Circumvention Tools Analysis

February 10,2016

Cecile Basnage and David Fifield


4 tools overviewed

User Flow investigated


High-Level Insights

1. Psiphon


Set Up

• ~5 MB

• No installer, just ran

• Download, run exe, starts automatically

Main Screen/ Site Visit

• Opens IE to


• Automatically sets proxy settings (*note: this was reset every time)

• example:HTTP/HTTPS: 49196

• SOCKS: 49195

• Psiphon changes Windows system proxy setting

• even though IE launched automatically, Chrome used the proxy as well.

• IP address came up as, Linode, New Jersey

Additional Features: Feedback

Additional Features: About  

Additional Features: Language


None Seen?

Usability Pro’s / Cons

(+) Automatic proxy settings -> hypothetically reduces cognitive load

(+) Options for Feedback, About, Language

        -clear location

Questions to Investigate:

Psiphon sets system wide proxy. Is this what users expect, or is this confusing?

2. Lantern


Main Screen

Homepage: 2nd try

Demo Site Visit

        • "Log in to use your Facebook account with "lantern-ui".

• Clicking on "lantern-ui" brings to an error page.


• Barely any settings

 * Run automatically

 * Proxy all traffic

 * Report usage statistics

Additional Features


        -Proxy Settings

PAC File

Question to consider: How are other domains getting exempted from Lantern?

Bugs: Demo Site Visit

• Clicking on "Manoto1" option gives a cert error.


•surprising because Manoto is on their homepage.

-> is the translation proxied?

-> could this inadvertently leak what website you are visiting because of google translate?

Usability Issues


(+) “nice” visual design

(+) about page (offers privacy policy, disclaimer, licenses)


(-) Unclear how to stop it from running: there is no “Exit” button

        Closing the tabs doesn't change the proxy settings.

lantern.exe will still run

(We had to kill the process in order to stop lantern from running)

(-) Unclear: Which sites are proxied?

        • Inconsistency between sites on homepage and other sites

• What is my IP address gave us a Berkeley IP address.

• But Clicking on YouTube gave us "YouTube NL".

Advertises that it proxies 6 sites, are these the only accessible ones?


(-) No option to change language

        although it does have translation capability

Further Questions:

When people use Lantern, what are their expectations about their proxied connections?

        • Do they think re all their websites are being proxied?

        • Do they try to access a website when Lantern is not running?

        • Do they think Lantern will be running the next time they turn on their computer?

        • Is translation being proxied?

        • Is OCSP being proxied? ( was in the PAC file)

        • Where are the 6 proxied domains set (not in PAC file?)

3. Ultrasurf


        • Very unclear

• Signed executable wrapped inside unsigned file

• Created several new files/ directories


Opened a explorer window and didn't do anything


Double-clicked on "u1504", now it's a signed exe.

Double-clicked that,

opened a little main window,

opened IE to,

Main Screen

• opened firewall error (see below).

•Unclear: three progress bars ("99.8%") seem to allow you to choose

one from three servers.

Additional Features:

• Home, Retry, Option, Help, Exit, Feedback

Additional Features: Feedback

        •"Feedback" gives a base64 blob just like Freegate.

Additional Features: Help

        "Help" gives a user guide.

Additional Features: Options

•Question: what do these 3 options do? Auto-detect also looks like it is manual.

•These overlap with IE settings. (could be to address linkability?)

Proxy Settings

        Proxy settings offers: Auto-Detect, Manual, Directly use UltraSurf

IE Blocking Ultrasurf

Proxy Settings

        Checked IP as

Fremont, California, Hurricane Electric.

Additional Pages : Exit

Exiting disabled system-wide proxy.


Bugs / Weirdness

Weird golden lock icon on the desktop that you can drag around.

Draws itself on top of everything else.

You can right-click to get a dropdown menu

"Help" gives a user guide.

4. Freegate/Dynaweb


Main Screen

First thing that appears is a EULA (End user License Agreement)

• Accepting agreement yields a control panel  

“Control Panel”


  1. All websites (everything goes through proxy)
  2. Blacklist of proxy sites (everything goes through proxy unless in this list)
  3. Whitelist of proxy sites (these sites use proxy)

Main Screen: Freegate Panel

Buttons for Dynaweb home, Turn OFF, Settings, Exit, Help, About, Feedback.

"Connected to 7 Servers, port: 8580, Tunnel(A)"

Proxy Settings

        Changed windows proxy settings to, looks like HTTP/HTTPS only.

Feature: Feedback

Doesn't even tell you where to send it.

Demo Site Visit

Opened IE window to

Offers a form to enter a URL, then serves a redirect to what you asked for. Entering "whatever” gives you a broken redirect.

Redirect URL

•Discrepency between behavior when URL was typed in different places

• When we entered URL in regular URL bar, it detected that we weren’t in China.

Another Site Demo: Berkeley Page

        •When when tried to visit Berkeley page, only HTML loaded.


• Unclear Settings

• Control panel said “you can make changes under Settings” panel, but Settings looks completely different

• What is the A tunnel vs. F Tunnel?

Additional Pages : Help, User Guide, Exit


Clicking Support takes you to GIFC forums.

User Guide

Clicking Help gives a local HTML page, user guide. 


Clicking Turn Off gives a warning that the proxy setting is reset.


Bugs /Side Effects

        Windows Firewall tries to block Freegate

Usability Summary


                • Several bugs

• Overall lack of clarity in layout.

Questions to Consider

        • What is the difference between Freegate and Dynaweb?

        •What is the significance in the different URL form vs. regular URL?  


•  Psiphon seemed most usable, could be looked into more.