Dear Tor Project,
Here's the summary of meek's CDN fees for March 2018. Inspired by David Fifield's summary emails :) I went back and updated the trac page with costs all the way back to April 2017, the time Team Cymru started to cover the fees.
https://trac.torproject.org/projects/tor/wiki/doc/meek#Costs
Google Amazon Azure total 2017 Jan — $1,550.19 $1,196.28 $2,746.47 2017 Feb — $1,454.68 $960.01 $2,414.69 2017 Mar — $2,298.75 $353.81 $2,652.56 2017 Apr — $584.73 $ 725.80 $1,310.53 2017 May — $2,150.47 $1,097.29 $3,247.76 2017 Jun — $2,677.31 $4,358.50 $7,035.81 2017 Jul — $2,873.28 $5,330.18 $8,203.46 2017 Aug — $646.28 $4,020.68 $4,666.96 2017 Sep — $1,914.41 $4,670.51 $6,584.92 2017 Oct — $2,962.71 $3,912.41 $6,875.12 2017 Nov — $4,674.80 $2,513.43 $7,188.23 2017 Dec — $6,358.11 $1,451.36 $7,809.47 2017 total — $30,145.72 $30,590.26 $60,735.98
Google Amazon Azure 2018 Jan — $8,429.07 $1,880.31 $10,309.38 2018 Feb — $8,522.01 $2,630.71 $11,152.72 2018 Mar — $10,863.95 ? $10,863.95 2018 total — $27,815.03 $4,511.02+ $32,326.05
grand total $13,138.96 $81,274.22 $43,754.18 $138,167.36
I'll do my best to keep the trac page updated.
All the best, Sina
On Wed, Apr 18, 2018 at 09:12:55PM -0400, Sina Rabbani wrote:
Dear Tor Project,
Here's the summary of meek's CDN fees for March 2018. Inspired by David Fifield's summary emails :) I went back and updated the trac page with costs all the way back to April 2017, the time Team Cymru started to cover the fees.
https://trac.torproject.org/projects/tor/wiki/doc/meek#Costs
Thanks Sina, I added pointers to these numbers to https://www.bamsoftware.com/papers/thesis/#tab:meek-costs https://www.bamsoftware.com/papers/thesis/#sec:meek-history-2017
Hi,
On 19/04/18 02:12, Sina Rabbani wrote:
Here's the summary of meek's CDN fees for March 2018. Inspired by David Fifield's summary emails :) I went back and updated the trac page with costs all the way back to April 2017, the time Team Cymru started to cover the fees.
Thanks for sharing this and updating the trac.
If it's not too much extra work, could you also keep the CSV file up to date? There is also a Python script on the trac page that can convert the CSV into wiki markup for easy copy and paste to update the table.
https://trac.torproject.org/projects/tor/attachment/wiki/doc/meek/meek-costs...
Thanks, Iain.
I don't know if people have seen this:
https://aws.amazon.com/blogs/security/enhanced-domain-protections-for-amazon...
Amazon is killing domain fronting too. We should probably work on a plan. Anybody knows anybody at top of the food chain in Amazon? They should probably be nudged that they're doing all the dictators and authoritarian regimes around the world the biggest favor they could ask for (but didn't have to).
Difficult times ahead...
On Wed, May 02, 2018 at 12:33:00AM +0000, Nima Fatemi wrote:
I don't know if people have seen this:
https://aws.amazon.com/blogs/security/enhanced-domain-protections-for-amazon...
Yep, and did you see this post from Moxie [0]?
[0] https://signal.org/blog/looking-back-on-the-front/
Amazon is killing domain fronting too. We should probably work on a plan. Anybody knows anybody at top of the food chain in Amazon? They should probably be nudged that they're doing all the dictators and authoritarian regimes around the world the biggest favor they could ask for (but didn't have to).
Right, and this only leaves Microsoft - but considering the current trend, that may fall soon, too. How do we convince these large companies that they are helping real people, and they should help us help them? Using domain fronting wouldn't be a volation of their terms of service if they explicitly made it a service they provide.
Apparently fronting was used by malware and CnCs, and that was becoming problematic.
Difficult times ahead...
On Wed, 2 May 2018 00:50:23 +0000 Matthew Finkel matthew.finkel@gmail.com wrote:
Apparently fronting was used by malware and CnCs, and that was becoming problematic.
Wasn't that why Google ended up killing the original meek instance back in the day? I don't particularly find any of this surprising, nor do I find entities wishing to avoid being abused in that way particularly outrageous.
I will emphasize (again, since I seem to recall doing so when Google originally stomped down on meek) that the collateral damage concept behind meek doesn't need to come from CDNs.
Any entity that is willing to risk network operators going "it's unfortunate for the users, but too bad, example.com is getting blocked because it enables Tor" that has sufficient bandwidth can run a client facing endpoint.
There isn't even particularly a need for the domain to be something clients contact extremely frequently (which is a property that made CDNs attractive in the first place), due to use cases involving using domain fronting as a signaling channel rather than a bulk transport mechanism.
To put this in more succinct terms, why can't I use snowflake/Moat via services.addons.mozilla.org, aus5.mozilla.org, incoming.telemetry.mozilla.org?
Regards,
Yawning Angel:
To put this in more succinct terms, why can't I use snowflake/Moat via services.addons.mozilla.org, aus5.mozilla.org, incoming.telemetry.mozilla.org?
-- Could this idea, or something like it, become a blog post? This is important to so many users.
-Kate
On Wed, May 02, 2018 at 03:40:44AM +0000, Yawning Angel wrote:
I will emphasize (again, since I seem to recall doing so when Google originally stomped down on meek) that the collateral damage concept behind meek doesn't need to come from CDNs.
Any entity that is willing to risk network operators going "it's unfortunate for the users, but too bad, example.com is getting blocked because it enables Tor" that has sufficient bandwidth can run a client facing endpoint.
There isn't even particularly a need for the domain to be something clients contact extremely frequently (which is a property that made CDNs attractive in the first place), due to use cases involving using domain fronting as a signaling channel rather than a bulk transport mechanism.
That's a good point. Back in the day we were trying to get Wikimedia to run https://en.wikipedia.org/meek or similar, but it never went anywhere.
tor-project@lists.torproject.org
-
David Fifield -
Iain Learmonth -
Kate Krauss -
Matthew Finkel -
Nima Fatemi -
Sina Rabbani -
Yawning Angel