-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 11/09/2014 06:35 PM, Phillip Hallam-Baker wrote: > > If you want to do anything useful in counter-censorship then you have > to think of using steganography > *** If you use steganography, that probably means you're sending secrets over a cleartext protocol that can then be deep-packet-inspected, if you pardon me the expression, to discover patterns of steganography. If you're not, then you're already using encryption, so your possibilities to avoid censorship are much larger already.
> > Port 443 is loaded with censorship issues. > *** It's also loaded with commercial applications, and that means cryptography. Censors willing to coerce commerce are usually of a rare kind. So far escaping the Great Firewall has been done via well-known ports as well. You have to be NSA to decipher live traffic, and only then when the partner companies use the ciphers they're told to, at best. The rest of the time, all you can do it store and hope to crack sooner or later. But that's already not about censorship anymore. I find it actually easier to block little used ports than highly used ones. DNS, SMTP, IMAP, HTTP, HTTPS all come with encrypted applications, at minimum using TLS. Discriminating port 12345 is certainly easier than any of these 5 ports IMHO. == hk -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJUX/kMXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ3MDM3QTJCNjlFNkMxQzA1NjI4RDUzOEZE OEU3QkQ4MDk0MUM4MjkzAAoJENjnvYCUHIKTUKoQAIKnqqaP5lWyvru7k6UIg6Cg 5O5DniHBUGarr3beURTtG83Shys90tkDVIqVPJqKjvHHsLV356Nuya945JM45aNe inN8qBr2aNc3mPqrqmEABO1e5CbDizdQUjFZEjBXVt3pVc9Mrpz38+W4hmFHTqHz RwpyxKMgfOUjbl9GyAYVldOAQqkavqnLkaVpIYM4jgATlordPsIJLpLM1+sExwo0 YAVleOLFrEwe8e1oaRt484bebXE/Xbmi+MQV+YYsX5VoeHkb6GejW7JfDA5f6yoE byIZjffvQBiCGKGTUSd0ATyd7RYJm59LZgZ+4Qu2k3bZ0nq0inulomxbHiZERqDz utV+Xm4Xa8F0pyeddGjlskhIB10GhTP736JVa7Vhgg8hZRZluqm5/5JuWE7in4Qy 3X2NdcPby0ngPZQFQi9EgrToe6KVvH4aj7jtrfsdlGT0rhAv2Bb2QMhvQxMLxSOZ xYTMeqEhl0QyNXVpzkw1C5m1rcZZw1hgh1DrxKJQ4a3aiWuKieinevQtaMaNynNh /WOdAlQhBPj7jAGnZy8uuhaM9Zbr+uOAqvl25mYkPnJKDEGtGx/4bbE5hvbYnI01 BWnmtVzjfCBaLavUcRSaawo3fOn0BtDGxDvfeM7aMr1NCMi767l3PYXhQ/KAG6sI g35vYl/azWZLgCb/aVhI =NcF3 -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
