Silk Road forums
Discussion => Security => Topic started by: fake on August 28, 2013, 10:29 pm
-
is Obfsproxy better that the regular Tor?
is this updated like Tor or less?
-
its updated at the same time. use it if u dont want your isp to DPI your data stream, though they can still see your connected to tor by the entry guard ip if you dont use a vpn.
-
Obfsproxy is a protocol that only bridges use, and only a subset of them, so there are no entry guards involved. By using obfsproxy, you are ostensibly already hiding your Tor use because you are using a bridge. Well, you are hiding it from IP address scanners, but the connection can still be DPIed, which is what obfsproxy is for.
You have to manually select obfs2 or obfs3 bridges from the BridgeDB (https://bridges.torproject.org) to use obfsproxy. You also need a special browser bundle:
https://www.torproject.org/docs/pluggable-transports.html.en#download
-
Say if one were using public obfs2/obfs3 bridges, how well would would that really protect you from your ISP seeing your Tor usage?
-
Say if one were using public obfs2/obfs3 bridges, how well would would that really protect you from your ISP seeing your Tor usage?
It depends on which situation you're in:
1. If your ISP is looking for Tor traffic, obsf bridges look less Tor-ish than regular Tor does. So you'd be much less likely to match whatever profile they were using to find Tor traffic.
2. If your ISP is looking at *you*, and *your* traffic specifically, and they're smart, they're not going to look at it and say, "Oh, it's just normal traffic, nothing weird about that". But at that point, you have bigger problems. That may be the one situation where I actually like a VPN. If you distrust your ISP more than you distrust your VPN provider, I mean.
-
Obfsproxy is a protocol that only bridges use, and only a subset of them, so there are no entry guards involved. By using obfsproxy, you are ostensibly already hiding your Tor use because you are using a bridge. Well, you are hiding it from IP address scanners, but the connection can still be DPIed, which is what obfsproxy is for.
You have to manually select obfs2 or obfs3 bridges from the BridgeDB (https://bridges.torproject.org) to use obfsproxy. You also need a special browser bundle:
https://www.torproject.org/docs/pluggable-transports.html.en#download
what do u mean, a bridge is just a manually selected entry guard (1st node in the 3 hop proxy).
-
2. If your ISP is looking at *you*, and *your* traffic specifically, and they're smart, they're not going to look at it and say, "Oh, it's just normal traffic, nothing weird about that".
How would u know that? if they could detect obfsproxy traffic as being tor then there would be no point to using obfsproxy.
-
Say if one were using public obfs2/obfs3 bridges, how well would would that really protect you from your ISP seeing your Tor usage?
The Chinese government already cracked obfs2. They can DPI it. They also enumerated all bridge IP addresses a couple of years ago. The Tor Project should be doing a better job of dividing the BridgeDB buckets and detecting mass enumeration attempts, but it's possible the NSA or other intelligence agencies could have enumerated them. OTOH, the churn might be high enough to supply a decent pool of IP addresses at any one time. So far there is no documented evidence that anyone can DPI obfs3.
The answer to your question is that nobody knows for sure, but using an obscure VPN provider in combination with obfs3 bridges is your best option for membership concealment in the Tor network.