Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tor Tests Undetectably Encrypted Connections In Iran

Posted by timothy on from the great-song-from-flock-of-seagulls dept.

Sparrowvsrevolution writes "Ahead of the anniversary of Iran's revolution, the country's government has locked down its already-censored Internet, blocking access to many services and in some cases cutting off all encrypted traffic on the Web of the kind used by secure email, social networking and banking sites. In response, the information-freedom-focused Tor Project is testing a new tool it's calling 'obfsproxy,' or obfuscated proxy, which aims to make SSL or TLS traffic appear to be unencrypted traffic like HTTP or instant messaging data. While the tool currently only disguises SSL as the SOCKS protocol, in future versions it will aim to disguise encrypted traffic as any protocol the user chooses. Tor executive director Andrew Lewman says the idea is to 'make your Ferrari look like a Toyota by putting an actual Toyota shell over the Ferrari.'" Reader bonch adds: "A thread on Hacker News provides first-hand accounts as well as workarounds."

14 of 157 comments (clear)

  1. Sounds like a tool for P I R A T E S !! by elrous0 · · Score: 5, Funny

    The MPAA has already called in the FBI, CIA, NSA, and a cadre of hired Senators to put a stop to this illegal piracy-facilitating tool--which, if it's not stopped, will cost millions of American jobs and perhaps collapse the entire economy. Our children's futures are at stake here, people!!!

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:Sounds like a tool for P I R A T E S !! by rathaven · · Score: 5, Funny

      Not to mention their access to porn...

    2. Re:Sounds like a tool for P I R A T E S !! by phrostie · · Score: 4, Insightful

      Wasn't it the Government that first created it?

      from their about page:

      "Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others. "

    3. Re:Sounds like a tool for P I R A T E S !! by MightyYar · · Score: 5, Funny

      Hi there! 48
      All is well in the Islamic Republic! 65
      Our glorious leader has won another election! 6c
      Praise Allah! 70

      --
      W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    4. Re:Sounds like a tool for P I R A T E S !! by chichilalescu · · Score: 4, Insightful

      dear slashdot,
      can we please have a +1 "sad but true" option?

      --
      new sig
    5. Re:Sounds like a tool for P I R A T E S !! by TubeSteak · · Score: 4, Interesting

      Don't forget that the US State Department is the de-facto sponsor of TOR.
      TOR gets most of its funding from groups that get most of their funding from the State Dept.

      --
      [Fuck Beta]
      o0t!
  2. Disguise encrypted as unencrypted? by Arancaytar · · Score: 4, Funny

    How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P

    1. Re:Disguise encrypted as unencrypted? by pushing-robot · · Score: 5, Insightful

      It's steganography. They've created a strong AI capable of passing as human and conversing intelligently with other copies of itself. Each AI instance develops relationships with others, sharing email and IMs about its loves and hates, passions and dreams, even photos of virtual family and pets. All of which can contain a hidden payload of your private data.

      But enough technical mumbo-jumbo. What matters is you'll now be able to surf porn sites without anyone knowing.

      --
      How can I believe you when you tell me what I don't want to hear?
  3. Seems about right by bigredradio · · Score: 4, Insightful

    The more you tighten your grip, $dictator, the more $locations will slip through your fingers. - $rebel_princess.

    --
    Flexible bare-metal recovery for Linux/UNIX
  4. Re:The root of the problem by capnchicken · · Score: 4, Insightful

    Unfortunately you always have to build things in spite of people, and can never count on altruism because there will always be bad actors, and those bad actors always have the chance of gaining power. It's the human condition, the only thing you can do is route around it. I agree we should address it from many fronts, but technological circumvention, while maybe only alleviating symptoms, seems to be very effective.

    --
    A libertarian shat on my carpet once. Claimed the free market would sort it out. -Ford Prefect(8777)
  5. Re:The root of the problem by John3 · · Score: 4, Funny

    Write code that messes with their technology, perhaps something that might wreak havoc on centrifuges or other industrial machinery?

    --
    "We make our world significant by the courage of our questions and by the depth of our answers." Carl Sagan
  6. Iran's government is afraid, and thereby stupid by cryfreedomlove · · Score: 4, Interesting

    This arms race of censorship and counter measures will have one definitive outcome: the best and the brightest of Iranian youth will find a way to emigrate because they don't want to live in an isolated theocracy. The resulting brain drain will set them back a century. This is what happens to governments driven by fear. Those in power in Iran fear their own people the most.

  7. Re:not the smartest headline by betterunixthanunix · · Score: 4, Informative

    Over in practical land, you need a noisy channel where the amount of noise is high enough to overpower efforts to detect your hidden signal, but where someone with special knowledge (knowledge of the secret key) can perform run an error correcting code to recover the hidden signal. This is not at all implausible; we already know how to make cryptosystems based on random linear codes; the real work would be ensuring that security is maintained even when you use the channel's naturally occurring noise to hide the signal (which may not be guaranteed).

    --
    Palm trees and 8
  8. As I read the blurb ... by Ungrounded+Lightning · · Score: 4, Informative

    How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P

    As I read the blurb (I have no inside knowledge) they're not making the PAYLOAD look unencrypted. They're circumventing the type-of-flow identification mechanisms built into router filtering by encapsulating the encrypted data within an outer layer (and addressed to the port of) another protocol. (They may even have put a layer on top of the existing service so that, unless it identifies the flow as an encapsulated TOR flow, it actually PERFORMS the service.)

    The result would be that, if they intercept the flow and try to parse it as what it purports to be, it may not make sense. But if their router look at the parts of the packets that are characteristic of what the flow purports to be, it will identify it as normal traffic and let it through. And if the router tries doing something like a keyword search through the bodies of the packets it won't get hits because the bodies are encrypted.

    You can use this approach with any protocol that can handle the traffic patters of a TOR connection (possibly with added padding packets to make the characteristics look more like the purported flow).

    Downsides might be:

    1) If you do a masked TOR only server on the port they might try to connect to the purported flow and detect that this server is not what it seems.

    2) If you do a diverting pancake you need a way to flag for the pancake that this is the masked TOR flow. If that's well known they might write a filter for it. (Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman have developed a steganographic method for applying such a tag. It is embedded in their own "TELEX" network-based firewall bypasser but might be adapted to this purpose. paper a href="https://telex.cc/"code")

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way