[tor-commits] [obfsproxy/master] Update README and remove the philosophical threat model.

nickm at torproject.org nickm at torproject.org
Fri Jan 13 15:09:46 UTC 2012


commit fff52d137c564b5966ff971cbe5ad94afea750ef
Author: George Kadianakis <desnacked at riseup.net>
Date:   Thu Jan 12 15:27:19 2012 +0200

    Update README and remove the philosophical threat model.
---
 README                         |   20 +++-----
 doc/THREAT_MODEL_PHILOSOPHICAL |   99 ----------------------------------------
 2 files changed, 7 insertions(+), 112 deletions(-)

diff --git a/README b/README
index b69b65c..ef5ad93 100644
--- a/README
+++ b/README
@@ -1,17 +1,11 @@
-This doesn't work yet.
+obfsproxy: a pluggable transports proxy
 
-It requires OpenSSL 0.9.7 or later. (I would require 0.9.8, but that would
-break OSX 10.5.)
+obfsproxy is a pluggable transports proxy written in C. It's compliant
+to the Tor pluggable transports specification, and its modular
+architecture allows it to support multiple pluggable transports.
 
-It requires Libevent 2.0 or later.
+To build obfsproxy from source:
+   ./autogen.sh && ./configure && make
 
-See doc/protocol-spec.txt for the protocol design.  It is based on brl's
-obfuscated openssh protocol.
+See doc/ for more obfsproxy information.
 
-See doc/TODO for open tasks.
-
-This project might get renamed to "twobfuscate", depending.
-
-Happy hacking!
-
-  -- nickm
diff --git a/doc/THREAT_MODEL_PHILOSOPHICAL b/doc/THREAT_MODEL_PHILOSOPHICAL
deleted file mode 100644
index d67af1b..0000000
--- a/doc/THREAT_MODEL_PHILOSOPHICAL
+++ /dev/null
@@ -1,99 +0,0 @@
-        Role of this document
-
-The role of this document is to give a clear image of what obfs2
-provides to a censored Tor user.
-The role of this document is *not* to describe the censorship ecosystem,
-or to analyze the full threat model of Tor.
-
-        Terminology
-* Censorship:
-  'Censorship is the suppression of speech or other public
-  communication which may be considered objectionable, harmful,
-  sensitive, or inconvenient to the general body of people as
-  determined by a government, media outlet, or other controlling
-  body.'
-* Anonymity
-  Anonymity is the state of an individual's personal identity being
-  publicly unknown. Anonymity does not imply Privacy.
-* Tor
-  Tor is a software system and a computer network intended to provide
-  online anonymity. It's main application is 'tor'.
-* Privacy
-  Privacy is used to prevent the disclosure of information to
-  unauthorized individuals or systems. Privacy does not imply
-  Anonymity.
-* Tor bridge
-  A Tor bridge is a component of the tor network that is not publicly
-  announced as part of it. It's main purpose is Censorship
-  circumvention since finding and blocking a bridge is considered
-  non-trivial.
-* obfsproxy
-  obfsproxy is an application that accepts data as input and can
-  reshape it into another form.
-  When used with tor, it can transform tor's traffic into other
-  protocols in the hope of dodging Censorship.
-* obfs2
-  obfs2 is a protocol supported by obfsproxy. It shapes data by
-  encrypting them with a stream cipher with a randomly generated
-  key. It also supports pre-shared passwords.
-
-        Players:
-* Censored tor/obfsproxy user:
-  A censored tor/obfsproxy user is an Internet user that is censored
-  by 'A Man In The Middle'. He wants to use tor to achieve anonymity,
-  but he also needs privacy, to hide the fact that he is using Tor.
-* Bridge Operator:
-  A bridge operator is a person who runs a tor bridge and has
-  successfully given to the 'Censored tor/obfsproxy user' the necessary
-  information so that the latter can access the bridge service. 
-* A Man In The Middle (MITM):
-  A MITM is a person or a group of people who have the power to
-  apply Censorship.
-
-        What Tor does and does not provide:
-
-Once he is a member of the Tor network a censored Tor user can expect
-low-latency anonymity. A Tor user can also expect Privacy with regards
-to A Man In The Middle, when he is a member of the Tor network.
-
-The problem is that before and while becoming a member of the Tor
-network the user is *not* anonymous and his communications with the
-Tor network are *not* private. This allows A Man In The Middle to
-identify the Tor user and censor him/her.
-
-        What obfs2 does and does not provide:
-
-A Tor user using obfs2 with a Tor Bridge *without* a pre-shared password
-can expect low quality privacy on his communications with the Tor
-network before becoming part of it.
-'low quality privacy' means that A Man In The Middle who has studied
-the obfs2 protocol can easily decipher it, effectively extinguishing
-the privacy.
-
-A Tor user using obfs2 with a Tor Bridge *with* a pre-shared password
-can expect modest privacy on his communications with the Tor network
-before becoming part of it.
-'modest privacy' means that A Man In The Middle who has studied the
-obfs2 protocol should not be able to decipher it. 
-Still one should know that:
-* Because of the nature of the protocol, it is susceptible to offline
-  password cracking attacks.
-* It is the responsibility of the user and the bridge operator to
-  decide upon a strong pre-shared password.
-
-After becoming part of the Tor network, the user is considered
-anonymous and his communication private, with regards to A Man In The
-Middle, under normal circumstances.
-
-Since the realm of anti-censorship is quite young and
-not well studied, the obfs2 user should be aware that there are known
-and unknown attacks that can potentially identify obfs2 and can be
-deployed by A Man In The Middle. Known attacks like that include
-entropy counting and timing attacks.
-
-Additionally, a Tor user using obfs2 with a Tor bridge must *not*
-expect additional entity authentication, data integrity, availability
-or deniability.
-
-Finally, a Tor user using obfs2 with a Tor bridge must *not* expect
-protection from flows of the Tor protocol.  





More information about the tor-commits mailing list