[tor-bugs] #8591 [Censorship analysis]: GFW actively probes obfs2 bridges
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 11 07:27:50 UTC 2013
#8591: GFW actively probes obfs2 bridges
-----------------------------------------------------------+----------------
Reporter: phw | Owner: phw
Type: task | Status: new
Priority: normal | Milestone:
Component: Censorship analysis | Version:
Keywords: obfs2, gfw, active probing, censorship, china | Parent:
Points: | Actualpoints:
-----------------------------------------------------------+----------------
Comment(by arma):
Replying to [comment:6 phw]:
> I quickly tested obfs3. It also gets probed but not blocked. The probes
think it's talking obfs2 and send obfs2 handshake data to it. Since the
handshake fails, it's probably not getting blocked.
phw: did you figure out what triggers the obfs2 probe? Is it a number of
characters? Or a lack of protocol identification? It seems non-obvious to
me what they would DPI on to decide to do a probe. (If we're lucky,
they're looking for redundancy in the protocol by basically doing a
passive mitm on it -- if so, it means DPIing for obfs3 will be
significantly messier, even if it isn't any more resistant to the follow-
up probe.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8591#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list