[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] privacy concerns with new CAPTCHA-method for obfs4 bridges

On Wed, Oct 03, 2018 at 12:25:52PM +0000, ithor wrote:
> So a meek request is sent in clear-text. What exact information is given ? 
> The exact ip address of the Azure server, its geolocation ?

The IP address of the Azure server you're connecting to. In the case of 
meek-azure the firewall would also see that you supposedly want to connect to 
"ajax.aspnetcdn.com", which is a common domain used by websites that are 
hosted on Azure. The domain delivers some JavaScript code and whatnot. So you 
should just look like a harmless web browser surfing the web on first sight.

> Could the DPI find out that this is being used for bootstrapping Tor ?

Perhaps with some clever traffic correlation or timing attacks, but not so 

To also answer your question from the other mail in the thread: With encrypted 
SNI, the firewall couldn't even see the fake destination (ajax.aspnetcdn.com) 
your meek client sends.

This might be interesting in the future, but isn't in use with meek yet. For 
more info on that topic, have a look at this thread: 
OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3

Attachment: signature.asc
Description: PGP signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to