[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: problem with bridges and a suggestion



On Wed, May 26, 2010 at 12:01:12PM -0400, thecarp@xxxxxxxxx wrote 3.3K bytes in 71 lines about:
: It may not be 100%, but, it doesn't really need to be. Its not like
: you need all the users all the time, just enough to raise the bar and
: cut down the numbers.

Correct, and this seems to be what the GFW is trying to do, just raise
the bar to make it difficult enough for the average user.  We've been
thinking about the arms race out to ten steps along it.  With China,
we're at step 2.  No other country, nor most American/European companies
that make censorship technologies are beyond step 1 (blocking the public
list of relays).

: Perhaps other ways of hiding it are needed. As it is, it would be
: trivial to connect via ssl and verify if a machine talks onion router.
: It might be harder if there were multiple protocol paths into it. What
: if I connect on port 25  and get a normal mail server, then start tls
: from within protocol and use a command to switch to onion routing. I
: connect on port 636 and its ldap first. 993 and its IMAP over ssl.

Trivial for a handful of connections and doing so at a countrywide scale
thankfully don't match these days.  Not to say a government can't tax
their citizens more to afford better technology to better censor their
citizens.  I'll let the researchers comment on this obfuscation
proposal.

-- 
Andrew Lewman
The Tor Project
pgp 0x31B0974B

Website: https://www.torproject.org/
Blog: https://blog.torproject.org/
Identi.ca: torproject
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/