On Wed, May 29, 2013 at 01:22:31PM +0800, Chang Lan wrote:
I am a Tor GSoC student who will be working on the pluggable transports this summer. My mentor is Steven and my co-mentor is George Kadianakis. It is great to be part of the Tor community!
Steven already kicked off the discussion about how to build better transports. The original project proposal[1] discussed the possibility of sending data over UDP with extra efforts to guarantee reliable in-order delivery. However, as George mentioned recently[3], ScrambleSuite[2] may already solve the issue of scanning resistance.
Given that ScrambleSuite is being deployed, improving protocol obfuscation will be my main focus. HTTP impersonation is really useful, since there are numerous HTTP proxy outside the censored region, while the number of bridges is quite limited. What I'm gonna be doing during the summer is implementing a good enough HTTP impersonation based on pluggable transports specification. There are still many open questions indeed. Discussions are more than welcome!
Hi Chang! I want to make sure you know about a transport based on WebSocket that we hope to have deployed in the near future. A WebSocket bridge is already running; it's what browser-based flash proxies talk to. (Flash proxy is a circumvention system for IP obfuscation, not protocol obfuscation.) https://crypto.stanford.edu/flashproxy/ However, you can connect directly to a WebSocket bridge as a client, without going through a flash proxy. https://gitweb.torproject.org/flashproxy.git/blob/e4f3ced2:/doc/websocket-tr... https://gitweb.torproject.org/flashproxy.git/tree/e4f3ced2:/websocket-transp... Our conjecture is that WebSocket looks enough like HTTP to evade protocol filters, at least for a while. (WebSocket starts with an HTTP header.)
David Fifield