Justin Tabb:

When you go and connect to a VPN server, you’re connecting to vpn.myvpn.net or whatever it is, and that’s a single point of failure most of the time. So China’s able to very easily pull down from what we’ve heard from Chinese citizens that are inside of China uh new VPNs as they pop up. The difference with Substratum is that it’s myriad points, right? So if you knocked down one point even if you could, which you know it’s being built that you can’t. But even if you could knock down that one point, you know because of the self-healing that’s rolling out right now, it finds another one automatically. You don’t have to restart the product, you don’t have to change any settings. The idea is that it just continues to work. It does all the hard work for you. And so I’m very excited where we are headed in 2019

I think Substratum’s “self-healing” property will ultimately be the cause of its downfall. It’s obvious that a node on the Substratum network will always know the IP address of the next-hop node. Since this is the case, a quick inspection of SubstratumNode’s command line interface (CLI) will reveal the IP address of another node on the network. If that IP address is locally blocked, the node software should then begin the process of “self-healing” and look for another node on the network. Rinse and repeat this process, and you’ll soon have a list of the IP addresses of nodes on the Substratum network.

Now that I think about it more, it doesn’t even have to be so complicated. Another way to harvest IPs would be to set up a basic VPS with NGINX or Apache and upload a simple web page. Next, just browse to the VPS’ IPs through the Substratum network and block the exit node IPs that hit the VPS. If Substratum’s self-healing feature works as advertised, the node software should continuously rotate exit nodes, which makes it extremely easy to compile a full list of IPs to block. This flaw could potentially be very dangerous for Chinese citizens due to the government’s control over telecom companies. With a list of IPs, the Chinese government could potentially identify individuals who are using SubstratumNode. I hate censorship, but SubstratumNode doesn’t seem to be the answer.

Self-healing or self-destruction?

« Permalink »