Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tor Tests Undetectably Encrypted Connections In Iran

Posted by timothy on from the great-song-from-flock-of-seagulls dept.

Sparrowvsrevolution writes "Ahead of the anniversary of Iran's revolution, the country's government has locked down its already-censored Internet, blocking access to many services and in some cases cutting off all encrypted traffic on the Web of the kind used by secure email, social networking and banking sites. In response, the information-freedom-focused Tor Project is testing a new tool it's calling 'obfsproxy,' or obfuscated proxy, which aims to make SSL or TLS traffic appear to be unencrypted traffic like HTTP or instant messaging data. While the tool currently only disguises SSL as the SOCKS protocol, in future versions it will aim to disguise encrypted traffic as any protocol the user chooses. Tor executive director Andrew Lewman says the idea is to 'make your Ferrari look like a Toyota by putting an actual Toyota shell over the Ferrari.'" Reader bonch adds: "A thread on Hacker News provides first-hand accounts as well as workarounds."

20 of 157 comments (clear)

  1. Sounds like a tool for P I R A T E S !! by elrous0 · · Score: 5, Funny

    The MPAA has already called in the FBI, CIA, NSA, and a cadre of hired Senators to put a stop to this illegal piracy-facilitating tool--which, if it's not stopped, will cost millions of American jobs and perhaps collapse the entire economy. Our children's futures are at stake here, people!!!

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:Sounds like a tool for P I R A T E S !! by rathaven · · Score: 5, Funny

      Not to mention their access to porn...

    2. Re:Sounds like a tool for P I R A T E S !! by phrostie · · Score: 4, Insightful

      Wasn't it the Government that first created it?

      from their about page:

      "Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others. "

    3. Re:Sounds like a tool for P I R A T E S !! by MightyYar · · Score: 5, Funny

      Hi there! 48
      All is well in the Islamic Republic! 65
      Our glorious leader has won another election! 6c
      Praise Allah! 70

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    4. Re:Sounds like a tool for P I R A T E S !! by chichilalescu · · Score: 4, Insightful

      dear slashdot,
      can we please have a +1 "sad but true" option?

      --
      new sig
    5. Re:Sounds like a tool for P I R A T E S !! by TubeSteak · · Score: 4, Interesting

      Don't forget that the US State Department is the de-facto sponsor of TOR.
      TOR gets most of its funding from groups that get most of their funding from the State Dept.

      --
      [Fuck Beta]
      o0t!
    6. Re:Sounds like a tool for P I R A T E S !! by Jah-Wren+Ryel · · Score: 3, Insightful

      Wasn't it the Government that first created it?

      The US government also funded the Taliban (to fight the Russians) and the Israeli goverment funded Hamas (to fight the PLO).

      --
      When information is power, privacy is freedom.
    7. Re:Sounds like a tool for P I R A T E S !! by Luckyo · · Score: 3, Funny

      Then look at their imaginary size (our yearly piracy losses are bigger then world's GDP says report given to congress!), then look at modern economy being about imaginary values rather then real values (stock market, derivatives, futures...).

      Then get a big bottle of your favourite alcohol and drown the sorrow.

  2. The root of the problem by hobarrera · · Score: 3, Insightful

    While this is a great effort, and I really congratulate the Tor proyect for all that they've done and continue to do, this still is nowhere close to the solution on the real issue here: governments that over and over again limit people's freedom of speech and privacy.

    1. Re:The root of the problem by capnchicken · · Score: 4, Insightful

      Unfortunately you always have to build things in spite of people, and can never count on altruism because there will always be bad actors, and those bad actors always have the chance of gaining power. It's the human condition, the only thing you can do is route around it. I agree we should address it from many fronts, but technological circumvention, while maybe only alleviating symptoms, seems to be very effective.

      --
      A libertarian shat on my carpet once. Claimed the free market would sort it out. -Ford Prefect(8777)
    2. Re:The root of the problem by John3 · · Score: 4, Funny

      Write code that messes with their technology, perhaps something that might wreak havoc on centrifuges or other industrial machinery?

      --
      "We make our world significant by the courage of our questions and by the depth of our answers." Carl Sagan
  3. Disguise encrypted as unencrypted? by Arancaytar · · Score: 4, Funny

    How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P

    1. Re:Disguise encrypted as unencrypted? by pushing-robot · · Score: 5, Insightful

      It's steganography. They've created a strong AI capable of passing as human and conversing intelligently with other copies of itself. Each AI instance develops relationships with others, sharing email and IMs about its loves and hates, passions and dreams, even photos of virtual family and pets. All of which can contain a hidden payload of your private data.

