On Saturday, September 10, 2011 23:18:04 Andre Risling wrote: > Does that mean even though Pakistan has banned encrypted traffic that > Tor can still work because users are connecting by way of bridges?
Perhaps I wasn't clear. Pakistan has banned all encryption on the Internet inside their country. It is unknown how this will be enforced, if at all. There are at least two ways Pakistan can enforce this ban: 1. Block typical ports for encrypted traffic, such as ssh, https, pop3, and imaps; or 2. Require ISPs to deploy deep packet inspection devices that look for any encrypted traffic. Once they find encrypted traffic, the ISP can be required to a. simply record that customer X is using encryption and report that to the government; or b. block the traffic. If number 1, Tor clients talking to bridges may still work, assuming the bridge isn't running on a blocked port. If number 2, Tor clients in situation 2a still get recorded, because on the wire, it looks like someone is using encryption. Tor clients in situation 2b means the client will not connect to the next hop, the bridge in this case. This is all conjecture as we have no more visibility into the enforcement mechanisms than any one else. We are working on pluggable transports and obfuscating the tor procotol so that we can fool a deep packet inspection device to some level. See https://gitweb.torproject.org/obfsproxy.git for extremely experimental code. -- Andrew pgp 0x74ED336B _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
