Nathan,
> I see, and so on Android, where the CA was not installed, it was > throwing the proper error perhaps? If the SonicWall was proxying SSL with its own CA, wouldn't all HTTPS pages be broken? More narrowly, if it was interfering with suspicious/aberrant traffic, wouldn't Tor die with an error logged about an invalid cert? Haha, well, I decided not to say, so I will not. One should bear in mind then that particular countries have direct connections to Iran. I would also add from observation that for some unknown reason, a number of universities in South East Asia appear to be unexpected sources of traffic to Persian-language websites. I think a lot could be learned from a traceroute, looking at logs and noting what certificates are being seen by the user. Collin On Mon, Feb 13, 2012 at 10:41 PM, Nathan Freitas <[email protected]> wrote: > On 02/13/2012 01:53 PM, Andrew Lewman wrote: > > The CA > > was installed by the university on their mandated laptops, so students > > would never know they were mitm'd the entire time. > > I see, and so on Android, where the CA was not installed, it was > throwing the proper error perhaps? > > Anyhow, +1 for obfsproxy for working in this context. > > I am still curious of the possibility that Iran is running the same > Sonic solution, or the timing is just a coincidence. > > +n > _______________________________________________ > tor-talk mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
