jason: we all knowthat in the world today there's a lotof people in the world and a lot of change happening. and so there's not asmany outlets or tools to be able to makethose voices accessible. and so adam and histeam have put together a project which will tryto address that and give a voice to the voiceless byway of peer-to-peer networking. and without further ado,i'll let adam take it away.
adam fisk: thanksso much, jason. so as jason said, i'm going totalk to you guys about lantern. lantern's a tool forbypassing censors in countries thatcensor the internet. and it's funded througha series of grants primarily from thestate department. so total funding for lanternhas been about $5 million over the course ofthe last 3 years. and i'm really excited to behere at google, first of all
just because the engineeringtalent on this campus is so amazing. and i'm going to talk a littlebit about our organization and how we approach things. and i think that relates alot to the engineering talent that we see here at google. so we're a nonprofit. we're called brave new software. and brave newsoftware's mission is
to use software to tackletough global problems. so the first problemwe're trying to tackle is this issue of censorship. and to me, there's really sortof a scarcity of really focused engineering effort, sort ofdirectly on problems like this. so i think google itself clearlyhas this sort of immense, in some sense,philanthropic effect. you can do things with googlelike detect flu outbreaks before the cdc is ableto detect flu outbreaks.
so just by virtue of makingthe world's information so much more accessible,google itself sort of serves this incredible purpose. so whether it's climate change,or censorship, or poverty, i think as engineers and withthe capabilities that we have, we have some obligation tosort of try to put forth effort to really focus onsome of those problems. and that's really what we'redoing at brave new software. so when i thinkabout lantern, to me
it really starts wheni was really young. so this is a picture of mewhen i was three or four. and i grew up in afamily of people-- a family of parents--who were really focused on the greenbuilding movement, on using architecture tocreate social change, really. so at that point, thegreen building movement wasn't even really a movement. it was just sort of acouple of people with ideas.
but because of that upbringing,i sort of came into this world with that type ofthinking and that being around sort of verydedicated people as an everyday part of my life. so i think thatreally impacted sort of the way i approached theworld and the way we approach software and problems at lanternand at brave new software. so this is a shot of me. i sort of considerthis the first version
of lantern in some way. so basically, my parents wereconstantly inventing things. and i, early on, sort of wantedto be a part of the action. so i somehow thoughtit would be a good idea to take a toilet paperroll, the inner cardboard tube from a toilet paper roll,and pair it with a burned out light bulb. and to me, this was a flashlightor a lantern of sorts. but if you lookmore closely, it's
really kind of sadand just pathetic. it's a just colossalfailure on all levels and was completelynon-functional. but this idea of just sortof participating and building things to make theworld a better place was really a part of mythinking from very early on. so fast forward,gosh, 18 years or so. i was one of the sort ofcore engineers on limewire. so i did a lot of the rawengineering work on limewire.
and that experience reallyreinforced this idea that small teams of peoplecan create a big impact and can impact change. so at limewire, we wereanywhere from about 5 people to 12 people, so anincredibly small group. and between us,and the team over at bittorrent with bramcohen, and the team at edonkey with jed mccaleb, wecame to account for, as i think everyone inthis room knows, about 40%
of all internet traffic ina very short period of time. this was a small groupof people who were just massively changing theinternet as we know it. and the other aspect ofmy experience at limewire was that it justhad this component of being massivelysort of decentralized. so it was muchmore decentralized than other peer-to-peernetworks out there. and that was interesting froman engineering perspective
to some extent interms of not having a single point of failure. but to me, the moreinteresting part about that was really not having asingle point of control. so how do we build networksthat sort of more closely reflect the decentralizednature of the internet itself? so to me, that aspectof peer-to-peer was really interestingand got me thinking, even in those earlyyears, about how you
might be able to use thosearchitectures to get around censors. so there was a piece ofsoftware called triangleboy around the year 2000that used peer-to-peer to get around censors. and it was more of anexperiment at that time, but that made me first startto think about how you might use this stuff tobypass censors. so i think it was2009-- oh, sorry.
