[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #28942 [Circumvention/Snowflake]: Evaluate pion WebRTC
#28942: Evaluate pion WebRTC
-------------------------------------+-------------------------------
Reporter: backkem | Owner: cohosh
Type: enhancement | Status: assigned
Priority: Medium | Milestone:
Component: Circumvention/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: ex-sponsor-19 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: Sponsor28-can
-------------------------------------+-------------------------------
Comment (by Sean-Der):
Replying to [comment:19 dcf]:
> Replying to [comment:17 cmm323]:
> > Great! One concern I have is that if there are specific features in
`pion` implementation that are different from the native implementation,
which make it easy to block.
>
> I am not too worried about that at this point, because what little
research we did using libwebrtc ([[doc/Snowflake/Fingerprinting]]) showed
that even with the native library, Snowflake did not match other
applications. I don't think swapping one library for another costs much at
this point, in that respect.
>
> Replying to [comment:18 Sean-Der]:
> > We *should* have zero differences
>
> I would be surprised if this is the case--unless pion has paid
extraordinary attention to matching externally visible protocol
implementation details, which goes farther than interoperability. What
about the order of ciphersuites in the DTLS handshake, or the metadata
inside STUN messages? One of the things we found is that there's no single
"WebRTC" fingerprint, nor even a single "Chrome WebRTC" fingerprint--it
depends on the specific application. That said, I'm glad that you are
involved, and I am hopeful that pion will be easier to adapt if and when
needed.
Oh yes you are 100% right about that. I haven't paid any attention to
that, I have only been concerned about interoperability.
This hasn't been a concern for me, but I would love to make this work for
you. Maybe we can write some sort of test suite that does ICE/DTLS/SCTP
and compares libwebrtc/Pion nightly and brings down the drift.
Would it also be helpful to 'randomize' Pion? We could add features that
helps make Snowflake more resistant to fingerprinting. I am not up to date
on concepts/needs around censorship circumvention
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28942#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs