[liberationtech] Tor: Increased Internet blocking in Iran
liberationtech at lewman.us
liberationtech at lewman.us
Wed Jan 12 13:49:06 PST 2011
The Great Potato Wall appears to be trying new things. Recent traces
do not show ssl throttling anymore. There is possible ssl intercept
and manipulation occurring. There is definitely IP address blocking.
Interestingly, https:// gmail and google search are working fine.
Any idiot can block the public Tor Network, we've know this for ages.
In fact, we told the world how to do it years ago at various
conferences. It took until late 2009 for China to lead the world in
taking this step. It seems Iran may be learning how to do this too.
What's interesting is that our bridges are more affected than the public
relay list [1]. Depending upon your level of paranoia, there could be
two things going on:
1) The potato wall admins are testing technology to block the bridge
relays, because they are not generally published the world over (like
the public tor network relays are by design). The admins feel they can
block the public tor network easily, so test the difficult parts; or
2) The admins are purposely allowing the public tor network to be accessed
so they can record which IP addresses in country are connecting to public
tor relays. One could then use this list of people in the future.
In either case, Tor can use any HTTP, HTTPS, or SOCKS proxy as an access
layer to connect to the public tor network [2]. Users in China are fond
of using VPNs to get past the GFW and then use Tor so the VPN provider
can't see what they're doing on the Internet.
We're also working on hiding in the crowd of allowed traffic [3].
The end goal is to help people, so we've suggested that people use tools
that work right now to get access to the outside world. Using tor over
these tools will protect their privacy as well, see [2] again.
Research continues.
[1]
https://metrics.torproject.org/users.html?graph=bridge-users&start=&end=&country=ir#bridge-users
versus
https://metrics.torproject.org/users.html?graph=direct-users&start=&end=&country=ir#direct-users
[2] https://www.torproject.org/docs/proxychain
[3]
https://gitweb.torproject.org/tor.git/blob/HEAD:/doc/spec/proposals/ideas/xxx-pluggable-transport.txt
--
Andrew
pgp key: 0x74ED336B
More information about the liberationtech
mailing list