Dear Oonitarians,
I would like to discuss wether the vagueness of the term 'vendor' on
http://explorer.ooni.torproject.org/ is potentially taking some impact
from understanding OONIs test results for new users. I personally recall
thinking it meant something like "vendors of internet infrastructure"
the first time I visited the explorer, and the only place to figure it
out is in one of the boxes in /highlights/.
I'm not entirely sure what an appropriate specification should look
like, I guess it's a balance between correct definition and convenience
in length - with a focus on the first my proposal would be "vendors of
[potentially] traffic manipulating software" - but that's so long it
will probably break the design of the front page. Maybe if someone knows
a shorter, appropriate synonym for "[potentially] traffic manipulating
software" ?
Best wishes,
Anatol
I'd like to share some information I have regarding Google being blocked
by one of Egyptian ISPs for a short period of time in the beginning of
January 2017.
I've seen some Facebook reports from humans claiming observation of
timeout errors and later it converted to connection reset errors.
I got some packet captures regarding TCP connection resets from one
Egyptian vantage point (AFAIK, it was TE Data ISP). These captures show
that connection was reset depending on SNI field in TLS ClientHello. The
connection was reset for `google.com.eg`, but it was not reset when the
client presented no SNI field (like `openssl s_client` CLI tool does
without `-servername` option).
SNI-based blocking was reproducible, but the data did not pass sanity
checks due to confusing metadata: latency and TCP/IP headers were
suggesting that the blocking could possibly happen within user's network
as well (compromised PC? compromised router? bogus anti-virus or
firewall software?), so I am not confident enough to release any
"public" statement based on the data I had at that moment, so I'm just
sharing it to ooni-talk@ for historical & archiving reasons.
Also, as far as I know, the blocking was gone somewhere between Jan 05
09:00 UTC and 10:40 UTC.
It's unclear if the blocking was observable from Google's point of view,
it's not obviously existing in aggregated traffic stats[1]. One can
suggest that non-smooth lines correspond to blocking being turned on and
off, but it's hard to state that for sure as the same spiky pattern may
be observed in the month-old data[2] as well.
[1] https://www.google.com/transparencyreport/traffic/explorer/?r=EG&l=WEBSEARC…
[2] https://www.google.com/transparencyreport/traffic/explorer/?r=EG&l=WEBSEARC…
Open Whisper Systems (developers of encrypted messaging app Signal)
claim[3], that the block may be caused by an attempt to tune existing[4]
equipment to block Signal messenger. IMHO, it's rather bold claim as it
implies absence of good testing environment for the fingerprinting and
blocking ruleset :-)
[3] https://twitter.com/whispersystems/status/817062093094604800
[4] https://ooni.torproject.org/post/egypt-network-interference/
--
WBRBW, Leonid Evdokimov, xmpp:leon@darkk.net.ru http://darkk.net.ru tel:+79816800702
PGP: 6691 DE6B 4CCD C1C1 76A0 0D4A E1F2 A980 7F50 FAB2
Hi,
I'm running lepidopter (with ooniprobe v2.1.0) and I would like to add
some custom url to web_connection test which is running on daily basis.
Is there any file for such purpose which is not rewritten after update ?
Best Regards,
paja
