[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] privacy concerns with new CAPTCHA-method for obfs4 bridges
The IP address of the Azure server you're connecting to.
> How does the selection of the Azure server works ? Randomly ? If i understood well, domain-fronting servers are supposedly located geographically close to the origin of the browser request. Could it be that TBB selects an Azure server that could be hosted in a country considered hostile to the regime of the Internet user ? If so, couldn't that be compromising ?
In the case of meek-azure the firewall would also see that you supposedly want to connect to
"ajax.aspnetcdn.com", which is a common domain used by websites that are hosted on Azure.
> What firewall are we talking about ? The one that sits on the Azure server or the one of the gvt with the DPI ?
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Wednesday, October 3, 2018 1:36 PM, Jonathan Marquardt <mail@xxxxxxxxxxxx> wrote:
> On Wed, Oct 03, 2018 at 12:25:52PM +0000, ithor wrote:
>
> > So a meek request is sent in clear-text. What exact information is given ?
> > The exact ip address of the Azure server, its geolocation ?
>
> The IP address of the Azure server you're connecting to. In the case of
> meek-azure the firewall would also see that you supposedly want to connect to
> "ajax.aspnetcdn.com", which is a common domain used by websites that are
> hosted on Azure. The domain delivers some JavaScript code and whatnot. So you
> should just look like a harmless web browser surfing the web on first sight.
>
> > Could the DPI find out that this is being used for bootstrapping Tor ?
>
> Perhaps with some clever traffic correlation or timing attacks, but not so
> easily.
>
> To also answer your question from the other mail in the thread: With encrypted
> SNI, the firewall couldn't even see the fake destination (ajax.aspnetcdn.com)
> your meek client sends.
>
> This might be interesting in the future, but isn't in use with meek yet. For
> more info on that topic, have a look at this thread:
> https://lists.torproject.org/pipermail/tor-dev/2018-September/013452.html
>
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3
> https://www.parckwart.de/pgp_key
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk