[tor-talk] allow ssl-encapsulated connections to all tor relays. Stop L7

Aeris aeris+tor at imirhil.fr
Fri Mar 17 14:35:28 UTC 2017


> 3. Easily detected by L7, even on home 200Mhz wifi router.

I don't understand.

Tor traffic between nodes is *already* encrypted, and L7 data (HTTPS, IRC, SSH…) 
encapsulated on Tor traffic are not available.

The only L7 endpoint is on the exit node to join the "standard" net and do the 
real L7 request. And no way to encrypt/obfuscate this point because we 
communicate with standard software and not Tor related.

For node-to-node communication, obfuscation is useless, because IP and OR port 
are fully public, and so you know it's Tor traffic without any DPI or traffic 
analysis. All traffic from a Tor node IP to a Tor node IP (+ OR port if you want 
to be more accurate), with just plain old L3 consideration, is Tor traffic.
Even with STUNNEL between node, the same L3 traffic discrimination can be done.

As end user (and not Tor node), if you really want to hide the fact you use 
Tor, you have to use bridge, which is basically node with no public IP 
available to avoid the previous basic L3 traffic detection.
And you can use obfuscation too, with bridge node using meek, obfs or other 
obfuscation protocol available on Tor.

Regards,
-- 
Aeris
Individual crypto-terrorist group self-radicalized on the digital Internet
https://imirhil.fr/

Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://café-vie-privée.fr/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20170317/8d0409ff/attachment.sig>


More information about the tor-talk mailing list