actually, i'm goingto talk a little bit about just theproblem of censorship. so to me, livingin this country, it's very difficultto understand what it's like tolive with censorship. so without being able toaccess all the sites we want to access every day, ithink it's just a challenge to really understandwhat it's like. so this is just meproxying my traffic
through a serverin iran and trying to go to twitter and to youtube. and you see thisblocking page come up that just lists other sitesthat the government recommends that you might want to go toinstead of twitter or youtube. and if you do this for avery short period of time, it's amazing just howsort of debilitating it is to your everyday experience. so you get an emailfrom someone with a link
and you can't watch it. and so for me if i do this foreven as little as half an hour, almost instantly, it's justlike incredibly frustrating and i just can'ttake it anymore. and i have to turn off theproxy to go back to sort of life as we know it. so literally, when i firststarted work on lantern, i was just in the showerone day and i was like, hey, i think i'm going to actuallyjust start coding today.
so the first componenti started coding on was littleproxy, whichis just an http proxy. and for me, it's oftentimeshard to really feel like i fully understandsomething until i code it. so with even an httpproxy, it's relatively straightforward in a lot ofways and on a conceptual level. but i felt like i justreally wanted to code it. first, i didn't feel like therewere any really good proxies out there.
and i feel like i wanted to justreally sort of immerse myself in it. so even thingslike http connect, you know, like that's a kindof an interesting http method. and it means you can tunnelanything through http connect. and so conceptually,you think, oh, ok. that makes sense. but when you thinkabout it, it's actually incredibly powerful.
you can tunnel absolutelyanything through http connect. you can speak any protocolyou want to speak, which is kind of a big deal. and that's somethingwe take advantage of in different ways in lantern. so the other reasoni bring this up is just from a modularitysoftware engineering perspective. so littleproxy is thistotally separate project, just
a straight http proxy. and at this point, it'sused all over the world. so it's used at red hat. it's used at electronic arts. it's used at new relicand at small businesses all across eastern europe inparticular for some reason. but none of the peopleusing it have any idea that it's also usedwithin lantern. so they're actually patching itand improving it all the time
for their own purposes. but they have no ideathat at the same time they're testing andimproving lantern itself. so to me, that's how good sortof open source and modularity works, is if you build somethingthat's useful to people more generally andalso useful to you. sorry, i think there wassome animation there. so this is just ashot of someone-- not a real person-- athome running lantern.
and the way lantern works isusers in uncensored regions can download and installit on their computers. and because you at home haveaccess to the open internet, people can proxy through youand themselves get access. so it uses thispeer-to-peer model that does a couple of things. on one level, it really rampsup the number of access points. so we try to make it very easyto run a new access point. and it's literally, youjust download it, install it
on your machine,and just run it. so just through sheernumbers, lantern tries to be much moreblocking-resistant than sort of existing solutions out there. so we're just making it mucheasier to deploy new instances. so this is a shot of a muchearlier version of the lantern user interface. but one thing we try todo in the user interface itself is justreally give people
this sense of connectionto people around the world. so we're trying to build thisjust like citizen-run piece of software that allowspeople around the world, no matter where they'refrom, to directly connect. so this is showing inreal time your connections around the world. and this is mockdata at this point. i'll show you somelive data later on. but this is an example of auser connecting from iran.
so one aspect of--i want to dive into some of the more detailedengineering things that we do. so blocking resistance isreally a core part of lantern and differentiates it. some of the ways wedo blocking resistance differentiates it from certainlytor and from other tools so we use this algorithmcalled kaleidoscope to distributeaddresses of proxies. so one big challengeout there is,
how do you distribute theaddresses of proxy/access points in such a way that peopleon the network can discover them but censors cannot? so kaleidoscope uses atrust network to do that. and basically, what kaleidoscopecalls advertisements for proxies sort of tricklethrough the network, first, along a random walk. and basically, from thatpoint after, it just uses the same random walk.
