TOR browser

General philosophy message board for Discussion and debate on other philosophical issues not directly related to veganism. Metaphysics, religion, theist vs. atheist debates, politics, general science discussion, etc.
teo123
Senior Member
Posts: 498
Joined: Tue Oct 27, 2015 3:46 pm
Religion: None (Atheist)
Diet: Vegan

Re: TOR browser

Post by teo123 » Fri Aug 02, 2019 3:23 am

brimstoneSalad wrote:Media has been pretty critical of the impractical and overly-politicized nature of the Green New Deal.
Well, my impression is that both most Democrats and most Republicans support the Green New Deal, because they haven't heard what's in it (for the same reason many people support Ken Ham's Young-Earth-Creationism, they don't know Ken Ham claims the measurements of the parallaxes of the stars have been faked).
brimstoneSalad wrote:I'm not going to search all of them, but it's a pretty mixed bag that at least *generally* leans in the direction of the science.
Exactly. There are also a few articles on Fox News that acknowledge global warming, and quite a few that deny it.
brimstoneSalad wrote:That's a pretty big barrier when you have trouble accessing the how to.
Well, it will take a few hours of trial-and-error.
Of course, it all depends how much time you are willing to put into it. Somebody who only has access to a computer running Windows 98SE, but is willing to spend months to get Tor running on it, can modify the Rust and Go compilers to run on Windows 98SE (the source code for them is available on GitHub), and then modify the Tor browser to run on Windows 98SE.
Also, the ISP servers are, of course, full of bugs, and somebody who is willing to spend months researching it will probably find a way to remotely block SNI fitering on them for their IP address. There is a high risk you will get detected, though.
brimstoneSalad wrote:The phones in these countries may also be running special software courtesy the government regulations there.
Doesn't it seem to you by orders of magnitude more likely that NSA knows which programs the US citizens have on their mobile phones, than that the Chinese government knows which programs the Chinese people have on their mobile phones? I mean, the version of Android installed on Chinese mobile phones is exactly one that's hosted on GitHub, the version of Android installed on our mobile phones is modified to constantly send some data to Google servers.

teo123
Senior Member
Posts: 498
Joined: Tue Oct 27, 2015 3:46 pm
Religion: None (Atheist)
Diet: Vegan

Post by teo123 » Sun Aug 04, 2019 2:13 pm

Perhaps one interesting statistics is this:
https://www.hrw.org/reports/2006/china0806/3.htm#_Toc142395820 wrote: Roger Dingledine, creator of Tor, reports that “some tens of thousands” of people appear to be using Tor from China on a weekly basis.
(...)
According to a 2000 Chinese Academy of Social Sciences (CASS) survey of Internet use in five Chinese cities, 10 percent of users surveyed admitted to regularly using, and 25 percent to occasionally using, proxy servers to circumvent censorship. A 2005 CASS Internet user survey, asking the same question, received the following response: “never”: 71.2 percent; “seldom”: 19.7 percent; “sometimes”: 5.9 percent; “often”: 2.5 percent; “frequently”: 0.6 percent.
Well, that claim about Tor usage in China seems rather plausible: when you check the statistics, you nearly always see between 3'000 and 5'000 users connected to Tor from within China at this very moment. It's as if the Tor usage remained constant over the years.
Anyway, those statistics strongly suggest the Chinese are simply using something other than Tor to circumvent censorship, right?
I don't know what is meant by proxy servers there. As far as I know, proxy servers don't necessarily cipher the data (triggering keyword filtering), nor do they attempt to hide the fact they are indeed proxy servers. The only things that work against Internet censorship are ones that hide that they are exactly that, either by making themselves look like random noise, or by making it look like you are browsing some particular innocent website. Things that make it look like you are, for example, doing a Skype call or connecting to some unspecified website, are, counter-intuitively, trivial to detect, as well as anything that doesn't implement immunity against active probing (by not responding with anything if somebody who doesn't know the key connects to it).

Anyway, I am lucky to live in Croatia, so I don't have to worry neither about NSA spying on me, nor about the Great Firewall.

User avatar
brimstoneSalad
neither stone nor salad
Posts: 9494
Joined: Wed May 28, 2014 9:20 am
Religion: None (Atheist)
Diet: Vegan

Post by brimstoneSalad » Wed Aug 14, 2019 12:06 am

teo123 wrote:
Fri Aug 02, 2019 3:23 am
Doesn't it seem to you by orders of magnitude more likely that NSA knows which programs the US citizens have on their mobile phones
My perception of the U.S. government is general incompetence and partisan drama that prevents much from being done. Very different from China. You may have a different perception.

I don't think China has been trying very hard to stop even simple proxies. They care more about dissidents than people viewing porn. Speculation: Perhaps they allow this obvious and non-encrypted traffic to blocked sites through simple proxies to provide a false sense of security for dissidents, so that they can still track them if necessary. Also, it's easier to implement.

