[liberationtech] Tor: Increased Internet blocking in Iran
Daniel Colascione
dan.colascione at gmail.com
Wed Jan 12 11:52:18 PST 2011
On 1/12/11 11:42 AM, Adam Fisk wrote:
> Thanks Cyrus. So they're blocking based on ports, not based on DPI?
> The port switch really solves this? That seems odd. -Adam
Indeed, that statement struck me as odd too. This statement,
> Our research indicates that ssl-based communications are being
> throttled to 2 kilobit per second rates or simply blocked altogether.
> This is inclusive of basic ssh, ssl, vpns, and other proxy
> technologies.
suggests to me that they don't just have a port list.
TLS and other conventional protocols are instantly recognizable for even
rudimentary DPI, and COTS packages can already do far more than just
block and throttle such traffic. Even if the IRI is just using the port
†oday, based on known capabilities, a lot of encrypted traffic could be
blocked more generally tomorrow.
Regards,
Daniel Colascione
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20110112/2715ef53/attachment.asc>
More information about the liberationtech
mailing list