so it initially chooses a pathand then always uses that path. and basically, the idea is thatif a censor joins the network, they're not goingto learn about all of the proxies thatare already there. a new actor on the network can'tlearn about all the existing proxies. they might learnabout new proxies, but they won't learnabout existing proxies. so that's one way thatlantern stays unblocked.
the sort of key componentof that is again, this goes back to thispeer-to-peer element. so this trust networkcomponent is useless unless you're able toconnect peers directly. like if i trust an individualother user on the network, if that's just someserver out there, it sort of breaks thistrust network model because that's not associatedwith an individual, at least in the normal conception of it.
so the way we do peer-to-peerin lantern is using webrtc. and we're releasinga new library called natty thatbasically wraps up the webrtcimplementation in chrome and just releases it as aseparate library that anyone can use as a standalone entity. and i imagine most peoplehere are familiar with webrtc. but basically, it uses udp totraverse nats between directly between browsers.
we're using it notwithin the browser, but within lanternitself to create that peer-to-peer connectivity. so doing that over udp hassome interesting properties. so it just so happensthat particularly over these long-distance linksthat lantern tends to deal with between, say, china andhere in mountain view, tcp really doesn'thandle that well. so it sees thishigh-latency connection
and sees this high packet lossand mistakes it for congestion, essentially. so it sort of settles on asub-optimized window size that really slowsdown the connection. so by implementing customprotocols over udp, we're able to really speed upthose high-latency connections between uncensored regionsand censored regions. and it sort of just sohappens that the best way to traverse nats andfirewalls is using udp.
so it's sort of ahandy marriage there. so i want to diveinto a little bit sort of how we've releasedthis stuff over time so this is just a shot ofsatellite dishes in tehran. so in iran, it's illegalto own a satellite dish. but if you look atthe skyline of tehran, you see satellitedishes everywhere. so lantern, in a lot of ways,is similar to that in the sense that it's very visible.
these satellite dishes arevery visible on these rooftops. and lantern, or reallyany tool this type, like tor or anything else, isvery visible on the network. if you're looking at allthe network packets passing through the entirecountry, you can see that theseconnections are unique, or these users are usingthe network in a unique way. so lantern is certainlyvisible on the network in that same sense.
and it's focused onaccess in the same sense that these satellite dishesare focused on access. so we don't really get intoanonymity certainly in the way that tor does, butour primary focus is staying unblockedand providing access. so in terms of thesatellite dishes, this was sort of a milestonemoment in lantern's history last decem-- or i guessnovember actually-- when we went on asatellite television
station called manoto1. so manoto is the largesttv station in iran, or largest satellite tvstation in iran, and because of that, the largeststation, period. and this is just thelantern piece on manoto. and basically, in order tofacilitate this broadcast, they asked us, hey,can you open up downloads to lanternfrom the website as a part of this broadcast sothat we can announce this thing
and have people actuallyable to download it? because prior to that, basedon that kaleidoscope algorithm we were talking about,lantern was invite-only. so the only way to getaccess to the network was through your friendsalready having access and getting invited. so we did that. and to some extent, wesort of broke our own rules when we did that.
