The IP address of the Azure server you're connecting to. > How does the selection of the Azure server works ? Randomly ? If i understood > well, domain-fronting servers are supposedly located geographically close to > the origin of the browser request. Could it be that TBB selects an Azure > server that could be hosted in a country considered hostile to the regime of > the Internet user ? If so, couldn't that be compromising ?
In the case of meek-azure the firewall would also see that you supposedly want to connect to "ajax.aspnetcdn.com", which is a common domain used by websites that are hosted on Azure. > What firewall are we talking about ? The one that sits on the Azure server or > the one of the gvt with the DPI ? Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Wednesday, October 3, 2018 1:36 PM, Jonathan Marquardt <m...@parckwart.de> wrote: > On Wed, Oct 03, 2018 at 12:25:52PM +0000, ithor wrote: > > > So a meek request is sent in clear-text. What exact information is given ? > > The exact ip address of the Azure server, its geolocation ? > > The IP address of the Azure server you're connecting to. In the case of > meek-azure the firewall would also see that you supposedly want to connect to > "ajax.aspnetcdn.com", which is a common domain used by websites that are > hosted on Azure. The domain delivers some JavaScript code and whatnot. So you > should just look like a harmless web browser surfing the web on first sight. > > > Could the DPI find out that this is being used for bootstrapping Tor ? > > Perhaps with some clever traffic correlation or timing attacks, but not so > easily. > > To also answer your question from the other mail in the thread: With encrypted > SNI, the firewall couldn't even see the fake destination (ajax.aspnetcdn.com) > your meek client sends. > > This might be interesting in the future, but isn't in use with meek yet. For > more info on that topic, have a look at this thread: > https://lists.torproject.org/pipermail/tor-dev/2018-September/013452.html > > ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3 > https://www.parckwart.de/pgp_key -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
