Tor Tests Undetectably Encrypted Connections In Iran 157
Sparrowvsrevolution writes "Ahead of the anniversary of Iran's revolution, the country's government has locked down its already-censored Internet, blocking access to many services and in some cases cutting off all encrypted traffic on the Web of the kind used by secure email, social networking and banking sites. In response, the information-freedom-focused Tor Project is testing a new tool it's calling 'obfsproxy,' or obfuscated proxy, which aims to make SSL or TLS traffic appear to be unencrypted traffic like HTTP or instant messaging data. While the tool currently only disguises SSL as the SOCKS protocol, in future versions it will aim to disguise encrypted traffic as any protocol the user chooses. Tor executive director Andrew Lewman says the idea is to 'make your Ferrari look like a Toyota by putting an actual Toyota shell over the Ferrari.'" Reader bonch adds: "A thread on Hacker News provides first-hand accounts as well as workarounds."
Sounds like a tool for P I R A T E S !! (Score:5, Funny)
The MPAA has already called in the FBI, CIA, NSA, and a cadre of hired Senators to put a stop to this illegal piracy-facilitating tool--which, if it's not stopped, will cost millions of American jobs and perhaps collapse the entire economy. Our children's futures are at stake here, people!!!
Re:Sounds like a tool for P I R A T E S !! (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
Re:Sounds like a tool for P I R A T E S !! (Score:5, Funny)
Hi there! 48
All is well in the Islamic Republic! 65
Our glorious leader has won another election! 6c
Praise Allah! 70
Translation of parent's ascii codes (Score:2, Informative)
Help
$
Re: (Score:2)
Or you could just look at the first letter of each line. Or every tenth letter, or every N'th letter after a space. Or the last letter of each line.
Re:Sounds like a tool for P I R A T E S !! (Score:5, Insightful)
Wasn't it the Government that first created it?
from their about page:
"Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others. "
Re:Sounds like a tool for P I R A T E S !! (Score:5, Interesting)
Don't forget that the US State Department is the de-facto sponsor of TOR.
TOR gets most of its funding from groups that get most of their funding from the State Dept.
Re: (Score:2)
Right hand, left hand...
Be afraid of the brain (i.e. money that buys the machine controls) actually realizing what's going on.
Re: (Score:2)
Be afraid of the brain (i.e. money that buys the machine controls) actually realizing what's going on.
That might not be such a bad thing, actually. Think about whose interests the state department is supporting by producing these tools: The US military and defense contractors, the CIA and NSA, oil companies... Remember all that talk about how much bigger the tech industry is than the entertainment industry? Look at the size of the defense and intelligence industry sometime.
Re:Sounds like a tool for P I R A T E S !! (Score:4, Funny)
Then look at their imaginary size (our yearly piracy losses are bigger then world's GDP says report given to congress!), then look at modern economy being about imaginary values rather then real values (stock market, derivatives, futures...).
Then get a big bottle of your favourite alcohol and drown the sorrow.
Re:Sounds like a tool for P I R A T E S !! (Score:4, Insightful)
Wasn't it the Government that first created it?
The US government also funded the Taliban (to fight the Russians) and the Israeli goverment funded Hamas (to fight the PLO).
Re: (Score:2, Informative)
You've got your history partially wrong.
The US government DID fund the Taliban (rather than see the USSR take over Afghanistan). However, the whole "Israel funded Hamas" bullshit is just that, bullshit. Hamas is an offshoot of the Muslim Brotherhood movement, which was Egypt-centered and got (still gets) most of its funding and material through Iranian connections (similar to other MB offshoots such as the Lebanese Hizb'Allah and the current Syrian government).
The reason for this was that Iran has a tendenc
Re: (Score:1)
Well to be fair Operation Cyclone [wikipedia.org] did not specifically fund the Taliban, they sponsored many of the mujahadeen, including some who went off to become the anti-Taliban Northern Alliance.
Re: (Score:2)
Do a little research next time before parroting bullshit
Sounds like you are emotionally invested in the topic.
