Author: admin

  • UNREDACTED, a year in review (2025)

    A message from our founder:

    2024 felt as if things were moving at a very fast pace, with many things possible in 2025. That feeling was true, and 2025 has been our most successful year to date. We deployed a lot of new hardware, new services, and improved our existing infrastructure drastically. We built Unredacted Labs, housing our experimental NoiseNet anycast network designed to make it more difficult for censors to perform traffic correlation attacks. At the same time, we finalized and deployed GreenWare nodes, energy efficient hardware that runs most of our Tor exit relays.

    None of this would have been possible without the people who believed in us, and our very generous donors. Achieving 501(c)(3) status has made funding all much easier to accomplish. I want to personally thank Power Up Privacy for quite literally powering up privacy infrastructure, and making much of what we do today possible.

    There’s one thing I know for sure, and it’s that in 2026, Unredacted will continue laying the pipes to build Internet infrastructure that helps people evade Internet censorship and protect their right to privacy. Internet censorship is only getting worse, and we need to work harder than ever to counter it. Read on to discover all of what we built in 2025, and our plans for 2026!

    Zach
    Executive Director
    Unredacted Inc

    A year in review (2025)

    Opinion:

    General Updates:

    Initiatives:

    Censorship Evasion (CE):

    Secure Infrastructure (SI):

    Conclusion:

    Internet censorship is bad

    Internet censorship is increasing year over year. Authoritarian governments are spending 10s to 100s of millions of dollars to increase their technological capabilities in filtering critical information and communication. Their goal is to control the flow of information and to feed people misinformation. We urge everyone to continue their work fighting against Internet censorship, as well as support organizations dedicated to this important goal. As 2025 comes to a close, we asked our community for anonymous comments on why privacy and censorship circumvention tech is important to them. Read some of those views below to understand different perspectives on privacy and censorship.

    I am a security researcher, programmer and IT analyst
    I have been effected heavily by the use of government control and restriction here in the united kingdom under a government who seeks to control every medium of data, making true privacy and anonymity here almost impossible in a so called “1st world” country.

    Anonymous

    In Russia, you can get jailed just by words in internet (So in Great Britain too?), you can get jailed by your political position, government can force you to sign war contract. They’re [government] forcing their citizens to use government messenger called “MAX” (Like chinese WeChat, but in Russia). Government blocking everything what they can (they already blocked matrix.org, youtube, partially blocked telegram, blocked discord, and much other services, also they partially blocked vless protocol). So Russia turning into China?

    Anonymous

    in germany the police can stop you and check your mobile browsing history if you supported palestine. privacy is important so we don’t save history when viewing the palestine genocide.

    Anonymous

    I run a little online community that teaches life skills to all comers. We talk about cooking, how to get stains out of laundry, budgeting, resume building, exercise, and more. We help people make friends, navigate difficulties at work, and plan for college. In Discord’s messy rush to comply with hastily passed age verification laws, our little community was wiped out. We were wrongly marked as having adult content, and most of our members removed. Heart-breakingly, one young user was booted just as we were walking her through how to challenge fraudulent charges she recently discovered on her bank account. We don’t know if she ever got the help she needed to get her money back. Months later, Discord hasn’t responded to appeals. Censorship doesn’t just impact the people or activities it is meant to impact. Censorship creates fear of the “wrong” communication, and causes a wide swath of collateral damage. I’m thankful that Unredacted Matrix has given us a safe place to try and rebuild, which will remain broadly accessible for the foreseeable future.

    Anonymous

    Website

    We finished some work on a redesign of our website so that it is a bit more visually pleasing. Many of the pages were updated to showcase our projects and services. One of our favorites is the security page, detailing how we take security seriously and what we do to secure our infrastructure. Although we believe the aesthetics are an improvement over previous design choices, we’re still actively working on the design front with more changes coming soon!

    Want to read more about the inner-workings our projects & services? Check out our blog!

    Infrastructure

    Unredacted’s infrastructure has never been this large and robust. We now have physical presence in 2 datacenters with our fully owned hardware. Combined with our global infrastructure, we have over 200 servers & VMs in operation today!

    At the moment, our core datacenter houses our most critical internal and public infrastructure. This includes our Secure Infrastructure (SI) services, which have fully redundant power, network, compute, and storage. We operate 2 fully HA Ceph clusters to ensure that our services remain up and performant. We now also have local and offsite backups in case of a disaster.

    Some of our cluster specs:

    • Compute: 5x dual CPU servers, each with 384GB of RAM and pure SSD storage (fully expandable)
    • Storage: 3x dual CPU servers, each with 192GB of RAM and 36x HDDs with 360TB of raw storage (fully expandable)

    You can even see our infra for yourself on our new 24/7 Twitch live stream from our datacenter!

    Click to the logo to view the stream

    Or watch the blinky lights in this clip

    We worked countless hours building out our infrastructure. Take a look at some of our builds below.

    Curious about those purple cables and that hardware? Read more about GreenWare on our blog.

    Network

    One of our most ambitious projects of 2025 was NoiseNet (AS401401). Launched under Unredacted Labs, NoiseNet is an experimental anycast network spanning the globe. It is designed to make it more difficult for censors to perform traffic correlation attacks against parts of our network. If a threat actor were to breach our network, or our upstreams, our goal is to make their their task much more difficult. NoiseNet adds a layer of ‘noise’ via asymmetrical traffic flows, encrypted tunnels, and the sometimes unpredictable nature of anycast. In 2026, we will further develop software that will run on our machines to delay packets and transmit cover traffic, adding even more noise.

    Currently NoiseNet consists of 70+ edge routers and we’re continually working to expand it. NoiseNet remains experimental for the time being, and there is much work to be done to improve its resiliency such as automatic packet loss and high latency remediation.

    See how it works below, and read our blog post for the full and nitty-gritty details on how it works.

    User -> NoiseNet PoP -> encrypted tunnel -> core router(s) -> endpoint

    This year, we also moved our core network to AS401720, separating NoiseNet and our core.

    Security Initiative

    As we operate services and infrastructure that processes potential Personally Identifiable Information (PII), security becomes important. We’ve maintained a security page, outlining some of the things that we do to secure our infrastructure from attack. We’re concerned with things like malware, vulnerability exploitation, and unnecessarily exposing information that threat actors could use to compromise us.

    As such, in 2025 we deployed several services to help us secure our infrastructure.

    • Unredacted Citadel – a self-hosted WAF which protects against vulnerabilities in our web applications, injects additional HTTP security headers, and can be used to defend against DDoS attacks.
    • Our own XDR + SIEM solution – deployed on every server we maintain to gather potential Indicators of compromise (IoCs), and to help generally defend against and alert us of attacks.
    • Unredacted Funnel – a self-hosted Tailscale/Headscale mesh network which allows us to securely SSH into our infrastructure, and transfer data between servers via encrypted WireGuard tunnels.
    • Unredacted Auth – our internal SSO solution, allowing us to securely access internal infra.

    Into 2026, we’ll continue improving our security.

    Unredacted Door

    In July of 2023, we started Operation Envoy, an initiative that consists of ‘envoys’ which help to deliver messages (packets) to and from the Tor network. Over the years, we’ve expanded it to include all of our services that help people get through the front door, and onto the free and open Internet.

    Today we’re rebranding Operation Envoy into Unredacted Door. It’s no longer an operation, but a suite of services that help people around the world bypass Internet censorship.

    Unredacted Door includes:

    Around the same time last year, we had served around 192TiB of traffic in a single 30 day period. As of December of 2025, in the last 30 days we’ve served over 291TiB of traffic to across all Unredacted Door services, which is a substantial increase. Year over year, we have achieved an increase in total bandwidth usage across our censorship evasion services. This means we’re helping more people every year, and we’ll continue to do so.

    30 days of past traffic (Dec, 2025)

    If we continue to average at this new rate of bandwidth over a year, that would be nearly 3.5PiB!

    Last year, we ended with 91 CPU cores and 90GiB of RAM. After consolidating, seeking better deals, and reviewing the current CPU core and RAM counts, we ended the year with 81 cores and 90GiB of RAM across all Unredacted Door services. Lower core count, but more bandwidth usage overall. In 2026 we’ll see a rapid expansion of our censorship evasion infrastructure, and we expect these numbers to go much higher.

    24 hour hour stats on CPU & RAM usage (Dec, 2025)

    Our anonymized & aggregated Unredacted Door metrics are publicly accessible, and you can see the direct impact that we’re making.

    In 2025, we will continue expanding our CPU core and RAM counts, but we can’t do it without your help! If you like what we do and want to support our mission, consider making a donation.

    FreeSocks, proxies that circumvent censorship

    FreeSocks is our service that provides free, open & uncensored Outline (Shadowsocks) proxies to people in countries experiencing a high level of Internet censorship.

    Since its inception, FreeSocks has issued over 46,000 access keys to people looking to circumvent Internet censorship. We’re proud to have helped so many people all over the world access the free and open Internet.

    A screenshot of the FreeSocks website

    Although delayed for quite some time, in 2026, we’ll be continuing our work on a full rewrite of the freesocks-control-plane (FCP), the code which powers FreeSocks and allows for access keys to be issued and have their state tracked. The rewrite will convert the existing code from JavaScript to TypeScript, and feature an API + web control panel which will allow us and others to manage their FCP deployment more easily.

    We’ve also been hard at work improving our automation stack for FreeSocks called ansible-role-freesocks (ARF), which helps us automate the deployment of new FreeSocks servers. ARF will continue to be improved going into 2026, becoming more robust and flexible. It also lays the foundation for our new and improved FreeSocks v2, launching in 2026.

    FreeSocks v2 (as seen in the diagram below) will utilize Outline’s Shadowsocks over WebSockets (SS over WSS) feature and dynamic access keys by default. Instead of raw Outline Shadowsocks, which is easily detectable and blocked by advanced DPI systems, SS over WSS encapsulates the Shadowsocks connection inside a WebSockets connection. This disguises it to censors, and makes it look like a normal connection made to websites by regular Internet users.

    A diagram outlining how FreeSocks v2 will work

    This makes FreeSocks much more resilient, additionally allowing us to front connections through any CDN or proxy that supports WebSockets. If blocked, we can easily rotate IPs or hostnames to get our users back online through our ARF automation, and update all dynamic access keys on the fly. All without our users having to do anything at all.

    A major hurdle for us is not having current support in outline-server for SS over WSS or dynamic access key issuance via the shadowbox API. We’ve been working on adding support for it in our fork of outline-server, and preliminary testing is looking great, with many users successfully testing in Iran, Russia and China.

    We intend to get our code merged upstream in 2026. Keep an eye on these GitHub threads.

    ->-> We can’t operate services like this without your help <-<-

    Unredacted Tor Exit Relays

    In our efforts to help people evade censorship, and protect their right to privacy, we have operated numerous high-bandwidth Tor exit relays since 2021.

    We’re currently #44 in the top exit families as of 2025’s end, and have a 0.21% exit probability according to OrNetStats. That means your connection through Tor may be one of the 0.21% which exits traffic through our relays.

    A screenshot from OrNetStats

    Currently, we have around 30Gb/s of capacity across our network (a drastic increase from previous years). However, due to complications with our anycast network, performance has taken a hit. As we expand NoiseNet and improve its resilience, we expect our bandwidth usage and overall throughput to increase. In 2026, we also plan to considerably expand our number of Tor exit relays from 30 to 90 or more.

    Our Tor exit relay bandwidth bitrate over the past 30 days

    Over the past 30 days we have received and transmitted over 162TiB of Tor traffic. If this rate continued for a year, that would still be nearly 2PiB of bandwidth usage for a whole year. Combined with our Unredacted Door services, that would be nearly 5.5PiB in total. That’s still excluding all of our other services. For comparison, Signal pushes around 20PB a year on their call relays, despite being much larger than us.

    Our bandwidth usage over a single 24 hour period

    With your help, we can do even more, and continue to push more traffic on the Tor network.

    Chat services

    Our oldest service XMPP.is hit its 10th birthday this year. It continues to be a reliable service, and has nearly 70,000 registered users.

    We’ve also spent many hours improving our Matrix homeserver:

    • Migrated its media storage to on-prem S3 storage using Ceph’s Rados GW.
    • Increased the resources available to it (32 cores and 256GB of RAM).
    • Various database maintenance events, settings tweaks.
    • Countless hours of moderation efforts, described in our blog post.

    Our Matrix homeserver now has nearly 30,000 users registered, and continues to grow!

    If you want to chat with us and other like-minded people, why not join one of our communities?

    Mastodon instance, and other services

    Last year we quietly launched our own privacy-focused Mastodon instance. It has been in testing for a long while, but it’s now considered stable, and actively monitored. It runs on the same powerful infrastructure that the rest of our core services operate on top of.

    Head on over to unredacted.social if you’d like to sign up, and join our growing community.

    We’ve also launched several other services, such as the ones below. All of which are behind our Citadel WAF.

    In 2026, we’re planning on introducing even more services, including a Delta Chat relay! We’ll be updating our website, social media, and community chats when we’re sure they’re up to our standards of stability, so stay tuned for announcements!

    Funding

    We expect to publish an IRS form 990 detailing all of our financials in 2026. This will allow anyone to transparently view how much revenue we bring in, how much we spend, and on what we spend our money. When the time comes, our transparency page will be updated.

    We expect that with our current expense and growth rate, the current funds we have will allow us to operate for 1-2 years. To continue our mission, and rapidly expand, we’ll need your support! We will continue our fight against Internet censorship and privacy in 2026.

    If you want to support us, we allow one-time or recurring donations via multiple payment methods, including PayPal, credit cards, cryptocurrency (including XMR & ZEC), Open Collective, Patreon & Liberapay.

    Looking forward to 2026, we have a lot of ambitious goals for Unredacted we can’t wait to share with you! A redesigned Freesocks, new services such as Delta Chat, considerably expanding our Tor exit relay network, fine-tuning our ambitious NoiseNet project, and launching Unredacted merch are just a few of our biggest goals for 2026. We’re so excited to continue developing services that give privacy and knowledge back to the people who would otherwise face censorship or surveillance. We want to thank you all so much for being here with us on our journey and for the donations and support our community gives us. If you believe in our mission and projects, please consider making a donation so we can expand our services and reach to even more people around the globe. Let’s make 2026 the year we all Unredact the Internet!

  • New rules for our chat services, and our efforts to moderate them

    Over the many years that we’ve operated our free and public federated chat services, XMPP.is and the Unredacted Matrix server, we’ve quickly and effectively responded to abuse reports and made great strides in clamping down on the blatant abuse of our services. This hasn’t come without a cost, as we’ve spent countless hours banning thousands of accounts and rooms involved in all sorts of nefarious behavior.

    Our moderation efforts

    While we attempt to moderate effectively, XMPP has been and is notoriously hard to develop moderation solutions for. For example, we have to perform all actions on the command-line and develop scripts that parse through the flat-file storage of our server (it doesn’t use a DB). Generally, XMPP users are much more well-behaved from our observations and lack of abuse reports. We haven’t had a huge problem with abusive users besides the occasional spammer. It’s also hard to keep tabs on statistics for XMPP moderation, so we don’t have many unfortunately.

