ooni-probe and Tor (Long Version)
Upcoming SlideShare
Loading in...5
×
 

ooni-probe and Tor (Long Version)

on

  • 2,337 views

The long version of the presentation given at the European Parliament in occasion of the EU Hackathon http://www.euhackathon.eu/.

The long version of the presentation given at the European Parliament in occasion of the EU Hackathon http://www.euhackathon.eu/.
Topic are Censorship, Internet Filtering, Tor and ooni-probe.

Statistics

Views

Total Views
2,337
Slideshare-icon Views on SlideShare
2,329
Embed Views
8

Actions

Likes
1
Downloads
29
Comments
0

3 Embeds 8

https://twitter.com 4
http://paper.li 3
http://us-w1.rockmelt.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike LicenseCC Attribution-NonCommercial-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    ooni-probe and Tor (Long Version) ooni-probe and Tor (Long Version) Presentation Transcript

    • OONI-probe Detecting internet filtering for a Free and Transparent InternetTuesday, November 8, 2011
    • Surveillance • Internet filtering is a subset of Surveillance • If they are filtering something, it means that they are surveilling everythingWednesday, November 9, 2011
    • Censorship It’s a distortion of what is in reality the internet. Follows the subjectiveness of the authorities This does not help humanity • Internet filtering is a form of non democratic oppression on people • It allows those in power to subvert reality • FilterNetWednesday, November 9, 2011
    • FilterNet • It’s a distortion of what is in reality the internet. • Follows the subjectiveness of the authorities • This does not help humanityTuesday, November 8, 2011
    • What we are doing? • Help people circumvent censorship (Tor) • Help people speak freely and anonymously (Tor Hidden Services) • Measure Internet filtering in the world (OONI-Probe)Tuesday, November 8, 2011
    • Tor • Tor software downloads are currently blocked from China, Iran, Lebanon, Qatar, etc. • Tor delivers via email, write to gettor@torproject.org and we will send you a client to bootstrap a Tor clientTuesday, November 8, 2011
    • Hidden Services • They allow a server to give access to content anonymously • This means people can publish content even if filtering is in place • No fear of retaliationTuesday, November 8, 2011
    • Tor Hidden Services • am4wuhz3zifexz5u.onion • Anonymity for the Server • DoS protection • End-To-End encryptionTuesday, November 8, 2011
    • How HS work Client Hidden Server IP IP IP RPTuesday, November 8, 2011
    • Existing filter detection tools OpenNet Initiative (rTurtle) Herdict Academic research • Various captive portal software • Windows/iOS/Android/Google Chrome • ONI has a tool called “rTurtle” • ... • Herdict “The verdict of the herd” • ... • Some academic research • GATech and UC Berkeley have the best work • Methodology, tools and data are (usually) closedTuesday, November 8, 2011
    • OONI-probe: Measuring filtering • Open Observatory of Network Interference • Provide a methodology and framework • Make our data and code publicly availableTuesday, November 8, 2011
    • How filtering is performed • Varies by country and agency • Lebanon uses Free Software (squid) • Syria uses commercial software (BlueCoat)Tuesday, November 8, 2011
    • Filtering Techniques Cost Keyword Filtering DNS Filtering IP Filtering Accuracy Source: A Taxonomy of Internet Censorship and AntiCensorship - Princeton UniversityTuesday, November 8, 2011
    • OONI-Probe Risk Levels • The tests that are run by OONI-probe are divided into three categories: • Active/High (High Risk) • Active/Medium (Medium Risk) • Active/Low (Low Risk) • Passive (No Risk)Tuesday, November 8, 2011
    • TTL walking Active/High Active/Low • UDP, TCP, ICMP • Common ports 0, 53, 80, 123, 443 • Compare the result of UDP, TCP with common ports and ICMP tracerouteTuesday, November 8, 2011
    • Keyword injection Active/High • Actively probe for blocking of particular keywords • Connect to unblocked IP address with fake Host HeaderTuesday, November 8, 2011
    • DNS probing Active/High Active/Medium • Compare a good DNS server with a test one • This is used in ItalyTuesday, November 8, 2011
    • HTTP requests Active/Low Passive • Manipulated HTTP requests • HTTP GeT foo.html • Check for altered response/request headers • This is used to detect squidTuesday, November 8, 2011
    • URL lists Active/High • Use URL lists of known blocked sitesTuesday, November 8, 2011
    • TPO in lebannon Network latency Active/Low • Check if the latency is congruent with the destination • A case is LebanonTuesday, November 8, 2011