Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Justin 
Hello,
I know.  OBFS4 makes the traffic unrecognizable to a DPI unit.  That’s why I 
switched from Meek to it.

> On Nov 21, 2015, at 4:14 AM, Ivan Markin  wrote:
> 
> Justin:
>> I won’t get into trouble because I’m not using regular Tor.  I’m
>> using pluggable transports, which hide the Tor traffic and make it
>> unrecognizable to a DPI box.  This should be good enough even if
>> Meek’s TLS is broken.
> 
> Nope, not good enough. Actually it is _regular_ Tor connection. It is
> just encapsulated into HTTP (without TLS in your case) and easily
> detectable with tools like tcpflow.
> Try to use PTs other than meek like obfs4/ScrambleSuit.
> 
> -- 
> Ivan Markin
> 
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Ivan Markin 
Justin:
> I have calculated that he is probably too lazy to check his logs.

Dangerous! What will happen if they overcome their laziness?
If they already created CA cert and even deployed it in some way there
is no hope that laziest admin do not just save all the stuff you do (and
not MitM-ing TLS). They can and use it against you later.

> Even if Meek-Google is broken, I got more information from him that
> would indicate that he probably won’t MITM Meek-Amazon or Azure.  If
> it does become dangerous, I will switch to one of those.

Does it matter which TLS to MitM if they have CA in your computer
already installed?

I recommend to switch now, meek doesn't work in this case as it's
supposed to. But it's all about your threat model and up to you.

-- 
Ivan Markin



signature.asc
Description: OpenPGP digital signature
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Andreas Krey 
On Fri, 20 Nov 2015 17:18:00 +, Justin wrote:
...
> SSH is probably more dangerous than OBFS4 because it coulee be detected with 
> a DPI fingerprint.  They might question that.  I think Tor with transports is 
> good.

On that paranioa level OBFS4 is as dangerous as SSH - it doesn't matter
if they see traffic they can fingerprint as ssh or they see traffic they
cannot fingerprint. They get suspicious in both cases.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds 
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Justin 

Hello,
You would be correct normally, but at school, I know the IT guy very well.  I 
have calculated that he is probably too lazy to check his logs.  He usually 
doesn’t check things out until someone tells him that a problem is occurring.  
Even if Meek-Google is broken, I got more information from him that would 
indicate that he probably won’t MITM Meek-Amazon or Azure.  If it does become 
dangerous, I will switch to one of those.
> On Nov 21, 2015, at 4:36 PM, mick  wrote:
> 
> On Sat, 21 Nov 2015 16:56:12 -0500
> Allen > allegedly wrote:
> 
>>> 
 SSH is probably more dangerous than OBFS4 because it coulee be
 detected
>>> with a DPI fingerprint.  They might question that.  I think Tor with
>>> transports is good.
>>> 
>>> On that paranioa level OBFS4 is as dangerous as SSH - it doesn't
>>> matter if they see traffic they can fingerprint as ssh or they see
>>> traffic they cannot fingerprint. They get suspicious in both cases.
>>> 
>>> 
>> Personally, I would think SSH is much safer.  It is used by IT people
>> all the time for server management, so they will understand it.  The
>> destination address will be a cloud server, which you can simply say
>> you are using for a personal project.  OBFS4 on the other hand is not
>> normally used by IT people--it is used to get around IT people.  They
>> will immediately be very suspicious if they are able to figure out the
>> protocol.  And the destination IP address is who-knows-what, which
>> could by itself raise questions and might even lead them to think a
>> computer on their network could be infected with a virus that needs
>> immediate investigation.  In the end, a protocol they know and
>> understand and use in their own work will be much less threatening to
>> them than something they don't.
> 
> To the OP (and others who may wish to try something similar) my strong
> advice is "don't, just don't". I've been a network admin and sysadmin
> on corporate systems. Unauthorised traffic on such a network /will/
> attract attention, /will/ piss off the admins and almost /certainly
> will/ result in disciplinary action including and up to summary
> dismissal depending upon the terms of your contract.
> 
> Mick
> 
> -
> 
> Mick Morgan
> gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
> http://baldric.net 
> 
> -
> 
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org 
> 
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk 
> 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Justin 

Ivan,
If he does overcome his laziness, I’m ready to use another transport.  He has 
not deployed a cert.  I know this for a fact because the filter he’s using will 
prompt users to download it to their devices.  When it comes to storing 
traffic, I am pretty sure that Meek will stop connecting if it can’t verify the 
TLS connection.  When it comes to whether or not it matters, yes it does.  
Because decrypting all traffic at the gateway slows down the Internet, so he’s 
going to have to decide what to decrypt.  My threat model assumes that 
Meek-Google will be broken.  It also assumes that the Amazon and Azure versions 
may be broken.  Should they all be broken, I will switch to another transport.
> On Nov 21, 2015, at 5:26 PM, Ivan Markin  wrote:
> 
> Justin:
>> I have calculated that he is probably too lazy to check his logs.
> 
> Dangerous! What will happen if they overcome their laziness?
> If they already created CA cert and even deployed it in some way there
> is no hope that laziest admin do not just save all the stuff you do (and
> not MitM-ing TLS). They can and use it against you later.
> 
>> Even if Meek-Google is broken, I got more information from him that
>> would indicate that he probably won’t MITM Meek-Amazon or Azure.  If
>> it does become dangerous, I will switch to one of those.
> 
> Does it matter which TLS to MitM if they have CA in your computer
> already installed?
> 
> I recommend to switch now, meek doesn't work in this case as it's
> supposed to. But it's all about your threat model and up to you.
> 
> -- 
> Ivan Markin
> 
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Ivan Markin 
Justin:
> Because decrypting all traffic at the gateway slows down the 
> Internet, so he’s going to have to decide what to decrypt.

