Hello, the cool ntop project (www.ntop.org) has released it's opensource DPI (Deep Packet Inspection) engine with enhanced Tor protocol dissector and support http://www.ntop.org/ndpi/released-ndpi-1-8/ .
They do it by looking at the hostname pattern being used in the TLS handshake. Community-wise, which is the best way to deal with opensource code that facilitate high-performance detection of Tor traffic pattern (likely to be used by who would like to profile Tor users) ? a. Kindly ask them to re-consider releasing high-performance tools available to detect Tor traffic? b. Engage in a opensource-code arm-race for detection and anti-detection? c. Does nothing? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
