[tor-talk] What should our 31c3 talk be?
Mirimir
mirimir at riseup.net
Tue Sep 9 05:32:26 UTC 2014
On 09/08/2014 06:05 PM, Roger Dingledine wrote:
> The 31c3 talk proposals are due this coming Sunday:
> http://events.ccc.de/2014/07/12/31c3-call-for-participation-en/
>
> I wonder what would be the most useful topic for this year?
>
> In brainstorming with folks on IRC, here are four options:
>
> --------
>
> 1) An update on pluggable transports: obfs3, obfs4, FTE, librtc and
> uproxy, and other acronyms you don't recognize. Many transports are now
> integrated into the default Tor Browser, we're starting to get some more
> useful usage statistics, and pluggable transports have played an important
> role in various countries in recent years. Plus we're soon going to start
> some projects on evaluation and comparison of transport designs, e.g.
> https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorS/PluggableTransports/Proposal
>
> One of the most intriguing pieces of pluggable transports lately is
> the convergence of "make it hard to DPI for the protocol so the censor
> can't block it" with "make it hard to DPI for the protocol so the global
> surveillance adversary doesn't know to add that flow to its database".
> In particular, systems like Flashproxy might be especially effective
> against the global surveillance adversary, since the many transient
> addresses that separate the users from the known Tor relay addresses
> make it harder to build a list of users that are worth watching.
<SNIP>
> So far item 1, the pluggable transport one, seems most plausible to me.
For what it's worth, I also like item 1. In particular, I'm very
intrigued by CloudTransport. I think that it's mischaracterized in the
PluggableTransports proposal as "a UT Austin project to fetch web pages
via the Amazon S3 interface".[0] I get from Brubaker et al. (2014) that
what's most relevant for Tor is using it as a bridge:[1]
| Therefore, even if the censors identify a Cloud Transport connection
| or the IP address of a CloudTransport bridge, this does not help
| them block the bridge or identify other connections.
| CloudTransport can be used as a standalone service, a gateway to
| an anonymity network like Tor, or a pluggable transport for Tor.
Also intriguing is the possibility of using CloudTransport as an exit
proxy for Tor, but I understand how that would be inconsistent with Tor
Project policy.[2]
[0]
https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorS/PluggableTransports/Proposal
[1] https://www.petsymposium.org/2014/papers/Brubaker.pdf
[2]
https://blog.torproject.org/blog/call-arms-helping-internet-services-accept-anonymous-users
More information about the tor-talk
mailing list