pathway to the Internet https://www.uproxy.org https://github.com/uproxy info@uproxy.org