basically, we allowed users,when they came to our website, to enter their emailaddress and we would just automatically invite them. and relatively quickly iniran, certainly the day of this broadcast, afair number of people started picking up on it. but within hours in china,social media in china really started to pick up on it. so we started getting farmore downloads from china
than from iran withinthat first 12 hours. but the problem wasthat we were, again, sort of breaking ourown rules in terms of blocking resistance. and basically, aboutfour weeks later, there was an article in the"south china morning post" describing this massivegrowth of lantern in china. and then about a week afterthat, lantern was blocked. so it seems likethat article really
focused the attention of thegreat firewall, people working on the great firewall, toget them to block lantern. and at that point, becausewe had sort of intentionally broken our own rules,it wasn't so surprising. but at the same time, we wantedto be able to release lantern just directly from thewebsite through open downloads to allow anyone to access it. so we had this sort of problem. how do we releasethis openly so we
can help more peoplewhile at the same time keeping it unblocked? in that instance, itactually turned out that the way theywere blocking it was not throughinfiltration, but was rather through fingerprintingour traffic on the network. so we were actually able tofix that relatively quickly, so to look really exactlylike apache byte for byte. prior to that, we didn't looklike apache byte for byte
over the network. and changing that reallyfixed that problem. but in that window,it was the case that if you ran lantern at homeon your home network, literally your computer wouldbe blocked from china within like an hour and a half. so no traffic would be able toflow to your machine from china within about an hour and a half. we fixed thatwithin about a week,
but we still had this problemof how do you distribute lantern more broadly whilekeeping it unblocked? so what paths forward are there? and what have we implemented? so basically, there's thisthing called domain fronting. it goes by a coupleof different names. but really, thepromising strategies all revolve around thisidea of collateral freedom, so this idea ofstrength of numbers.
this idea that the bestway to stay unblocked is to somehow hidein other things that censors don'twant to block. so you see that withthings like amazon aws. like lantern and a couple ofother tools for a long time were distributing all oftheir installers on s3. because basically, if youwere accessing s3 over https, the only way to block thatlink is to block all of s3. and we thought thatcensors would never
take that step, especiallythe chinese and the iranians would never take that step. but about two monthsago, they did. so china essentiallyblocked all of s3, while sort of opening accessperiodically to some data centers. but they blocked allof s3 for the most part and crippled not only lantern,but sort of untold sites on the internet.
so in that case, theywere willing to accept the collateral damageassociated with that blocking. but another sort of i guessmore promising example of this collateralfreedom thesis is this idea of domainfronting that i mentioned. so with domainfronting, basically you can trick websites,websites/cdns, into routing thingsto places that they weren't intended to be routed.
so i'm just going toshow you a quick example of doing this over curl. so this is just going to bea curl call to hacker news, to news.ycombinator.com. and basically, all we're doinghere is specifying a header. in the host header,specifying reddit.com. and you're going tosee what happens here. and note that it's https. so we're making an sslconnection to hacker news,
specifying a hostheader of reddit.com. so you see that in theresult-- and we're just grabbing for thetitle in the html. so you can see in the result,it clearly returned reddit. so that's kind of interesting. it returned a site that was notspecified in the original url. so from the perspectiveof a censor watching this, they'll see this connection tonews.ycombinator.com, this ssl connection, but then at thatpoint everything's encrypted.
they don't see that httphost header passing through, and they don't seethat eventually this is going to reddit.com. so on the one hand, that's kindof interesting in the sense that you can imagineinstead of reddit.com-- i think reddit is actuallyunblocked, surprisingly, pretty much everywherein the world. but you can imagine thatbeing just some blocked site. so you could go directlyto a blocked site.
or you could imagine thatbeing a connection to one of our servers. so this is a diagram of what'shappening under the hood. so if that's going tonot just another website but one of our servers, ourservers can go anywhere. so our proxies can sendtraffic wherever they want. so that's exactly what we do. and this is david fifield who'sa researcher over at berkeley who has been doing somegreat work in this area.
so what i just described isboth implemented in lantern and is a pluggabletransport in tor. so this is a diagramfrom david, who's a volunteer on the tor project. but yeah. so this demonstratesusing that little trick to go to one of ourservers instead of going to thedestination website. so the neat thingabout this, in terms
of all this issue of how dowe enable open downloads, is that all of a sudden, if theip address of a lantern server is blocked, it doesn't matter. because all the censorsees is this ssl connection to this other site. and then we can send thattraffic wherever we want. so in lantern's case,we send that traffic not just to our servers. lantern is a hybridsystem where we
run some servers tomake sure that people's quality of service is good. but we send it also to peers. so we're actually enteringpeers in our dns round robin and using this domainfronting technique to get to those peers. so in that host header, we'respecifying roundrobin.-- it's actually[? roundrobin.getintum.org ?] for who knows what reason.
