[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] On recent and upcoming developments in the PT universe

Hello friends,

this is a brief post on recent and upcoming developments in the PT

What has happened:

  TBB 3.6:
     As many of you know, the TBB team recently started releasing TBB-3.6
     with built-in PT support. This is great and has taken PT usage to new
     levels [0]. Maaad props to the TBB team for all their work.

     Please try the TBB-3.6 bundles here:
     TBB-3.6 includes obfs3 and FTE by default. All of them seem to work
     fine. If the built-in bridges are blocked for you (this is the case at
     least in China), try getting some more bridges from
     https://bridges.torproject.org (which also got renovated recently).
  obfs2 deprecation:
     We are in the process of deprecating the obfs2 pluggable transport [1].
     This is because China blocks it using active probing, and because
     obfs3 is stictly better than obfs2. obfs3 can also be blocked using
     active probing, but China hasn't implemented this yet. The new
     upcoming line of PTs (like scramblesuit and obfs4) should be able
     to defend better more effectively against active probing.
  Proxy support in PTs:
     Yawning Angel et al. recently implemented proxy support within
     PTs. This means that TBB-3.6 obfsproxy can now connect to an
     outgoing proxy using the Socks5Proxy torrc option [2]. This will soon
     also be the case for FTE etc.

What will happen:

  obfs4 and scramblesuit:
     Remember ScrambleSuit [3]? We are thinking of *not* deploying it after all...
     ScrambleSuit is great, but during the past two months Yawning has
     been developing a new transport called 'obfs4' [4]. obfs4 is like
     ScrambleSuit (wrt features/threat model), but it's faster and
     autofixes some of the open issues with scramblesuit (#10887, #11271, ...).
     Since scramblesuit has not been entirely deployed yet, we thought
     that it would be a good idea to deploy obfs4 instead, and keep
     scramblesuit around as an emergency PT.
     Meek is an exciting new transport by David Fifield. You can read
     all about it here: https://trac.torproject.org/projects/tor/wiki/doc/meek
     It's basically a transport that (ab)uses Firefox to do SSL in a way
     that makes it look like Firefox but underneath it's actually Tor
     data. Very sneaky, and because it uses third-party services (like
     Google Appspot, Akamai, etc.) as proxies, the user does not need to
     input a bridge. Meek just works bridgeless and automgically.
     Help us by testing the latest bundles that David made here:
  PTs and IPv6:
     PTs are not very good at IPv6 yet. We identified some of the open
     issues and created tickets for them. Hopefully we will fix them too:
      #12138 : No IPv6 support when suggesting a bindaddr to a PT
      #11211: Multiple ServerTransportListenAddr entries should be allowed per transport.
      #7961:  Publish transports that bind on IPv6 addresses 

[0]: https://metrics.torproject.org/users.html?graph=userstats-bridge-transport&start=2014-03-17&end=2014-06-15&transport=obfs3#userstats-bridge-transport
[1]: https://trac.torproject.org/projects/tor/ticket/10314
[2]: https://trac.torproject.org/projects/tor/ticket/11658
[3]: https://lists.torproject.org/pipermail/tor-relays/2014-February/003886.html
[4]: https://github.com/Yawning/obfs4
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to