[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] MITM attack on TLS

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] MITM attack on TLS
From: Justin <davisjustin002@xxxxxxxxx>
Date: Sat, 21 Nov 2015 09:32:41 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 21 Nov 2015 10:32:58 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=+6J0k2UyCmSAf4Q9x7UN2mspNWCME9f+99otHFtuC34=; b=RcrrWN+NrxJGRKWyUREFtTMYlmn65UFoc0HRw9qkMjcgyOdqVMgqkd+ZlmTePvkSKZ u929DwgO+VKoA+v9wbCIMz9kUo5CbFALvJjvE2NM1m++hPws4SKEKWuQGPNrqhytxoRw yA6BVm6DwLBOd74n9p+bimwJQWdZ4CxTVLRq7FN097QzLGkihtLxhM9BOu8e4U+kOLGn BfF9ZjEZ3MQ6UPJwKB8RVw8JkqjNflonEXKCHFzmZEAXN6ck3+0dMmUxPWJlbOgNO/kW h8XZrQ7wedFxy7fpR5c+8Gh+yeb+VB2Eg7gHFx7iKYAFGeKwF62cXKo2ezu2Iiwdcdso ZUsg==
In-reply-to: <56504423.1030304@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <B524CA60-C124-43D2-B8E9-77E538ED5C91@xxxxxxxxx> <56504423.1030304@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Hello,
I know.  OBFS4 makes the traffic unrecognizable to a DPI unit.  Thatâs why I switched from Meek to it.

> On Nov 21, 2015, at 4:14 AM, Ivan Markin <twim@xxxxxxxxxx> wrote:
> 
> Justin:
>> I wonât get into trouble because Iâm not using regular Tor.  Iâm
>> using pluggable transports, which hide the Tor traffic and make it
>> unrecognizable to a DPI box.  This should be good enough even if
>> Meekâs TLS is broken.
> 
> Nope, not good enough. Actually it is _regular_ Tor connection. It is
> just encapsulated into HTTP (without TLS in your case) and easily
> detectable with tools like tcpflow.
> Try to use PTs other than meek like obfs4/ScrambleSuit.
> 
> -- 
> Ivan Markin
> 
> -- 
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] MITM attack on TLS
  - From: Justin
- Re: [tor-talk] MITM attack on TLS
  - From: Ivan Markin

Prev by Author: [tor-talk] MITM attack on TLS
Next by Author: Re: [tor-talk] MITM attack on TLS
Previous by thread: Re: [tor-talk] MITM attack on TLS
Next by thread: [tor-talk] Islamic State
Index(es):
- Author
- Thread