[tor-talk] Sonic Firewall, Iran related?

[Nathan Freitas <nathan@xxxxxxxxxxx>]

I have been in touch with an Orbot user at a university somewhere in a
relatively free country in Asia, who just a week or so ago found that it
no longer worked for him. He was unable to connect to the Tor network
either directly or with bridges, and it seemed like SSL related errors
were occuring.

He wrote me today saying this:
"Today I had a talk with the head of computer department, he said that
the sonic wall blocking policies are automatically updated and they
can't do anything with that."

While I do not know who "automatically updated" their firewall rules, it
is interesting that this wasn't a targeted Tor thing by the local admin,
but some wider deployment, perhaps directly from Sonic corporate themselves.

On a hunch, I sent him the new Orbot+OBFS bundle to test out, and it
worked like a charm. He was very excited, and has promised to be a loyal
tester. It indeed seems like they were doing a similar SSL/TLS DPI
block/filter as what is happening in Iran.

Now the timing of all of this, and the similar approach to filtering
made me curious if this could perhaps be related... could some ISP or
national NOC in Iran be running the same product as this university in Asia?

Regardless, it seems like the SSL/TLS DPI might become a standard
tactic, and the needs for obfsproxy will be growing rapidly.

+n
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk