[liberationtech] Open-source GSM network update

Daniel Bryg dbryg at yahoo.com
Tue Jun 21 13:45:51 PDT 2011 

Hi Nathan and others,

Thank you for putting on the hackday and raising the issues arising from that 
session here in this thread. Apologies for not getting back to the list sooner.

The default firewall settings on OpenWRT, separate from Tor settings, allow for 
LAN->WAN forwarding and that's what likely was in that router (Nathan, perhaps 
you can verify this in the 'config forwarding' section of 
/etc/config/firewall). 
Add the fact that we noticed a surprisingly short delay in the call, and it 
suggests there was no additional TCP wrapping for Tor on the FreeSwitch or 
wherever and the calls indeed went out bypassing Tor which doesn't proxy UDP. 
So, Nathan, how do the sip calls go out from the phones with Orbot?

As Moxie notes this is an issue that is unlikely to be solved by stuffing one's 
Christmas stocking with RTP inside TCP inside Tor as doing so would leave 
precious little room left in the stocking for actual presents!

We are left with some outstanding questions. Can we re-create and verify what 
occurred in the lab last week? Can UDP be fully implemented within Tor? What 
does other current technology such as Skype do when UDP is not available? We 
would love to get back into the lab to approach these questions and issues. Is 
there any chance of scheduling another day with the equipment in the Open 
Mobile 
Lab? If not then perhaps we can organize another hackday in the Access office.

Thanks, 
Daniel
Access


----- Original Message ----
From: Nathan of Guardian <nathan at guardianproject.info>
To: liberationtech at lists.stanford.edu
Sent: Mon, June 20, 2011 11:41:10 PM
Subject: Re: [liberationtech] Open-source GSM network update

On 06/20/2011 08:26 PM, Moxie Marlinspike wrote:
> But based on the acrobatics we go through to get
> encrypted VoIP working acceptably over low-latency UDP links, I imagine
> that RTP over TCP alone would be mostly unusable, and that RTP over TCP
> over Tor would probably just be totally fucked.

It would sound like that moment where Neo enters the Matrix for the
first time (queue sound fx "mwwwwmwwaaaaaaaoaaawwwrrrrr."), or perhaps
slightly better than the first telephone call ever made. Regardless, I
think the last thing that Tor needs (at least for now) is a ton of
people making onion-routed telephone calls.

Fortunately, from my initial, limited experience with this system
(OpenBTS+USRP->Freeswitch->over BGAN, ->over Tor, etc), it seems like
the idea that you could drop a suitcase setup in somewhere, flip it on,
and tell everyone to go crazy making free phonecalls to Al Jazeera
hotlines is not a very feasible idea. Well, at least to sound slightly
more positive, the issue of scalability of voice applications,
particularly in these super dynamic contexts, needs to be seriously
investigated.

What could work though is SMS, perhaps MMS (if GPRS support existed), as
it is asynchronous (perfect for Tor), easier to scale on a limited
amount of hardware, cost effective (more on that later), and it all runs
over the SIP channel via TCP, if I am not mistaken. We even tested
TextSecure in this setup (sorry that wasn't mentioned earlier), and it
worked great, defeating any of the SIP/UDP keyword packet filtering we
attempted, for obvious reasons, though it was cool to watch the OTR
handshaking happen from the inside out.

Back to the pricing thing, it is said that typical SMS costs $1310/MB
(http://en.wikipedia.org/wiki/Text_messaging#Pricing_concerns), so
paying for the $5/MB cost of routing SMS over BGAN seems like an
insanely great deal.

Best,
Nathan
_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) 
next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in 
monthly reminders.

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

More information about the liberationtech mailing list