[tor-talk] MITM attack on TLS
Allen
allenpmd at gmail.com
Sat Nov 21 21:56:12 UTC 2015
>
> > SSH is probably more dangerous than OBFS4 because it coulee be detected
> with a DPI fingerprint. They might question that. I think Tor with
> transports is good.
>
> On that paranioa level OBFS4 is as dangerous as SSH - it doesn't matter
> if they see traffic they can fingerprint as ssh or they see traffic they
> cannot fingerprint. They get suspicious in both cases.
>
>
Personally, I would think SSH is much safer. It is used by IT people all
the time for server management, so they will understand it. The
destination address will be a cloud server, which you can simply say you
are using for a personal project. OBFS4 on the other hand is not normally
used by IT people--it is used to get around IT people. They will
immediately be very suspicious if they are able to figure out the
protocol. And the destination IP address is who-knows-what, which could by
itself raise questions and might even lead them to think a computer on
their network could be infected with a virus that needs immediate
investigation. In the end, a protocol they know and understand and use in
their own work will be much less threatening to them than something they
don't.
More information about the tor-talk
mailing list