but that's not actually enteredin dns, but in this example, is on cloudflare's dns. so we're, in that hostheader, sending you to our dns round robinthat is a mixture of peers and our servers. so that enabled us tore-release these open downloads while staying unblocked,that little trick. and one of thegoals behind lantern that i didn't reallymention, and one
of the goals with thispeer-to-peer component, is scalability. so we're really interestedin the peer-to-peer aspect in terms of blockingresistance, but also in terms of scalability. if 500 million people in chinaall got on lantern tomorrow, or all started using censorshipcircumvention tools tomorrow, we'd have a big problem. and you reallycould not-- possibly
google could accommodatethat type of traffic for proxying thatnumber of people. but sort of any normalentity with lesser means would not be able to do thaton a financially scalable way. so this is a shotof when we enabled this peer-to-peer trafficin our round robin of one of our servers, the loadon one of our servers. so you see as soonas we enabled peers, just the cpu just droppedto almost nothing.
so with all of thesepeers running lantern in the uncensored world actingas these access points, all of a sudden wecan build a system that is financially scalable interms of solving this problem. so this is just a shot ofme running lantern at home. so once we started releasingthis domain fronting technique, if you just run lanternon your home machine, you'll start to seethis traffic from all over the worldcoming through you.
so this is live traffic. and this is whenwe first started to really push this out. so actually, you'll see a lotmore traffic now if you run it. but this is, to me, sortof the exciting part, is you all of a sudden sort offeel this sense of connection with people around theworld, and are actually tangibly really solvingthis problem of censorship, and are actually givingpeople access in real time.
i just tend to run lantern inwith what we call give mode on my machine overnight. and this one nighti just-- there were some little glitch wherei went into dev mode in chrome. and somehow, i thinkthere's basically some bug in thelantern ui that made it show all of the connectionsthroughout the entire night. so i just took ascreenshot of that. and you can see.
that's my computerthere in los angeles. and you can just see allof these people connecting through me throughout thenight from all over the world. and in some cases, obviously,a lot of these connections are not from censored regions. and lantern does thatfor a couple of reasons. so like, for example,when it first runs, we don't know where you are. so we have to geolocateyou in some way.
and to do that, oftentimes wehave to tunnel that traffic. so we don't knowif the geolocation servers themselves are blocked. so we'll tunnel that trafficthrough lantern as well. but to me, this was a reallysort of gratifying moment. because the combination of justbeing able to instantly help out through running lanternon your home machine and really demonstratingthe financial viability of this model with peers reallytaking the load off of those
servers was just asuper-exciting time. and i guess withlantern down the road, as we kind of moveforward, we're really just pushingit out much further. and really are still honingthis domain fronting technique. so there's a lotof little quirks to how this works in termsof like if you have to tunnel things through httppost requests and tunnel them back through get requests.
so it still is verymuch a work in progress. and we're definitely tryingto grow the lantern team and push it out much morebroadly around the world. so yeah, we certainly coulduse all the help we can get. i know 20% time is maybe notwhat it once was at google, but we could certainlyuse all the help we can get in terms of whetherit's engineering help or even project management orproduct management help. so thanks so much foryour time, everyone,
and really appreciate it. audience: so what stops,say, the chinese government from just running a wholebunch of fake lantern servers and making the service unusable? adam fisk: yeah, that'sa great question. so i think to me, thekey there is unusable. so from our perspective,if the chinese government wants to run a bunch of serversthat actually proxy access, that's fine.
and if you thinkabout it, they already see all the traffic comingin now to the country. so they have infinite visibilityinto the network traffic. so it's not as ifthey're running a server they necessarilyhave more visibility. so there's that aspect to it. but then there's this aspectof servers that don't work. so what lantern doesis it'll detect. does this serverallow tcp connections?
