[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Idea which may or may not of been discussed
- To: tor-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-dev] Idea which may or may not of been discussed
- From: Matt Traudt <pastly@xxxxxxxxxxxxxx>
- Date: Sat, 13 Oct 2018 12:21:49 -0400
- Autocrypt: addr=pastly@xxxxxxxxxxxxxx; prefer-encrypt=mutual; keydata= xsFNBFYSsCYBEACtCAyNCpmHR4A3L4AWF9UbhZDu76D3LxZHSuPkCWOI++7Lm1SZ0QTuDsd0 ncp6qmzx56wbL9rmRwgNHFCPxlEv1zHmGDoGS/h1CVLsOXpEKqmyyCysYygp+Fc6N5aXIlCm lBj4xEnjz3aSdA0T6RAUOJRLDvmH0hs3guPsJ5Ic12+WekkgqXrNPKoI8PEa1MVFB8RT/49+ SZp28zTk951LXFy2Gte+r/FmNIoKCgMvyBJ5y+vRDIERZhA3S/U9w66zflpBhSRco9VG2fZX Pe2Y5OiC9sLJoHHce7QLIsMbepzGDWIDyIkveMDHPByJL2i3+ajQvv4mRl/WFOUXQJ+HgtA4 o7ul8KSPghmkXJBPTc1nb4U6yPE+cJgx1PhAkc6pcHOo3bf9tnozr4IdkiG/1bvInLqTqm30 nJOloNLVLt6WhhWEt9tUJrcXMSZwhuABgxzz+HvvE19XFzvCCm9xU0dh2kgQ2PAnmK8QsH4b h2M9bkH+WEgMZdh4tNcJdj4UtH/OL8R22+E198lq4C9SMj5DEocllshIVpXRJb2wz91rgP+t dYfjGV/nlnQDKCK1S/+rjSnu4Li3dzTrcNS2rewlVuyUeM5gCnmp6vVZh9xiF/HvYPhKr68J heuo7mq9EJeeuMOcedf5d/zC5fNcdmalYbM8Ow5BT0ZLveIzuQARAQABzR1NYXR0IFRyYXVk dCA8c2lybWF0dEBrc3UuZWR1PsLBmAQTAQIAQgIbAwUJCWYBgAYLCQgHAwIGFQgCCQoLBBYC AwECHgECF4AWIQS34QX8Tm2Td/icukyDvKlSlPu7CgUCWjbKkgIZAQAKCRCDvKlSlPu7Ctc3 D/4mtWXBTipGassxKMhDsG/agzppIpXP5HB7GCLCBZgncIboseB6ckUrNOw/a7RTlQEwaY1G 1NDoV9+l00nozo6X11OrO2uvhJmisa5oHnpZv5BE/pTq96Fgu2Inr+y8RUXG6B+67tgxipcj S9YpDvBHGeE3xsnhirmaJykQSzrwb9VVsdpiF5pNVbBwzqSKFgCaD6j52wZvGiIFHjKssKTq SXvO+AE9R1pyL1okRJxG/LE5y2vfnn2rnoq225Uwb+inCNUPQtO5YW0+hjE8p3/3aR9xftdU 6OnflKmESu0oJRAy1jzsupZyIzvMfb6a6IxQyBlpL+//NyNtYZ2ELL9ViRMsK2ijUIYIY8ap BFJrg6ybgdSIxMrdj6wuCke/gFA2m2ksWfXOmypoZ+4Mi7aHABylWYUVI2yFUe1xUaxeoZpw MGn0VIemmg9fHqhC4TJL56MKgo31Jj2njQ/tuWcg/lTdk3+CAlPMuRDvuDPKyUA7hu7FEWxR sTBvzCIxY0Qit5Jez9G8Ea87Ekt6lZUMG8paN25qbkEBzKRifjzuNE0kHwWU9t6dYymseMF5 fjVFiA9BGiIQlvEmFvx1q1Jp12e5dumuCBWDCjjOJmo3vJGxihPSIpXamVxdx22sxMMnOOdD A8qU1QTm78hkDW1OEhS3OaDUwcwWtLIs4r8epM7BTQRWErAmARAAqku3mxb1nGqyHNqQGwRQ HIHWb0ubhwleHqtt2nQkG4NcQTDVw1c6u1lNo3OwrtB8DyfTqFFHD7n/xIMIhfmtAPyK2Qts 41cs73S2e/jKj43vH39vx48WbOxuUrNWriEhajjuu8D4eI0XMvzPdVPiQYBWR9kgLAzYHBsS tk+pxVohF3fGPp7RFCYV7DK2pKvqKYnbWDEZCuT8VtyJ0BT/cudkl0e+0uY85qWXNKVYPnuB LpXrc9ushkzNqYsHeI22NKzN+KHhzTfMNjBKNJK2JWuzYSt3ZgCqB7u5ElMpqf/ynSYukXTu z9JngUuB0vrGqUFCc/qUH/uMrhyRT8gFRQ125CYPkAmYRDbquM5iT4vIP+FfxPStTay/HTcY VsEON2Xkt907OhQBQD4XXXt0FUmufbv7SheLKjAJYrc8qUaG1SZo56JPO4zFcYrJX4mS9y22 VE1do8TMBF3UczbMilKAH1TnNnjxXxcLL+5TSvRA9L3TqErTs6URkYG9ABTiQIwC0IVEt9zk UEniL2M3tSiH/cF91RlyCKuJl2O5NNl79rRaXn7tN33dY3Am1p8+zfh7zO8YlePoQk2mgGUO /LeD7jD69Eau4wlj/H7eAgyPsUGmqn05nW8Xs8faFacE+gGwIDgJGomN1GOs11LTe73s/khs YlWH/OF1LDFlDwEAEQEAAcLBZQQYAQIADwUCVhKwJgIbDAUJCWYBgAAKCRCDvKlSlPu7CvPP D/9tRwoRPKtS03w+koDIiZoky08y+j4OQ/bqz0WN6p9gxKOKAfIyH8Jb521r74gtnwAvf9XY