Note that I didn't say Israel was solely responsible, everything else you wrote is true but does not contradict what I said, no matter who vociferiously you expressed it.
For anyone else reading along interrested in an actual citation, here'e one of many [wsj.com] that acknowledges both Israel's and the Muslim Brotherhood's involvement in the beginnings of Hamas.
Re: (Score:2)
Yes I read the entire thing before writing my response.
Anyone without a hyper-emotional connection to the topic will notice the following points the article:
"Israel's experience echoes that of the U.S., which, during the Cold War, looked to Islamists as a useful ally against communism. Anti-Soviet forces backed by America after Moscow's 1979 invasion of Afghanistan later mutated into al Qaeda." ...
"The Israeli government officially recognized a precursor to Hamas called Mujama Al-Islamiya, registering the g
Re: (Score:2)
The PLO had a charity arm too - in the absence of a government able to provide basic services such as schools and hospitals (especially before the creation of the Palestinian Authority), charity organizations (funded not with Israeli money but foreign money funneled through foreign nationals) provide such things. In additon to directly benefitting the constituency, It's how hearts and minds are won with respect to this or that Palestinian organization among the people.
Hamas rose to power because Arafat pub
Re: (Score:2)
You are so clearly wrapped up in this that you can't even read what you cut-n-paste. None of what you quoted disputes my original point that Israel contributed - I never said they were solely responsible.
First quote -- this article was written in 2009 so "recent ascent" doesn't apply to what happened 30 years ago but rather their recent dominance resulting in the election win. And the second quote is a tacit admission that they did support Hamas as it starts off with "even if israel had tried to stop the
Re: (Score:2)
as it starts off with "even if israel had tried to stop the islamists" suggesting that they supported rather than opposed.
And I pointed out to you, Israel was basically being NEUTRAL towards internal Palestinian politics.
The fact that Israel didn't rain down bombs on the heads of each and every islamist group that may or may not be called a "predecessor to Hamas" does not show they were "supporting" them. There are a lot of different "charity groups" involved in the Palestinian society, including - as someo
Re: (Score:2)
The vast majority of the weapons and funds supplied to the Afghanistan for fighting the USSR was from Pakistan, Saudi Arabia, and England. The US did not create the Taliban. The Taliban and associated like minded groups are Pakistani creations.
Re: (Score:2)
Re: (Score:1)
Re:Sounds like a tool for P I R A T E S !! (Score:5, Insightful)
dear slashdot,
can we please have a +1 "sad but true" option?
Re: (Score:3)
You'll have to do with +1 insightful.
Re: (Score:2)
The root of the problem (Score:3, Insightful)
While this is a great effort, and I really congratulate the Tor proyect for all that they've done and continue to do, this still is nowhere close to the solution on the real issue here: governments that over and over again limit people's freedom of speech and privacy.
Re: (Score:2, Interesting)
What do you propose we Western geeks do about the government of Iran?
Re:The root of the problem (Score:5, Funny)
Write code that messes with their technology, perhaps something that might wreak havoc on centrifuges or other industrial machinery?
Re: (Score:2)
Rip down their posters.
Re: (Score:1)
Nice xkcd reference.
Re:The root of the problem (Score:5, Insightful)
Unfortunately you always have to build things in spite of people, and can never count on altruism because there will always be bad actors, and those bad actors always have the chance of gaining power. It's the human condition, the only thing you can do is route around it. I agree we should address it from many fronts, but technological circumvention, while maybe only alleviating symptoms, seems to be very effective.
Re: (Score:1)
Do not worry people. Is impossible to stop antiencription.
just imagine the following idea.
You write a tottaly understable text with some easy code. For example. The first letter of each word are a phrase.
Well. you can create extensive false documents (there where papers accepted by academics written by computers, so is not entirely impossible) with this kind of coding (There are a lot of more complex algorithms involving taken only the letters from a formula, etc).
If only some people has the code to break
Re: (Score:3)
Tor proyect
That sounds like commie talk, comrade.
