Working as a career network security professional and father of three, I always thought that the one thing I wouldn’t have to worry about is my kids getting into trouble on the internet on our home PC. Porn sites, blocked. Sites of violence and hatred, nothing. Google Safe Search enabled. Instant messenger, registered. There is no way that a 13-year-old could have the knowledge or resources to fool this old man into accessing the Internet without filters. Not on my watch, right? Well think again …
A couple of days ago I found a little app that changed everything. Its name is “Ultrasurf”. It is developed in China and is used by Chinese citizens to bypass the government’s Internet filters, dubbed “the great firewall of China.” I’m sure some of you have heard of this and got to see it first hand on a recent trip to Shanghai. The Chinese government definitely does not believe in freedom of the press, as they go to great lengths to deny citizens open access to information provided by the Internet.
Ultrasurf is an amazing little application, which can render almost any web security application completely useless. You can add a proxy server to your settings if you are in a corporate or educational environment and want your security controls to be completely useless. In the home PC scenario, this is not necessary. The application then opens a new Internet Explorer window that directs any of your web requests to the ultrasurf program. Ultrasurf then encrypts your traffic and forwards it to one of thousands of seemingly random IP addresses before sending the request to the final destination. At this point, your security software only sees traffic going to random IP addresses that are encrypted (it can’t inspect this traffic) instead of the site you had requested, making it nearly impossible to detect and block.
I have tested this software on both very expensive corporate proxy server solutions and home filtering software, and I have still found something that can filter the requests that go through the Ultrasurf application. All of this and it’s incredibly easy to find and use. If your kids get hold of this, and many kids are already using it in schools, it’s game over. The Net Nanny is dead.
What can you do to block this? As of this writing, I am only aware of one antivirus vendor that will currently classify this software as a “potentially unwanted program”, McAfee. Otherwise, if you are not a McAfee customer, all you can do is keep an eye out for the application in the screenshot when your children are using the computer. Happy surfing!