On 09/08/2014 06:05 PM, Roger Dingledine wrote: > The 31c3 talk proposals are due this coming Sunday: > http://events.ccc.de/2014/07/12/31c3-call-for-participation-en/ > > I wonder what would be the most useful topic for this year? > > In brainstorming with folks on IRC, here are four options: > > -------- > > 1) An update on pluggable transports: obfs3, obfs4, FTE, librtc and > uproxy, and other acronyms you don't recognize. Many transports are now > integrated into the default Tor Browser, we're starting to get some more > useful usage statistics, and pluggable transports have played an important > role in various countries in recent years. Plus we're soon going to start > some projects on evaluation and comparison of transport designs, e.g. > https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorS/PluggableTransports/Proposal > > One of the most intriguing pieces of pluggable transports lately is > the convergence of "make it hard to DPI for the protocol so the censor > can't block it" with "make it hard to DPI for the protocol so the global > surveillance adversary doesn't know to add that flow to its database". > In particular, systems like Flashproxy might be especially effective > against the global surveillance adversary, since the many transient > addresses that separate the users from the known Tor relay addresses > make it harder to build a list of users that are worth watching.
<SNIP> > So far item 1, the pluggable transport one, seems most plausible to me. For what it's worth, I also like item 1. In particular, I'm very intrigued by CloudTransport. I think that it's mischaracterized in the PluggableTransports proposal as "a UT Austin project to fetch web pages via the Amazon S3 interface".[0] I get from Brubaker et al. (2014) that what's most relevant for Tor is using it as a bridge:[1] | Therefore, even if the censors identify a Cloud Transport connection | or the IP address of a CloudTransport bridge, this does not help | them block the bridge or identify other connections. | CloudTransport can be used as a standalone service, a gateway to | an anonymity network like Tor, or a pluggable transport for Tor. Also intriguing is the possibility of using CloudTransport as an exit proxy for Tor, but I understand how that would be inconsistent with Tor Project policy.[2] [0] https://trac.torproject.org/projects/tor/wiki/org/sponsors/SponsorS/PluggableTransports/Proposal [1] https://www.petsymposium.org/2014/papers/Brubaker.pdf [2] https://blog.torproject.org/blog/call-arms-helping-internet-services-accept-anonymous-users -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
