[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] ascertain trustworthyness of entry-nodes and obfs4 bridges?

On Wed, 03 Oct 2018 08:41:29 +0000, ithor wrote:
> So would there be a way to (pen-?)test a private obfs4 bridge as being non blacklisted and actually usable without really trying to connect to it and alarming my ISP and DPI the like ?

Obviously not. To test that you need to try to connect to it and
consequently risk running into a block.

For the paranoid: The firewall operator might just as well just log who
is using known brigde (incl. obfs4) addresses but letting the connections
pass to just see who is using tor.

> This seems like an overlooked security and privacy issue with a lot of possible consequences.

It's not as much overlooked but almost impossible to avoid. The only
is/was domain fronting on a cloud provider and might be encrypted SNI 
once that itself is widely deployed - only then do you look the same
as regular internet users.

On the other hand, the question is whether using tor itself is outlawed or raising suspicion in your country.

> Same thing for the entry-nodes. How can I know for sure the randomly selected one isn't rune by some gvt trol ?

By knowing and trusting the operator. That's the reason tor stopped
swapping entry nodes around - the fewer you use the lower the risk.

Also, geographic selection: Depending on the country of the relay,
trolls are unlikely to report to your gvt.

- Andreas

"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to