Not much. I'm pretty sure that lag would not be even perceptible. When
I'm using Tor my traffic encrypts so many times... I haven't noticed any
significant visible slowdown.
Ciphers are pretty fast now. AES is even in hardware [see AES-NI].

> My threat model assumes that Meek-Google will be broken.  It also
> assumes that the Amazon and Azure versions may be broken.  Should
> they all be broken, I will switch to another transport.

If TLS is broken via CA cert then it's broken (no matter which).

-- 
Ivan Markin
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread mick 
On Sat, 21 Nov 2015 16:56:12 -0500
Allen  allegedly wrote:

> >
> > > SSH is probably more dangerous than OBFS4 because it coulee be
> > > detected
> > with a DPI fingerprint.  They might question that.  I think Tor with
> > transports is good.
> >
> > On that paranioa level OBFS4 is as dangerous as SSH - it doesn't
> > matter if they see traffic they can fingerprint as ssh or they see
> > traffic they cannot fingerprint. They get suspicious in both cases.
> >
> >
> Personally, I would think SSH is much safer.  It is used by IT people
> all the time for server management, so they will understand it.  The
> destination address will be a cloud server, which you can simply say
> you are using for a personal project.  OBFS4 on the other hand is not
> normally used by IT people--it is used to get around IT people.  They
> will immediately be very suspicious if they are able to figure out the
> protocol.  And the destination IP address is who-knows-what, which
> could by itself raise questions and might even lead them to think a
> computer on their network could be infected with a virus that needs
> immediate investigation.  In the end, a protocol they know and
> understand and use in their own work will be much less threatening to
> them than something they don't.

To the OP (and others who may wish to try something similar) my strong
advice is "don't, just don't". I've been a network admin and sysadmin
on corporate systems. Unauthorised traffic on such a network /will/
attract attention, /will/ piss off the admins and almost /certainly
will/ result in disciplinary action including and up to summary
dismissal depending upon the terms of your contract.

Mick

-

 Mick Morgan
 gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
 http://baldric.net

-



signature.asc
Description: PGP signature
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Allen 
>
> > SSH is probably more dangerous than OBFS4 because it coulee be detected
> with a DPI fingerprint.  They might question that.  I think Tor with
> transports is good.
>
> On that paranioa level OBFS4 is as dangerous as SSH - it doesn't matter
> if they see traffic they can fingerprint as ssh or they see traffic they
> cannot fingerprint. They get suspicious in both cases.
>
>
Personally, I would think SSH is much safer.  It is used by IT people all
the time for server management, so they will understand it.  The
destination address will be a cloud server, which you can simply say you
are using for a personal project.  OBFS4 on the other hand is not normally
used by IT people--it is used to get around IT people.  They will
immediately be very suspicious if they are able to figure out the
protocol.  And the destination IP address is who-knows-what, which could by
itself raise questions and might even lead them to think a computer on
their network could be infected with a virus that needs immediate
investigation.  In the end, a protocol they know and understand and use in
their own work will be much less threatening to them than something they
don't.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-21 Thread Ivan Markin 
Justin:
> I won’t get into trouble because I’m not using regular Tor.  I’m
> using pluggable transports, which hide the Tor traffic and make it
> unrecognizable to a DPI box.  This should be good enough even if
> Meek’s TLS is broken.

Nope, not good enough. Actually it is _regular_ Tor connection. It is
just encapsulated into HTTP (without TLS in your case) and easily
detectable with tools like tcpflow.
Try to use PTs other than meek like obfs4/ScrambleSuit.

-- 
Ivan Markin



signature.asc
Description: OpenPGP digital signature
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Justin 
Hello,
The IT department does not have access to my machine.  Also, I have no option 
but to keep the cert because if I don’t the filter may use DPI to block TLS for 
me.  Not sure if that will be happening, but it may be possible.  When it comes 
to malware, if I think that the IT department is going after me, I will use 
Tails.  That should certainly stop them.

> On Nov 20, 2015, at 4:33 PM, Ivan Markin  wrote:
> 
> Justin Davis:
>> Just to give more information, the
>> attack will be done by having every network user install a root cert
>> in our browsers.
> 
> Be twice (or more) careful if someone have access to your computer in
> such way. They can even dump _anything_ that you're looking via Tor. For
> instance, they can sniff SOCKS5 TBB<->tor connection.
> 
> In other case just delete malicious CA certs (if you have these
> permissions).
> -- 
> Ivan Markin
> 
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Ivan Markin 
Justin:
> Also, I have no option but to keep the cert because if I don’t the
> filter may use DPI to block TLS for me.

Funny! I mean that you're already have no TLS, because actual TLS is
terminated at your ITDep. You should remove these CAs - you have nothing
to lose!
When TLS is blocked (looks too problematically when it comes to the
reasons of this censorship, but possible) try another Pluggable Transport.

-- 
Ivan Markin



signature.asc
Description: OpenPGP digital signature
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Allen 
If your IT department allows outgoing SSH, then spin up a micro Linux EC2
instance on Amazon Web Services (which costs only 1.3 cents per hour), then
SSH into the EC2 instance and setup an SSH tunnel.

Assuming your local machine is running Windows, you can use Putty as the
SSH client.  If you just want to use the EC2 instance as a proxy (without
Tor), then in the  Putty configuration, look under Connection -> SSH ->
Tunnels, for Source port pick any high number like 9000, pick Dynamic,
click Add, then Open the session, finally, configure your browser to
connect to a SOCKS4 proxy on 127.0.0.1 at the port you chose (like 9000).

If you want to use Tor, too, then download and start torproxy on the EC2
instance.  Assuming the torpoxy port on the EC2 instance is 9050, then in
the Putty configuration under Connection -> SSH -> Tunnels, for Souce port
pick any high number like 9000, pick Local and in the Destination field
enter 127.0.0.1:9050, click Add, then Open the session and again configure
your browser to connect to a SOCKS4 proxy on localhost at the port you
chose (like 9000).

If you've never used EC2 before, it will probably take you 1-2 hours to do
this the first time (maybe you can find a tutorial on the www or
something), but once you get it set up it works quite nicely, and the price
is right.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Justin 

Allen,
SSH is probably more dangerous than OBFS4 because it coulee be detected with a 
DPI fingerprint.  They might question that.  I think Tor with transports is 
good.
> On Nov 20, 2015, at 5:16 PM, Allen  wrote:
> 
>> You should remove these CAs
> 
> Or they might fire you.  IMO, you want to stay under the radar of your IT
> department.  Much better if you can to let them have their MiTM certs and
> go around them using SSH or some other protocol.
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Ivan Markin 
Allen:
> Or they might fire you.  IMO, you want to stay under the radar of
> your IT department.  Much better if you can to let them have their
> MiTM certs and go around them using SSH or some other protocol.

Or they _already_ can fingerprint Tor TLS (too easy) because they're
terminating TLS (meek in this case). And then fire you for using Tor.

-- 
Ivan Markin



signature.asc
Description: OpenPGP digital signature
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Ivan Markin 
Justin Davis:
> Just to give more information, the
> attack will be done by having every network user install a root cert
> in our browsers.

Be twice (or more) careful if someone have access to your computer in
such way. They can even dump _anything_ that you're looking via Tor. For
instance, they can sniff SOCKS5 TBB<->tor connection.

In other case just delete malicious CA certs (if you have these
permissions).
-- 
Ivan Markin



signature.asc
Description: OpenPGP digital signature
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Justin 
Hello,
I think I will use OBFS4.  When it comes to the cert, I will probably have the 
option not to install it.  By the way if you want more security and you’re 
really in trouble you should Tails.
https://tails.boum.org
Read the documentation!

> On Nov 20, 2015, at 4:53 PM, Ivan Markin  wrote:
> 
> Justin:
>> Also, I have no option but to keep the cert because if I don’t the
>> filter may use DPI to block TLS for me.
> 
> Funny! I mean that you're already have no TLS, because actual TLS is
> terminated at your ITDep. You should remove these CAs - you have nothing
> to lose!
> When TLS is blocked (looks too problematically when it comes to the
> reasons of this censorship, but possible) try another Pluggable Transport.
> 
> -- 
> Ivan Markin
> 
> -- 
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-20 Thread Allen 
> You should remove these CAs

Or they might fire you.  IMO, you want to stay under the radar of your IT
department.  Much better if you can to let them have their MiTM certs and
go around them using SSH or some other protocol.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] MITM attack on TLS

2015-11-18 Thread Ondrej Mikle 

On 11/18/2015 04:36 PM, Justin Davis wrote:

I just learned that the IT department of an organization where I am
will begin mass decryption on TLS traffic.  Would this effect the use
of the Meek pluggable transport?  Just to give more information, the
attack will be done by having every network user install a root cert
in our browsers.  Any information is apreciated.


I'm not entirely sure whether meek transport checks the certificate, 
because it's not necessary since it just acts an encapsulation proxy for 
Tor traffic.


However the IT admin would be able to see to which meek bridge are you 
connecting to after the MitM (meek just sends the bridge in HTTP Host 
header that is normally hidden inside TLS tunnel).


I haven't checked meek's development in a while, so this might not be 
entirely accurate.


OM
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk