[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Flashproxy bridge operators and proxy provider



On Fri, Oct 12, 2012 at 06:16:08PM +0200, Sebastian G. <bastik.tor> wrote:
> What happens if an Flashproxy (bridge) operator visits websites that has
> a badge on it so he proving a proxy. (What happens if someone is both
> flashproxy relay and flashproxy?)
> 
> This question seeks to answer if it is OK to run such a bridge and to be
> "proxying" at the same time with the same IP.
> 
> Whenever or not it's accepted and or expected that this would be the
> case.. could a proxy serve it's own bridge?
> 
> Does anyone see problems with being a flashproxy bridge and a proxy at
> the same time?

I don't quite understand your question, but I think it might be
confusion of terminology. When someone is viewing a flash proxy badge,
their browser starts running a "flash proxy" and we sometimes refer to
the browser user as a flash proxy "operator," even though they're not
doing any technical "operation" like the owner of a Tor relay does.

We deliberately decided not to use the term "bridge" with flash proxies,
to avoid confusion with actual Tor bridges, which are full-fledged
relays that do TLS and everything. Flash proxies just copy bytes from
one address to another.

Flash proxies can only connect to relays that support the websocket
pluggable transport (https://gitweb.torproject.org/flashproxy.git/blob/HEAD:/doc/websocket-transport.txt).
There is only one of these that I know of, tor1.bamsoftware.com:9901
which I run, though there is a section "How to run a relay" in the
README so you could run your own.

So what I think you are asking is, if you were to run a Tor relay with
the websocket transport, on your home Internet connection, say, and also
simultaneously acted as a JavaScript flash proxy from the same IP
address, would there be a problem? First, nothing would happen
immediately because it is a manual process to add a new relay address to
the facilitator; you would have to tell us about it. But suppose the
facilitator automatically got a list of websocket relays from BridgeDB.
I don't think there is a problem doing both from the same IP address,
but our threat model assumes that a censor will block any long-running
bridge at a static IP address. So your IP address might get blocked by a
censor not because you are a flash proxy, but because you are a Tor
relay. For example, if I were to somehow run a browser from
tor1.bamsoftware.com, we wouldn't expect it to be reachable, because we
would expect the censor to already have blocked that bridge.

David Fifield
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk