Skip to main content

The Globe and Mail

Canadian encryption software beats Syrian regime’s censors

A user shows a photographer his unsuccessful attempt to bypass the ban on Facebook in Syria using an Internet proxy server in Damascus January 26, 2011.


There are anywhere from 25,000 to 40,000 Syrians bypassing the country's Internet censors each day – thanks, in large part, to an ingenious piece of Canadian-made software called Psiphon.

Its primary goal, according to Psiphon's website, is "to make available Internet content that's otherwise censored" in places such as Syria, China and beyond. In Iran, for example, another 150,000 use Psiphon each day to access services such as Facebook, Twitter or Skype.

Researchers from the University of Toronto's Citizen Lab – devoted to exploring privacy and censorship issues within oppressive regimes worldwide – first conceived of the Psiphon software in 2004. An independent company of the same name was formed in 2008 to continue its development full-time.

Story continues below advertisement

"Our secret sauce is how we get our our product into people's hands," said Rafal Rohozinski, Psiphon's chief executive officer. "We have ways that we can distribute it – through e-mail, SMS, and physical addresses that people pass and whisper amongst each other, even online games."

After a user installs Psiphon on his or her computer, all Internet traffic is encrypted and securely funnelled through a server located outside the country. This server acts as a relay, bouncing typically censored sites back to rebels and dissidents. It is, essentially, a complex act of digital sleight of hand – one that foreign governments are constantly trying to decipher.

"It's like we designed the world's best bot net that you agreed to become part of," Mr. Rohozinski said. And he's not joking. After all, he added: "What's more survivable than really well-written computer viruses? The difference is that viruses are designed to take control of your system."

In other words, Psiphon's programmers have studied the persistent nature of nefarious malware, and harnessed it for the power of good, making their servers and software difficult for oppressive regimes to thwart.

There are measures in place to ensure that the same tools used by Syria's rebel groups can't also be used against them. Psiphon's servers are like an aunt with Alzheimer's, said Mr. Rohozinski, in that they don't retain all the information that passes through them – only enough data for his team to track performance metrics, but nothing that could be traced back to an individual user.

But at the same time, Psiphon isn't designed for anonymity. It is possible for a government to detect the software's presence on a country's network, but not how it's being used – enough to constitute a crime in a place such as Syria.

"If you choose to use an anti-censorship technology, one that breaks whatever laws of your country, that's the same as going out on the streets during a demonstration," cautioned Mr. Rohozinski. "It's not something that's inconsequential."

Story continues below advertisement

Editor's Note:  The University of Toronto's Citizen Lab did not develop the Psiphon software in conjunction with the group SecDev. Incorrect information appeared on Monday.

Report an error Editorial code of conduct Licensing Options
As of December 20, 2017, we have temporarily removed commenting from our articles. We hope to have this resolved by the end of January 2018. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to If you want to write a letter to the editor, please forward to