[tor-dev] Idea regarding active probing and follow-up of SSL connections to TOR bridges
laginimaineb at gmail.com
Sat Jul 27 16:52:04 UTC 2013
I have some catching up to do on obfsproxy :). I think obviously agility in
pushing out these kinds of solutions is very important, so making a
separate python client sounds like a great idea.
As for TLS handshake profiling - well, that was also discussed in the
original video, but as that video mentions, this is solvable by imitating
(closely enough) a legitimate client. Actually, come to think of it, is
there a licensing issue in using Chromium TLS code (which is open-source
and probably very common, as Chrome is quite a popular browser) in TOR?
On Sat, Jul 27, 2013 at 6:47 PM, Philipp Winter <identity.function at gmail.com
> On Sat, Jul 27, 2013 at 05:17:29PM +0300, Lag Inimaineb wrote:
> > Specifically, after reading Nick Mathewson's proposal, I can see it is
> > much identical to what I've proposed (though his proposal has been
> around for
> > more than a year). Do you have any information as to whether anyone has
> > been/is working on implementing it?
> I'm not aware of anyone doing that. I believe, it was a potential GSoC
> but nobody had the time to mentor it. See also:
> > As for suggestions such as SWEET, FreeWave, etc. - those would require
> > changes to the TOR clients (right?), which makes them probably less easy
> > use, unless they are merged into the TOR mainline. Same goes for
> > since the shared secret much somehow be delivered out-of-band, which is
> > always an easy feat to accomplish.
> Not necessarily. The idea of obfsproxy is to put circumvention
> into a separate program and let Tor only do what it does best: provide
> anonymity. Besides, the circumvention race is a quick one and obfsproxy
> it possible for us to (semi-)quickly deploy novel circumvention protocols.
> Also, because it makes use of Python which is more pleasant for
> protocols than C.
> Nevertheless, as you say, many of these protocols require changes to
> or completely new frameworks. Regarding ScrambleSuit's shared secret: some
> parts in the Tor world must be changed but we are working on it. For more
> details, please see:
> tor-dev mailing list
> tor-dev at lists.torproject.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-dev