Re: (Score:3)
While this is a great effort, and I really congratulate the Tor proyect for all that they've done and continue to do, this still is nowhere close to the solution on the real issue here: governments that over and over again limit people's freedom of speech and privacy.
That is sort of missing the big picture. Yes, you have to fight governments that oppress and censor... but this is one of the ways you do it. It's a lot easier to convince someone that censorship is wrong if it is, in any event, totally ineffective -- because you take away any possible upside. It no longer becomes a weighing of the benefits of censorship against its costs, because the benefits are destroyed by developing this type of technology. Censorship becomes something that has only costs, and there ce
Re: (Score:2)
Disguise encrypted as unencrypted? (Score:5, Funny)
How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P
Re: (Score:3)
Re: (Score:2)
But its use would be so rare in Iran that the police could just arrest and execute anybody in posession of tools which could be used for steganography.
Re:Disguise encrypted as unencrypted? (Score:5, Insightful)
It's steganography. They've created a strong AI capable of passing as human and conversing intelligently with other copies of itself. Each AI instance develops relationships with others, sharing email and IMs about its loves and hates, passions and dreams, even photos of virtual family and pets. All of which can contain a hidden payload of your private data.
But enough technical mumbo-jumbo. What matters is you'll now be able to surf porn sites without anyone knowing.
Re: (Score:2)
A really good question now is how do you allow any internet traffic at all? Nearly anything can be encoded with steganographic information.
There was one guy on the net a few years ago named "Fravia" that went on in detail how to make steganographic communications programs on the fly. Wonderful work.
After reading his essays, which he so graciously
Re: (Score:2)
Re: (Score:1)
Easy. Send a payload that has some randomness to it. For example, a JPEG will have mostly random least significant bits. So now you take your encrypted data, which looks like random data, and replace the random LSBs in the JPG with your encrypted data. This is still vulnerable to statistical analysis, because little in nature is truly as random as random data is. But it raises the bar.
Re: (Score:2)
This is still vulnerable to statistical analysis, because little in nature is truly as random as random data is.
Uh, I thought it was the other way around, as the "randomness" of the data is determined by the use of non-random algorithms, whereas nature is not dependent on such defined programming.
As an example, compare Rhapsody's "shuffle" setting that only repeats 20 songs from a 500 song playlist over and over, as opposed to closing your eyes and chucking darts at the same list.
Re: (Score:1)
"shuffle" is not a cryptographically secure algorithm. If your encryption is seeded with sufficiently random data, then the encrypted data will be indistinguishable from random.
Nature is truly random, but there are different types and degrees of randomness. If the noise in the LSB tends to be Brownian and you replace it with white noise, that's going to be detectable.
Re: (Score:3)
If the noise in the LSB tends to be Brownian and you replace it with white noise, that's going to be detectable
Replacing brown noise with white noise? Sounds pretty racist to me.
Re: (Score:2)
Re: (Score:2)
However, it does extend the operating life of your LCD.
Re: (Score:2)
Re: (Score:2)
closing your eyes and chucking darts at the same list.
Chucking darts at a wall is incredibly non-random. It's good for a one-time toss, but repeated uses will cluster badly.
Looks like you might benefit from this. [abcteach.com]
Re: (Score:2)
Re: (Score:2)
This is why you spin around repeatedly first.
Re: (Score:1)
It's actually pretty easy. I bet you couldn't hIwD5E4YmYgu7EABA/4zkMc2B2jVFcLC2s8SbV4MWdJCb0buQe0eEJX9XuMgNEbG even tell this was a ryyIKnRf2Zg8TvdClV20DsClRXR9GICX2pdhEFWqSJDQuLQX2sC7fVPshoOYkutV secretly encrypted KFyslVdYKQlLq4cwOHCTbIDLPdTFFpSuhIOvgk8yhcQTo2M7VY6xmaNLtYm0/9JE message, hiding in plain AS2LW55DgwHs6waLou78owXYW7vQBkhQLky69gV4htAhwIEqkdzS5w3iE36a9eyZI sight on plain old HTTP in /63GXN745FjoP8hwSZCfffhY0L8= ordinary HTTP traffic with no SSL/TLS at all. =DKJ0 It looks just like normal traffi
Re: (Score:3)
encapsulation.
