Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Censorship Communications Encryption Privacy Security The Internet Your Rights Online

Tor Tests Undetectably Encrypted Connections In Iran 157

Sparrowvsrevolution writes "Ahead of the anniversary of Iran's revolution, the country's government has locked down its already-censored Internet, blocking access to many services and in some cases cutting off all encrypted traffic on the Web of the kind used by secure email, social networking and banking sites. In response, the information-freedom-focused Tor Project is testing a new tool it's calling 'obfsproxy,' or obfuscated proxy, which aims to make SSL or TLS traffic appear to be unencrypted traffic like HTTP or instant messaging data. While the tool currently only disguises SSL as the SOCKS protocol, in future versions it will aim to disguise encrypted traffic as any protocol the user chooses. Tor executive director Andrew Lewman says the idea is to 'make your Ferrari look like a Toyota by putting an actual Toyota shell over the Ferrari.'" Reader bonch adds: "A thread on Hacker News provides first-hand accounts as well as workarounds."
This discussion has been archived. No new comments can be posted.

Tor Tests Undetectably Encrypted Connections In Iran

Comments Filter:
  • by v1 ( 525388 ) on Friday February 10, 2012 @03:19PM (#38997971) Homepage Journal

    Tor Tests Undetectably Encrypted Connections In Iran

    "Undetectably encrypted". No. There really is no such thing. "Obfuscated", "disguised", ok I'll take those, but not "undetectably". Makes it sound like it's flat out impossible to figure out the traffic contains encrypted data.

    I'm sure cisco and motorola etc will send their people over there this weekend to make upgrades to the censorware they sold them last year. They provide such good customer service to our adversaries when there's a buck to be made. (isn't there a law against this? they push so hard politically in one direction all the while the american businesses drive a dagger in the back of their goals)

  • by Animats ( 122034 ) on Friday February 10, 2012 @03:35PM (#38998151) Homepage

    the best and the brightest of Iranian youth will find a way to emigrate because they don't want to live in an isolated theocracy.

    They already did, decades ago. When the US-supported Shah of Iran was overthrown, many Iranians came to the US.

  • by betterunixthanunix ( 980855 ) on Friday February 10, 2012 @03:36PM (#38998157)
    Over in practical land, you need a noisy channel where the amount of noise is high enough to overpower efforts to detect your hidden signal, but where someone with special knowledge (knowledge of the secret key) can perform run an error correcting code to recover the hidden signal. This is not at all implausible; we already know how to make cryptosystems based on random linear codes; the real work would be ensuring that security is maintained even when you use the channel's naturally occurring noise to hide the signal (which may not be guaranteed).
  • by Ungrounded Lightning ( 62228 ) on Friday February 10, 2012 @03:40PM (#38998213) Journal

    How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P

    As I read the blurb (I have no inside knowledge) they're not making the PAYLOAD look unencrypted. They're circumventing the type-of-flow identification mechanisms built into router filtering by encapsulating the encrypted data within an outer layer (and addressed to the port of) another protocol. (They may even have put a layer on top of the existing service so that, unless it identifies the flow as an encapsulated TOR flow, it actually PERFORMS the service.)

    The result would be that, if they intercept the flow and try to parse it as what it purports to be, it may not make sense. But if their router look at the parts of the packets that are characteristic of what the flow purports to be, it will identify it as normal traffic and let it through. And if the router tries doing something like a keyword search through the bodies of the packets it won't get hits because the bodies are encrypted.

    You can use this approach with any protocol that can handle the traffic patters of a TOR connection (possibly with added padding packets to make the characteristics look more like the purported flow).

    Downsides might be:

    1) If you do a masked TOR only server on the port they might try to connect to the purported flow and detect that this server is not what it seems.

    2) If you do a diverting pancake you need a way to flag for the pancake that this is the masked TOR flow. If that's well known they might write a filter for it. (Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman have developed a steganographic method for applying such a tag. It is embedded in their own "TELEX" network-based firewall bypasser but might be adapted to this purpose. paper [] a href=""code")

  • by glop ( 181086 ) on Friday February 10, 2012 @03:56PM (#38998417)

    Actually when the Shah was overthrown, most of the brightest people in Iran celebrated. That's because he was a really bad dictator and the only reason most people in the West are not aware of it is because he was very pro-American and very friendly with most western countries.
    The problem with revolutions is that it's hard to stabilize things afterwards. And there is no guarantee that the nice and respectful people will take over to draft a Constitution that grants freedom for the people. That's when many of the brightest in Iran got really disappointed and the religious extremists took the power.

    You can read the account of one of those brightest people who left Iran years later:
    Marjane's account seemed pretty fair and balanced to me (based on the differences with the cliches I had heard, what I know about the publishers, the variety of the anecdotes and their "true to life" aspect).

  • by Moryath ( 553296 ) on Friday February 10, 2012 @04:36PM (#38998971)

    You've got your history partially wrong.

    The US government DID fund the Taliban (rather than see the USSR take over Afghanistan). However, the whole "Israel funded Hamas" bullshit is just that, bullshit. Hamas is an offshoot of the Muslim Brotherhood movement, which was Egypt-centered and got (still gets) most of its funding and material through Iranian connections (similar to other MB offshoots such as the Lebanese Hizb'Allah and the current Syrian government).

    The reason for this was that Iran has a tendency to fund Twelver Shi'a [] uprisings and groups in mostly-Sunni countries.

    Do a little research next time before parroting bullshit.

  • by Anonymous Coward on Friday February 10, 2012 @10:32PM (#39002547)
    $ perl -e 'print "\x48\x65\x6c\x70\n"'

Help! I'm trapped in a PDP 11/70!