does it actually return thesite that i requested it return? and it'll take proxies out ofrotation if they don't work. audience: but it mightnot be easy to detect a poorly-behaving proxy. like what if they justslow everything down a ton? adam fisk: yeah. so certainly, to someextent, that's an arms race. like a dedicated adversarydoing those types of things would be challenging interms of-- things that
are easy to detectare a proxy not accepting incoming connections. we require that a proxy alwaysaccept incoming connections within five seconds. but things like it'sreally slowing things down, that's a bit harder to detect. and currently onlantern, that would be a pretty effective attack. down the road, we'llstart to do things
like just even for performancereasons outside of attacks, track the performance of proxiesin general so we can rank them. we want to give you fastservice no matter what. so we'll always try tosend you to a fast proxy. right now, we don'treally get into that. but that's definitelyan interesting attack on the network for sure. audience: i wonder if acceptingmoney from the state department affects the adoption?
adam fisk: that'sa good question. yeah, i mean, wedon't really know. we don't really have a lotof visibility into that. this came up-- we didan "ask me anything," an "ama," on reddit andthis question came up. and there's clearlysort of comparisons between the statedepartment and the nsa. and in respondingto that question, i think this responseapplies here, too.
i just was pointing out that thebranch of the state department that we work with isthe bureau of democracy, human rights, and labor. so their entire mission isto advocate for human rights and freedom of speecharound the world. so if you actually liketalk to these individuals and get to knowthese individuals, they're just literally,these like public servants who are workingfor much less money
than they wouldotherwise be making in like these terribleoffices in dc. so really, those individualsend up controlling this money. and they are verymuch like-minded and have a very similarmission to our own mission. so it may well sortof hurt adoption. and we try to be as openabout that as possible. but in terms of how much itactually affects adoption, that's unclear.
i think for the most part,in our experience people in censored regionswill use whatever works. so if something works, theydon't, for the most part, care why it works. but i think it maybe more of an issue for the uncensored regions thanit is for censored regions, actually. audience: what kind ofanonymity does lantern provide? adam fisk: really, very little.
so i mean, it's a one-hop proxy. so there is somedegree of anonymity that one-hop proxies provide. but we basically justtry not to even get into the anonymity game. so we work pretty closely withvarious people on the tor team. and if you reallyneed anonymity, we would really recommendthat people just use tor. from my perspective,i think that tackling
sort of really usabletools that stay unblocked while alsotackling anonymity is just super,super challenging. so we're really focused onjust building a tool that stays unblocked and providesreally useful access. and yeah, if you're a politicalactivist in iran or china, or something likethat, we would really recommend that you usesomething like tor, particularly if you're nervous about thingsthat you're doing online.
audience: i amasking that question because i comefrom such a country where once you're known,you can go to jail. adam fisk: yeah, right. audience: and bad thingscan happen to you. i think those issuesare interesting. i think, to me, if you're apolitical activist in a region, it's to some extent the same asbeing some political activist who's actually potentiallydoing illegal things in the us.
so things like runningtor or running lantern, i think a lot of times justthe visibility on the network, like the fact that you'rerunning these tools, might be enough ifyou're an activist to give a regime an excuseto go knocking on your door and pick you up. but i think in a lot ofcases that just visibility on the network itselfis almost as much of an issue as the anonymity.
because if you think about ifyou're running lantern in china and you're visiting somewebsite, if that website is not in iran-- or sorry,did i say china? i can't remember. it's china, yeah. if you're in china and visitinga website that's not in china, a censor is not goingto be able to see that. so they're not going todeanonymize you that way. so if you're visiting awebsite that's in china,
they'll be able todeanonymize you. but that's also an issuewith programs like tor. so the idea of anonymity isi think much more granular than we think of it as. there's anonymity inthe face of a censor. and there's anonymityfrom a website. and i think thoseare very different in different scenarios. audience: you mentioned thatthe clients use a geolocation
mechanism. so that makes me wonder ifin these binding to proxies, in the random-walks,and so on, there's some kind of optimizedrouting you're trying to do? adam fisk: right now, wedon't get into that too much. but we are seeing, especiallywith that domain fronting technique that we've been doing,that you're jumping through so many servers thatthe geography starts to become a bit of an issue.
