On 1/3/13 5:25 PM, Steve Weis wrote: > I noticed a Stanford project for setting up browser-based, ephemeral > Tor proxies. In their words, "the purpose of this project is to > create many, generally ephemeral bridge IP addresses, with the goal > of outpacing a censor's ability to block them."
I'm extremely worried by the client enumeration problem. Nothing could paint a brighter target on dissidents. Normalization is no defense here, since it applies to any scheme for circumventing a censorship system. (And with sufficient normalization, the political will to continue censorship evaporates anyway.) Either it's okay to identify clients to an adversary or it's not, and I'm under the impression that the consensus is that it's not. I also think the system could be easily rendered useless: I'm also not convinced that it's possible for the mass of ephemeral proxies to "absorb the busywork created by the adversary": to twist an old aphorism, never get into a bandwidth competition with someone who buys 10GigE ethernet cards by the crate. While I do have to credit the authors with a good enumeration of the possible threats to the system, I think these threats simply make the system unworkable in practice. If the system becomes popular, it's easy to block, and if the system *isn't* popular, it's easy to identify who's using it. Remember that the adversary need not completely block all connections from ephemeral proxies: he need only impair usability to the point that users give up.
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
