[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor users trackable with common proxy?

On 21/02/2012 12:09, miniBill wrote:
> Il 21 febbraio 2012 09:09, Andrew Lewman <andrew@xxxxxxxxxxxxxx> ha scritto:
>> On Mon, 20 Feb 2012 16:15:37 +0800
>> Koh Choon Lin <2choonlin@xxxxxxxxx> wrote:
>>> "The authorities in Singapore are understood to have the ability to
>>> track down a person online even if he or she uses anonymizing
>>> facilities such as Virtual Private Networking, TOR onion routing, or
>>> other forms of proxy servers, and even if encryption is involved. This
>>> is because all internet traffic in Singapore is directed through a
>>> common proxy choke with date, time and IP stamping operation in
>>> place."
>> It's plausible they record all transit through their single internet
>> connection to non-Singapore world. Here are my thoughts, sort of based
>> on https://www.torproject.org/docs/faq.html.en#Torisdifferent faq
>> answer.
>> This collected information could give them tor clients talking to the
>> public list of tor relays or known tor bridges.
>> They have deployed a DPI device that can recognize the tor handshake
>> and are recording the tor client to relay handshake.
>> In both of these cases, they can only identify that you may be using
>> tor, not what you're doing.
>> Using obfsproxy could defeat both of the above issues.
> Paranoid mode: on
> They intercept the initial bootstrapping and make you connect
> to a "fake" tor network composed of malicious nodes only.
> Is it feasible?
As far as I understand it, as long as you check the tor software's signature, and use obfsproxy, I don't see how they would do such a thing.

Checking the software's signatures should ensure that you are not bootstrapping from harcoded malicious fake nodes or looking at the wrong
nodes list, and obfsproxy makes sure there is no recognizable handshake pattern. Even if they suspect it to be tor traffic there is no way
they can MITM an obfsproxy communication.

But again, I might be totally wrong here :)

Daniel ".koolfy" Faucon

Tel: Belgium: (+32)(0)487/898.774
     France : (+33)(0)658/993.700
PGP Fingerprint : 485E 7C63 8D29 F737 FEA2  8CD3 EA05 30E6 15BE 9FA5

Attachment: signature.asc
Description: OpenPGP digital signature

tor-talk mailing list