Page MenuHomePhabricator

Research Circumvention Tools
Open, NormalPublic

Description

https://www.whonix.org/wiki/Censorship_Circumvention_Tools

Need to figure out if they can be used on the host or Whonix-Gateway to let Whonix (Tor) connect through them.

Requirements:

  • Tor compatibility

Bonus:

  • Usability
  • Nonproprietary
  • Crossplatform

Details

Impact
Needs Triage

Event Timeline

JasonJAyalaP updated the task description. (Show Details)
JasonJAyalaP raised the priority of this task from to Needs Triage.
JasonJAyalaP added a subscriber: JasonJAyalaP.
JasonJAyalaP triaged this task as Normal priority.Jan 14 2015, 12:51 AM
Patrick updated the task description. (Show Details)Jan 14 2015, 1:57 AM
Patrick renamed this task from Research circumvention tools for host to Research Circumvention Tools.Jan 14 2015, 2:15 AM
Patrick updated the task description. (Show Details)
Patrick set Impact to Needs Triage.Feb 17 2016, 9:45 PM
Patrick added a subscriber: HulaHoop.

I've thought about it and I don't think we should advise putting censorship circumvention tools between a user and entry guard (except bridges and pluggable transports of course). All other tools besides pluggable transports are ill equipped to resist protocol fingerprinting and can have security problems. Using them to mask Tor traffic would be a red flag that narrows the user base to people who have seen this page which goes against advGoalTracking.

I still think the information is useful but it should be advised to use them as an exit point for traffic beyond Tor if they can work like that.

HulaHoop (HulaHoop):

I've thought about it and I don't think we should advise putting
censorship circumvention tools between a user and entry guard (except
bridges and pluggable transports of course). All other tools besides
pluggable transports are ill equipped to resist protocol
fingerprinting and can have security problems. Using them to mask Tor
traffic would be a red flag that narrows the user base to people who
have seen this page which goes against advGoalTracking.

Then we exactly point that out. These tools may still be useful the
censorship-circumvention-but-not-care-about-detection-so-much use case.

This goes for most circumvention methods anyhow.

Quote by Jacob -
https://www.whonix.org/wiki/Hide_Tor_and_Whonix_from_your_ISP

"Some pluggable transports may seek to obfuscate traffic or to morph it.
However, they do not claim to hide that you are using Tor in all cases
but rather in very specific cases. An example threat model includes a
DPI device with limited time to make a classification choice - so the
hiding is very specific to functionality and generally does not take
into account endless data retention with retroactive policing."

Then we exactly point that out.

OK

Quote by Jacob -

Yes I know. The goal is to not stand out from a sizable set of users doing circumvention any point in time, not to protect from traffic identification retroactively.

entr0py added a subscriber: entr0py.Jun 4 2016, 4:45 AM
iry added a subscriber: iry.Jun 29 2017, 4:47 AM