[tor-dev] bittorrent based pluggable transport

Tariq Elahi tariq.elahi at uwaterloo.ca
Tue Mar 3 16:54:55 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 15-03-03 10:10 AM, David Fifield wrote:
> On Mon, Mar 02, 2015 at 07:10:55PM -0800, Dan Cristian Octavian
> wrote:
>> If I understand correctly, you are arguing that my assumption
>> that bittorrent is unlikely to be blocked is faulty. I don't have
>> a strong argument against this, other than that it would be a
>> very drastic move since for that part of the world bittorrent is
>> the main way to get access to media files. As we've seen they've
>> blocked already major things such as facebook or google so it 
>> would not be surprising.
> 
> I think it's reasonable to just state in your threat model that 
> BitTorrent is not blocked. Even though there will be censors for
> which that is not true, I'm sure there are enough where it is true
> for it to be interesting. It's a mistake to say that if something
> doesn't work in China (or any other single concrete threat
> environment), then it's useless. It's a question of motivation, and
> technical capability, and resources, all of which vary under
> different censors. BitTorrent is interesting because I would guess,
> at least in the U.S., that you're more likely to get blocked by
> your ISP than by a firewall further out.

These are thoughtful responses and I would like to add some food for
further thought. Please do not think that I am attacking any
particular system(s) or group of people. Awesome work is being done
that is making an impact in the real world. I write this as a means to
think about our philosophies and ultimate aims, rather than the day to
day efforts. Also, I am sure that what follows will not be surprising
to or new to many, but by bringing it up it would be good to have an
open discussion.

Is it _alright_ to say "it works sometimes, for some people,
somewhere" or, in a slightly different by related sentiment, is it
_alright_ to say "the law is against X, but they aren't actually
locking up people for violating X so let's just keep on X'ing."
To me it ultimately feels unsatisfying and not _alright_ for two reasons.

The first is that it makes me think that perhaps we ought to separate
the intrinsic properties of the Censorship Resistance System (CRS) and
extrinsic properties due to the operating environment.
The issue seems to be that incorporating things like censor
motivation, popularity, and current trends in to the design of the
CRS, actually embedding these as assumptions, creates fragile CRSs
that are averse to change. I say this because we have examples of
broken CRSs where the leveraged popular service changed its
architecture or the censor decided to do something slightly different
and the CRS no longer works.

I want to clear here that I am not talking about the censor's
computational and space complexity and technical ability. These are
intrinsic properties akin to that we find when talking about the
security of crypto systems. Taking these in to account in the design
of the CRS is _alright_.

The second, most likely due to the community we are in (and it is a
great community), is that there is an emphasis on making/engineering
things. This by itself is great since then people can actually use the
things. What I find off-putting is when academics also subscribe to
the mentality that things are working today so it must be the truly
good. Now I know this is a blanket statement and I am sure it does not
apply to all academics, but the fact that it does happen is what I am
pointing out.
What I am getting at here is that we ought to figure out properties of
CRSs that all CRSs should have based on some fundamentals/theories
rather than what happens to be the censorship landscape today. The
future holds many challenges and changes and getting ahead of the game
will come from CRS designs that are resilient to change and do not
make strong assumptions about the operating environment.

The above does not mean that no one should use a CRS until it is
perfect. What I wanted to point out is that there is a place for
stop-gap measures but the trend should not be to include more and more
extrinsic factors in to the CRS designs but to reduce them as much as
possible.

Thanks for getting this far, I look forward to your thoughtful responses.

Cheers,
Tariq
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJU9edeAAoJEJaS+qOeq5Ck8mEIAIRffSVxcrYRYP8t63+TV8Ob
rAsJTqNmAhhs54lZMEEMt7vyZPWaKifvV9ArsW/el7wyIwhSTe7Ol8BJhJWQWAgD
iI/x7bfe4UW66S/jOcJGwdiiEYwnVcEAoYyua9TjzmGQ3RvR381ERMHMPLHys5YJ
ev1eP1bZRaGKRAfEd3ex6cKp8Ai1OZXuy89SDIkwFgn8Tu4/+1VivvcSo+gGrTAq
jOqxAWbTeCp/Mx7n6MImR2gh4lKjfMtEd758M3KHXe/UcLdvMvF30HB51JP8/SIc
H14tz4AKi+YfKh8bX6b69hLbJal8EyVfdXR4I218nNqWbyF9yuVq13EIeyTTjUc=
=ZMm5
-----END PGP SIGNATURE-----


More information about the tor-dev mailing list