Anyway, this is all wild speculation at this point, so I'll leave it at that. Interesting conversation.

teo123
Senior Member
Posts: 498
Joined: Tue Oct 27, 2015 3:46 pm
Religion: None (Atheist)
Diet: Vegan

Post by teo123 » Sun Aug 18, 2019 5:49 am

brimstoneSalad wrote:
Wed Aug 14, 2019 12:06 am
teo123 wrote:
Fri Aug 02, 2019 3:23 am
Doesn't it seem to you by orders of magnitude more likely that NSA knows which programs the US citizens have on their mobile phones
My perception of the U.S. government is general incompetence and partisan drama that prevents much from being done. Very different from China. You may have a different perception.

I don't think China has been trying very hard to stop even simple proxies. They care more about dissidents than people viewing porn. Speculation: Perhaps they allow this obvious and non-encrypted traffic to blocked sites through simple proxies to provide a false sense of security for dissidents, so that they can still track them if necessary. Also, it's easier to implement.

Anyway, this is all wild speculation at this point, so I'll leave it at that. Interesting conversation.
As far as I understand, Chinese Internet censorship is there primarily so that Tecnet and Baidu have more users for their services. They want to limit the efectiveness of Viber, WhatsApp, FaceBook messenger and so on, so that Tecnet's WeChat has more users, and therefore more revenue. And if it doesn't make it more and more difficult over time for proxy servers and similar stuff to be used to use Viber, WhatsApp and FaceBook, those apps are going to start using proxy servers by default (like Telegram did in Russia). It's basically the same nonsense anti-globalization beliefs Donald Trump preaches, and which Croatian economics textbooks teach, just put in action.
Does China do that to spy on its citizens? Well, I seriously doubt it. While WeChat doesn't implement proper end-to-end encryption, it's important to note that Viber and WhatsApp, in most cases, don't either (yet they make the user think they do). Also, any such modern app is way more secure than SMS is. It's possible for a modern computer to decypher an SMS just by intercepting it in the air, without knowing the key. To feasibly decypher a WeChat message, one needs to know the key stored on the Tecnet's server, and the same goes, unless the end-to-end encryption is activated (and it's possible only if the users happen to have the same version of the app, and some other conditions need to be met), for Viber and WhatsApp. So, if the Chinese government wants it to be easy to spy on the messages of its citizens, why doesn't it force people to use SMS?
Implementing a proper end-to-end encryption might, as far as I understand, even make things worse, because there are other problems to be solved. First, nobody would be able to read the old messages if the mobile phone is broken and the user gets a new one. Second, there is a problem with identification here. How can you know the mobile phone you have established an end-to-end encryption to is the mobile phone you think it is? You can't use HTTPS certificates on millions of mobile phones. Sending an SMS with a code every time a connection is established really isn't a solution either.
The way to actually ensure nobody except the person you want can read your messages is to use something like Firefox Send, where the files are cyphered by an open-source program on your computer in a way that the server the file is uploaded to can't decypher it. It's inconvenient because you need to send the secret key to that person by some other means, and because the file gets deleted as soon as it's downloaded, but that's the price of security.
Does the Chinese government believe it prevents political dissidents and criminals? Well, it probably does, but I am certain that's wrong. Look, criminals don't care about speed and convenience. They are going to use TOR, or some even more secure and less convenient tool. And banning people from social networks for expressing unacceptable opinions is simply pushing those people into darker corners of the Internet where they don't hear counter-arguments.
Chinese government, wanting it to be possible for their informatic firms to operate, doesn't want to do collateral damage. That's why it hasn't blocked GitHub, despite it not banning people for expressing politically incorrect opinions, because its firms are relying on it. And that's why it blocks TOR relays (if you try to send some data to an IP of a publicly known TOR relay, there is no other explanation for that than that you are connecting to TOR), TOR bridges using flawed protocols (obfs3 is easy to detect by your server establishing a connection to it, and FTE is, if you know what to look for, even easier to detect than unmasked TOR traffic), but it doesn't block suspected obfs4 bridges (since it's hard to confirm that it's actually a TOR bridge, and blocking all suspected obfs4 bridges would interfere with all connections in unknown protocols) or meek bridges (since it's hard to reliably distinguish between somebody using the business-critical services hosted on Microsoft Azure and somebody using meek-azure, and you can't really do much with meek since it's slow and adds a lot of bandwidth).
One of the things that have really struck me while studying Chinese Internet is that Baidu Baike has quite a long article about the Great Leap Forward Famine and a relatively long article about TOR, while Zhihu even contains instructions on how to set up TOR. It makes me wonder if the Chinese government actually cares about restricting freedom of speech.

Post Reply

Who is online

Users browsing this forum: No registered users and 36 guests