Hi,
I was thinking of a useful service that will invite everyone to visit it. In an ideal world, we could offer it as a badge to be included on websites as well as just as a normal website.
Basically, I think we should have an HTTP page that reports the user's ip, asn, a traceroute (icmp, tcp, udp), and it should load an image from the same machine offered over HTTPS. We could create a unique reference and if we see split routing, we have a bit of data about likely filtering.
We may even do scanning for key word filtering with a *.example.com domain certificate. In short, we generate a number of image links for which each domain load a small image. For every image that does not load, we know that the single difference is the different word in the TLS handshake. We could also offer an image to report an image of their ip address with or without ssl (with or with a lock icon). This would allow people to add an image for a web survey of sorts, if they wanted to help us with our coverage.
The incentive for a user is that they want to know their IP address and other related information. The incentive for us is that it gives us information to help develop a generic method that anyone may deploy on their own website for detecting surveillance of their readers/users/etc. A further incentive is that the data will be very interesting if we log all of the *source* ip addresses, headers (eg: X-Forwarded, X-Via, etc), and so on.
I'm tempted to run this service on blockfinder.net and back the data with the data from blockfinder/MaxMind and other GeoIP services. If we also ask the user of their country, we might be able to collect information corrections.
This will give us a light weight one to one testing service This complements the more heavy ooniprobe one to one or one to many service. It also helps us develop the more heavy solutions as we'll have an idea about data we may be missing with the heavy solutions.
Thoughts?
All the best, Jake