[Nix-dev] Obfuscated TOR bridge is packaged. Please consider running it.

Thu Jun 13 02:45:00 CEST 2013

@phreedom

Thanks for answering my questions I will try to put it to goo use.

On Tue, Jun 11, 2013 at 11:06 PM, <phreedom at yandex.ru> wrote:

> В письме от Вторник 11 июня 2013 15:27:04 пользователь Patrick Wheeler
> написал:
> > How long does a tor relay/bridge(those are the same thing right?) have to
> > be up and running before it starts being fully utilized?
>
> The difference between bridge and relay is that the list of relays is
> publicly
> available. Bridges also may provide tor traffic obfuscation to fool DPI
> such as
> the setup we have in NixOS now.
>
> > My naive assumption is that starting and stoping the bridge every few
> > seconds would not do anyone any good. So my question how long does it
> need
> > to up for it to be worth while?
>
> It's a matter of both uptime %  and total running time. It takes some time
> for
> your bridge contact info to trickle down to the users, so once you enable
> the
> bridge for the first time, it may take many days for the traffic to pick
> up.
> Occasional server reboot and intermittent outages aren't going to cause any
> problems once your relay is known to the system to be generally available.
>
> If your connection is very erratic and IP changes too often, a good
> alternative is FlashProxy(doesn't require adobe flash):
> https://crypto.stanford.edu/flashproxy/
> https://crypto.stanford.edu/flashproxy/options.html
>
> Currently, FlashProxy is the only reliable way to unblock TOR in Iran.
>
> > On Tue, Jun 11, 2013 at 7:55 AM, <phreedom at yandex.ru> wrote:
> > > В письме от Вторник 11 июня 2013 09:03:13 пользователь Lluís Batlle i
> > > Rossell
> > >
> > > написал:
> > > > On Tue, Jun 11, 2013 at 04:00:28AM +0300, phreedom at yandex.ru wrote:
> > > > > Hi,
> > > > >
> > > > > Helping people in censorship-heavy countries has just gotten even
> > >
> > > easier.
> > >
> > > > > TOR in bridge mode now also runs obfsproxy which helps defeat those
> > >
> > > nasty
> > >
> > > > > DPI boxes in those countries which are actively trying to prevent
> > >
> > > people
> > >
> > > > > from using TOR.
> > > > >
> > > > > There are no known cases of non-exit node operators getting
> attacked
> > > > > by
> > > > > governments. Defeating censorship requires a vast and diverse pool
> of
> > >
> > > IP
> > >
> > > > > addresses, so please consider adding this to your
> configuration.nix on
> > > > > your
> > > > >
> > > > > internet-facing box:
> > > > >   services.tor.relay = {
> > > > >
> > > > >     enable = true;
> > > > >     isBridge = true;
> > > > >     port = 443;
> > > > >
> > > > >   };
> > > > >
> > > > > If you need help with a more complex setup, just ask me.
> > > >
> > > > do you know if it can handle upnp or anything like that?
> > >
> > > No, not yet. You'd need to forward 3 ports: OR(443 in this case), obfs2
> > > and
> > > obfs3 which you can glean from journalctl -u tor. It's better that you
> > > forward
> > > from/to the same port numbers.
> > > _______________________________________________
> > > nix-dev mailing list
> > > nix-dev at lists.science.uu.nl
> > > http://lists.science.uu.nl/mailman/listinfo/nix-dev
>

-- 
Patrick Wheeler
Patrick.John.Wheeler at gmail.com
Patrick.J.Wheeler at rice.edu
Patrick.Wheeler at colorado.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20130612/7b739e1c/attachment.html 