On 27 July 2013 10:17, Lag Inimaineb laginimaineb@gmail.com wrote:
As for suggestions such as SWEET, FreeWave, etc. - those would require changes to the TOR clients (right?), which makes them probably less easy to use, unless they are merged into the TOR mainline. Same goes for ScambleSuit, since the shared secret much somehow be delivered out-of-band, which is not always an easy feat to accomplish.
Those are not the biggest hurdles. Distributing a secret along with bridge IPs is not too difficult, BridgeDB has this capability built in. Likewise, changes to TBB are relatively easy compared to the difficulty of having a major social media site install software that splits Tor bridge traffic off from their legit HTTP traffic. That would require them being extremely, _extremely_ confident in the scalability, performance, and security of said code.
That said - I've had this same idea myself. I tend to categorize censorship into 4 buckets: 1) Source-Based. You are not allowed online. 2) Destination-Based - you can't talk to this host, this IP, this port 3) Byte-Matching - You can't search for this term, you can't speak this protocol 4) Pattern-Based - You can't talk SSL in a manner where you're uploading the same amount as you're downloading, or you can't use SSH in a way that looks like you're transferring files.
We've seen large deployments of Destination-Based and Byte-Matching (and augmented w/ follow-up scans to have a higher confidence).
Github was blocked in China briefly, and allegedly the Chinese people protested and the ban was lifted.[0] This implies, to me, that certain sites are too politically important to be blocked. If we enlisted their help in this model we would have essentially unblockable bridges. It's a win-win: Either the gov't doesn't block the site, and people can use the bridges OR The gov't does block the site, piss people off, and hopefully begins the crumble. It's probably not a popular opinion, but the more the government makes a people suffer... the more likely they are to overthrow it. (And not having github is a lot better suffering than being thrown in the gulag.)
-tom
[0] http://www.h-online.com/open/news/item/GitHub-blocked-in-China-Update-178911...