      But enough technical mumbo-jumbo. What matters is you'll now be able to surf porn sites without anyone knowing.

      --
      How can I believe you when you tell me what I don't want to hear?
  4. Seems about right by bigredradio · · Score: 4, Insightful

    The more you tighten your grip, $dictator, the more $locations will slip through your fingers. - $rebel_princess.

    --
    Flexible bare-metal recovery for Linux/UNIX
  5. Iran's government is afraid, and thereby stupid by cryfreedomlove · · Score: 4, Interesting

    This arms race of censorship and counter measures will have one definitive outcome: the best and the brightest of Iranian youth will find a way to emigrate because they don't want to live in an isolated theocracy. The resulting brain drain will set them back a century. This is what happens to governments driven by fear. Those in power in Iran fear their own people the most.

    1. Re:Iran's government is afraid, and thereby stupid by Animats · · Score: 3, Informative

      the best and the brightest of Iranian youth will find a way to emigrate because they don't want to live in an isolated theocracy.

      They already did, decades ago. When the US-supported Shah of Iran was overthrown, many Iranians came to the US.

    2. Re:Iran's government is afraid, and thereby stupid by glop · · Score: 3, Informative

      Actually when the Shah was overthrown, most of the brightest people in Iran celebrated. That's because he was a really bad dictator and the only reason most people in the West are not aware of it is because he was very pro-American and very friendly with most western countries.
      The problem with revolutions is that it's hard to stabilize things afterwards. And there is no guarantee that the nice and respectful people will take over to draft a Constitution that grants freedom for the people. That's when many of the brightest in Iran got really disappointed and the religious extremists took the power.

      You can read the account of one of those brightest people who left Iran years later: http://en.wikipedia.org/wiki/Marjane_Satrapi
      Marjane's account seemed pretty fair and balanced to me (based on the differences with the cliches I had heard, what I know about the publishers, the variety of the anecdotes and their "true to life" aspect).

  6. Re:not the smartest headline by betterunixthanunix · · Score: 4, Informative

    Over in practical land, you need a noisy channel where the amount of noise is high enough to overpower efforts to detect your hidden signal, but where someone with special knowledge (knowledge of the secret key) can perform run an error correcting code to recover the hidden signal. This is not at all implausible; we already know how to make cryptosystems based on random linear codes; the real work would be ensuring that security is maintained even when you use the channel's naturally occurring noise to hide the signal (which may not be guaranteed).

    --
    Palm trees and 8
  7. As I read the blurb ... by Ungrounded+Lightning · · Score: 4, Informative

    How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P

    As I read the blurb (I have no inside knowledge) they're not making the PAYLOAD look unencrypted. They're circumventing the type-of-flow identification mechanisms built into router filtering by encapsulating the encrypted data within an outer layer (and addressed to the port of) another protocol. (They may even have put a layer on top of the existing service so that, unless it identifies the flow as an encapsulated TOR flow, it actually PERFORMS the service.)

    The result would be that, if they intercept the flow and try to parse it as what it purports to be, it may not make sense. But if their router look at the parts of the packets that are characteristic of what the flow purports to be, it will identify it as normal traffic and let it through. And if the router tries doing something like a keyword search through the bodies of the packets it won't get hits because the bodies are encrypted.

    You can use this approach with any protocol that can handle the traffic patters of a TOR connection (possibly with added padding packets to make the characteristics look more like the purported flow).

    Downsides might be:

    1) If you do a masked TOR only server on the port they might try to connect to the purported flow and detect that this server is not what it seems.

    2) If you do a diverting pancake you need a way to flag for the pancake that this is the masked TOR flow. If that's well known they might write a filter for it. (Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman have developed a steganographic method for applying such a tag. It is embedded in their own "TELEX" network-based firewall bypasser but might be adapted to this purpose. paper a href="https://telex.cc/"code")

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
  8. If the censor can't see it, it will get blocked. by davidwr · · Score: 3, Interesting

    "If we can't parse it, it gets blocked."

    In the old days, Cuban international phone calls were monitored. At least one person started talking a language other than English or Spanish and the operator broke in and told them to speak English or Spanish or get cut off.

    Source: Something I read in a reputable newspaper or magazine back in the 1970s or 1980s.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.