[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Some more FlashProxy questions

On Thu, Feb 21, 2013 at 03:03:28PM +0000, adrelanos wrote:
> Why destroy flashproxy when user leaves the website? This is a
> technical limitation?

It is a technical limitation. But remember, we designed the whole system
around it. Proxies don't have to live forever.

> Did you ask google, youtube, facebook to add a badge or do you plan
> asking them?

I think early on the research group talked to Facebook but I wasn't part
of that meeting.

Currently we don't lack proxy capacity. We have plenty of that. What we
lack is *opted-in* proxy capacity, which we would like to see more of.
Check these graphs from my talk yesterday.


> In some countries the use of Tor is suspicious/dangerous. When people
> from such countries accidentally visit a website with a badge on it,
> they unknowingly and unwillingly connect to the Tor network?

Not necessarily right away, but if they get a client from the
facilitator, then they will connect to a Tor relay.

> You depend on the client in the censored area to be able to receive
> incoming connections (port forwarding). Couldn't a censurer simply
> forbid black list connections for every individual and only white list
> for those with compelling reasons? That would almost completely defeat
> flashproxy?

A whitelist defeats almost everything, including flash proxy. But you
must look at it in terms of cost. Nothing works against an adversary
with unlimited resources. A whitelist is expensive to maintain in that
people are unhappy if, e.g., their Skype stops working--they blame the
censor for it and somehow the censor has to deal with that. This is what
we call "collateral damage" in the paper, and different censors probably
have different levels of damage they can tolerate.

David Fifield
tor-talk mailing list