[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 203: Avoiding censorship by impersonating an HTTPS server



* Nick Mathewson schrieb am 2012-06-26 um 00:23 Uhr:
> Side note: What to put on the webserver?
> 
>    To credibly pretend not to be ourselves, we must pretend to be
>    something else in particular -- and something not easily identifiable
>    or inherently worthless.  We should not, for example, have all

Some ideas:
- some random content with a CC license
  We could have a list or something of CC-licensed content. The
  webserver mirrors either the whole site or some subsites. I'm thinking
  of some Wikipedia sites or books from Project Gutenberg.
- country related content
  We could check the users IP address and try to geolocate it. Based on
  that country information the webserver could deliver some local
  content. But where should we get country-specific content.
- 451
  If someone is in trolling mood, he just can deliver a 451 error. ;)
- Login page/random fresh installation
  We could also present some page which looks like a valid login page or
  a fresh installation (Apache, Mediawiki or something other popular).
  Another similar idea is it to deliver some error page, like a blank
  page with a MySQL-, PHP-, Tomcat or any other error message.

-- 
Jens Kubieziel                                   http://www.kubieziel.de
Die größten Menschen sind jene, die anderen Hoffnung geben können. Jean
Jaurès

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev