[tor-talk] MITM attack on TLS

Allen allenpmd at gmail.com
Sat Nov 21 21:56:12 UTC 2015


>
> > SSH is probably more dangerous than OBFS4 because it coulee be detected
> with a DPI fingerprint.  They might question that.  I think Tor with
> transports is good.
>
> On that paranioa level OBFS4 is as dangerous as SSH - it doesn't matter
> if they see traffic they can fingerprint as ssh or they see traffic they
> cannot fingerprint. They get suspicious in both cases.
>
>
Personally, I would think SSH is much safer.  It is used by IT people all
the time for server management, so they will understand it.  The
destination address will be a cloud server, which you can simply say you
are using for a personal project.  OBFS4 on the other hand is not normally
used by IT people--it is used to get around IT people.  They will
immediately be very suspicious if they are able to figure out the
protocol.  And the destination IP address is who-knows-what, which could by
itself raise questions and might even lead them to think a computer on
their network could be infected with a virus that needs immediate
investigation.  In the end, a protocol they know and understand and use in
their own work will be much less threatening to them than something they
don't.


More information about the tor-talk mailing list