[ooni-dev] ip address info survey website idea

[Jacob Appelbaum]

Aaron:
> On Tue, Apr 23, 2013 at 5:01 PM, Jacob Appelbaum <jacob at appelbaum.net>wrote:
> 
>> Hi,
>>
>> I was thinking of a useful service that will invite everyone to visit
>> it. In an ideal world, we could offer it as a badge to be included on
>> websites as well as just as a normal website.
>>
> 
> I like this idea. The image might also say something qualitative about the
> users ISP. A simple example would be that ISPs that do not filter/interfere
> get a green badge, and those that do get varying shades of red.
> 
> 

Sure - seems rather straight forward to include some non-color specific
stuff for color blind folks as well.

>> Basically, I think we should have an HTTP page that reports the user's
>> ip, asn, a traceroute (icmp, tcp, udp), and it should load an image from
>> the same machine offered over HTTPS. We could create a unique reference
>> and if we see split routing, we have a bit of data about likely filtering.
>>
> 
>> We may even do scanning for key word filtering with a *.example.com
>> domain certificate. In short, we generate a number of image links for
>> which each domain load a small image. For every image that does not
>> load, we know that the single difference is the different word in the
>> TLS handshake. We could also offer an image to report an image of their
>> ip address with or without ssl (with or with a lock icon). This would
>> allow people to add an image for a web survey of sorts, if they wanted
>> to help us with our coverage.
>>
> 
> Can this technique be used to tell if Tor is being blocked by
> fingerprinting TLS handshake, without using Tor?
> 

I'm not sure - Tor's website? Sure. But Tor's protocol? Unlikely.

> 
>>
>> The incentive for a user is that they want to know their IP address and
>> other related information.
> 
> 
> I'm not sure that IP/asn information is a big incentive to most Internet
> users and think we'd need to expand on this idea to get significant
> traction, but it's a good starting point.
> 

I think whatismyip.com gets a lot of traffic. As do most of the other
sites....

> 
>> The incentive for us is that it gives us
>> information to help develop a generic method that anyone may deploy on
>> their own website for detecting surveillance of their readers/users/etc.
>> A further incentive is that the data will be very interesting if we log
>> all of the *source* ip addresses, headers (eg: X-Forwarded, X-Via, etc),
>> and so on.
>>
> 
> Ideally done in a privacy preserving way.
> 

Sure - I imagine a setup where we only log origin ASN, if we want, while
also giving them the data they want.

> 
>>
>> I'm tempted to run this service on blockfinder.net and back the data
>> with the data from blockfinder/MaxMind and other GeoIP services. If we
>> also ask the user of their country, we might be able to collect
>> information corrections.
>>
> 
> If the image or embedded content can function as a simple (single click)
> survey we can probably come up with a lot of interesting questions.
> 

Yeah, I agree.

> 
>> This will give us a light weight one to one testing service This
>> complements the more heavy ooniprobe one to one or one to many service.
>> It also helps us develop the more heavy solutions as we'll have an idea
>> about data we may be missing with the heavy solutions.
>>

...

All the best,
Jacob