Swedish Researchers Expose China's Tor-Blocking Tricks 73
An anonymous reader writes "A pair of researchers at Karlstad University have been able to establish how the Great Firewall of China sets about blocking unpublished Tor bridges. The GFC inspects web traffic looking for potential bridges and then attempts 'to speak Tor' to the hosts. If they reply, they're deemed to be Tor bridges and blocked. While this looks like another example of the cat and mouse game between those wishing to surf the net anonymously and a government intent on curtailing online freedoms, the researchers suggest ways that the latest blocking techniques may be defeated."
Pedantic response ensues (Score:5, Informative)
I hatelove slashdot summaries, and here is another example of why. Yes, I haven't read TFA.
When you use the word "while" like this, it sounds like you're going to be contradicting the first point. Especially when you use the phrase "this looks like" immediately afterward.
Instead, the second part of the sentence goes on to directly corroborate what the scenario looks like. Surprise! While it looks like you're setting up a contradiction, you finish up with reinforcement.
So in fact it doesn't just "[look] like another example of the cat and mouse game", but in fact it literally is an example of the cat and mouse game, and the researches propose another way for the mouse to escape. And yet another awkward summary graces the Slashdot homepage, in the grand tradition.
Re: (Score:1)
Kind of a pointless gripe? Oh noes, an apple looks like an apple!
That said, how do you know it is an apple? It merely looks and behaves like one.
Re: (Score:1)
Don't express your qualms as a query. Buttnude nakedom is here for you.
Re: (Score:3, Insightful)
And yet another awkward summary graces the Slashdot homepage, in the grand tradition.
And yet another grammar troll graces the comments, also in the grand tradition. I know this may be hard to accept but the human mind can parse language that's full of errors, paradox, contradictions, and incomplete information; And does so often. As well, linguistic rules and content both can be mutated without warning based on prior communication, current context, or implication.
Now I can understand how a certain subset of the population could have an issue with this -- they were never invited to 'those'
Re:Pedantic response ensues (Score:4, Insightful)
or ever flirted with someone using innuendo so skillfully that anyone observing mid-conversation would be unable to tell any kind of flirting was going on
Breaking one of the rules of grammar, say, by using while the way the Slashdot summary does, might be the means by which one conveys precisely that innuendo. If the speaker overall cares very little about the rules, I'm afraid no one would perceive their intentions as that subtle signal would be drowned in the flood of noise.
Re: (Score:1)
Meh, I agree that it is bad grammar. I agree that mistakes sometimes happen. I don't agree that said mistakes are somehow superior to proper grammar.
The person who wrote the summary, and any editors/moderators who reviewed it, should learn from the criticism.
Re: (Score:1)
Breaking one of the rules of grammar, say, by using while the way the Slashdot summary does, might be the means by which one conveys precisely that innuendo. If the speaker overall cares very little about the rules, I'm afraid no one would perceive their intentions as that subtle signal would be drowned in the flood of noise.
Yes, but that was an example, not the conclusion. I get tired of people spell-flaming on the internet. It's like... if you can't attack the argument, attack the grammar, and if you can't attack the grammar, attack the person. It's not like he wrote the summary in txt-speak or something... -_-
Re: (Score:2, Funny)
Re: (Score:1)
I think as we approach the future promised by Idiocracy, we're going to see more and more apologists for either dumbing down or the acceptance of bad writing, poor grammar, faulty logic etc.
I wonder whether at some point in your lifetime you'll ever find yourself compelled to correct someone and then think `damn, maybe that other guy from 2012 on Slashdot had a point`?
Re: (Score:3)
While this looks like another example of the cat and mouse game between those wishing to surf the net anonymously and a government intent on curtailing online freedoms,
As saying: "This looks like another story about China censoring the web"
And then:
the researchers suggest ways that the latest blocking techniques may be defeated."
Says to me:
However, this story actually suggests ways the censorship might be mitigated or defeated temporarily. S
Re: (Score:3)
While this looks like an article simply explaining a specific detail, it turns out to be more than that.
"While" is not followed with a "contradiction." "While" is followed with a "difference," a "deviation" or even a "distinction."
"While you expect this, you get that." "While you expect a little, you get a lot." "While you expect a set of dishes, you get the dishes AND a free set of Ginsu steak knives!" "While expected X, received X + Y." "X + Y" is not a contradiction of "X" is it?
