Haystack is a computer program that allows full, uncensored access to the internet even in areas with heavy internet filtering such as Iran. We use a novel approach to obfuscating traffic that is exceptionally difficult to detect, much less block, but which at the same time allows users to security use normal web browsers and network applications.

We are deeply committed to the idea that everyone has a human right to free expression, and censorship is a direct infringement of that right. This project is our attempt to make the world a better place: as Martin Luther King Jr. once said, “Injustice anywhere is a threat to justice everywhere”.

Haystack hides traffic to any from the internet at large inside traffic that looks like perfectly normal web connections to innocuous sites. The Haystack client connects to our servers which in turn talk to websites on behalf of our users.

Haystack runs on Windows (2000 and up), OS X (10.4 and up), and modern Linux distributions. The executable is under half a megabytes and can run, without installation or configuration, from USB drives, optical discs, floppy discs, memory cards, and many other media.

From a user's point of view, Haystack appears to be a normal HTTP proxy, which means that Haystack not only supports all modern web browsers, but many other network programs as well, including Yahoo Messenger, FTP clients, and IRC clients.

Yes. We go to great lengths to ensure that any traffic between our servers and our users looks like perfectly normal, innocuous, and unencrypted web traffic. It would be exceptionally difficult to detect and block automatically.

However, even if our methods were compromised, our users' communications would be secure. We use state-of-the-art elliptic curve cryptography to ensure that these communications cannot be read. This cryptography is strong enough that the NSA trusts it to secure top-secret data, and we consider our users' privacy to be just as important. Cryptographers refer to this property as perfect forward secrecy.

Of course. We would like to see our as many people as possible assert their human right to free expression.

No. Although we sincerely wish we could release Haystack under a free software license, revealing the source code at this time would only aide the authorities in blocking Haystack. In the future, however, we would like to find a way to reconcile our Free Software ideals with the necessity of frustrating the efforts of those who would block Haystack.

This charge is difficult to rebut, because under normal conditions, “security through obscurity” is indeed false security. However, Haystack has several properties that make it a special case.

First of all, we do not rely on “obscurity” for protecting our users' privacy. Everything that one of ours users sends and receives is enciphered. It would take centuries for all the world's computers to decipher one of our users' browsing sessions even with full access to the Haystack source code.

“Obscurity,” however, does make it much harder to find ways to block our software. Of course the authorities will pour resources into finding a way to do this, and they may temporarily succeed. In that event, we will refine our software and issue a new version that circumvents the restrictions. We will not, however, give the authorities any assistance in this process. By retarding their efforts, we ensure that the Haystack network operates more robustly for longer periods.

Haystack and Tor do fundamentally different things, and actually complement each other.

Tor focuses on using onion routing to ensure that a user's communications cannot be traced back to him or her, and only focuses on evading filters as a secondary goal. Because Tor uses standard SSL protocols, it is relatively easily to detect and block, especially during periods when the authorities are willing to intercept all encrypted traffic.

On the other hand, Haystack focuses on being unblockable and innocuous while simultaneously protecting the privacy of our users. We do not employ onion routing, though our proxy system does provide a limited form of the same benefit.

To a computer, a user using Haystack appears to be engaging in normal, unencrypted web browsing, which raises far fewer suspicions than many encrypted connections. Authorities can block Haystack only by completely disabling access to the internet, which gives Haystack greater availability in crises, during which the authorities may be perfectly willing to block all obviously-encrypted traffic.

Also, unlike Tor, Haystack has no public list of servers, which makes it exceptionally difficult for the authorities to discover which machines to block. The Haystack client is also less than a quarter of the size of even the smallest Tor client, which leads to greater availability when it is impossible to download large programs.

It is possible to configure Tor to transmit through Haystack, and users who require the additional guarantees that Tor provides are welcome to combine the systems.

Haystack is currently in the beta testing stage, and we are in the process of working out the last kinks in the system. We are also in the process of taking care of a number of procedural hurdles that must be settled before the program is operational. We are aiming for a full release sometime this winter.

Please donate to the project. We require servers, developers, and other resources to fully develop Haystack. Even small donations go a long way toward ensuring that people everywhere can communicate freely.

We also appreciate computer equipment, books, pizza, and thank-yous.

That's not a question. But seriously — we're dedicated to being as open as we can possibly be while not giving any ground to the authorities. If you'd like to know anything, email us at questions@haystacknetwork.com and we'll do our best to get back to you.