[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #8591 [Censorship analysis]: GFW actively probes obfs2 bridges
#8591: GFW actively probes obfs2 bridges
-----------------------------------------------------------+----------------
Reporter: phw | Owner: phw
Type: task | Status: new
Priority: normal | Milestone:
Component: Censorship analysis | Version:
Keywords: obfs2, gfw, active probing, censorship, china | Parent:
Points: | Actualpoints:
-----------------------------------------------------------+----------------
It looks like the GFW is now actively probing obfs2. After hearing rumours
yesterday, I wasn't able to reproduce this. Today, however, I got my
private obfs2 bridge probed just milliseconds after my own connection from
China. I got hit by two random Chinese addresses as we already know it
from the Tor probing. After the probing, my obfs2 connection timed out and
the SYN/ACK segments from the bridge were dropped when trying to establish
a new connection. I could reproduce all of this several times.
I haven't tested obfs3 yet and I suppose we can skip the old looking-for-
the-fingerprint game. Depending on what protocols they are trying to
detect, they might have to probe several times since it's not clear what's
behind all that entropy. It might be obfs2, obfs3 or VPN PSK and perhaps
even more protocols.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8591>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs