[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Orbot v14 alpha: obfsclient, Tor

On 05/04/2014 05:18 AM, George Kadianakis wrote:
> Nathan Freitas <nathan@xxxxxxxxxxx> writes:
>> On May 3, 2014 4:18:28 PM EDT, George Kadianakis <desnacked@xxxxxxxxxx> wrote:
>>> George Kadianakis <desnacked@xxxxxxxxxx> writes:
>>>> Nathan Freitas <nathan@xxxxxxxxxxx> writes:
>>>>> On May 3, 2014 6:10:58 AM EDT, George Kadianakis
>>> <desnacked@xxxxxxxxxx> wrote:
>>>>>> Nathan Freitas <nathan@xxxxxxxxxxx> writes:
>>>>>>> Orbot now supports Obfs3 and Scramblesuit, thanks to Yawning's
>>> help.
>>>>>> Great news! Thanks!
>>>>>> BTW, how are obfs3 bridges supposed to be used?
>>>>> This is the string I use for scramblesuit, copied directly from the
>>> bridges.tp.o page:
>>>>> scramblesuit xxx.xxx.xxx.xxx:xxxxx fingerprintxxx
>>> password=sharedsecretxxx
>>>>>> I installed Orbot-v14.0.0-ALPHA-2a.apk and checked the Preferences
>>>>>> menu. There used to be an option called 'Obfuscated Bridges' that
>>> it's
>>>>>> not there anymore. I assumed that I just have to specify a bridge,
>>> and
>>>>>> then prefix it with the transport name, like you do in the torrc.
>>>>> Yes.
>>>>>> So I clicked on 'Bridges' and then inserted 'obfs3 <ip>:<port>'
>>> (with
>>>>>> my own <ip> and <port>) and started up Orbot. Unfortunately, I think
>>>>>> that it didn't work very well. In the logs I got:
>>>>>> """"
>>>>>> Adding bridge: obfs3 <ip>:<port>
>>>>> Hmm.... Add a fingerprint perhaps?
>>>> Hm, I just tried that bridge again (without adding a fingerprint),
>>> and
>>>> now I'm getting the usual PT error:
>>>> "We were supposed to connect to bridge '<ip>:<port>' using pluggable
>>>> transport 'obfs3', but we can't find a pluggable transport proxy
>>>> supporting 'obfs2'. ..."
>>>> I'm not sure why I'm getting this today instead of the error I was
>>>> getting yesterday [0]. I don't remember rebooting or changing
>>>> anything.
>>>> In any case, this new message usually means that obfsproxy crashed
>>>> early: before being configured to be a Pluggable Transport. The same
>>>> should be true for obfsclient too. Could it be a permission issue?
>>> We played a bit with Yawning on this.
>>> Are we sure that the ClientTransportPlugin is even set at all?
>>> Because looking at
>>> https://gitweb.torproject.org/orbot.git/blob/HEAD:/src/org/torproject/android/service/TorService.java#l1713
>>> it seems that it depends on the boolean PREF_BRIDGES_OBFUSCATED which
>>> apparently is never set since commit 147b57af4.
>>> This seems to agree with my experience since I'm getting the log
>>> message "Using standard bridges" which is on the 'else' codepath.
>>> Or maybe we are missing something.
>> Wow, I just realized that I removed that preference UI, but on my test device it was already set to TRUE, since I did not do a clean install.
>> Thanks for the testing, and will push a new release our in next 24 hours with that fixed.
> Thanks!
> BTW, I'd suggest to parse the Bridge lines to figure out if PTs are
> used and only then insert a ClientTransportPlugin line (in contrast,
> to always adding a ClientTransportPlugin line). That's to avoid issues
> like #11658.
I am doing that now, by looking for a supported PT type in the bridge
config lines
> You can check if a Bridge line uses PTs, by checking if its second
> element is a C-identifier as the pt-spec.txt suggests. An IP:PORT is
> not a C-identifier because of the colon.
That sounds like a better way, especially since PTs could be run outside
of Orbot as separate apps.
Here's a new alpha-3 build that has been tested on a few devices, with
both obfs3 and scramblesuit bridges:

apk: https://guardianproject.info/releases/Orbot-v14.0.0-ALPHA-3.apk
sig: https://guardianproject.info/releases/Orbot-v14.0.0-ALPHA-3.apk.asc

14.0.0 (ALPHA-2)
583c758 updated to 14.0.0-ALPHA-3
90848b0 reduce memory usage of app and make single process
ba90f73 cleanup of notification and process kill code
76ec147 add some more externalized strings
e80c3bf check if installed apps are enabled
60a822a updated to 14.0.0-ALPHA-2b
69614fb updated Tor version to heartbleed blacklists for
non-updated tor nodes
53673da fix bridge/PT enable code based on bridge types
9096f8c update 14.0.0-ALPHA-2a for some testers (samsung)
42d8ca1 for some devices, the process-id is listed first
fd51281 make sure the unbind intent is not null
b814019 improvement for network state checking code
648b10c updated changelog for v14
ea919c5 add the basic proguard support
147b57a remove unused preference
0dc50cc add log max size feature
b9f14b3 ensure setConft on control port works consistently
b056e7f remove debug waiter

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to