[ooni-dev] ip address info survey website idea

Aaron aagbsn at torproject.org
Thu Apr 25 16:39:24 UTC 2013

On Tue, Apr 23, 2013 at 5:01 PM, Jacob Appelbaum <jacob at appelbaum.net>wrote:

> Hi,
> I was thinking of a useful service that will invite everyone to visit
> it. In an ideal world, we could offer it as a badge to be included on
> websites as well as just as a normal website.

I like this idea. The image might also say something qualitative about the
users ISP. A simple example would be that ISPs that do not filter/interfere
get a green badge, and those that do get varying shades of red.

> Basically, I think we should have an HTTP page that reports the user's
> ip, asn, a traceroute (icmp, tcp, udp), and it should load an image from
> the same machine offered over HTTPS. We could create a unique reference
> and if we see split routing, we have a bit of data about likely filtering.
> We may even do scanning for key word filtering with a *.example.com
> domain certificate. In short, we generate a number of image links for
> which each domain load a small image. For every image that does not
> load, we know that the single difference is the different word in the
> TLS handshake. We could also offer an image to report an image of their
> ip address with or without ssl (with or with a lock icon). This would
> allow people to add an image for a web survey of sorts, if they wanted
> to help us with our coverage.

Can this technique be used to tell if Tor is being blocked by
fingerprinting TLS handshake, without using Tor?

> The incentive for a user is that they want to know their IP address and
> other related information.

I'm not sure that IP/asn information is a big incentive to most Internet
users and think we'd need to expand on this idea to get significant
traction, but it's a good starting point.

> The incentive for us is that it gives us
> information to help develop a generic method that anyone may deploy on
> their own website for detecting surveillance of their readers/users/etc.
> A further incentive is that the data will be very interesting if we log
> all of the *source* ip addresses, headers (eg: X-Forwarded, X-Via, etc),
> and so on.

Ideally done in a privacy preserving way.

> I'm tempted to run this service on blockfinder.net and back the data
> with the data from blockfinder/MaxMind and other GeoIP services. If we
> also ask the user of their country, we might be able to collect
> information corrections.

If the image or embedded content can function as a simple (single click)
survey we can probably come up with a lot of interesting questions.

> This will give us a light weight one to one testing service This
> complements the more heavy ooniprobe one to one or one to many service.
> It also helps us develop the more heavy solutions as we'll have an idea
> about data we may be missing with the heavy solutions.
> Thoughts?
> All the best,
> Jake
> _______________________________________________
> ooni-dev mailing list
> ooni-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/ooni-d<https://lists.torproject.org/cgi-bin/mailman/listinfo/ooni-dev>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/ooni-dev/attachments/20130425/e578229f/attachment.html>

More information about the ooni-dev mailing list