some_guy...@safe-mail.net:
>> Working were and are only connections without the Tor network, with
>> unpublished bridges, and with Tails (changing the MAC address)
>
> That doesn't make sense. Vodafone doesn't see your Tails MAC at all. I think
> it's unlikely that Vodafone is throttling on purpose.
>
> Most likely, there is some broken/misconfigured router or IDS in the path to
> the directory servers/bridges you used. You should try to manually pick a few
> different entry guards with different routing (check with traceroute).
>
> Assuming you have a network consensus (e.g. from connecting with working
> bridges; there should be 'Browser/TorBrowser/Data/Tor/cached-microdescs' and
> 'cached-microdesc-consensus' files), add the following to your
> 'Browser/TorBrowser/Data/Tor/torrc':
>
> ----------------------------
> UseEntryGuards 1
> NumEntryGuards 1
> UseEntryGuardsAsDirGuards 1
> NumDirectoryGuards 1
> EntryNodes 47B8A2122B924B0E54B3BDEE48DFB86E054BEB36
> -----------------------------
>
> Remove any bridge-related entries from the config.
>
> Some fast entry guards in Germany that should have different routing:
>
> darkit (37.114.52.7): 47B8A2122B924B0E54B3BDEE48DFB86E054BEB36
> chaoscomputerclub5 (80.237.226.75): 0E22366D0EB12CA0CDD3693452F43BA0A1D9D515
> becks (5.9.123.81): E9C8154418544764619D2CCD0596B355D7DFF236
>
> With this configuration, you only need to connect to the the guard node and
> don't need to connect to the directory servers (where something seems to be
> hanging).
>
Thank you for these advises. But, I think to concentrate on one entry guard
only could lessen the anonymity. Although the entry guards are not changed very
often (after 30–60 days) in the standard configuration, there seems to be a
little random selection [1]. I will have a look at this.
As we all know, the IP address is no reliable identifier, but the MAC address
identifies the device and probably its user. Otherwise it would be needless to
disguise the MAC address in Tails. As far as I know the MAC address can be
coded in the IP within the ipv6 protocol. So, this makes sense.
As terrorists and torrorists are per se under suspicion, like criminals and
readers of some Linux Journal [1a], they should be hindered to communicate in
anonymity. Secret services and police agents around the world see anonymity and
encryption as a menace of their work. And ISPs, especially the big players and
former telcos of the state, are executing their needs [2].
To me it doesn't seem deviously that ISPs are trying to block or impede the use
of the Tor network ("Tor stinks" [2a]). Vodafone is advertising "Secure Net"
which uses DPI (Deep Packet Inspection) for filtering - to make the net more
secure [3].
I am very content with the performance of the Tor network using three different
unpublished bridges.
[1] T. Elahi et al., Changing of the Guards: A Framework for Understanding and
Improving Entry Guard Selection in Tor, WPES’12, October 15, 2012.
[http://freehaven.net/~arma/cogs-wpes.pdf]
[1a]
http://daserste.ndr.de/panorama/aktuell/NSA-targets-the-privacy-conscious,nsa230.html
[1a] http://daserste.ndr.de/panorama/xkeyscorerules100.txt
[1a]
http://www.linuxjournal.com/content/nsa-linux-journal-extremist-forum-and-its-readers-get-flagged-extra-surveillance
[2]
http://www.theguardian.com/business/2013/aug/02/telecoms-bt-vodafone-cables-gchq
[2]
http://www.heise.de/newsticker/meldung/Snowden-Dokumente-Britische-Geheimdienste-koennten-ueber-Vodafone-deutsche-Kunden-abhoeren-2461441.html
[2014]
[2]
http://www.vodafone.com/content/sustainabilityreport/2014/index/operating_responsibly/privacy_and_security/law_enforcement.html
[2]
https://firstlook.org/theintercept/2014/11/20/vodafone-surveillance-gchq-snowden/
[2014]
[2]
https://blog.torproject.org/blog/tale-new-censors-vodafone-uk-t-mobile-uk-o2-uk-and-t-mobile-usa
[2012-01-17]
[2a]
http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document
[2a]
https://edwardsnowden.com/wp-content/uploads/2013/10/tor-stinks-presentation.pdf
[2a]
http://www.heise.de/newsticker/meldung/Neues-von-der-NSA-Tor-stinkt-1972983.html
[3]
https://netzpolitik.org/2014/waschmaschine-im-netz-wie-telekom-und-vodafone-deep-packet-inspection-als-feature-verkaufen/
[3] http://securenet.vodafone.com/index.html
[3] https://twitter.com/usefulthink/status/590817159351242752
[3]
http://www.webscalenetworking.com/topics/webscalenetworking/articles/404274-vodafone-germany-offers-new-secure-net-service.htm
[2015-06-01]: "Allot Service Gateways, which are high-performance DPI-based
platforms that enable deployment of new digital services in fixed, mobile and
cloud networks"
[3]
http://www.allot.com/press-release/vodafone-germany-makes-web-surfing-secure-with-allot-websafe-personal/
[2015-05-26]
[3]
http://www.iptegrity.com/index.php/net-neutrality/600-how-vodafone-censors-your-internet
[2011-01-06]
[3]
http://www.rawstory.com/2011/01/vodafone-confirms-role-egypts-cellular-internet-blackout/
[2011-01-28]
[3]
http://broabandtrafficmanagement.blogspot.com/2010/11/dpi-deployment-41-vodafone-uses-dpi-and.html
[2010-11-18]
C. Fuchs, Implications of Deep Packet Inspection (DPI) Internet Surveillance
for Society, The Privacy & Security - Research Paper Series 1, 2012 (2013)
[http://www.projectpact.eu/privacy-security-research-paper-series/%231_Privacy_and_Security_Research_Paper_Series.pdf]
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
