[tor-bugs] #8673 [Flashproxy]: Host a flashproxy-reg-http listener on s3.amazonaws.com (was: host a flashproxy-reg-url on s3.amazonaws.com)

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 10 05:22:08 UTC 2013 

#8673: Host a flashproxy-reg-http listener on s3.amazonaws.com
------------------------+---------------------------------------------------
 Reporter:  proper      |          Owner:  dcf
     Type:  task        |         Status:  new
 Priority:  normal      |      Milestone:     
Component:  Flashproxy  |        Version:     
 Keywords:              |         Parent:     
   Points:              |   Actualpoints:     
------------------------+---------------------------------------------------

Comment(by dcf):

 Replying to [comment:2 proper]:
 > Replying to [comment:1 dcf]:
 > > I think it doesn't offer anything special for URL registrations,
 though. I could be wrong or misunderstand your request.
 >
 > As far I understand s3, it's just a server you can rent. Once someone
 connects to that domain, you know they're interested to get a flashproxy
 (you see the IP, because you rent the server). So users don't have to find
 out their external IP.

 I see. You should look at
 [https://gitweb.torproject.org/flashproxy.git/blob/HEAD:/flashproxy-reg-
 http flashproxy-reg-http], which already does what you want, not
 `flashproxy-reg-url`. `flashproxy-reg-http` uses a simple HTTP POST, not
 any fancy encoded URL. And it gets the client address from the TCP source
 address, as you suggest. `flashproxy-reg-http` and `flashproxy-reg-url`
 work differently and one isn't a replacement for the other.

 Of course, `flashproxy-reg-http` is trivially blockable, just by blocking
 the listening web server. Therefore it doesn't count as a "real"
 rendezvous method. We include it just for censors who aren't paying
 attention.

 You can use `flashproxy-reg-http` on a different web server like this:
 {{{
 ./flashproxy-reg-http -f http://s3.amazon.com/blahblah
 }}}
 Someone would need to host a listener there that would forward
 registrations to the real facilitator. I'm not that interested in doing
 that, because `flashproxy-reg-http` remains easy to block, and whatever
 URL we use, the censor can just get from the source code.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8673#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list