[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Pluggable Transports and DPI

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Pluggable Transports and DPI
From: David Fifield <david@xxxxxxxxxxxxxxx>
Date: Sat, 14 May 2016 13:24:50 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 14 May 2016 16:25:12 -0400
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=bamsoftware.com; s=mail; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=7dlqrhWDy0r+zDNMhoCKud2a2ayCbIviv4oP7X8Vty8=; b=uuwzwJYptxQ3kZSN7YUKB1Ca+1BSuD6L9smxfnGFI+VIk/qjQcnTngsg4Wbojj+fZzLwVHCYPgf4q0VXHf6kfdrlObqp9qWf9Aamws2tsdjQvmLqplH8qc2ZnjgvvBElD2uPR76JKLbFG0z7sYNhlmKHC+O+52c24iZHoTvj9lA=;
In-reply-to: <91d9a283-e171-1433-94f9-016872d0874e@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Mail-followup-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
References: <C32F85D1-4226-4650-B38C-237D860D4F56@xxxxxxxxx> <20160508203747.GA25441@xxxxxxxxxxxxxxxxxxxxx> <20160512024017.GD14712@xxxxxxxxxxxxxxxxxxxxx> <91d9a283-e171-1433-94f9-016872d0874e@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.6.0 (2016-04-01)

On Wed, May 11, 2016 at 11:16:28PM -0400, Blake Hadley wrote:
> On 5/11/16 10:40 PM, David Fifield wrote:
> 
> > Another solution is to change the front domain to something else, for
> > exmaple using google.com instead of www.google.com.
> Would it be feasible for a future release of meek to do this automatically?
> Just cycle through subdomains till one works?

I don't think there's a point to doing that. Sure, it would temporarily
mitigate this specific instance, but it's going back to the
cat-and-mouse methods that I don't like. If the firewall vendor is okay
with blocking all Firefox 38 users from www.google.com, they aren't
going to have a problem with also blocking other domains. The weakness
in this case, I think, was the obsolete TLS signature, not the domain
name.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Pluggable Transports and DPI
  - From: Justin
- Re: [tor-talk] Pluggable Transports and DPI
  - From: David Fifield
- Re: [tor-talk] Pluggable Transports and DPI
  - From: David Fifield
- Re: [tor-talk] Pluggable Transports and DPI
  - From: Blake Hadley

Prev by Author: Re: [tor-talk] Pluggable Transports and DPI
Next by Author: Re: [tor-talk] Pluggable Transports and DPI
Previous by thread: Re: [tor-talk] Pluggable Transports and DPI
Next by thread: Re: [tor-talk] Pluggable Transports and DPI
Index(es):
- Author
- Thread