Hi, (Sorry for the delay -- we're overwhelmed and under-staffed.)
adrelanos wrote (02 May 2013 01:52:01 GMT) : > Since you are shipping pluggable transport obfs3, I conclude, that you > want to serve users in censored areas, even if Tails design document > does not state that explicitly. I conclude the same :) > In fact, Tor has a network fingerprint, which DPI boxes can detect and > block. In what follows, pluggable transports are assumed to work > reasonable well to beat (some of these) DPI boxes (for most of the time). > Hence, I think, you will like Tails's network fingerprint detection > resistance (from ISP perspective) , at least to the extend, that it > beats DPI boxes at least as good as pluggable transports do. If bridge mode (or whatever the censorship circumvention / Tails detection protection option is called) is enabled, then yes. Would you be willing to prepare a patch to our design/implementation doc that makes this clear? > You probable won't write into that design decision "we don't care if > it becomes clear to ISP's, that someone is using Tails". If bridge mode is not enabled, then until now, we've cared to some limited extent only. I doubt we have the means to do any better unless someone new starts working on this. > What is also open to decide for you, is whether you like to improve the > network fingerprint (from ISP perspective) when these problems start > having real world impacts (censors start censoring based on Tails > network fingerprint) or precautionary. I think we're trying to be proactive about making it harder to detect Tails users who use bridge mode. I'm not saying we're succeeding, though. > Apart from this, I also made the suggestions, if Tails wanted to have to > have a good portion of more clearnet traffic instead of having only Tor > traffic, Tails could run an untorified mainstream Linux distribution in > chroot or in a VM. It's unclear to me how useful this is in practice. Any pointer to reasoning / research on this topic? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
