[tor-dev] Building better pluggable transports (Google Summer of Code)

Tariq Elahi tariq.elahi at uwaterloo.ca
Wed May 29 17:17:02 UTC 2013 

On 2013-05-29 5:48 AM, Philipp Winter wrote:
> On Tue, May 28, 2013 at 07:55:45PM -0400, Tariq Elahi wrote:
>> 2. Can manipulate (add, delete, change) said traffic in time and data
>> dimensions.
> The challenge is to predict what can actually be done with these three simple
> atoms.  Be it terminating non-whitelisted TCP connections after 60 seconds,
> hijacking TCP connections after authentication or actively probing suspicious
> traffic.
It is challenging to predict, but since the censor is a black box we can 
only make assumptions and hope that they are over estimations of the 
censor's capabilities, that is if the capabilities can be ordered 
(partially or totally).

Also, Tor tries to satisfy a range of users behind a range of censorship 
regimes. Circumvention solutions that work with Tor inherit this diverse 
user base. Balancing diversity of user base (with censorship regime) 
with efficacy of circumvention is something that needs further looking 
in to.

>
>> Motivations:
>> 3. Block *all* information leakage events. This means if even one ILE occurs
>> the circumventor wins.
> I suppose, in practice it's absolutely sufficient to block most of it.  Plenty
> of deployed censorship systems are trivial to circumvent by exploiting specific
> DPI shortcomings (should we call it "spear circumvention"?).
I like that. Like a spear it attacks one weak link, but like a spear it 
doesn't catch (feed) much.
> But only if you
> have the knowledge to do that.  If only the very small technical elite is able
> to bypass the filters, you effectively win.
Going back to the point above, the tech elite are just some of the Tor 
user base. If this is who the circumvention system should serve then 
awesome. If not then we have more thinking to do.

>
> There's also a social component.  If you, as a censor, can spread enough FUD
> about the national filter, people might not even try to circumvent it.
This is true. FUD works. But I don't think that is something we can 
address through technological means, unless we're talking about keeping 
ppl anonymous so that they may test the FUD without repercussions.



mtee

More information about the tor-dev mailing list