[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Question about possible increased risk of censorship when running (the same) Tor node as a relay and later as a bridge
> All depends you could just be as easily caught in some restrictive regions
(China) be caught relaying via cellphone and sat connection.
Most likely to find services such as tor they are using NMAP scans of
ports, the best solution is to use a VPN in a non-restrictive region then
relay tor. So during port scans tor wont show rather your just using a VPN.
Agree - thanks. However, I was not asking as a Tor user, but rather as a
relay operator - what is the most efficient way for me to run a relay, when
it is known that it's part of the (previous) consensus(es). 'Efficient'
here means censorship-resistance-focused set of constraints - perhaps it
would be best to avoid trying to be a bridge, etc.
On Mon, May 20, 2013 at 7:27 PM, Gregory Disney <gregory.disney@xxxxxxxxx>wrote:
> All depends you could just be as easily caught in some restrictive regions
> (China) be caught relaying via cellphone and sat connection.
> Most likely to find services such as tor they are using NMAP scans of
> ports, the best solution is to use a VPN in a non-restrictive region then
> relay tor. So during port scans tor wont show rather your just using a VPN.
>
>
> On Mon, May 20, 2013 at 11:39 AM, Kostas Jakeliunas
> <kostas@xxxxxxxxxxxxxx>wrote:
>
> > Hi all,
> >
> > has there been any discussion/research whether Tor bridges are more
> likely
> > to get blacklisted in censored areas if they'd been first run as simple
> > internal relays? The idea being, if a censorship system is fishing for
> Tor
> > nodes so they can be blacklisted on a per-IP-address basis and an
> internal
> > relay later on becomes a bridge but is using the same external IP
> address,
> > I suppose it is possible that it might get automatically blacklisted. Say
> > I'm a censor and I'm blacklisting all IPs found in the published
> > consensuses. I discover that someone is trying to connect to an IP
> > previously found on a consensus (and I recall all previous IPs) - I do
> not
> > do DPI - and simply block the connection due to IP address match. In this
> > case, it doesn't matter if the bridge could be found via bridgeDB, or if
> > it's doing pluggable transports. Any known cases/reports where this is
> > likely to have happened?
> >
> > The reason I'm asking is, I've been running an internal Tor relay and am
> > considering making it to be an obfsproxy bridge; it would be the same IP
> > address. Perhaps this is inefficient, i.e. it is likely to have already
> > been blacklisted in many censored/important areas? I suppose it's also an
> > interesting question in itself, and it would be interesting to do some
> > experiments e.g. using OONI.
> >
> > Thanks for any input
> > Kostas.
> > _______________________________________________
> > tor-talk mailing list
> > tor-talk@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> >
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk