[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor banned in Pakistan.

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor banned in Pakistan.
From: Andrew Lewman <andrew@xxxxxxxxxxxxxx>
Date: Sun, 11 Sep 2011 20:51:20 -0400
Authentication-results: lewman.is;
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 11 Sep 2011 20:51:50 -0400
In-reply-to: <1315711084.25241.140258139680049@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Organization: The Tor Project, Inc.
References: <4E69325D.6090100@xxxxxxxxx> <20110911015505.GA11197@xxxxxxxxxxxxxxxx> <1315711084.25241.140258139680049@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.13.6 (Linux/2.6.38-11-generic; KDE/4.6.2; x86_64; ; )

On Saturday, September 10, 2011 23:18:04 Andre Risling wrote:
> Does that mean even though Pakistan has banned encrypted traffic that
> Tor can still work because users are connecting by way of bridges?

Perhaps I wasn't clear.  Pakistan has banned all encryption on the Internet 
inside their country.  It is unknown how this will be enforced, if at all. 
There are at least two ways Pakistan can enforce this ban:

1. Block typical ports for encrypted traffic, such as ssh, https, pop3, and 
imaps; or
2. Require ISPs to deploy deep packet inspection devices that look for any 
encrypted traffic.  Once they find encrypted traffic, the ISP can be required to 
 a. simply record that customer X is using encryption and report that to the 
government; or
 b. block the traffic. 

If number 1, Tor clients talking to bridges may still work, assuming the 
bridge isn't running on a blocked port.

If number 2, Tor clients in situation 2a still get recorded, because on the 
wire, it looks like someone is using encryption. Tor clients in situation 2b 
means the client will not connect to the next hop, the bridge in this case.

This is all conjecture as we have no more visibility into the enforcement 
mechanisms than any one else. 

We are working on pluggable transports and obfuscating the tor procotol so 
that we can fool a deep packet inspection device to some level. See 
https://gitweb.torproject.org/obfsproxy.git for extremely experimental code.

-- 
Andrew
pgp 0x74ED336B
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor banned in Pakistan.
  - From: Matthew
- Re: [tor-talk] Tor banned in Pakistan.
  - From: andrew
- Re: [tor-talk] Tor banned in Pakistan.
  - From: Andre Risling

Prev by Author: Re: [tor-talk] Tor spying
Next by Author: Re: [tor-talk] How to verify the authenticity of the Torbutton xpi file
Previous by thread: Re: [tor-talk] Tor banned in Pakistan.
Next by thread: Re: [tor-talk] Tor banned in Pakistan.
Index(es):
- Author
- Thread