    Matrix is a different story, with a proper database and a robust admin API – we are enabled to do much more. We’re able to look back at our stats, and see what we’ve done so far.

    We’ve compiled some information on our efforts below.

    • We have blocked over 600 rooms from external Matrix servers involved in the distribution of harmful content based on room names, descriptions and other observed patterns.
    • Locked nearly 500 user accounts which signed up to our Matrix server and engaged in nefarious behavior.
    • Installed the Draupnir moderation bot, which will enable us to properly moderate our rooms and protect against various spam attacks.
    • Began the exploration of new moderation solutions which allow us to automate parts of our work.

    New rules

    Although Unredacted advocates for free speech, objectively harmful or even dubiously harmful content that harms humans or animals is not welcome. It potentially jeopardizes the good natured people using our servers as a haven from the dragnet surveillance from governments and that which is employed by many of the corporate world’s unencrypted and insecure chat services.

    We spent a very long time thinking about what is fair, and attempting to not be too rigid at the same time. A part of this process was asking our community for feedback as well. We felt that we’ve come up with the right set of rules, and it’s time to implement them. Our goal here is to create communities that are as safe as possible, and without having to moderate each user and room closely. As such, users and rooms created on our chat services must comply with the following rules.

    Chat Service Rules

    • Illegal or objectively harmful content is not allowed.
      • No CSAM (including real/fictional/illustrations/AI/3D), threats of violence, or content that harms humans or animals.
    • Violence, gore, or disturbing imagery is not allowed.
      • No media, discussions or rooms that glorify violence, gore, abuse, or any extreme content that harms humans or animals.
      • No promoting, glorifying, encouraging, or normalizing behaviors, ideologies, or practices that are harmful, abusive, or illegal to humans or animals.
    • Don’t be a jerk in official Unredacted rooms and discussions.
      • This means no excessive trolling or lack of general civility.
    • NSFW themes are not allowed in Official Rooms.
      • No adult content which includes no clearly NSFW media, discussions, or profile pictures in official Unredacted rooms.
    • NSFW rooms have rules.
      • NSFW rooms on Unredacted server must comply to these rules. These rooms must:
        • Be and remain unpublished from the server’s room directory.
        • Room Owners are required to join the “Unredacted Room Owners” room. (Request an invite from a server admin or mod).
        • Moderate their rooms and ensure a zero tolerance rule for illegal content.
        • Report illegal content in the “Unredacted Room Owners” room or contact a server admin directly.

    Illegal acts and content will lead to an instant ban. Otherwise, we will issue you a warning if you are breaking any of the rules. If you continue to break the rules you will be banned.

    Our thought process

    As there will be some that disagree with our new rules and decision to implement them, we want to explain ourselves and our thought process going into this. We don’t intend to force a version of religious morality. We intend to be fair and just in our decisions, and want to promote peace.

    Part of our mission is to “operate with transparency, morality and empathy with the purpose of benefiting all living beings.” There is a lot of content on the Internet that is not in line with those values, and frankly; we want to keep it off our services (as we have always done in a legal context). Content which harms humans or animals is simply objectively abhorrent. It doesn’t promote goodness or civility. It actively subverts all of what we stand for.

    What’s next?

    As of the posting of this blog, the rules will have gone into effect. Over time, we will slowly reach out to users and room owners which violate these new rules (which are not illegal). Depending on the severity of the violations we will generally give existing room owners a grace period before removing their rooms. Any new rooms which violate these rules will be removed at our discretion.

    If you have any questions, please contact us.

  • Unredacted Labs, experiments for anti-censorship & privacy-focused infrastructure

    Censorship is on the rise, and has been for a while. Censors are working hard every day to restrict access to crucial information that challenges their authoritarian regimes across the world. It’s important that we continue work to counter their efforts, and develop new and innovative ways to build out anti-censorship infrastructure which helps people evade unjust Internet restrictions.

    Since late last year, we’ve been experimenting with various ideas and projects to aid in the advancement of anti-censorship and privacy-focused infrastructure. Experimentation is a big part of what we do, and it’s important to continue with that experimentation. To house all of these experiments, we created the concept of Unredacted Labs. While most of the work was conducted in secret, we’ve dropped hints about our work via our community chats and social media channels in the past.

    It’s time that we show the public what is and has been happening inside the Unredacted Labs.

    Unredacted Labs Experiments:

    NoiseNet (AS401401)

    NoiseNet is an experimental anycast network designed by Unredacted that attempts to introduce noise (randomness) and an additional layer of encryption into parts of our network, making it more more difficult for censors to monitor and perform traffic correlation attacks against parts of our infrastructure. NoiseNet also helps us distribute load across our network and mitigate DDoS attacks.

    NoiseNet operates on top of AS401401, and has edge routers distributed all over the world which can be seen below.

    Understanding the NoiseNet flow

    When a packet is destined to an anycasted NoiseNet prefix, it’ll generally reach the closest PoP to where the packet originated. Depending on the specific destination, the NoiseNet edge node will route the packet through an encrypted tunnel to the core router(s) where it should be delivered to. The router(s) will then pass it to the server it’s destined for where the encrypted tunnel terminates. This means that not even the core router(s) in our datacenters can inspect the true nature of inbound packets. Only the network before the edge node (the upstream), the edge node itself, and the server in which the packet is destined for can see what an inbound packet contains. This essentially reduces the amount of intermediary networks that can potentially snoop on our traffic, while also making it generally more difficult to do so at the same time.

    Once the server processes an inbound packet, it can generate a response which is sent directly out via our upstream provider(s) in the datacenter where the server lives.

    Breakdown of the flow of packets through NoiseNet

    • Packet gets sent to a NoiseNet prefix.
      • A NoiseNet PoP receives the packet.
        • The router forwards the packet to the proper core router via an encrypted tunnel.
          • A core router forwards the tunnel flows to a server, where the tunnel terminates.
            • The server generates a response, and sends the packet back out to the core router.
              • The core router forwards the packet directly via it’s upstream(s) back to the source.

    Visual examples of how packets can flow through NoiseNet

    User -> NoiseNet PoP -> encrypted tunnel -> core router(s) -> endpoint

    This design makes it harder for snoopers to snoop due to the following:

    1. It results in the ingress and egress network paths being asymmetrical, and makes correlating ingress and egress flows more difficult for a censor or would-be snooper.
    2. It encapsulates each packet destined to our core network PoPs, so that it reduces the amount of intermediary networks that can observe and track flows going through NoiseNet.

    There’s also several ways that NoiseNet introduces additional noise and resiliency into our network.

    • Anycasting our prefixes (advertising them from all of our PoPs) creates variance in network paths when packets are en route to our edge network. The more upstreams and Internet Exchange points (IXPs) we’re connected to, the more diversity there is in the ways different networks can reach ours. The more paths to our edge network, the harder it is for snoopers to conduct dragnet surveillance.
    • No single point of failure. We have a large amount of edge nodes, and additional core network PoPs can be created at will, creating more network path diversity and general resiliency.
    • Our distributed edge network allows us to more easily mitigate DDoS attacks, because the load is spread out across our entire network rather than a single point of ingress.

    Diversity is our strength

    The more upstreams we have, and Internet Exchanges Points (IXPs) we’re on, the better. Many of our upstreams are tier 2 or tier 3 networks, and they advertise our prefixes over their own interconnections with other networks. We’re continually working on expanding NoiseNet by deploying new edge nodes around the world and connecting directly to more Internet Exchanges.

    Our upstream network providers
    Our Internet Exchange points

    How we utilize NoiseNet today

    Currently, at the time of writing NoiseNet ingests and routes packet for all of our Tor exit relays. As we assess the stability and feasibility of NoiseNet, we’ll begin to host more of our services behind it. Until then, we may periodically disable NoiseNet by unicasting our IP prefixes for research & testing purposes.

    https://metrics.torproject.org/rs.html#search/as:AS401401

    The future of NoiseNet

    While the foundations of NoiseNet are in place, we have a lot of work to do.

    Below is a list of things we’re planning to develop over time.

    • Partner with more companies & organizations that can downstream us. A special thank you to Triplebit, a nonprofit who has partnered with us and become one of our upstream networks.
    • Consideration to exchange routes over our edge & core allowing for the egress of packets from our core back over tunnels to edge nodes to keep traffic more “local” if packets can be routed over an IXP or kept more local in some way.
    • The development of noisenet-randomizer, a program that utilizes Traffic Control (TC) and/or eBPF to introduce random delays in packet processing/routing on our edge or core network.

    There are some glaring issues that we need to resolve before NoiseNet is considered stable as well.

    • Some of our upstreams appear to track L4 connections, and drop packets for flows which they have not observed us initiating (an anti-spoofing DDoS protection mechanism). This causes an issue with our current design, and can cause packet loss or blackholed inbound traffic in certain PoPs. We are working on a way to detect this and disable prefix advertisement via upstreams we detect this behavior on.
    • Network health is not currently determined, nor it is a factor in prefix advertisement status. We need to develop automations that observe automatic speed tests and packet loss metrics from edge <-> core and edge <-> Internet. These automations will be able to decide when to disable prefix advertisement, use path prepending or BGP communities to shift traffic away from edge nodes to improve network performance and reliability.

    Interested in helping us, and have an interest in what we’re doing? Reach out! We’re always looking for students or professional volunteers to help us with our ambitious projects.

    GreenWare

    GreenWare started as a general proof-of-concept to operate Tor relays on top of power efficient hardware that is easy to scale. It’s also an initiative which helps us reduce our overall carbon footprint, and sets us on the right path to powering some of our services entirely by renewable energy in the future.

    In addition to reducing our carbon footprint, we attempt to offset the footprint of our services using Stripe Climate by automatically allocating 1% of donation revenue that we receive to it. As of writing, we’ve helped to remove 184 kg of CO₂ in the air from planet Earth, which is roughly equivalent to the carbon output from driving 417 mi in a car. This simply isn’t enough, and we need to work to reduce that potential footprint as well.

    Last year, in our “year in review (2024)” blog post we showcased some of our experimentation with this idea using PoE powered Raspberry Pi 5s. Over several months, we validated that this would actually work – and it worked well.

    It progressed into something that we’re quite confident can be deployed on a large scale, and could be powered 100% by renewable energy in the future with the proper battery storage.

    There were some quirks to be had with the Raspberry Pi 5s, though. We found the PoE HATs to be generally buggy and unreliable. The boards being exposed were easy to bump into and cause a Pi to reboot. The density also wasn’t dense enough for what we truly had in mind.

    For quite a long time, we’d been tracking the development of the ComputeBlade – modular CM4/5 blades servers with the potential for very high density. They’re so dense that you can fit 20 blades in a single 1U chassis. We recently got our hands on a kit and began tinkering with them right away.

    Deployment time

    We ended up deploying all 20 blades in our datacenter and have migrated the majority of our Tor exit relays to them. They’re currently running great, and while having several design flaws with the chassis – we’re confident that power efficient efficient hardware like this can help reduce the carbon footprint of the Tor network and more of our services in the future.

    All together, they only use a little over 100W of power.

    Purple cables to represent the Tor network
    Purple RGB!
    PoE!

    The future of GreenWare

    As time goes on, we’ll be exploring new ways to experiment with power efficient hardware. We’re even thinking about ways that we can operate micro-PoPs in cheaper, less important locations where we can harvest the energy of the sun and use it to power our hardware.

    We’re also exploring all-in-one carbon tracking solutions such as the “Compute Energy & Emissions Monitoring Stack” (CEEMS) to track our carbon footprint, and find ways to lower it or offset it across the board.

    Have questions or want to deploy your own power efficient hardware like we did? Join any one of our community chats!

    Parting thoughts

    Now more than ever, it’s time to fight against Internet censorship and dragnet surveillance! Our hope is that the experiments we create inspire others to build more tech in the anti-censorship & privacy space. We can’t do it alone, nor could be do it without our generous donors. In the years to come, we’ll continue building and updating innovative experiments to help create the most impact.

    If you like what we do, and want to help us fund our mission – consider making a donation.

    If you’re an organization or company, and want to collaborate – contact us.

    A huge and special thank you to the Human Rights Foundation, our Supporters and various donors for making this work possible!

  • UNREDACTED, a year in review (2024)

    A message from our founder:

    2024 has been a great year for us at Unredacted, growing in many ways that we didn’t even imagine were so quickly possible. We set out to explore whether becoming a 501(c)(3) non-profit was feasible. We ended up putting in the research and work to do it, and we formally incorporated as Unredacted Inc in May and received our 501(c)(3) determination letter from the IRS in June. We received a huge amount of support, from kind words to donations, and even a grant from the Human Rights Foundation. All of the support we’ve received has inspired us and allows us to continue our growth.

    2025 will surely be a difficult and challenging year for the fight against Internet censorship, and the fight for everyone’s right to privacy. Access to free and open information is as extremely important as it ever was. With some level of critical thinking, the truth can be found. We’re refocusing and doubling down on our mission to fight Internet censorship and protect people’s privacy by building out more censorship-resistant and privacy-friendly Internet infrastructure and services, while polishing the existing.

    So much has already happened, so read on to see in full detail what we accomplished in 2024.

    Zach
    Executive Director
    Unredacted Inc

    A year in review (2024)

    General Updates:

    Initiatives:

    Censorship Evasion (CE):

    Secure Infrastructure (SI):

    Conclusion:

    Website

    This year, we put a lot of work into the content and design of our website. The front page was redesigned, we added breadcrumbs on nearly all pages for easier navigation, and redesigned our donation page. Furthermore, we added new pages and content such as our transparency report, Supporters page and launched Unredacted Updates, where you can get a summary of what we’ve worked on each month. Transparency is important to us, and there will be more to come in 2025.

    Want to read more about the inner-workings our projects & services? Check out our blog!

    Hardware

    Unredacted has largely operated on a mix of dedicated hardware that we rent from various hosting providers. Unfortunately one of those providers, Hetzner, mysteriously cancelled our account at the end of October. We’ve since migrated to more reliable providers. However, important infrastructure such as our Tor exit relays, XMPP.is, and Unredacted Matrix server run on top of rented dedicated servers still. This past year, we’ve pursued purchasing and colocating hardware that we fully own. So far, we’ve built out redundant edge routers, aggregation switches and a PoE switch (seen below) which will power a special project that we’re working on. We won’t give any hints on what the PoE powered Raspberry Pis are for now, but we’ll be announcing how and why we built them in early 2025. What we’ll say is that they’re scalable, efficient and more affordable to operate in the long run.

    We’re also in the process of building an high-availability virtualization cluster with Ceph for storage too. That hardware is still in testing, but we plan to fully deploy it in early 2025 as well. The new cluster will power XMPP.is, the Unredacted Matrix server and various other new services that we’ll spin up in 2025.

    The hardware purchases that we made wouldn’t have been possible without the amazing support and donations we’ve received from our community. We’d especially like to thank the Human Rights Foundation for providing a grant to us.

    Network

    For a long time, we have operated our own network on top of one of our hosting providers. Recently, we became an ARIN member and received our own ASN (Autonomous System Number), AS401401 – which, in HTTP status codes means “Unauthorized.” ARIN must have thought we were cool. 🙂

    We also received IPv6 and IPv4 prefixes, which we’ve started advertising to our upstream providers. Our edge network at the time of writing consists of 18 virtual machines across various hosting providers for diversity and redundancy. We built this network for the special project mentioned above in the hardware section, and in 2025 we’ll write about how and why we built it on our blog.

    Operation Envoy: Defeating Censors

    In July of 2023, we started Operation Envoy, an initiative that consists of ‘envoys’ which help to deliver messages (packets) to and from the Tor network. This helps users experiencing Internet censorship, or those who wish to mask their use of Tor. Previously, we focused heavily on deploying Tor snowflake proxies around the world.

    This year, Operation Envoy had its 1st year anniversary. We thought a lot about Operation Envoy’s future, and we decided that it should consist of more than just Tor bridges. Operation Envoy now consists of everything we operate that helps people reach the free and open Internet, or particular services such as Signal & Telegram.

    Operation Envoy includes:

    Around the same time last year, we had served around 121TiB of traffic in a single 30 day period. As of December of 2024, in the last 30 days we’ve served over 192TiB of traffic to across all Operation Envoy services, which is a significant increase, but also due to the reclassification of what an ‘envoy’ is to us.

    30 days of past traffic (Dec, 2024)

    If we continue to average at this new rate of bandwidth over a year, that would be over 2.2PiB!

    Last year, we ended with 31 CPU cores and 53GiB of RAM. Looking at CPU core and RAM counts now, we ended the year with 91 cores and 106GiB of RAM, which is again a significant increase – but also due to the reclassification.

    24 hour hour stats on CPU & RAM usage (Dec, 2024)

    Our anonymized & aggregated Operation Envoy metrics are publicly accessible, and you can see the direct impact that we’re making.

    In 2025, we will continue expanding our CPU core and RAM counts, but we can’t do it without your help! If you like what we do and want to support our mission, consider making a donation.

    FreeSocks, proxies that circumvent censorship

    FreeSocks, our service that provides free, open & uncensored Outline (Shadowsocks) proxies to people in countries experiencing a high level of Internet censorship was open sourced in June. It also hit its first year of existence in December of 2024, and has expanded rapidly.

    Since its launch, FreeSocks has issued over 10,000 access keys to people looking to circumvent Internet censorship. This is an amazing milestone, and we’re happy to be helping so many people across the world. We’ve received a lot of positive feedback, and it has inspired us to continue our work on the service.

    A screenshot of the FreeSocks website

    In 2025, we’ll be continuing our work on a full rewrite of the freesocks-control-plane (FCP), the code which powers FreeSocks and allows for access keys to be issued, and have their state tracked. The rewrite will convert the existing code from JavaScript to TypeScript, and feature an API + web control panel which will allow us and others to manage their FCP deployment much more easily.

    A sneak peek of the new FCP control panel

    We’re also planning to potentially move away from Outline’s server software, and utilize raw Shadowsocks, Vmess, VLESS and Trojan proxies to offer more options to our users. To note, existing access keys and Outline’s client will still work with raw Shadowsocks.

    We can’t run free & awesome services like this without your help.

    Tor exit relays

    In our efforts to help people evade censorship, and protect their right to privacy, we have operated numerous high-bandwidth Tor exit relays since 2021.

    We’re currently #20 in the top exit families, and have a 0.55% exit probability according to OrNetStats. That means your connection through Tor may be one of the 0.55% which exits traffic through our relays.

    A screenshot from OrNetStats

    Currently, we have around 5Gb/s of throughput capacity (3Gb/s more since last year), however in practice this has been lackluster due to hosting provider network congestion and rate-limits. With our new hardware, we’re planning to migrate all of our Tor exit relays to our colocation in early 2025, which should allow for better throughput and control.

    Our Tor exit relay bandwidth bitrate over the past 30 days

    Regardless, over the past 30 days we have received and transmitted over 366TiB of bandwidth. If this rate continued for a year, that would still be over 4.2PiB of bandwidth usage for a whole year, quite an achievement.

    Our bandwidth usage over a single 24 hour period

    With your help, we can do even more, and continue to push a lot of traffic for the Tor network.

    Unredacted Proxies

    In 2024, we quietly announced Unredacted Proxies – which allow people to connect to messaging services such as Signal and Telegram, without exposing the fact to their ISP or government.

    Unredacted Proxies are a part of Operation Envoy, and are quite useful to many people around the world where Signal & Telegram are blocked. We’ve had a lot of good feedback about the service, and while we don’t directly count the amount of users – we can see that it’s being utilized by many when looking at bandwidth metrics. We’ve particularly seen great interest from people in Russia and Iran.

    For those interested in the technical side, we use Signal’s TLS Proxy and Telegram’s MTProto for our proxies.

    Chat services

    Our oldest projects are our chat services. XMPP.is was launched in 2015 and our Matrix server was launched in 2021. For many years, thousands of individuals have used our chat servers to exchange messages back and forth between friends and family. These remain a crucial part of our mission, as it allows people to communicate securely and privately. We regularly maintain and update these services, but there’s nothing notable to announce for them this year.

    If you want to chat with us and other like-minded people, why not join one of our communities?

    Funding

    Las year, we struggled with funding. However, this year has been amazing in terms of funding. We received a record amount of donations, and even received a grant from the Human Rights Foundation! We’re eternally grateful to our community and supporters, and we promise to always use your money effectively. To date, no one at Unredacted makes any money for the work they do, and we intend to keep it this way until we are fully sustainable.

    2024 EoY Balance Totals (USD):

    • Cryptocurrency balances (calculated at time of writing): $35,681
    • Bank balance (at the time of writing): $246
      Total: $35,927

    2024 Grant Totals (USD):

    We expect that with our current expense and growth rate, these funds will allow us to smoothly operate for at least 2-3 years. To continue our mission, and rapidly expand, we’ll need your support! We have many very ambitious and interesting work & projects in 2025.

    If you want to support us, we allow one-time or recurring donations via multiple payment methods, including PayPal, credit cards, cryptocurrency (including XMR & ZEC), Open Collective, Patreon & Liberapay.

    In 2025, we plan to be much more transparent in terms of our spending and funding.

    What’s next?

    In 2025, we have a lot of work ahead of us. We’ll be building out new infrastructure, creating new services and revamping existing ones. We’re expanding at a rapid pace, and we’re going to continue doing so. The fight against Internet censorship and for people’s right to privacy will be especially important in the coming year.

    Happy holidays!

    Sincerely,
    The Unredacted Team

  • Operation Envoy’s 1st year anniversary

    Governments across the world continue to block & restrict access to the uncensored Internet, with many of them blocking & restricting the use of the Tor network as a result. Over a year ago, we launched Operation Envoy, an effort to help defeat those Internet censors. Operation Envoy originally helped with our vast deployment of Tor bridges & snowflake proxies, which help to pass messages (IP packets) back and forth from users and the Tor network. These messengers, or envoys as we call them, allow people to access the uncensored Internet and disguise their use of Tor from prying eyes.

    Obfuscation of the messages that our envoys carry to and from uncensored networks are incredibly important in keeping users safe. In many countries, it’s outright illegal or highly discouraged to use these technologies to bypass Internet censorship. Some people could be in real danger if their government found out that they are circumventing Internet censorship. This is morally wrong, and with governments across the world continuing to abuse their powers and limit the free flow of information, we’ll continue fighting against it.

    It’s no secret that people in countries such as Russia and Iran (& some in China) heavily depend on censorship-resistant bridge & proxy technologies according to Tor’s metrics. To help people in even more countries, and in more ways, we want to expand our vision of what Operation Envoy is.

    Tor bridge usage metrics from June to August 2024

    Redefining what an envoy is

    After we originally launched Operation Envoy, we launched FreeSocks – a service that provides free, open & uncensored Outline (Shadowsocks) proxies to people in countries experiencing a high level of Internet censorship. We also launched Unredacted Proxies, which allow people to connect to messaging services such as Signal and Telegram, without exposing the fact to their ISP or government.

    Today, we are redefining what an envoy is to us – it’s any of our services that pass messages (IP packets or TLS wrapped application layer data) back and forth between a user and the uncensored Internet. These services should all obfuscate those messages in a way where anyone monitoring a user’s Internet usage would not be able to tell what those messages might contain. In other words, they all should use an obfuscated protocol of some kind.

    Operation Envoy now includes:

    These services currently all fall under our Censorship Evasion (CE) services.

    Operation Envoy does not include:

    Operation Envoy metrics

    Operation Envoy started with 34 CPU cores and 58 GiB of RAM, deployed all over the world. We’ve since scaled the operation, and we currently have 61 CPU cores (nearly double), and 70 GiB of RAM dedicated to delivering uncensored access to the Internet (excluding our Tor exit relays). We’re working to expand that on a regular basis, and continue growing the number of envoys at our disposal.

    To collect anonymized metrics on all of ours envoys, we created a new Grafana dashboard which details the hourly bandwidth usage of all envoys combined. Over the last 30 days (at the time of writing) we pushed over 152 TiB of bandwidth across all of our envoys. That’s a lot of data!

    We need your help!

    Unredacted Inc is a 501(c)(3) non-profit organization, and we directly depend on generous donors like you to fund our operations. If you like what we do, and want to support our mission, please consider donating. We couldn’t fund Operation Envoy, and many of our services without your help.

    As a special promotion, if you donate $10 USD/mo (or more) to us on a recurring basis after reading this blog post, we’ll deploy an envoy of your choice in honor of your generosity. If you do this, please contact us afterwards and we’ll coordinate with you.

    Thank you!

  • Unredacted is now a 501(c)(3) non-profit

    Our 2024 Non-profit Fundraiser has come to a close, and we’re so thankful for all of the donations we received during the fundraising period. A huge thank you to everyone that donated to our cause and believed in us.

    We set out with the goal at the beginning of our fundraiser to form a non-profit, and apply for 501(c)(3) tax-exempt status, and we achieved both of those goals.

    Unredacted Inc, a Delaware non-profit corporation is now 501(c)(3) tax-exempt after receiving our determination letter from the IRS!

    All donations made to us are now US tax-deductible.

    Fundraiser donation totals

    $82 USD from PayPal & Credit Card donations
    $4,817 USD (at the time of writing) from cryptocurrency donations
    Total: $4899 USD

    We exceeded our goal of $1000 by a long shot.

    What this means for us

    Forming a non-profit corporation, and becoming 501(c)(3) tax-exempt allows us to more easily raise funds, and establish ourselves as an accountable and transparent entity. As defined on Wikipedia;

    501(c)(3) organizations are commonly referred to as charitable organizations. Their primary purpose is to serve the public interest by engaging in activities such as religious, educational, scientific, or charitable work. They must operate exclusively for exempt purposes, and any earnings must be used to further their mission.

    Source: en.wikipedia.org/wiki/501(c)(3)_organization

    With more funds, we can directly finance our projects & services. For many years, we’ve been self-funded – and it’s because we really believe in our mission. However, it would be great to receive funding from the public and/or grants to continue & expand the scope of our work. Our services require considerable amounts of money.

    In the near and semi-distant future, we have no plans to pay any of our directors or volunteers, so that we can siphon 100% of the donations we receive into the operational costs for our services. Being tax-exempt allows us to use the full amount of those donations for public benefit.

    Our new level of transparency

    In an effort to become more transparent and accountable, we’re beginning to publish our legal/organizational documents, and a regular transparency report on our new transparency page.

    Our transparency report acts as a warrant canary and confirmation that Unredacted has not been compromised in a way that is harmful to users of our services.

    In the future, we plan to publish more details about our finances on a regular basis.

    What’s next?

    With the funding and support we’ve received, we’re excited to continue creating new projects and services, and expand our existing ones. Such projects & services include:

    Censorship Evasion (CE) services such as Tor relays/bridges and FreeSocks which help people from all over the world evade censorship and protect their right to privacy.

    Secure Infrastructure (SI) including XMPP.is and Unredacted Matrix which allow people to communicate securely and privately on stable and reliable platforms.

    Unredacted Guides which help people setup, configure and maintain their own client-side or server-side software to evade censorship, protect their privacy and help others do the same.

    If you enjoy what we do, please consider making a donation. All donations are now US tax-deductible due to our 501(c)(3) status.

    Thanks,
    Zach, Executive Director

  • FreeSocks is now open source

    Censorship on the Internet is getting worse, not better. The free flow of information is key to learning and making change. Because of this, we started FreeSocks, a service that provides free, open & uncensored Outline (Shadowsocks) proxies to people in countries experiencing a high level of Internet censorship late last year (2023).

    Since then, the service has seen a considerable amount of growth. Over 1,000 access keys have been issued to people all around the world wanting to hide their Internet traffic from oppressive governments, and access the open Internet without restriction. Seeing the impact that the service has made is inspiring, and it’s why we’ve been working towards something quite special. Today, we are open sourcing the code that makes FreeSocks work, the FreeSocks Control Plane (FCP), which runs entirely on the serverless Cloudflare Workers platform for free. This allows anyone to launch their own FreeSocks-like service.

    GitHub Repository: github.com/unredacted/freesocks-control-plane

    Understanding the FreeSocks flow

    A diagram showing how FreeSocks works

    Understanding the FreeSocks flow is key to understanding how FreeSocks really works. It’s designed with security in mind, while also being simple enough for any decently technical person to understand.

    Breaking down the flow:

    1. A user visits an HTTP endpoint such as freesocks.org/get on their web browser. The request is terminated in an edge network datacenter close to them.
    2. The user solves a captcha/challenge, and submits their request.
    3. The FCP calculates the latency between the edge network datacenter the user reached, and the available Outline servers by sending HTTP requests over QUIC tunnels to their API endpoints. The available endpoints are stored in and retrieved from a Workers KV namespace.
    4. The Outline server with the best latency and lowest access key count is chosen by the FCP.
    5. The FCP initiates another request to the Outline server’s API to create a new access key, which is returned to the user with a definable expiry date if they don’t use the access key at all.
    6. The user enters the access key in their Outline (or Shadowsocks) application and connects to the server, allowing them to access the open Internet. As long as they continue to use the access key, it won’t expire. If they stop using it, it will be deleted in definable number of days.

    FCP architectural design choices

    By now you know that the FCP is used for access key retrieval by users, and allows administrators to delete unused access keys from the Outline VPN servers they manage. The code behind it is written in JavaScript. The FCP is designed to be fast, flexible and expandable for the future.

    Operating the FreeSocks Control Plane (FCP) on top of a serverless platform was a core design choice for many reasons.

    • It allows others to run the FCP for free (as is the case with Cloudflare Workers).
    • It’s easy to stand up on multiple domains for optimal censor evasion. Let them play whack a mole.
    • It’s easier to manage with tools like Cloudflare Wrangler.
    • It’s more difficult for censors to block serverless edge networks, because they control a large portion of the Internet.
    • Serverless edge networks are beneficial in determining latency between edge and Outline servers to provide the lowest latency server to users without exposing servers to users. In that way, it’s hard for a censor to discover all available servers from their interaction with the FCP.

