[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor users trackable with common proxy?
> On 02/21/2012 06:48 PM, Andreas Krey wrote:
>> On Tue, 21 Feb 2012 14:26:06 +0000, Daniel .koolfy Faucon wrote:
>>> Checking the software's signatures should ensure that you are not
>>> bootstrapping from harcoded malicious fake nodes or looking at the
>>> nodes list, and obfsproxy makes sure there is no recognizable handshake
>>> pattern. Even if they suspect it to be tor traffic there is no way
>>> they can MITM an obfsproxy communication.
>> As far as I can tell obfsproxy itself can trivially be MITM'd,
>> which is about as helpful as seeing the client-relay tor traffic
>> in plain: Not very much.
> Obfsproxy's objective is not to provide integrity, secrecy or anonymity.
> It just
> tunnels some bytes in "another protocol". Its objective is to evade some
> predefined rules in DPI that target SSL/SSH traffic or other well-known
> encrypted traffic patterns.
> Aside from obfsproxy being alpha software, it can be characterized as
> steganographic layer".
> As such, it's a hard problem to make something "undetectable". Some of the
> papers I've seen on the subject (mostly written by Niels Provos IIRC)
> said that if you have access to the steganographic algorithm, various
> statistical markers can be derived.
> Of course, you could employ crypto along with steganography, but then you
> the issue with distributing keys (obfsproxy client and server must somehow
> on what obfuscation layer to use).
It would work for private bridges.
tor-talk mailing list