[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Vodafone DE throttles connections to the Tor network

>> Working were and are only connections without the Tor network, with unpublished bridges, and with Tails (changing the MAC address)
> That doesn't make sense. Vodafone doesn't see your Tails MAC at all. I think it's unlikely that Vodafone is throttling on purpose.
> Most likely, there is some broken/misconfigured router or IDS in the path to the directory servers/bridges you used. You should try to manually pick a few different entry guards with different routing (check with traceroute).
> Assuming you have a network consensus (e.g. from connecting with working bridges; there should be 'Browser/TorBrowser/Data/Tor/cached-microdescs' and 'cached-microdesc-consensus' files), add the following to your 'Browser/TorBrowser/Data/Tor/torrc':
> ----------------------------
> UseEntryGuards 1
> NumEntryGuards 1
> UseEntryGuardsAsDirGuards 1
> NumDirectoryGuards 1
> EntryNodes 47B8A2122B924B0E54B3BDEE48DFB86E054BEB36
> -----------------------------
> Remove any bridge-related entries from the config.
> Some fast entry guards in Germany that should have different routing:
> darkit ( 47B8A2122B924B0E54B3BDEE48DFB86E054BEB36
> chaoscomputerclub5 ( 0E22366D0EB12CA0CDD3693452F43BA0A1D9D515
> becks ( E9C8154418544764619D2CCD0596B355D7DFF236
> With this configuration, you only need to connect to the the guard node and don't need to connect to the directory servers (where something seems to be hanging).

Thank you for these advises. But, I think to concentrate on one entry guard only could lessen the anonymity. Although the entry guards are not changed very often (after 30â60 days) in the standard configuration, there seems to be a little random selection [1]. I will have a look at this. 

As we all know, the IP address is no reliable identifier, but the MAC address identifies the device and probably its user. Otherwise it would be needless to disguise the MAC address in Tails. As far as I know the MAC address can be coded in the IP within the ipv6 protocol. So, this makes sense. 

As terrorists and torrorists are per se under suspicion, like criminals and readers of some Linux Journal [1a], they should be hindered to communicate in anonymity. Secret services and police agents around the world see anonymity and encryption as a menace of their work. And ISPs, especially the big players and former telcos of the state, are executing their needs [2]. 
To me it doesn't seem deviously that ISPs are trying to block or impede the use of the Tor network ("Tor stinks" [2a]). Vodafone is advertising "Secure Net" which uses DPI (Deep Packet Inspection) for filtering - to make the net more secure [3].

I am very content with the performance of the Tor network using three different unpublished bridges. 

[1] T. Elahi et al., Changing of the Guards: A Framework for Understanding and Improving Entry Guard Selection in Tor, WPESâ12, October 15, 2012. [http://freehaven.net/~arma/cogs-wpes.pdf]
[1a] http://daserste.ndr.de/panorama/aktuell/NSA-targets-the-privacy-conscious,nsa230.html
[1a] http://daserste.ndr.de/panorama/xkeyscorerules100.txt
[1a] http://www.linuxjournal.com/content/nsa-linux-journal-extremist-forum-and-its-readers-get-flagged-extra-surveillance
[2] http://www.theguardian.com/business/2013/aug/02/telecoms-bt-vodafone-cables-gchq
[2] http://www.heise.de/newsticker/meldung/Snowden-Dokumente-Britische-Geheimdienste-koennten-ueber-Vodafone-deutsche-Kunden-abhoeren-2461441.html [2014]
[2] http://www.vodafone.com/content/sustainabilityreport/2014/index/operating_responsibly/privacy_and_security/law_enforcement.html
[2] https://firstlook.org/theintercept/2014/11/20/vodafone-surveillance-gchq-snowden/ [2014]
[2] https://blog.torproject.org/blog/tale-new-censors-vodafone-uk-t-mobile-uk-o2-uk-and-t-mobile-usa [2012-01-17]
[2a] http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
[2a] https://edwardsnowden.com/wp-content/uploads/2013/10/tor-stinks-presentation.pdf
[2a] http://www.heise.de/newsticker/meldung/Neues-von-der-NSA-Tor-stinkt-1972983.html
[3] https://netzpolitik.org/2014/waschmaschine-im-netz-wie-telekom-und-vodafone-deep-packet-inspection-als-feature-verkaufen/
[3] http://securenet.vodafone.com/index.html
[3] https://twitter.com/usefulthink/status/590817159351242752
[3] http://www.webscalenetworking.com/topics/webscalenetworking/articles/404274-vodafone-germany-offers-new-secure-net-service.htm [2015-06-01]: "Allot Service Gateways, which are high-performance DPI-based platforms that enable deployment of new digital services in fixed, mobile and cloud networks" 
[3] http://www.allot.com/press-release/vodafone-germany-makes-web-surfing-secure-with-allot-websafe-personal/ [2015-05-26]
[3] http://www.iptegrity.com/index.php/net-neutrality/600-how-vodafone-censors-your-internet [2011-01-06]
[3] http://www.rawstory.com/2011/01/vodafone-confirms-role-egypts-cellular-internet-blackout/ [2011-01-28]
[3] http://broabandtrafficmanagement.blogspot.com/2010/11/dpi-deployment-41-vodafone-uses-dpi-and.html [2010-11-18]

C. Fuchs, Implications of Deep Packet Inspection (DPI) Internet Surveillance for Society, The Privacy & Security - Research Paper Series 1, 2012 (2013) [http://www.projectpact.eu/privacy-security-research-paper-series/%231_Privacy_and_Security_Research_Paper_Series.pdf]
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to