    While many may not trust large cloud providers to process potentially sensitive information, there’s no doubt that they make it harder for censors to block. FreeSocks is intended to circumvent censorship. At the same time, it makes the FCP very fast and efficient since requests are terminated all over the world in datacenters close to users. We believe the potential privacy tradeoff is worth it.

    While we have to place our trust in cloud infrastructure providers here, we can say with certainty that the FCP code itself does not trigger anything to store personally identifiable information (PII). This makes FreeSocks a fairly privacy friendly service to use.

    How can I run my own FreeSocks?

    Since the FCP is now open source, anyone can run their own FreeSocks-like platform to distribute access keys to people. As time goes on, we’ll write more documentation on how this can be done. For those that are tech-savvy enough, you might figure it out without our help. If you do, please let us know – we’re very interested in hearing your feedback. Contributions to the codebase are welcome too!

    Where does FreeSocks go from here?

    FreeSocks will continue to be developed and expanded based on demand. We’ll continue to gather user feedback, and implement features in the FCP so that we can fight censorship.

    However, we need your help! If you enjoy what we do, please consider making a donationUnredacted is a non-profit organization that provides free and open services that help people evade censorship and protect their right to privacy.

  • How we accidentally broke our Tor exit relays

    Making technology work how you expect it to, and keep it working that way can be difficult at times. Changes in configuration or software updates can put services into a broken or half-broken state, and we had the latter happen to us.

    In the spirit of transparency, we are writing about the painful discovery that many of our Tor exit relays (at least 1/3) have been broken for (at the very least) weeks, and possibly months without our knowing.

    I’d like to thank the team at Tor Project for letting us know about the issue, and how to reproduce it, which ultimately led to it being discovered and fixed.

    Root cause

    Credit: https://itsfoss.community/t/its-always-dns-lol/10820

    Based on the image, you might suspect what the issue was.

    It was DNS. Specifically, it was Tailscale’s MagicDNS feature. DNS queries were not getting resolved for some reason that is unknown to us. This means that anyone who ended up connecting to our Tor exit relays failed to connect to nearly every domain/subdomain by failing to resolve hostnames. Connecting to IPs worked just fine.

    Before we go on blaming Tailscale, I want to state that we don’t know why MagicDNS failed in the way we observed, we just know that it did. Ultimately, disabling MagicDNS on our exit relays resolved the issue entirely. When we enabled it, and tested again, it failed. As a result, we’ve left it off.

    Technical analysis

    We knew the symptom was that DNS resolution seemed to fail, which was noted by the nice people at Tor.

    We started by attempting to reproduce the issue ourselves. This required pinning our Tor instance/daemon on our local computer to a specific exit relay’s fingerprint that was exhibiting this strange behavior. For example, by modifying our Tor daemon’s torrc file and adding the below line to it, we could force our local Tor daemon to exit all traffic on that relay.

    ExitNodes F34EE673122518873E717C128E35A389B72C7837

    This fingerprint corresponds to our UnredactedSnowden relay.

    We then pointed one of our browsers to use the local SOCKS proxy the Tor daemon listens on (127.0.0.1 port 9050) to send traffic through Tor.

    When attempting to connect to any website, it failed, but the reason was unclear and did not appear to display an error related to a DNS resolution issue.

    As DNS was still the suspect here, the easiest thing to do was to SSH into that exit relay and run a tcpdump to capture all inbound and outbound packets that used TCP or UDP port 53, such as the one below.

    tcpdump -i any -n port 53

    Once we did that, we discovered that nearly all DNS queries originated from Tor seemingly went out to the 100.100.100.100 MagicDNS IP, but nothing was returned on most queries. We knew at this moment, that it was indeed a DNS resolution problem.

    An anonymized example of what we saw:

    17:11:52.164204 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 40707+ A? domain.com. (45)
17:11:52.172049 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 33552+ A? domain.com. (33)
17:11:52.203409 tailscale0 In  IP 100.100.100.100.53 > 100.69.x.x.22065: 47343 NXDomain 0/1/0 (119)
17:11:52.321235 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 45366+ A? domain.com. (28)
17:11:52.321271 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 16617+ A? domain.com. (35)
17:11:52.321303 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 39612+ A? domain.com. (29)
17:11:52.352491 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 63111+ A? domain.com. (34)
17:11:52.383332 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 15513+ A? domain.com. (35)
17:11:52.501714 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 16308+ A? domain.com. (29)
17:11:52.532238 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 7697+ A? domain.com. (40)
17:11:52.540674 tailscale0 In  IP 100.100.100.100.53 > 100.69.x.x.22065: 22472 0/1/0 (89)
17:11:52.544683 tailscale0 Out IP 100.69.x.x.22065 > 100.100.100.100.53: 8052+ A? domain.com. (47)

    We tried several things;

    • Switching the MagicDNS nameservers to other ones & restarting Tor.
    • Rebooting the exit relay we were testing with to see if it was a strange Tailscale daemon/interface/routing issue.
    • Using dig via CLI on the test relay which queried the MagicDNS IP (100.100.100.100) which worked without issue.

    We were at a loss, and couldn’t figure out what was happening. We then decided to disable MagicDNS on the test relay to see what would happen. It worked, DNS queries started flowing and getting resolved responses via the same nameservers directly.

    We subsequently disabled MagicDNS on the rest of the exit relays with an adhoc Ansible shell command.

    Our conclusion

    The problem appeared to be with the abstraction that MagicDNS does, and queries originating from Tor did not appear to work 99%+ of the time when the feature was enabled. However, queries from dig via CLI appeared to always work. We suspect that MagicDNS fails in some sort of way when too many queries are directed at its 100.100.100.100 IP which is seemingly routed out the tailscale0 interface (& subsequently onto the physical interface). However, this doesn’t make complete sense, as we would expect queries from dig to fail as well.

    We may never know what happened exactly, and we don’t want to leave it in a broken state long enough to figure it out. At this point, it’s safe to say that we are leaving MagicDNS disabled on our Tor exit relays for the foreseeable future.

    Shortly after resolving the issue, our Tor exit relay traffic rate shot up beyond previously normal levels and hit our full capacity (as of writing this).

    In the near future, we will explore running our own local DNS resolver on each exit relay, which we’ve done in the past – but had to move away from due to an overload of bogus queries originated from Tor which also resulted in DNS resolution failures. DNS over HTTPS (DoH) or DNS over TLS (DoT) are also great options we may explore further.

    We hope you found this interesting and insightful. If you enjoy what we do, please consider making a donation. Unredacted is a non-profit organization that provides free and open services that help people evade censorship and protect their right to privacy.

  • New Tor bridge types for Operation Envoy

    In July of last year (2023) we launched Operation Envoy, our effort to deliver packets to and from the Tor network which helps defeat Internet censorship. This is achieved by Unredacted operating Tor bridges, also known as Pluggable Transports. Tor bridges obfuscate (bridge) the connection a user makes when connecting to Tor so that it looks like any normal connection and disguises the fact that they are connecting to the Tor network. Each Pluggable Transport has its own unique way of obfuscating the connection, such as WebTunnel which mimics HTTPS traffic, one of the most common types of traffic on the Internet.

    What a connection to the Tor network looks like with a bridge in the path
    Credit: robertheaton.com/2019/04/06/how-does-tor-work/

    Historically, and for a long time we’ve focused our efforts on deploying dedicated snowflake proxies around the world in strategic locations close to Internet users that face a high level of Internet censorship in their countries. Today, we’ve added a WebTunnel and meek bridge into the mix. Adding more Tor bridge types means that users have more ways to connect to the Tor network in the event that one protocol / obfuscation technique gets blocked.

    Our meek bridge

    How meek works, click the image to learn more

    To deploy our meek bridge, we worked with the team at Tor after volunteering to run a new bridge. Due to how meek works with Tor, there is some setup on their end as well because they use a technique called domain fronting. This is a technique to disguise a connection and route it through popular, and more painful to block CDN networks like Microsoft Azure. Meek bridges remain a crucial method to connect to the Tor network in several countries.

    To see our new meek bridge statistics, you can click here.

    Our WebTunnel bridge

    How HTTPT works, the proxy behind WebTunnel technology

    As described earlier in the post, WebTunnel is a bridge type which mimics HTTPS traffic, one of the most common types of traffic on the Internet. It’s based on HTTPT which resists active probing attacks that censors use to block censorship circumvention techniques. WebTunnel will likely, and ultimately become a very important bridge type for Tor as it rolls out and gains popularity due to the protocol it disguises itself as and its resistance to active probing.

    Our new WebTunnel bridge uses a unique configuration that we came up with to hide the IP of the bridge behind a TCP proxy service. This allows us to easily switch the ‘front’ of the WebTunnel bridge in case its IP gets blocked. In the future, we plan to write about how we did this once we’ve confirmed its stability over time.

    To see our new WebTunnel bridge statistics, you can click here.

    Current Operation Envoy stats

    As it stands today, we have a collective of virtual machines consisting of 31 CPU cores, 40GB of RAM and multi-gigabit unmetered links dedicated to serving Tor bridge traffic across the world.

    Past 7 days of CPU and memory usage, click the image to see live stats

    On an average day, we are pushing almost 2TB of symmetrical bandwidth per day. That’s almost 60TB per month!

    Past 7 days of bandwidth usage, click the image to see live stats

    We can’t make all of this possible without your help. If you like what we do, please consider making a donation. As time goes on, and with more funding we’ll continue to expand our Operation Envoy footprint by deploying more Tor bridges across the world. Your help can make a real impact for Internet censorship circumvention.

  • UNREDACTED, a year in review (2023)

    From our humble beginnings in 2015, to now (almost 2024), we’ve undergone many significant changes in the almost 9 years of our existence. We’ve established ourselves as a legitimate organization that is on a mission to fight Internet censorship, and provide various services to individuals & organizations seeking privacy and security. In 2023, a lot of work has been done to accomplish that mission. That’s why we’re starting our own “year in review” to go over all of the major developments that continue to challenge and inspire us.

    A year in review (2023)

    Operation Envoy: Defeating Censors

    In July of 2023, we started Operation Envoy, an effort to scale up our Tor bridge and snowflake proxy operations that help deliver messages (packets) to and from the Tor network. This helps users experiencing Internet censorship, or those who wish to mask their use of Tor. We focused heavily on deploying snowflake proxies around the world. At the start of the operation we were serving 93TB of symmetrical snowflake proxy traffic looking at the past 30 days.

    30 days of past traffic at the start of the operation (July 2023)

    As of December of 2023, in the last 30 days we’ve served over 121TB of symmetrical traffic to snowflake proxy users. We started with 34 CPU cores and 58GB of RAM from servers deployed around the world. We’re ending the year with the same core count, but with a bit less RAM at 53GB. However, we’ve served more traffic due to server provider changes and software upgrades.

    30 days of past traffic at the end of 2023 (December 2023)

    Our Operation Envoy metrics are publicly accessible, and can show you the direct impact that we’re making. Have a look.

    In 2024, we will continue expanding our CPU core and RAM counts, but we can’t do it without your help! If you like what we do and want to support our mission, consider making a donation.

    FreeSocks, proxies that circumvent censorship

    To continue our efforts and follow our mission in providing censorship-resistant Internet access, in late December we launched FreeSocks. A service that provides free, open & uncensored Outline (Shadowsocks) proxies to individuals in countries experiencing a high level of Internet censorship.

    A screenshot of the FreeSocks website

    We’ve spread news about the service on social media, and we’ve seen a gradual and steady increase in users since the launch.

    In 2024, we will scale the service to meet our user’s needs and write a blog post about how we built the core of FreeSocks on Cloudflare Workers in a privacy respecting way. Again, we can’t run services like these without your help.

    Tor exit relays

    In addition to our front-line censorship circumvention services, we have run numerous high-bandwidth Tor exit relays for many years.

    We’ve recently become #16 in the top exit families, and have a 1.03% exit probability according to OrNetStats. That means, you may be one of the 1% of Tor network users who exit traffic through our relays.

    A screenshot from OrNetStats

    Over the past 30 days, we’ve greatly improved our Tor exit relay setup, which consists of 2 hypervisors. Each having an Intel Xeon E-2276G, 64GB of RAM and a 1Gb/s NIC. We’ve spent a lot of time revising this setup to maximize bandwidth and resource usage.

    Our Tor exit relay bandwidth bitrate over the past 30 days

    This optimized setup has allowed us to push 2Gb/s of symmetrical traffic at any given time. In a single 24 hour period, we pushed nearly 20TB of traffic through our relays.

    Our bandwidth usage over a single 24 hour period

    If we continue at this rate for 365 days, that would be close to 7.3PB (Petabytes) of traffic for an entire year. With your help, we can do even more than this, and continue pushing tons traffic for Tor network users.

    Unredacted Guides

    In November of 2023, we launched Unredacted Guides. We aim to aid users in setting up, configuring and launching privacy/security focused software. It’s one thing to run these services ourselves, but helping others do the same only increases awareness and impact.

    As of writing this post, we have 2 guides.

    In 2024, we will continue to refine existing guides and write new ones in accordance with our mission.

    Chat services

    Our oldest projects are our chat services. XMPP.is was launched in 2015 and our Matrix server was launched in 2021. For many years, thousands of individuals have used our chat servers to exchange messages back and forth between friends and family. These remain a crucial part of our mission, as it allows people to communicate securely and privately.

    In November, we made efforts to secure XMPP.is based on the teachings from the jabber.ru MITM attack, and shared our work in a blog post.

    We will continue to maintain, monitor and secure our chat services for the years to come.

    Infrastructure changes

    Over the past year, we’ve made significant improvements to our server orchestration and the security of our services and website.

    We use many self-written Ansible roles and playbooks to deploy and maintain our servers. We’ve made a lot of refinements in this area which has made deploying and maintaining new services easier than ever.

    On the security side, we’ve utilized Cloudflare Access heavily on critical parts of our websites and locked down server access behind Tailscale. In 2024, a focus of ours will be to further secure our infrastructure from potential attacks.

    Funding

    While we’ve always paid for our services mostly out of pocket, 2023 was unfortunately one of the lowest in terms of funding, and it was far under our operational costs (domains, servers & SaaS providers). With that said, we greatly appreciate those that made contributions. Any amount helps us in carrying out our mission.

    2023 Donation Totals (USD):

    Cryptocurrency (calculated at time of writing): $127
    Stripe (credit cards): $68
    PayPal: $23
    Total: $218

    To continue our mission, we need your support! We allow one-time or recurring donations via multiple payment methods, including PayPal, credit cards, cryptocurrency, Open Collective, Patreon & Liberapay.

    In 2024, we will launch a fundraiser in an attempt to cover our operational costs. This will be announced later.

    What’s next?

    Regardless of funding for our services in 2024, we will make an attempt to expand them, and create new ones. We’ll continue working on awesome projects, and providing them to the masses.

    In 2024, we will explore the possibility of becoming a 501(c)(3) non-profit organization and assess it’s feasibility. We’ve always been non-profit focused, but legitimizing ourselves as a US tax deductible non-profit has its perks and it may be the next step in the growth and expansion of our organization.

    Happy holidays!

Donate