Here's one way to do it:
Send the SSL data in a standard HTTP stream. Even better, base64 encode the data, so it looks like actual text.
To block this means either blocking HTTP as a whole, or building/buying some expensive stuff that can understand HTTP and do some kind of content analysis on it.
Re: (Score:2)
Well, perhaps the Iranian government can't just buy that sort of deep packet analysis tool off the shelf, but most people can. Detecting steganography is very easy once you know the algorithm used. If they just crammed base64 text into text streams, most ISPs could already flag that, using equipment already in place, with a few minutes work on the regex.
Re: (Score:2)
It's fundamental to encryption to assume your atttacker knows your algorithm - keys can be managed, but the algorith is out there, and anyone smart enough will figure it out.
Re: (Score:2)
Has anyone done this?
It'd sure be nice to have some kind of an implementation of it built into OpenSSH and a client like Putty, and robust enough to work through a firewall proxy.
I'm sure it belongs as some standalone proxy, but having it integrated would make it easier and less painful to use from a client perspective, although I would imagine it would have to be a pretty simplistic implementation (wrap SSL in HTTP, base64 encoded only) and not delve to far into actual steganography.
In other words, useful
Re: (Score:2)
As far as the file style analysis - this wouldn't be possible except at the very beginning of the connection, as the data in the middle looks like garbage.
The beginning though - where certificates are exchanged and handshakes made - this could be picked up on, and if the connection was squashed at this point, it wouldn't be possible to continue.
As I read the blurb ... (Score:5, Informative)
How do you hide something unreadable within something readable? ... damn, you're going to make me RTFA, aren't you? :P
As I read the blurb (I have no inside knowledge) they're not making the PAYLOAD look unencrypted. They're circumventing the type-of-flow identification mechanisms built into router filtering by encapsulating the encrypted data within an outer layer (and addressed to the port of) another protocol. (They may even have put a layer on top of the existing service so that, unless it identifies the flow as an encapsulated TOR flow, it actually PERFORMS the service.)
The result would be that, if they intercept the flow and try to parse it as what it purports to be, it may not make sense. But if their router look at the parts of the packets that are characteristic of what the flow purports to be, it will identify it as normal traffic and let it through. And if the router tries doing something like a keyword search through the bodies of the packets it won't get hits because the bodies are encrypted.
You can use this approach with any protocol that can handle the traffic patters of a TOR connection (possibly with added padding packets to make the characteristics look more like the purported flow).
Downsides might be:
1) If you do a masked TOR only server on the port they might try to connect to the purported flow and detect that this server is not what it seems.
2) If you do a diverting pancake you need a way to flag for the pancake that this is the masked TOR flow. If that's well known they might write a filter for it. (Eric Wustrow, Scott Wolchok, Ian Goldberg, and J. Alex Halderman have developed a steganographic method for applying such a tag. It is embedded in their own "TELEX" network-based firewall bypasser but might be adapted to this purpose. paper [telex.cc] a href="https://telex.cc/"code")
Re: (Score:3)
Re: (Score:2)
I really don't get the car analogy.
I mean, if you put both cars through a grinder (encryption) or press (archiving), won't that make the toyota and ferrari the same?
No, one is a Tor-ota.
Seems about right (Score:5, Insightful)
Re: (Score:2)
The more you tighten your grip, $dictator, the more $locations will slip through your fingers. - $rebel_princess.
It just might take 50, 100, or 400 years. The German Reich - 12 years. Fascist Italy - 21 years. USSR - 74 years. North Korea - 60 years and counting.
Apt quotation (Score:2)
"If they can get you asking the wrong questions, they don't have to worry about the answers." -- Thomas Pynchon
If they're undetectable... (Score:2)
Automated steganography (Score:2)
It'd be slow, for sure, but encapsulating messages inside of images using steganography libraries should be very feasible as a means of tunneling.
Re: (Score:2)
I can see it now.
Analyst A: Wow, this cat photo has gotten VERY popular.
Analyst B: Hey... why do these otherwise identical photos have different checksums?
Re: (Score:2)
I assume you were referring to YouTube. The problem with YouTube is that any video you upload is going to be transcoded for their storage, so anything you've hidden in the bits of the video is going to be lost or at least seriously corrupted.
Re: (Score:1)
Re: (Score:2)
tunneling.
Doesn't help you if you just want to access your bank account or email. A tunnel implies somebody ready to operate the other end. If that person existed outside Iran, the Iranian government would quickly block access to them.
not the smartest headline (Score:3, Informative)
"Undetectably encrypted". No. There really is no such thing. "Obfuscated", "disguised", ok I'll take those, but not "undetectably". Makes it sound like it's flat out impossible to figure out the traffic contains encrypted data.
I'm sure cisco and motorola etc will send their people over there this weekend to make upgrades to the censorware they sold them last year. They provide such good customer service to our adversaries when there's a buck to be made. (isn't there a law against this? they push so hard politically in one direction all the while the american businesses drive a dagger in the back of their goals)
Re: (Score:3)
A proper encryption without a header of some kind, and without the key, looks like random noise. You can suspect it's encrypted, but you cannot know for certain (ignoring context. even then, the context only suggests, not proves)
So, pedantically, I suppose it IS possible. But not over in practical land.
Re:not the smartest headline (Score:5, Informative)
Re: (Score:2)
Encryped data will never have the same "profile" as true randomness. Once the attacker knows the algorithm being used, nothing today will stop him from detecting that data is present. But that's not what the TOR team is after - they're trying to make it impractically expensive to perform this sort of detection on all internet traffic with the hardware the attacker already has. That's a much more practical objective. They aren't trying to hide the fact that there's an encrypted payload, they're just remo
Re: (Score:2)
Once the attacker knows the algorithm being used, nothing today will stop him from detecting that data is present
Except for time, since we generally want ciphers whose ciphertext is computationally indistinguishable from a uniform random sequence i.e. where no efficient algorithm can distinguish between ciphertext and randomly sampled strings with non-negligible probability, even when the algorithm is publicly known (as long as the secret key is not publicly known). Whether such a thing is actually possible is still an open question, but there are good reasons to think that it is possible.
Re: (Score:2)
Using a one-time-pad type of stream cipher would work, so long as you made sure to send the next pad before you ran out on the existing one. The danger of that though, is if they can grab a pad, they could theoretically decrypt any subsequent data (so long as they didn't "miss" recording the part with the next pad).
Provided the pads are generated in an actually random or near-random manner, then the ciphertext would be indistinguishable from said random/near-random data.
Re: (Score:2)
Re: (Score:2)
... because people reading this thread may not be subject matter experts, and know all of that?
Re: (Score:2)
Oh, I agree about the ideal, but we don't have anything like that today. Just like you can make a cipher unbreakable if you can compress the plaintext down to where there's no redundancy, but good luck designing a languange where all sequences are not only well formed, but meaningful.
Cryptography is in a good place right now, where no one really attacks the math - the algorithm is the strongest part. The math for hashes is weaker, but we seem to get a few useful years out of each one. The math for stegan
Re: (Score:1)
Re: (Score:3)
Makes it sound like it's flat out impossible to figure out the traffic contains encrypted data.
Well, in terms of steganography, we can speak of "strong" or "provably secure" steganography which can guarantee that no process can decide if a hidden message exists in the cover traffic with non-negligible advantage. If you have a low enough SNR, detecting the existence of the signal at all become impossible; the only trick is to ensure that someone with the secret key can still extract that signal.
Re: (Score:2)
This usually requires the percentage of secret data to be very small compared to the amount of "plausibly harmless" data it's steno'd into.
So whether or not that is usable depends on the amount of data you want to hide, and what you intend to hide it in. If you want to send a paragraph of text you can probably squeeze that nicely into a tiff from your camera with minimal risk. But if you want to send someone a DVD
Re: (Score:2)
if someone is LOOKING for data to be hidden in the image
There are ways to defend against this; I would start by looking at the Learning With Errors problem, which I suspect could be used for strong steganography systems (it is already being used for cutting edge cryptography).
In theory you're right, but practical application can be a problem.
That is the pattern with the Tor project. In the 90s, a lot of work went into anonymity systems that were resilient to concerted efforts to defeat the anonymity guarantees (mixmaster). Tor took some of these ideas, but had to sacrifice the strong security guarantees to ensure practica
Re: (Score:2)
Don't be so hasty... Spammers can get past spam filters even when they are tuned to look for every variation of the word P3N1S. :)
Re: (Score:2)
Trivially, if you have a regular message that's filled with noise, it's easy to filter. Less trivially, if you have a message that encodes encrypted messages as normal-looking sentences, you might be able to filter it, though the generation of such could get pretty sophisticated. F
hah! (Score:2)
in the technological arms race, this is pretty damn cool idea.
The Purloined Packet (Score:2)
Lousy OPSEC (Score:1)
Re: (Score:1)
Iran's government is afraid, and thereby stupid (Score:5, Interesting)
Re:Iran's government is afraid, and thereby stupid (Score:4, Informative)
the best and the brightest of Iranian youth will find a way to emigrate because they don't want to live in an isolated theocracy.
They already did, decades ago. When the US-supported Shah of Iran was overthrown, many Iranians came to the US.
Re:Iran's government is afraid, and thereby stupid (Score:4, Informative)
Actually when the Shah was overthrown, most of the brightest people in Iran celebrated. That's because he was a really bad dictator and the only reason most people in the West are not aware of it is because he was very pro-American and very friendly with most western countries.
The problem with revolutions is that it's hard to stabilize things afterwards. And there is no guarantee that the nice and respectful people will take over to draft a Constitution that grants freedom for the people. That's when many of the brightest in Iran got really disappointed and the religious extremists took the power.
You can read the account of one of those brightest people who left Iran years later: http://en.wikipedia.org/wiki/Marjane_Satrapi
Marjane's account seemed pretty fair and balanced to me (based on the differences with the cliches I had heard, what I know about the publishers, the variety of the anecdotes and their "true to life" aspect).
Re: (Score:2)
Isn't this a good thing though? "The People should not fear its government. The government to should fear its the People."
I guess the only thing missing is the revolution to actually throw the government out of the country.
Re: (Score:2)
Look at Iran now, what religion do they follow?
The place is already set back a century.
Learn from others (Score:1)
If the censor can't see it, it will get blocked. (Score:3, Interesting)
"If we can't parse it, it gets blocked."
In the old days, Cuban international phone calls were monitored. At least one person started talking a language other than English or Spanish and the operator broke in and told them to speak English or Spanish or get cut off.
Source: Something I read in a reputable newspaper or magazine back in the 1970s or 1980s.
Of course (Score:2)
Because Tor wasn't slow enough already...
Cool sounds like IP steganography (Score:2)
IP steganography makes it all the cooler, while still keeping a sort of logic about it that is very high level.
I hope you all understand this will change things forever...
Point-to-point and ad-hoc mesh networks (Score:2)
This topic is important to more than just Iranians. The events of the Arab Spring and developments across Europe, Asia, and America indicate we average folks are going to need a truly free means of communicating soon if not now. It has to be impossible for governments or corporations to blackout communications anywhere, so that their misdeeds cannot go unwitnessed.
I know that separate projects exist to tackle this problem in different ways. B.A.T.M.A.N.'s ad hoc network protocol is one. Point-to-point i
Re: (Score:2)
"I've often wondered why nobody ever nicks the body and VIN of an economy car to reduce theft risk and insurance costs of a sports car"
Because they hot rod the economy car to get a sufficiently similar performance result.
That's been done for almost one hundred years, and "Gow jobs" (for example) were being built before (possibly all) Slashdot posters were born.