Skip to main content

Cybernews Interview, Psiphon: “the world is becoming more and more privacy-conscious”

Most of us are aware of the necessity of having strong VPN protection in place. But what are the inherent issues with standard VPN applications, and how can they be solved?

While choosing the best VPN often comes down to its features, the problem with many of the modern VPN applications concerns easily recognizable traffic in certain Internet environments despite the implemented end-to-end encryption. But what can be done about it?

To discuss this matter, we’ve reached out to Alexis Gantous, a member of the Business Development and Operations team at Psiphon Inc, a company that works on providing uncensored Internet access for Windows and mobile devices.

How did the idea of creating Psiphon originate?

Psiphon was founded out of a research project at the University of Toronto’s Citizen Lab, founder and CEO Michael Hull saw the opportunity to take the original peer-to-peer system and further develop it to fill the needs of millions around the world who face restrictions to their access to information online.

Can you introduce us to your circumvention system?

One of the big issues with standard VPN applications is that the traffic, while it’s encrypted, can be very easily recognizable and disrupted in the Internet environments that perform DPI and aggressive filtering of Internet traffic. Psiphon’s state-of-the-art protocols offer multiple creative pathways to obfuscate and connect our users to the content they are seeking online. This, combined with our diverse network of servers placed in over 20 countries around the world, means Psiphon has a robust circumvention network that can much more reliably stand up to interference, as evidenced by tens of millions of citizens around the world turning to Psiphon when facing severe blocking events.

Tell us more about Psiphon’s vision.

Any potential user should be able to review our code and ensure that we are providing the service that we claim to. At Psiphon, we are committed to ensuring our user’s privacy and security are maintained to the best of our ability. We do not require users to create accounts or submit any personally identifiable information to use our service. All of our code is open source and over the years we have posted several 3rd party audits of our code, including penetration tests on our blog.

Do you think the recent global events altered the way the public perceives cybersecurity?

I do, there is a lot of confusing information out there for people new to the topic of cybersecurity. But with the number of data breaches and hacks that have occurred over the last few years, reports of organized hacking groups on the rise, etc., the public and private sectors are starting to increase the focus on cybersecurity risks and exposure.

What would you consider to be the worst Internet habits detrimental to one’s digital privacy and security?

Password security or lack thereof is number one, important accounts especially with access to personal or banking information should always be protected with strong passwords and multi-factor authentication where possible.

Protecting one’s Internet connection on public wifi connections is always a big topic as well and the use of Psiphon or a VPN that encrypts your connection can be very helpful. Finally, be wary of unfamiliar or unexpected emails/messages that ask you to click a link or enter passwords/information. These types of scams are on the rise and can be less obvious than you might expect.


What best practices or tools should Internet users adopt instead?

Password managers can be a great tool to save you from having to remember many complicated strong passwords, many are free for personal use and ensure that you don’t use the same passwords for everything. Typically they also ensure multi-factor authentication with apps like Authy or Google Authenticator which can be another great step in protecting yourself online.

With remote work becoming the new normal, what security measures should companies invest in to secure their network?

As mentioned already, passwords and MFA are important for personal use but should be even more important for businesses, many phishing scams target employees and payroll staff of small companies.

Make sure that employees have access to a reputable VPN service that publishes and adheres to open source development principles and methods. This will ensure employees have access to important services for work and will help to protect company information and data.

Do you have any predictions for the future of the Internet? What improvements do you hope to see in the next few years?

It seems much of the world is becoming more and more privacy-conscious. I predict that we will see more legislation following the lead of GDPR and European regulations around privacy and consent-oriented handling of user data.

What does the future hold for Psiphon?

At Psiphon, we are continually improving and refining our technology, we have some exciting projects in the work including a newly released service called MalAware which, when connecting to our network through a Psiphon app will automatically monitor for any connections coming from malware/adware on your device and notify you if your device has been compromised.


For the original article click here.

Popular posts from this blog

Why You Don't Need Google's Domain Fronting

Google’s removal of domain fronting emphasizes the need for solutions like Psiphon. Google has confirmed that they will block domain fronting across Google domains and App Engine. For many apps and publishers, this represents a step backwards in the fight for internet freedom. While Psiphon has never relied on this Google service, many app developers continued to depend on the practice as a convenient and straightforward means of circumventing state-level censorship, despite the long-running speculation that Google would close this loophole (eg. Will Scott’s blog post in 2017). While the announcement has been met with criticism from internet activists and service providers alike, Google has defended their decision, saying “ domain fronting has never been a supported feature ”. Domain fronting has been a popular means of censorship circumvention for several years, being embraced by popular apps like Signal, who publicly adopted the practice in 2016 . While using Google domain

Social Media and Internet Ban in Turkey

Following the detainment of 12 pro-Kurdish lawmakers from the Peoples’ Democratic Party (HDP) in the early hours of November 4 th , Facebook, Twitter, Instagram, YouTube, WhatsApp and Skype were blocked in Turkey . There were reports that Turk Telekom internet provider completely disabled access to the internet or throttled the connection to the point that it was impossible to connect. Despite lack of official decision about the restrictions, and BTK’s explanation that there was a technical problem throughout Turkey, Prime Minister Binali Yildirim made a statement later in the day and said “For security reasons, these kinds of measures can be taken time to time. These are temporary measures. Everything goes back to normal after the danger is eliminated.” Social media and internet bans ended the following evening in most of the country, but there were still some short-term connection problems during the weekend in some regions, and it was reported that some Turk Telekom users

Amid major network disruptions, 1.76M Psiphon users in Belarus

The Psiphon network supported a peak 1.76 million daily active users during significant network interference that started August 9th, a figure that represents nearly 1 in every 3 internet users. A large-scale disruption to international internet access was observed in Belarus, beginning during the contested presidential election on August 9th. Widespread filtering was reported across all Belarusian networks, affecting popular messaging apps including Telegram, Viber, and WhatsApp; social media platforms Facebook, Twitter, Instagram, and Youtube; major app markets including Google Play and the App Store; email providers Gmail, Mail.ru, and Yandex; maps, banking, online media, and many other services. Rolling blackouts of the mobile networks also occurred nightly between 6PM and 6AM. The majority of VPNs were reportedly blocked as a result of generalized SSL/TLS filtering. Tor direct connections were disrupted by the increased network change, while Tor bridge users reached a peak 8,0