so with the peer-to-peerstuff, we don't do that. but we are starting tolook at that more with-- we may actually start to look atit with the peer-to-peer stuff itself to try to really locateproxies closer to cloudflare data centers, essentially. because with that domainfronting technique, at this point we're tunnelingthrough these cloudflare data so that's really the geographythat makes the most sense. cloudflare uses anycast.
so in china, that tendsto be the cloudflare data center in korea. so really, we wantpeers in korea. but at this point, partiallybecause of that trust network aspect, we can't optimizethe peers too much. but certainly, if youhave a lot of peers, we would be able to potentially. but over time, that's going tobe about a much bigger issue, i think, because there's stayingunblocked and being somewhat
usable. and then the sort ofnext step is speed, so making it asfast as possible. audience: but thenthe chinese censor's proxy would win, right? adam fisk: that's true. yeah, so that's right. but in that case, that's ok. so there's latency and thenthere's throughput, right?
so if they're throttlingthe throughput, then that's an issue. if they're lowlatency, that's great. so we have to detect thosethings independently. audience: i guessi'm just trying to get-- i wonder if there'sa fundamental trade-off between performance optimizationand the obscurity of proxies? adam fisk: certainly,if we sort of, again, broke some of our own rulesin terms of the trust network
and chose proxiesthat were faster, regardless of whether ornot they were trusted, i think that would be true. and there might be attacksthere where if you-- certainly, we assume the censors willpenetrate the trust network. so if they are able topenetrate the trust network, then we would tend topreference closer peers. but again, i thinka lot of that stuff comes down to lanternjust detecting
how well these proxiesare actually working and taking them out of rotationif they're doing anything at all sort of sub-optimally. but yeah, i mean,that line of attack is definitely aninteresting one for sure. audience: lantern hastremendous potential for good. but how do you preventmalevolent use, like systemic childpornography distribution using your services?
do you see necessarylimits to this technology? are there abusereporting abilities? adam fisk: there aren't abusereporting abilities right now. i think that's anexcellent question. the one thing i didn'tmention about lantern in terms of how itworks by default is that it uses a whitelist. so it uses a whitelistof sites that it provides access to that weknow are unblocked.
so child porn sites are noton that list, for example. and primarily, thosesites are newspapers we all know andblogs that we know to be blocked in iran and china. so i guess in my experience justreleasing consumer software, you can't overestimatethe laziness of users. so like the defaultsmake a huge difference. so i actually thinkthat that whitelist is a significant factor in termsof mitigating against that.
the other thing thatwe're looking at is implementing safedns on the give mode side, so on the uncensored side. so allowing uncensored usersto essentially act as censors. so to specify, ok, weonly want to allow sites on the whitelist, for example. because users incensored regions can customize the whitelist. they can add theirown sites that they
know to be blocked thatmaybe we don't know about. but we're strongly consideringallowing uncensored world users to limit how muchcustomization they will allow throughtheir computers. so that's another factor. beyond that, i wouldsay to some extent, a criminal who woulduse tor-- i mean, sorry, use lantern-- is a bad criminal. so i think to some extent, amore sophisticated criminal
would just use tor. because lantern doesn't provideanonymity in those ways. audience: how bigis the network? how many active monthly users? adam fisk: oh, gosh. we've done a horrible jobof tracking active monthly. it's about a thousandat any one time. audience: proxies? adam fisk: a thousandjust users running.
so it's about 50/50. well, actually, it's changeda little bit more recently. i think it's maybe 60/40censors to uncensored. so it's a little morecensored world users than uncensored at this point. jason: all right. well, thank you, adam. really appreciate your comingin and presenting the lantern project.
if anybody's interested ingetting in touch with adam about potentially participatingor taking part in it, we can exchange informationafter the tech talk. adam fisk: sounds good. thanks so much, jason. jason: yeah. adam fisk: appreciate it. thanks, guys. [applause]