Re: [tor-dev] bittorrent based pluggable transport

[David Fifield <david@xxxxxxxxxxxxxxx>]

On Sat, Feb 28, 2015 at 10:46:03AM -0800, Dan Cristian Octavian wrote:
> My name is Dan, I've been working on a pluggable transport for Tor based on
> bittorrent as cover traffic and wanted to let you know about it.
> 
> https://github.com/danoctavian/bit-smuggler
> 
> In a nutshell, I'm tunnelling a data stream through a bittorrent peer
> connection that is created by real bittorrent clients (uTorrent for this
> implementation) - to avoid "parroting" traffic pitfalls and active probing.
> This made the implementation quite tricky to get right, so my reasoning is that
> it's a worthy trade-off.

People reading this should look at the documentation, there's thoughtful
information there.

https://github.com/danoctavian/bit-smuggler/blob/master/README.md
https://github.com/danoctavian/bit-smuggler/blob/master/DESIGN.md
https://github.com/danoctavian/bit-smuggler/blob/master/docs/system-components.png

I don't know anything about BitTorrent. What parts of the protocol are
easily visible to the censor, without expensive reconstruction? I guess
it includes at least: file names, file sizes, peer IP addresses.

About active probing: it's true that if the censor probes you, you look
like a BitTorrent client. Is there anything weird about how you use the
protocol that could make you stand out anyway? At
https://github.com/danoctavian/bit-smuggler/blob/master/README.md#security,
you say that a network monitor would have to reconstruct a stream in
order to detect anomalies. Could a censor acting as an ordinary peer
detect them more easily, just by participating in the file transfer?
(I'm thinking of how the movie studios would run their own BitTorrent
clients in order to find other downloaders.)

David Fifield
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev