On Sat, Feb 28, 2015 at 10:46:03AM -0800, Dan Cristian Octavian wrote:
My name is Dan, I've been working on a pluggable transport for Tor based on bittorrent as cover traffic and wanted to let you know about it.
https://github.com/danoctavian/bit-smuggler
In a nutshell, I'm tunnelling a data stream through a bittorrent peer connection that is created by real bittorrent clients (uTorrent for this implementation) - to avoid "parroting" traffic pitfalls and active probing. This made the implementation quite tricky to get right, so my reasoning is that it's a worthy trade-off.
People reading this should look at the documentation, there's thoughtful information there.
https://github.com/danoctavian/bit-smuggler/blob/master/README.md https://github.com/danoctavian/bit-smuggler/blob/master/DESIGN.md https://github.com/danoctavian/bit-smuggler/blob/master/docs/system-componen...
I don't know anything about BitTorrent. What parts of the protocol are easily visible to the censor, without expensive reconstruction? I guess it includes at least: file names, file sizes, peer IP addresses.
About active probing: it's true that if the censor probes you, you look like a BitTorrent client. Is there anything weird about how you use the protocol that could make you stand out anyway? At https://github.com/danoctavian/bit-smuggler/blob/master/README.md#security, you say that a network monitor would have to reconstruct a stream in order to detect anomalies. Could a censor acting as an ordinary peer detect them more easily, just by participating in the file transfer? (I'm thinking of how the movie studios would run their own BitTorrent clients in order to find other downloaders.)
David Fifield