[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #20348 [Circumvention/Censorship analysis]: Allot Communications blocking of vanilla Tor, obfs4, and meek in Kazakhstan, starting 2016-06

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #20348 [Circumvention/Censorship analysis]: Allot Communications blocking of vanilla Tor, obfs4, and meek in Kazakhstan, starting 2016-06
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sun, 19 Apr 2020 08:28:59 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 19 Apr 2020 04:29:08 -0400
In-reply-to: <043.1c05a70484dd45b8382cd15edeab649b@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.1c05a70484dd45b8382cd15edeab649b@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#20348: Allot Communications blocking of vanilla Tor, obfs4, and meek in
Kazakhstan, starting 2016-06
-----------------------------------------------+--------------------------
 Reporter:  dcf                                |          Owner:  (none)
     Type:  project                            |         Status:  reopened
 Priority:  Medium                             |      Milestone:
Component:  Circumvention/Censorship analysis  |        Version:
 Severity:  Normal                             |     Resolution:
 Keywords:  censorship block kz                |  Actual Points:
Parent ID:                                     |         Points:
 Reviewer:                                     |        Sponsor:
-----------------------------------------------+--------------------------

Comment (by DoopPowder112):

 Replying to [comment:143 dcf]:
 > kzblocked provided some more information on IRC.
 > But you can bypass it by putting HTTP-like bytes inside the random
 padding of the obfs4 client handshake. The padding is ordinarily filled
 with random bytes. Filling the padding with zeroes does not bypass as
 reliably.

 I'm pretty confident I know how it works. DPI research papers merely deal
 with theoretical attacks, but Brandon Wiley bought copies of physical DPI
 hardware and knows exactly how it works. The main thing they do is look
 for signatures in the first packet. The second main thing is look for
 packet lengths. In this case I believe it is the third most common attack
 which is to look at how frequently each byte value occurs to measure
 entropy. https://youtu.be/IfLh3tr2amk?t=1334 (start at 18:20 but 22:14 is
 where it gets relevant) The solution is to send more of certain byte
 values than others to decrease entropy. I find it interesting that someone
 on this ticket said FTE worked.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20348#comment:211>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #33072 [Core Tor/Tor]: When under load, give 503 aggressively for dirport requests without compression
Next by Author: [tor-bugs] #33886 [Circumvention/BridgeDB]: bridges@xxxxxxxxxxxxxx Don't respond to gmail
Previous by thread: Re: [tor-bugs] #33937 [Applications/Tor Browser]: Can't paste text copied outside of Tor Browser into browser
Next by thread: [tor-bugs] #33938 [Applications/Tor Browser]: tba: Out of memory after "Could not create search engine from name"
Index(es):
- Author
- Thread