[tor-talk] Tor banned in Pakistan.
Andrew Lewman
andrew at torproject.org
Mon Sep 12 00:51:20 UTC 2011
On Saturday, September 10, 2011 23:18:04 Andre Risling wrote:
> Does that mean even though Pakistan has banned encrypted traffic that
> Tor can still work because users are connecting by way of bridges?
Perhaps I wasn't clear. Pakistan has banned all encryption on the Internet
inside their country. It is unknown how this will be enforced, if at all.
There are at least two ways Pakistan can enforce this ban:
1. Block typical ports for encrypted traffic, such as ssh, https, pop3, and
imaps; or
2. Require ISPs to deploy deep packet inspection devices that look for any
encrypted traffic. Once they find encrypted traffic, the ISP can be required to
a. simply record that customer X is using encryption and report that to the
government; or
b. block the traffic.
If number 1, Tor clients talking to bridges may still work, assuming the
bridge isn't running on a blocked port.
If number 2, Tor clients in situation 2a still get recorded, because on the
wire, it looks like someone is using encryption. Tor clients in situation 2b
means the client will not connect to the next hop, the bridge in this case.
This is all conjecture as we have no more visibility into the enforcement
mechanisms than any one else.
We are working on pluggable transports and obfuscating the tor procotol so
that we can fool a deep packet inspection device to some level. See
https://gitweb.torproject.org/obfsproxy.git for extremely experimental code.
--
Andrew
pgp 0x74ED336B
More information about the tor-talk
mailing list