Feed on
Posts
Comments
«
»

Tor needs bridge support testers

Aug 1st, 2007 by anonymous

Tor v0.2.0.3-alpha has a new killer feature against blocking which may prove to be extremely cool. It allows you to run as a bridge which can be used by other people who want to connect to the Tor-network.

Those who configure their Tor-clients as Bridges pass traffic between end-users and the Tor-network.

People who can’t get to the Tor-network because the main Tor-network is blocked can connect to a bridge (which hopefully isn’t blocked) and use that to get to a uncencored version of the Internet.

Tor is the adversary

Bridges makes it so much harder to block people from the Tor-network. If your corporation, school, government or anyone else says that

“Tor is bad and privacy is bad and anonymity is bad and we need to turn it all off and we do not want you or your familiy to have access to this technology”

and they block you from connecting to all known Tor-servers then all you have to do is to find someone who is running a bridge and use that to get to the Tor-network. The adversary can just download a complete list of all Tor-servers and block them. It is that much harder for the adversary to figure out that some computer on some ADSL somewhere is a bridge when there is no huge list which includes it.

Official “please test this” story

The official Roger Dingledine story regarding this is:

Hi folks,

The upcoming 0.2.0.3-alpha release has a couple new features from the
blocking-resistance design we’re working on. I’m going to write down more
details about how it works soon, but I wanted to give people a chance
to play with it (and report problems) now that it’ll be out in a release.

For background on the design, see
 https://tor.eff.org/svn/trunk/doc/design…

In short, the new Tor release lets you run a relay that isn’t in the
main directories (known as a bridge), and you can configure your client
by giving it a set of bridge addresses to use as your first hop into
the Tor network and as your source of directory information. There’s no
support in Vidalia for it yet, and the design is still in flux, but here
are some tips to get you started.

(Warning: these instructions are geared for people who are comfortable
editing their torrc and messing around with Tor. If it breaks and
you think it’s a bug, please let me know; if you just fail to get it
working, wait for a few more releases and it’ll be easier. Also, note
that these features alone do not provide very good blocking-resistance;
more features are on the way still.)

Thanks!
–Roger

********* Part one: using a bridge when you’re a client *****

Add these lines to your torrc file:

UseBridges 1
TunnelDirConns 1
Bridge 128.31.0.34:9009 4C17 FB53 2E20 B2A8 AC19 9441 ECD2 B017 7B39 E4B1

You can specify as many Bridge lines as you like, one for each bridge
you’d like to use. You can leave out the key if you don’t know it or
don’t care:

Bridge 128.31.0.34:9009

******** Part two: setting up your own bridge ***********

Configure yourself as if you were a normal Tor server. Make sure to
define a DirPort. Then add this line to your torrc file:

PublishServerDescriptor 0

This makes you into a Tor server that doesn’t advertise on the main
directory authorities. You should tell people your IP address and ORPort
(and optionally your identity fingerprint) and they can write their own
Bridge lines as in “Part one” above.

Optionally, you may want to set

RelayBandwidthRate 50 KB
RelayBandwidthBurst 50 KB

instead of the more traditional BandwidthRate and BandwidthBurst options,
so you can use your bridge as a Tor client too and not get hit by your
own rate limiting.

********Part three: a bridge directory authority *********

For the adventurous, I’m also running a temporary bridge directory
authority. If you want your bridge to publish to this bridge authority,
use these lines in your torrc:

PublishServerDescriptor bridge
dirserver moria1 v1 orport=9001 128.31.0.34:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
dirserver moria2 v1 orport=9002 128.31.0.34:9032 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
dirserver tor26 v1 orport=443 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
dirserver lefkada orport=443 140.247.60.64:80 38D4 F5FC F7B1 0232 28B8 95EA 56ED E7D5 CCDC AF32
dirserver dizum 194.109.206.212:80 7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D D755
dirserver moria5 orport=9005 bridge no-v2 128.31.0.34:9035 F812 FCC1 E3EB E2E8 1C09 E516 E51A F9BF AFE3 3974

The first line specifies to publish to all authorities of type ‘bridge’,
and the last line specifies a new dirserver of type bridge. The others
are just repeating the current dirservers so we don’t lose them when we
define a new one. I promise I’ll have a better interface for this soon. :)

Then clients that use your bridge can add

UpdateBridgesFromAuthority 1

to their torrc, and now even if your IP:port change (for example you’re
on a dynamic IP address), they’ll still be able to find you again.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
  • scuttle
  • SphereIt

Posted in Surveillance, Tor

Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture.
Anti-Spam Image

Powered by WP Hashcash

livelyblog.com | Random blog | Login | Get your own blog | ^^^
anonymous.livelyblog.com/Login