[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Pluggable Transports and DPI

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Pluggable Transports and DPI
From: Roger Dingledine <arma@xxxxxxx>
Date: Thu, 12 May 2016 00:19:29 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 12 May 2016 00:19:42 -0400
In-reply-to: <20160512024017.GD14712@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <C32F85D1-4226-4650-B38C-237D860D4F56@xxxxxxxxx> <20160508203747.GA25441@xxxxxxxxxxxxxxxxxxxxx> <20160512024017.GD14712@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.20 (2009-12-10)

On Wed, May 11, 2016 at 07:40:17PM -0700, David Fifield wrote:
> Justin helped me by running some tests and we think we know how this
> Cyberoam device is blocking meek connections. It blocks TLS connections
> that have the Firefox 38's TLS signature and that have an SNI field that
> is one of our front domains: www.google.com, a0.awsstatic.com,
> ajax.aspnetcdn.com.

Good stuff!

It's clear that they had a person look at the topic and decide on a way
to block it -- accepting some collateral damage and making a guess about
how many unhappy people it would produce. They benefited from the fact
that the customers behind this Cyberoam weren't an entire country, meaning
they were betting that a low collateral damage was not many people at all.

Do we know anything about how they decided to detect obfs4 (and what
collateral damage they decided was acceptable there)?

--Roger

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Pluggable Transports and DPI
  - From: David Fifield

References:
- [tor-talk] Pluggable Transports and DPI
  - From: Justin
- Re: [tor-talk] Pluggable Transports and DPI
  - From: David Fifield
- Re: [tor-talk] Pluggable Transports and DPI
  - From: David Fifield

Prev by Author: Re: [tor-talk] Where is the Tor source code? [Was Re: FBI harassing Tor devs]
Next by Author: Re: [tor-talk] Tor Design : Differents keys used for connection.
Previous by thread: Re: [tor-talk] Pluggable Transports and DPI
Next by thread: Re: [tor-talk] Pluggable Transports and DPI
Index(es):
- Author
- Thread