I get annoyed with b
Re: (Score:2)
I agree that contradiction and difference aren't the same thing. But I think I'm right in that it didn't really seem like they were pointing out a difference even. "While it looks like a cat and mouse game, the researches are participating in the cat and mouse game." Other people here disagree with me - that's cool, it's their prerogative. I can see it being read a different way.
I think there are a lot of fair critiques to my criticism (and one that was downright mean, though it got flagged as flamebait
Re: (Score:2)
Yeah, that's a bad habit of mine, I make that mistake a lot.
I meant it was literally an example of the figurative cat and mouse game, not just like it. I should heed the warnings of XKCD [xkcd.com] tho.
bandwith of flash drive or SDHC card (Score:5, Interesting)
It is hardly possible to check every JPG file of every tourists. Tourists bring thousands of JPG files back home on flash drives and SDHC cards.
Re:bandwith of flash drive or SDHC card (Score:5, Insightful)
The throughput is reasonable, but the latency is pretty high.
Re:bandwith of flash drive or SDHC card (Score:5, Insightful)
Unfortunately spreading pro-freedom propaganda will get you sent to jail once you try to disseminate it further.
Revolution in China is inevitable (IMHO). Attempting to improve the current status technologically is a noble cause, by those who are free, for those who aren't.
Re:bandwith of flash drive or SDHC card (Score:4, Insightful)
What is the point of this expensive firewall? The "iron curtain" is just not possible with the flash memory cards of high capacity. Any intelligent curious person can bring for himself a library to last for years.
Re:bandwith of flash drive or SDHC card (Score:5, Insightful)
If you have to wait for a compatriot to leave the country and return before you get uncensored news you'll miss the protests going on downtown. The point of the firewall is to prevent an Arab Spring from occuring in China.
Re: (Score:3)
I would venture a guess that most of those Chinese tourists are part of the privileged upper class who live (or reside) in one of the economic zones that the Great Firewall doesn't cover anyway. Their lives are relatively good, and they are not going to rock the boat.
The people behind the firewall are in no position to leave, even for a short while.
Re: (Score:2)
Re: (Score:3)
Well for a start, I've never met a Chinese person who didn't agree with the Great Firewall. So the reality is that the point of it is that people actually like it.
Re: (Score:1)
What if you have a load of CP on your hard drive and no-one knows about it?
Nerds can be really fucking grating on this point.
Look: the law does not aim to stop everyone doing anything illegal. It merely aims to set a standard for "acceptable" behaviour and keep enough people in line.
Can we stop all these arguments about a law being silly because it cannot be perfectly enforced? It's typical ego-stroking nonsense. Yes, congratulations, you and any terrorist/freedom fighter (delete as inappropriate) can get p
Re: (Score:2)
You come onto a website, filled with people, whose profession deals with exceptions on a daily basis, and want to complain that we should accept 'good enough for most people?' Would you build a 'fly-by-wire' aviation system that worked 'most of the time'? Would you allow a loved one to fly in a plane using it?
You are such a contrast with the people who originally framed the laws (at one time) governing this country; they took the approach of letting some of the (possibly) guilty go if it meant ensuring that
Re: (Score:2)
Engineering standards for safety are a completely different domain from laws, so you're not making sense. here.
Also, letting some guilty people go in lieu of innocents suffering is exactly what gp was talking about. The laws will catch people too stupid to bypass the laws. And yet people complain that there are ways around it and therefore it shouldn't even be a law. How can you not see that you are the contrast?
And bailouts... now you're just bringing up random things you don't like and ignoring the con
Re: (Score:2)
"Engineering standards for safety are a completely different domain from laws, so you're not making sense." -> How so? In either case, if you f*ck up, someone can die. Perhaps the problem you are faced with here: you don't take the codification of your laws seriously enough.
"Also, letting some guilty people go in lieu of innocents suffering is exactly what gp was talking about. The laws will catch people too stupid to bypass the laws. And yet people complain that there are ways around it and therefore it
Re:bandwith of flash drive or SDHC card (Score:5, Interesting)
It's called steganography [wikipedia.org], and don't get caught. You shall be in a world of shit if you do, because you'll likely be treated as a foreign intelligence operative.
Re: (Score:2)
Because it is specific. "Spy" is a very broad term.
Re: (Score:2)
I don't believe you have any idea what I was inferring. ... and it is a (primitive) form of steganography - hiding something in plain sight. His primitive form of it would be trivial to detect, however.
Re: (Score:2)
Really, really poor steganography.
Modifying the low bit of images/movies seems much more safe to me, of course the issue is that this is only possible with a computer and the program.
Having a steganography program on your computer isn't very stealthy when you go through the customs.
Re: (Score:2)
I did say it was primitive, did I not?
Re: (Score:2, Interesting)
I think their government is too pragmatic to be concerned with small things like this.
The primary concern seems to be the stability of the country, which, if you imagine the USA with 4x the population density, makes sense.
If someone goes abroad and gets a banned website and brings it back, who cares?
But if they start organizing a political revolt or something like it, I would imagine that the record of their text messages would give them away.
In the same sense, the great firewall seems to be concerned with
Re: (Score:2)
Re: (Score:2)
Sorry, all the file types you mentioned have a file header that clearly identifies the file type even if they're renamed. Anyone who knows this will figure out what you did pretty quickly.
And of course it's stupid simple to automatically scan for such files, you don't even have to look at the whole file so it'll scan pretty quickly.
Re: (Score:2)
Public v. Private (Score:5, Interesting)
The fundamental problem here is that Tor is accessible to the public. No, you read that right. As long as anyone can download a Tor client and connect, that person will have the IP address of at least one other Tor user. There is very little that can be done to prevent this without limiting access to the Tor network by some kind of handshake/authentication model. At the very least, the network is vulnerable to a denial of service attack; Since it can't tell a legitimate user from an illegitimate one: By design, the traffic is encrypted and the source obfusciated.
Tor can't ever fully succeed in its objective -- it can only maintain network integrity so long as the ratios between different types of users, client accesses, etc., remain in the green. Should the balance ever tilt, the network will become unusable.
A real solution is end to end encryption network-wide, which is what IPv6 was supposed to do, but as I'm sure you've all realized; the capitalist owners of the routers, switches, ISPs, etc., have decided artificial scarcity of IP address space could be profitable to them, so IPv6 is sort of dead on arrival. But even if it weren't, the notion that the ISP can't control what connections are made based on content is not something any of them want to give up; again, in the name of profits.
So basically, we need a whole new internet, built by the people, from the ground up. And it will probably have to be wireless. The problems of wireless high speed internet between buildings is hard enough; Try between cities. :\ But that's the only way I see of re-establishing a free and democratic digital communications medium.
Re: (Score:3)
Re: (Score:2)
Re: (Score:3)
A real solution is end to end encryption network-wide, which is what IPv6 was supposed to do
No it isn't. You can set up ad-hoc ipsec with keys hosted in DNS if you like - this is irrespective of whether you're using v4 or v6. The problem here is that it's a bit of effort to set it up and practically no one running a server actually does it (making setting up a client reasonably pointless). And no, this won't magically start happening if you switch to IPv6 - you still need to jump through all the same hoops to set up ipsec and practically no one does.
Re: (Score:3)
A real solution is end to end encryption network-wide, which is what IPv6 was supposed to do
LOLWUT?
Re: (Score:2)
I don't really see how IPv6 could help this problem, the government can still just operate a bunch of nodes, and then block anyone who tries to connect using tor. And nothing will ever ease the risk of operating an exit node, where you can get slammed for other people's traffic. The only reason Tor works in other countries is because of legal arguments about Tor operators not being liable for Tor traffic. Outside of a local network or a darknet where all peers know each other personally, there is no such th
Re: (Score:2)
Re: (Score:2)
Ahh...No. and no.
First, end-to-end encryption was never required by IPv6. IPv6 did include all of the hooks required to encryption which were lacking in IPv4 but there was never any idea that all IPv6 traffic would be encrypted. In the years that have passed since IPv6 specs were written that some capability has been grafted onto IPv4. It's called IPSec and is used almost universally for VPNs. You too can use it if you feel so inclined, but the key exchange part makes it rather impractical for general, le
Wasn't this already explained in January? (Score:1)
In this Slashdot story?
http://yro.slashdot.org/story/12/01/09/2320201/inside-the-great-firewall-of-chinas-tor-blocking
I thought the last link in that story explained everything mentioned above already.
Glad the tor project has a solution. (Score:5, Interesting)
In China people are seeking different ways to breach GFW. We mainly use SSH tunnel, OpenVPN, or some sorts of HTTPS proxy (with some obfuscation needed by both sides or it doesn't work for GFW has capacity to probe SSL/TLS proxy).
I am glad tor now is functioning again in China. Just began to spread the obfsorxy tor browser to the others who need it.
Re: (Score:3)
*shrugs* (Score:2)
Perhaps they should implement some level of port knocking to the nodes.
Listen closely (Score:2)
We might soon need the information ourselves.