> On 02/21/2012 06:48 PM, Andreas Krey wrote: >> On Tue, 21 Feb 2012 14:26:06 +0000, Daniel .koolfy Faucon wrote: >> ... >>> Checking the software's signatures should ensure that you are not >>> bootstrapping from harcoded malicious fake nodes or looking at the >>> wrong >>> nodes list, and obfsproxy makes sure there is no recognizable handshake >>> pattern. Even if they suspect it to be tor traffic there is no way >>> they can MITM an obfsproxy communication. >> >> As far as I can tell obfsproxy itself can trivially be MITM'd, >> which is about as helpful as seeing the client-relay tor traffic >> in plain: Not very much. > > Obfsproxy's objective is not to provide integrity, secrecy or anonymity. > It just > tunnels some bytes in "another protocol". Its objective is to evade some > predefined rules in DPI that target SSL/SSH traffic or other well-known > encrypted traffic patterns. > > Aside from obfsproxy being alpha software, it can be characterized as > "simple > steganographic layer". > > As such, it's a hard problem to make something "undetectable". Some of the > best > papers I've seen on the subject (mostly written by Niels Provos IIRC) > basically > said that if you have access to the steganographic algorithm, various > statistical markers can be derived. > > Of course, you could employ crypto along with steganography, but then you > got > the issue with distributing keys (obfsproxy client and server must somehow > agree > on what obfuscation layer to use).
It would work for private bridges. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
