[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #34129 [Circumvention/Snowflake]: Use STUN to determine NAT behaviour of peers

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #34129 [Circumvention/Snowflake]: Use STUN to determine NAT behaviour of peers
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 27 May 2020 20:16:12 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 27 May 2020 16:16:21 -0400
In-reply-to: <046.3977dd158f8d5f0854ade9ba736bce02@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.3977dd158f8d5f0854ade9ba736bce02@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#34129: Use STUN to determine NAT behaviour of peers
-------------------------------------+---------------------------
 Reporter:  cohosh                   |          Owner:  cohosh
     Type:  enhancement              |         Status:  assigned
 Priority:  Medium                   |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:  Sponsor28
-------------------------------------+---------------------------

Comment (by cohosh):

 I submitted a PR to upstream the changes to pion/stun:
 https://github.com/pion/stun/pull/33

 There are a couple ways to move forward with this. I'm suggesting the
 following steps:
 - Do NAT discovery at the proxy and use that to decide how often they poll

  This is actually more useful for webextension users to do than standalone
 go proxies since we have way more of them. There's no functionality for
 this in the webrtc library we're using, but the
 [https://www.npmjs.com/package/stun stun] package claims to have partial
 support for RFC 5780, and lists the attributes we need.

  This basically replaces our datachannel failure heuristic with a NAT type
 heuristic. We can do both but should make sure they interact correctly.

 - Do NAT discovery at the proxy and client and send that information to
 the broker to match them up in a smarter way.

  I'd like some feedback on this before moving forward since it will take
 some effort and be a substantial change to the way the broker works. I'm
 also hesitant to make decisions that prioritize some proxies over others
 that rely on proxy honestly since it increases the ability of a malicious
 party to DoS Snowflake with bad proxies. If they can falsely report a
 value to get their bad proxies prioritized over others, we'll be in a
 worse situation w.r.t. DoS than we are now.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34129#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #34129 [Circumvention/Snowflake]: Use STUN to determine NAT behaviour of peers
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #34125 [Applications/Tor Browser]: Fix torbutton proxy api due to change in Firefox 77.
Next by Author: Re: [tor-bugs] #29614 [Applications/Tor Browser]: Use SHA-256 algorithm for Windows timestamping
Previous by thread: Re: [tor-bugs] #34129 [Circumvention/Snowflake]: Use STUN to determine NAT behaviour of peers
Next by thread: [tor-bugs] #34130 [Core Tor/Tor]: Tor won't start with seccomp sandbox when compiled with --enable-nss
Index(es):
- Author
- Thread