[tor-talk] Tor banned in Pakistan.

Andrew Lewman andrew at torproject.org
Mon Sep 12 00:51:20 UTC 2011


On Saturday, September 10, 2011 23:18:04 Andre Risling wrote:
> Does that mean even though Pakistan has banned encrypted traffic that
> Tor can still work because users are connecting by way of bridges?

Perhaps I wasn't clear.  Pakistan has banned all encryption on the Internet 
inside their country.  It is unknown how this will be enforced, if at all. 
There are at least two ways Pakistan can enforce this ban:

1. Block typical ports for encrypted traffic, such as ssh, https, pop3, and 
imaps; or
2. Require ISPs to deploy deep packet inspection devices that look for any 
encrypted traffic.  Once they find encrypted traffic, the ISP can be required to 
 a. simply record that customer X is using encryption and report that to the 
government; or
 b. block the traffic. 

If number 1, Tor clients talking to bridges may still work, assuming the 
bridge isn't running on a blocked port.

If number 2, Tor clients in situation 2a still get recorded, because on the 
wire, it looks like someone is using encryption. Tor clients in situation 2b 
means the client will not connect to the next hop, the bridge in this case.

This is all conjecture as we have no more visibility into the enforcement 
mechanisms than any one else. 

We are working on pluggable transports and obfuscating the tor procotol so 
that we can fool a deep packet inspection device to some level. See 
https://gitweb.torproject.org/obfsproxy.git for extremely experimental code.

-- 
Andrew
pgp 0x74ED336B


More information about the tor-talk mailing list