[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Psiphon (Was: Bootstraping Tor manually to get past the Great Firewall)



On Mon, Dec 04, 2006 at 12:18:25PM +0800, John Kimble wrote:
> Thanks for sharing - Psiphon certainly seems promising, for people
> with specific trust models (rather different from Tor users) and want
> to use a hassle-free encrypted proxy. They have very prominent
> sponsors too -- wonder if those sponsors will be interested in Tor as
> well? ;-)

The problem with saying "rather different from Tor users" is that it
conflates Tor technology and infrastructure with the particular use of
the Tor network that the Tor developers want to highlight.

It turns out that Tor is actually a general-purpose tool that can be
used to allow a multitude of different requirements.  Perhaps the two
uses most commonly cited by the Tor developers are anonymity from the
remote endpoint (so that the server (or client in the case of hidden
services) cannot tell who you are) and anonymity from the network (so
that network observers cannot tell who is talking to whom).

However, Tor can be used for other purposes as well.  For example,
consider the perspective access network, which can provide access to
services that might happen to be visible from some servers in the Tor
network, but not all.

http://afs.eecs.harvard.edu/~goodell/blossom/

Users might not necessarily care about anonymity; their primary
concern would be accessing (or providing access to) otherwise
inaccessible content or services.

Similarly, Tor can actually be used to implement Psiphon without
changing the Tor code base.  If my understanding is correct, a simple
web proxy front-end and some controller code would be all that is
needed.

It seems to me that creating a separate code base for Psiphon would be
redundant, not to mention ultimately dangerous by fragmenting the set of
available tools intended to achieve similar purposes, leading to
confusion and inconsistent or unexpected security properties.  I think
that many of the security properties desired by Tor and Psiphon are the
same.



Attachment: signature.asc
Description: Digital signature