ooni-probe and Tor (Long Version)
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

ooni-probe and Tor (Long Version)

on

  • 2,411 views

The long version of the presentation given at the European Parliament in occasion of the EU Hackathon http://www.euhackathon.eu/.

The long version of the presentation given at the European Parliament in occasion of the EU Hackathon http://www.euhackathon.eu/.
Topic are Censorship, Internet Filtering, Tor and ooni-probe.

Statistics

Views

Total Views
2,411
Views on SlideShare
2,401
Embed Views
10

Actions

Likes
1
Downloads
31
Comments
0

4 Embeds 10

https://twitter.com 5
http://paper.li 3
http://us-w1.rockmelt.com 1
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

ooni-probe and Tor (Long Version) Presentation Transcript

  • 1. OONI-probe Detecting internet filtering for a Free and Transparent InternetTuesday, November 8, 2011
  • 2. Surveillance • Internet filtering is a subset of Surveillance • If they are filtering something, it means that they are surveilling everythingWednesday, November 9, 2011
  • 3. Censorship It’s a distortion of what is in reality the internet. Follows the subjectiveness of the authorities This does not help humanity • Internet filtering is a form of non democratic oppression on people • It allows those in power to subvert reality • FilterNetWednesday, November 9, 2011
  • 4. FilterNet • It’s a distortion of what is in reality the internet. • Follows the subjectiveness of the authorities • This does not help humanityTuesday, November 8, 2011
  • 5. What we are doing? • Help people circumvent censorship (Tor) • Help people speak freely and anonymously (Tor Hidden Services) • Measure Internet filtering in the world (OONI-Probe)Tuesday, November 8, 2011
  • 6. Tor • Tor software downloads are currently blocked from China, Iran, Lebanon, Qatar, etc. • Tor delivers via email, write to gettor@torproject.org and we will send you a client to bootstrap a Tor clientTuesday, November 8, 2011
  • 7. Hidden Services • They allow a server to give access to content anonymously • This means people can publish content even if filtering is in place • No fear of retaliationTuesday, November 8, 2011
  • 8. Tor Hidden Services • am4wuhz3zifexz5u.onion • Anonymity for the Server • DoS protection • End-To-End encryptionTuesday, November 8, 2011
  • 9. How HS work Client Hidden Server IP IP IP RPTuesday, November 8, 2011
  • 10. Existing filter detection tools OpenNet Initiative (rTurtle) Herdict Academic research • Various captive portal software • Windows/iOS/Android/Google Chrome • ONI has a tool called “rTurtle” • ... • Herdict “The verdict of the herd” • ... • Some academic research • GATech and UC Berkeley have the best work • Methodology, tools and data are (usually) closedTuesday, November 8, 2011
  • 11. OONI-probe: Measuring filtering • Open Observatory of Network Interference • Provide a methodology and framework • Make our data and code publicly availableTuesday, November 8, 2011
  • 12. How filtering is performed • Varies by country and agency • Lebanon uses Free Software (squid) • Syria uses commercial software (BlueCoat)Tuesday, November 8, 2011
  • 13. Filtering Techniques Cost Keyword Filtering DNS Filtering IP Filtering Accuracy Source: A Taxonomy of Internet Censorship and AntiCensorship - Princeton UniversityTuesday, November 8, 2011
  • 14. OONI-Probe Risk Levels • The tests that are run by OONI-probe are divided into three categories: • Active/High (High Risk) • Active/Medium (Medium Risk) • Active/Low (Low Risk) • Passive (No Risk)Tuesday, November 8, 2011
  • 15. TTL walking Active/High Active/Low • UDP, TCP, ICMP • Common ports 0, 53, 80, 123, 443 • Compare the result of UDP, TCP with common ports and ICMP tracerouteTuesday, November 8, 2011
  • 16. Keyword injection Active/High • Actively probe for blocking of particular keywords • Connect to unblocked IP address with fake Host HeaderTuesday, November 8, 2011
  • 17. DNS probing Active/High Active/Medium • Compare a good DNS server with a test one • This is used in ItalyTuesday, November 8, 2011
  • 18. HTTP requests Active/Low Passive • Manipulated HTTP requests • HTTP GeT foo.html • Check for altered response/request headers • This is used to detect squidTuesday, November 8, 2011
  • 19. URL lists Active/High • Use URL lists of known blocked sitesTuesday, November 8, 2011
  • 20. TPO in lebannon Network latency Active/Low • Check if the latency is congruent with the destination • A case is LebanonTuesday, November 8, 2011