Learn, hack!

URL

http://mirror.fem-net.de/CCC/26C3/mp4/26c3-3554-de-tor_and_censorship_lessons_learned.mp4

File name

26c3-3554-de-tor_and_censorship_lessons_learned.mp4

File size

715.1 MB

MD5

f6d871de569a280fd27d9c3da8e5fe06

SHA1

363fd7a8c32f51eab17cffaf3e643179066e1716

Tor was originally designed as a civil liberties tool for people in the West. But if governments can block connections *to* the Tor network, who cares that it provides great anonymity? A few years ago we started adapting Tor to be more robust in countries like China. We streamlined its network communications to look more like ordinary SSL, and we introduced "bridge relays" that are harder for an attacker to find and block than Tor's public relays. In the aftermath of the Iranian elections in June, and then the late September blockings in China, we've learned a lot about how circumvention tools work in reality for activists in tough situations. I'll give an overview of the Tor architecture, and summarize the variety of people who use it and what security it provides. Then we'll focus on the use of tools like Tor in countries like Iran and China: why anonymity is important for circumvention, why transparency in design and operation is critical for trust, the role of popular media in helping – and harming – the effectiveness of the tools, and tradeoffs between usability and security. After describing Tor's strategy for secure circumvention (what we thought would work), I'll talk about how the arms race actually seems to be going in practice.