[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Unusual Tor's spikes in Egypt and Turkey on 28th August

On 20 September 2017 at 10:35, Roman Mamedov <rm@xxxxxxxxxxx> wrote:

> On the 28th of August, 261 websites providing VPN and Proxy services where
> found blocked.
> A new section was added to the report containing a schedule that lists
> monitored websites that provides VPN and Proxy services."
> https://www.reddit.com/r/Egypt/comments/6wkbcw/did_
> they_seriously_just_block_vpns/
> But it seems puzzling the spike was just for 1 day and then back to
> just exactly the previous level.


From my experience of watching people access a very large website over Tor,
I have developed some theories - mere theories, not based on hard analysis
- about why this happens.

I believe that Tor is most widely deployed and used "at need"; people keep
a copy of it lying around, especially in environments where blocking is
common, and they use it on special occasions to get past the barriers and
to reassert their "normal" computing capabilities as-soon-as-possible.

I think this makes sense: because of the "anonymity" (eg: JS-related)
aspects of the tool, TorBrowserBundle (TBB) can feel like a somewhat
"degraded" experience when compared to a "normal" web browser, and also I
know at least one occasion in past where a TBB upgrade killed all the
bookmarks which I'd built up.

Thereby I believe that TBB has evolved, for some people, to be "the browser
that you use to get past the barricades, until you're safe enough and/or
have acquired updated VPN software, and then you can go back to your old /
normal / familiar browser".

In certain respects this can be read as "TBB's threat model excessively
trades-off consistency and usability in favour of protections which
$SOME_MAJORITY of its userbase do not actually need" - but I'm okay with
the status quo.

I would rather that TBB "shoot for the stars" in terms of integrity,
privacy and anonymity-protection, though I exhort any/all efforts that work
to address this issue.

The one insight that I can bring to the table here is this: the number of
people who know how to (and *do*) use Tor at-need, vastly exceeds the
number of people who use it on a regular basis; this is also why the
autoupdate mechanism (and improvements to the security and speed thereof)
are fundamental to the TBB proposition.

I'd really love to see Tor, TBB and TBB-Plugin mechanisms upgraded to run
over single-onion, for instance.  It would make sense.


tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to