On Tuesday, May 26, 2020 at 8:39:27 AM UTC-5, Catacombs wrote:
Not sure if Qubes Users is the best place to bring this up.
As I look at the various means to get on the Internet, in risky
situations:
Public WiFi.
Hotels.
A country which is involved in spying on its citizens.
I notice that Tor has a means for "Bridges." A Bridge being an IP
Address that allow one to make a first hop to an IP Address that the ISP,
or local server is not expecting, or blocking.
My problem being that if one was in a place like China, then the
government is surely trying to gather up all the Bridges which the Tor
network has.
Just generally, I see one could create a private webpage somewhere, and
place on it the software to allow one to use it as one's own personal,
private Bridge. First hop out. Then one could direct the software on the
Server to - which ever. start a standard Tor, Connect to a VPN.
It does require trusting where the server is one has put one's software
on.
Obviously, one could borrow the Software from Tor to create a Bridge.
I did not mention it to Tor, because, as this is risky in several ways, Tor
website will not publicly agree to help create this project. Although
some of their programmers might advise on how to minimize risks.
And the implementation inside Qubes Network manager software -dom0 has
its own special issues.
Any comments? / is this already on the list of suggestions for Qubes?
Hi, Qubes might not be the best Choice here.
But if you want to browse safely in the CLEARNET i would recommend a VPN
Provider you can trust. https://thatoneprivacysite.net/
For Countries like China there is a Stealth VPN Option (OpenVPN over SSL or
SSH) that works with the DPI in China.
If you want to visit also .onion sites you can Enter on your Tor Browser "a
Bridge you trust." https://tb-manual.torproject.org/bridges/
Search Bridges over https://metrics.torproject.org/rs.html#advanced
Or search
https://lmgtfy.com/?q=tor+browser+over+vpn+&pp=1&s=dhttps://lmgtfy.com/?q=tor+browser+over+vpn+&s=dhttps://lmgtfy.com/?q=tor+browser+over+vpn+&s=dhttps://lmgtfy.com/?q=tor+browser+over+vpn+&s=dhttps://lmgtfy.com/?q=tor+browser+over+vpn+&s=dhttps://lmgtfy.com/?q=tor+browser+over+vpn+&s=d
- show quoted text -
Perhaps I should have written my initial post better. While all you,
_DRX_ say about possible Internet Tunnel methods is correct, my first
thought is that it leads a well organized, well funded group, which I
assume the Peoples Republic of China (Red China) is, directly onto the
cyber dissident. A lot of Cyber Dissidents are in prison in China. I
presume that a lot of them did try to use Tor, or a pay for VPN.
I can hypothesize how the PRC goes about hunting Cyber Dissidents.
Anyone, not given permission, by the security forces, using Tor, or a VPN
is identified for scrutiny. Actually at that point, just searching their
home, computers is probably sufficient to find the evidence. That is,
criticizing the government will be treated as a crime. Just like the
Optometrist in Wuhan who tried to warn other doctors there is a highly
contagious dangerous disease infecting people. He was told to be quiet,
then jailed. His jail sentence apparently ended when the government could
not longer deny the existence of a novel Corona Virus, and some noise
outside China about the repressive policies of China.
I doubt that many of the other cyber dissidents in jail will be freed
because of pressure from outside China. The US government does not much
seem to support Human Rights under the Trump Administration. Several years
ago Trump wanted Twitter to ban anyone who was critical of him or his
policies.
In several countries around the world we have personalities who are like
Trump, and have become experts in gathering power into their hands. A few
weeks ago, thousands of former US Justice Department individuals suggested
Attorney General Barr resign. After Congress passed a version of the
Patriot Act where the US government could go through the browsing history
of any citizen without a Warrant, that is, without proving that they had a
good reason. I think that there are now several thousand former FBI and
Justice Department individuals who might think about using QUBES. If they
knew of it, and it was more user friendly.
The history of VPN's shows they can be corrupted, coerced into providing
information. Truthfully, if I was a tech at a VPN, and some police agency
came to me and said, this particular person is a Pedophile. We need to
reach into his account, and find the location of others like him, maybe
even some missing children. If we find nothing. No harm. No foul. A
powerful argument.
Sure, if ones only need was to log into ones bank account, while making
sure someone two tables over did not hijack their connection and steal
their banking info, then a VPN would be great.
If we were in the techies room in PRC, they would focus on knowing the
address of every IP Node, every VPN, or a proxy to VPN's. And finding
every one who uses them.
I find it interesting that groups like Amnesty International do not
advertise the use of "End to End Encryption, if they use it at all.
Perhaps intending to let everyone know, that whatever information given to
them is for publication.
Yes it means the ISP can easily see where my first hop out of computer
might go. But that IP address is not already on a government list. Tor
Nodes, VPN's, and their proxies use would put an individual on the
government, investigate further. I feel sure that the PRC techies are
constantly trying to scavenge up all the Tor Bridges as they become
available. Surely the secure means is where someone brings a Bridge to
Cyber Dissident, rather than the Bridge being one of those offered by Tor
Site.
Here in the US, we have functioned as though we have Civil Rights, Free
Press, are here. Yesterday there were riots in Minnesota because of what
appears to be the death of a black man due to the police. Perhaps the man
died because of a health problem more than the actions of Police.
I think what I am suggesting needs to be implemented into QUBES itself. So
the platform could be more directly installed onto the remote webpage by a
non-technical users. To be able to verify I got into my Tunnel and am I am
using it. So yes, while it is an Application, rather than an OS, I think
it may need to be installed as a Networking AppVM, and available for use by
other VM's
you are correct that this is not really the right place to get a good
response as there is nothing Qubes-specific about this topic, the Tor
community would make much more sense.
The Tor Project just came out with a new community portal that has more
information about running Tor relays (in your particular case, bridges):
https://community.torproject.org/relay/
https://community.torproject.org/relay/types-of-relays/
here is a community effort to make setting up a server to use as a Tor
bridge simpler:
https://github.com/StreisandEffect/streisand/
there are certainly other similar projects on github as well.
it sounds like you are interested in reading more about pluggable
transports, which are the different strategies for obfuscating the
initial hop to the Tor network:
https://www.pluggabletransports.info
for example, in China the "meek" pluggable transport still works:
https://www.pluggabletransports.info/transports/
some of these transports are included in Tor Browser so that a user can
still circumvent some censorship mechanisms without the need to create a
private bridge.
The Tor project "will not publicly agree to help create this project"
because it is clear you are just learning about these topics and the
first step should be to research more to understand the issues better,
through which you will find that many people within the Tor community,
in academia, & beyond are actively working on these topics and there is
already functionality within Tor Browser that takes these issues into
account. Because China and some other countries actively work on new
methods to identify and block such initial hops, it will continue to be
a topic for research & development for the foreseeable future.
--
Michael Carbone
I will admit to not being knowledgeable in Pluggable Transports. I will
read.
It is not just part of a browser, I envision some of the features are easy
to use. and the Tunnel made available to all the VM's in QUBES.
My feeling to those who have replied, is that they are technical
knowledgeable, but they have little fear as to the consequences of being
identified as a reporter of Human Rights Violations.
>
>
>
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/fe8f9831-e006-493a-b960-323f45d81d31%40googlegroups.com.