CCzjbzUAkYSO9rB3X3wS4xPmldVrvx0eihJNuoDdCekKicMc63MnKwSvwV20pb/1aFDWZZHZ XFFzU+4OXUyAvm3EUY2+UY7/y/MkYdMoMjDo048Ab2U+AFFC/P1qOiHXKpEeMR6bIme51+Ac 7cBDJiuSpnrXy+nZZvKi6HaxAK6HkTeAlfiY6HheQ95zjP+zAgJbtCi49WPdkQIQi+cnG6r8 gV29MojNAN5FmaLoTM8iQ2UyFd61Hq3nefrfCli/ijWjtoKAtDf8xxcfxgOQDiO+G1nSiEtG Lqt8+epRFyV+b7hxFpfsg3Od85XNpR2vg0CymnJ4W4+JZ/RkSr1hP25+TOI/rZC9EsuUHPRk iVw3Cf3+/2BmncboRZieMcprR5HxPb+FO3W6a+rFZKWuoxNSasGGyrhD7Bg7HIRZnbAM+db5 QLGcnQx6zzKFjsL4pjdjhY6IuYKdun9GvuvZ0dRHs5AhkdXpeNY8n/tt9JvNltjZ20ARlfSN /35prOrFGjc5qrtKQCjcCgFdhrvl9mDdJI9yFtWZYoXUa+EARU4d2MQv2GngPH9aeSh/yMRg eZo5Mqs64Hs/GUYInXGnbkyMKjw1sOAV9CFxHA==
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Sat, 13 Oct 2018 12:22:09 -0400
- In-reply-to: <CAKNc95HPCDGGydBTSGw8k01ZrfwcBughcJ0q7FA4E+z3Csp6vw@mail.gmail.com>
- List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
- List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
- List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
- List-post: <mailto:tor-dev@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
- Openpgp: preference=signencrypt
- References: <CAKNc95HPCDGGydBTSGw8k01ZrfwcBughcJ0q7FA4E+z3Csp6vw@mail.gmail.com>
- Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
On 10/13/2018 12:07 AM, Nathaniel Suchy wrote:
> Currently tor traffic uses an TLS handshake hostname like the following:
>
> $ sudo tcpdump -An "tcp" | grep "www"
> listening on pktap, link-type PKTAP (Apple DLT_PKTAP), capture size 262144 bytes
> .............". ...www.odezz26nvv7jeqz1xghzs.com.........
> .............#.!...www.bxbko3qi7vacgwyk4ggulh.com.........
> .6....m.....>...:.........|../*
> Z....W....X=..6...C../....................................0...0..0.......'....F./0..
> *.H........0%1#0!..U....www.b6zazzahl3h3faf4x2.com0...160402000000Z..170317000000Z0'1%0#..U....www.tm3ddrghe22wgqna5u8g.net0..0..
>
> A network observer could run a DNS lookup on the hostnames and see if
> they are real or not. So my idea would be to register a set of random
> hostnames which are legitimate and point the IPs somewhere to avoid
> looking for an NX Domain response and dropping the stream. You could
> even give each relay a unique subdomain and rotate these every few
> weeks. This may be expensive to implement but could make blocking Tor
> traffic with this method harder. Thoughts?
>
Why wouldn't it be just as easy for censors to identify the small set of
registered domains that Tor relays use and block TLS connections that
involve them?
I don't see how changing the domain a relay uses from aaaaaa.foo.com to
bbbbbb.foo.com helps. The censor would just notice 'foo.com' and block it.
In fact, I think this would make censorship easier.
Matt
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev