[tor-dev] [ooni-dev] Let's come up with the roadmap for the future of OONI

David Stainton dstainton415 at gmail.com
Tue Feb 10 22:18:56 UTC 2015


Dear Arturo and the other OONI-devs,

I have a couple ideas I wanted to share about possible new projects or
directions for OONI.

1. a traceroute idea

I recently wrote a novel TCP traceroute implementation in golang
called ParasiticTraceroute. It uses Linux NFQueue to mangle local TCP
flows... altering the TTL and thus effecting a traceroute. Thus it
does forward and reverse TCP traceroute... and if you traceroute your
own server with this tool you might be able to learn interesting
things about it clients... like for instance penetrate their NAT
devices and learn the RFC1918 addresses of those NAT device
interfaces. Perhaps. I haven't tried to do this yet.

Leif Ryge, Aaron Gibson and I came up with this traceroute idea last
year... and Leif recently suggested I write a traceroute server: it
traceroutes the clients that connect to it... and then sends the
traceroute results to the client... while concurrently the client
performs a traceroute to the server. This results in the client
procuring a traceroute for both directions; which is useful because
asymmetrical routing.

These traceroute-helper servers could be distributed around the
world... and we could have an ooniprobe test query them to compare the
current traceroutes with previous traceroutes to detect BGP route
changes which under some circumstances but useful information about a
censorship event... and perhaps help us identify which BGP ASNs are
involved.

Ethan Katz-Bassett and other researchers at University of Washington
have done some really excellent research into designing an even more
sophisticated reverse traceroute system. Their system does not require
cooperative servers or clients... I highly recommend watching Ethan's
video presentation or reading their paper:

http://research.cs.washington.edu/networking/astronomy/reverse-traceroute.html


2. cooperate with ISPs/transit providers and Tor exit relay operators
to collection statistics about interesting TCP "events"

These events in my mind fall into 3 categories of interesting:

- DOS attacks: SYN flood etc
- censorship events: injected RST or FIN packets
- injection attacks: segment veto, handshake hijack etc.

The most interesting to me of course is the TCP injection attacks...

It should be possible to gather very interesting statistics with help
from the people running the network infrastructure even if there are
strict telecommunications laws that prohibit the capturing of the
content. I have started to work on a tool called HoneyBadger: it
detects TCP injection attacks and performs full-take logging of all
the data... however an anonymized or metadata only statistics
gathering mode for HoneyBadger could be used by ISPs for instance.

https://honeybadger.readthedocs.org/en/latest/

By the way... I'd really rather collaborate and receive peer review on
these types of low-level network programming projects because it would
be more fun and more effective to develop things like this with help
and critical feedback. =-)


Would OONI be interested in receiving statistics from "network
infrastructure providers" about how often their transit users get TCP
injected?
Might it also be interesting to know how often users receive an
injected RST or FIN from an automatic censorship device?

btw I am very inspired by the work journalistic reporting work of Jake
Appelbaum, Leif Ryge, Aaron Gibson, Morgan Mayhem who are writing
articles to explain to the general public that plaintext protocols are
especially vulnerable to these TCP injection attacks... AND that these
attacks are often used for targeted surveillance by various groups
around the world... and they are even selling ready made devices that
automate these attacks.

Would Tor Project/OONI be interested in helping to raise awareness of
these issues?


Sincerely,

David Stainton


On Tue, Feb 10, 2015 at 2:50 PM, Arturo Filastò <art at torproject.org> wrote:
> Hello Oonitarians and Divisionists,
>
> I would love to have your feedback on what you believe to be the most
> important topics for the future of OONI.
>
> I have made a list of what I believe are all possible and interesting
> tasks to perform, but we can't do them all and for sure we can't do them
> all at once.
>
> For this reason it would be very useful if you could express a vote from
> 1-5:
>
> 1: Nah, this is boring and pointless
> 2: Not really super important, I would give priority to other stuff
> 3: Useful, I would do it
> 4: This would be awesome
> 5: Epic!
>
> Feel free to also expand these topics with questions and feedback (or
> new ones). At the end of the list I will give you a table to cast your vote.
>
>
> # Get daily OONI measurements from 50 countries
>
> This means focusing on getting a large and diverse reliable OONI
> userbase. It
> does not simply mean to get at least 1 measurement in 50 countries, but
> it means
> either establishing relationships with trusted parties in 50 countries, or
> expanding our userbase to a point where we have at least 1 measurement
> per day
> for every test per country (from the same network).
>
> Ways of achieving this are:
>
>   * Rent a VPS in X number of countries
>   * Running the adopt an ooniprobe program (see below for more details)
>   * Establish an agreement with operators in 50 countries to host the
> probing
>     infrastructure (as previously stated)
>
> # Develop OONI tests for censorship circumvention tools
>
> This involves devising a methodology for testing the reliability of
> censorship
> circumvention tools in various countries.
> It means testing censorship circumvention tool both open
> source and propertairy.
>
> A cursory list of the protocols/tools we could be interested includes,
> but is
> not limited to:
>
> * Tor
> * VPN
> * Web proxies (hidemyass, etc.)
> * SSH tunnel
> * Freegate
> * Psiphon
> * Ultrasurf
> * alkasir
>
> If you think we should be testing some other tools too, please add to
> this list.
>
> Useful resources:
> http://cyber.law.harvard.edu/publications/2011/2011_Circumvention_Tool_Evaluation
> http://cyber.law.harvard.edu/publications/2010/Circumvention_Tool_Usage
>
>
> # Develop scheme for orchestrating ooni-probes
>
> This means coming up with a protocol that allows an OONI test developer to
> schedule a measurement to be run with a certain input they decide on a
> set of
> probes in country X.
>
> Obviously security considerations need to be taken into account and
> access will
> be in the initial stage only limited to a very restricted set of OONI
> developers that will be made public.
>
> # Implement data analytics and visualization for OONI tests
>
> We have a bunch of data and we would like to give meaning to it.
> This would involve writing tools for querying the data in the database and
> extract useful analytical information from it.
>
> Based on this data we can then start looking at historical OONI data and
> provide some sample visually supported reports.
>
> This is a list of tests we should develop analytics for:
>
>   * HTTP requests
>   * DNS Consistency
>   * DNS Injection
>   * TCP Connect
>   * HTTP Invalid Request Line
>   * HTTP Header Field Manipulation
>   * Multi protocol port traceroute
>
> # Implement pub-sub system for ooni collectors
>
> Currently OONI collectors (the things you send your ooniprobe measurement
> results to) keep in sync thanks to a bunch of shell scripts and cronjobs.
> To have more real time data it would be useful to have a pub-sub
> mechanism that
> allows the pipeline to subscribe to all the collectors and the
> collectors will
> then publish the collected reports to it, as soon as they are submitted.
>
> This will allow the OONI data to go through the data pipeline much faster
> (instead of ~2 hours, perhaps just some minutes or even less potentially).
>
> # Reach production quality ooni rasperry-pi (beagle-board) images
>
> This involves implementing what is specified in the lepidopter
> specification:
> https://github.com/anadahz/lepidopter/blob/master/specification.md
>
> We should then provide scripts for building the image yourself or how to
> download and burn it to an SD card on Windows, OSX, Linux (with
> screenshots).
>
> As a bonus we could also offer shipping of pre-made raspberry pi images
> already
> burn to an SD card, similar to what is done with rasbpian images.
>
> # Promote and further develop OONI on mobile (Android, iOS)
>
> This involves improving the GUI of OONI on mobile and getting it into the
> Google Play store and the Apple App store.
>
> We should also work on making it easier for developers of existing iOS and
> Android apps to add internet measurement capabilities to their app by
> linking
> to libight.
>
> # Do research based on OONI
>
> This would involve doing some research on internet censorship based on
> OONI probe or on internet measurement in general and publishing them in
> peer reviewed venues.
>
> # Publish monthly reports about the status of internet censorship in a
> country
>
> This would be sort of like a monthly e-zine, where every month we
> analyse the
> status of internet censorship in a given country.
> It should be backed by OONI data, but the core of it should be an editorial
> type piece explaining the context of the country and how censorship is
> affecting them.
>
> I expect most of this work to be carried out by somebody that has a
> background
> in journalism and social sciences.
>
> # Run "adopt an ooni-probe" campaign
>
> This is basically a program where people make a donation to support getting
> somebody in an interesting country an ooniprobe or receiving an ooniprobe
> themselves.
>
> # Integration with other censorship measurement projects
>
> This means finding better ways of using data from other projects as part of
> OONI research or getting them to use our data.
>
> # Reaching out to communities inside of censored regions
>
> This means getting a better understanding of what "benefit" we can give to
> people that are running the tool.
> On this topic also see:
> https://trac.torproject.org/projects/tor/ticket/14760
>
> # Redesign the website for ooni
>
> This means removing the horrible bootstrap basic template of the current
> website and restructuring it so people actually understand what OONI is
> and how
> it can be useful to them.
>
> # Hold an international internet censorship conference
>
> This means running an event where we invite a bunch of people that are
> active
> in the field of internet censorship and discuss ideas and possible
> collaborations.
>
> # Implement a GUI for ooniprobe
>
> This means picking up where we left off with the OONI web gui and finish
> implementing it.
>
> This could potentially also be useful for the orchestration task as we could
> implement access control on the HTTP API that the web interface consumes.
>
>
> Goal                        | Vote
> ----------------------------------
> Get daily OONI measurements |
> from 50 countries           | 0
> ----------------------------------
> Develop OONI tests for      |
> censorship circumvention    |
> tools                       | 0
> ----------------------------------
> Develop scheme for          |
> orchestrating ooni-probes   | 0
> ----------------------------------
> Implement data analytics    |
> and visualization for OONI  |
> tests                       | 0
> ----------------------------------
> Implement pub-sub system   |
> for ooni collectors        | 0
> ----------------------------------
> Reach production quality   |
> ooni rasperry-pi           |
> (beagle-board) images      | 0
> ----------------------------------
> Promote and further        |
> develop OONI on mobile     |
> (Android, iOS)             | 0
> ----------------------------------
> Publish monthly reports    |
> about the status of        |
> internet censorship in     |
> a country                  | 0
> ----------------------------------
> Run "adopt an ooni-probe"  |
> campaign                   | 0
> ----------------------------------
> Integration with other     |
> censorship measurement     |
> projects                   | 0
> ----------------------------------
> Reaching out to communities|
> inside of censored regions | 0
> ----------------------------------
> Redesign the website for   |
> ooni                       | 0
> ----------------------------------
> Hold an international      |
> internet censorship        |
> conference                 | 0
> ----------------------------------
> Implement a GUI for        |
> ooniprobes                 | 0
> ----------------------------------
> Do research based on       |
> OONI                       | 0
> ----------------------------------
>
> Thanks for taking the time to go through this long email, you can as
> always find us on IRC #OONI irc.oftc.net.
>
> Have fun!
>
> ~ Arturo
> _______________________________________________
> ooni-dev mailing list
> ooni-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/ooni-dev


More information about the tor-dev mailing list