On Wed, 03 Oct 2018 08:41:29 +0000, ithor wrote: ... > So would there be a way to (pen-?)test a private obfs4 bridge as being non > blacklisted and actually usable without really trying to connect to it and > alarming my ISP and DPI the like ?
Obviously not. To test that you need to try to connect to it and consequently risk running into a block. For the paranoid: The firewall operator might just as well just log who is using known brigde (incl. obfs4) addresses but letting the connections pass to just see who is using tor. > This seems like an overlooked security and privacy issue with a lot of > possible consequences. It's not as much overlooked but almost impossible to avoid. The only is/was domain fronting on a cloud provider and might be encrypted SNI once that itself is widely deployed - only then do you look the same as regular internet users. On the other hand, the question is whether using tor itself is outlawed or raising suspicion in your country. > Same thing for the entry-nodes. How can I know for sure the randomly selected > one isn't rune by some gvt trol ? By knowing and trusting the operator. That's the reason tor stopped swapping entry nodes around - the fewer you use the lower the risk. Also, geographic selection: Depending on the country of the relay, trolls are unlikely to report to your gvt. - Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds <torvalds@*.org> Date: Fri, 22 Jan 2010 07:29:21 -0800 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk