We gave the talk so here is the answer:
UltraSurf and Gtunnel and likely all products put out by the Global Internet Freedom Consortium / Internet Freedom.org, are infact secret trojans. They give you a 1-hop proxy but use your system to launch attacks against financial institutions, government and energy websites, education, etc. Now here is the scary thing, if you are logged into one of these domains, like your bank, then they can get access to your authenticated session / cookie and potentially break right into your account, THROUGH YOUR OWN COMPUTER.
Imagine if someone with a sensitive US position used ultrasurf. Suddenly their military login has been compromised
. Not likely? They've been around twice as long as tor, and this exact thing happened on tor last year (see dan egerstadt).
It gets better, any site you visit using the program, the turn off SSL
cert checking so they can perform MITM
and watch your entire session and logins. It is also capable of auto-updating, and spiders into your system when you install it, capturing not only IE but now Firefox and DNS
and most other traffic. So everything you are doing, they have access to and may be logging and using against you.
GIFC / Internet Freedom org are a huge scam. They are likely run by by a private chinese intelligence firm to monitor dissidents and us citizens while attacking critical infrastructure in the USA and Taiwan. They have fooled everyone for nearly a decade, and are seeking a $40m grant as an internet anti-censorship software.
We have proof, wireshark logs, video, live audit, and a list of their attack patterns
. Special thanks to Moxie Marlinspike for assistance.