Tor Project is now highlighting a hidden feature of the Tor Browser that allows users from certain countries to access the Tor network, even if that state is actively blocking access to the Tor relays themselves.
Countries such as China, Iran, Kazakhstan, Uzbekistan, and others, use state-level ISP blocks to prevent Tor Browsers from connecting to Tor relays, the entry point to the Tor network.
The thinking is that if users can’t connect to Tor, they can’t use Tor to sidestep state-level firewalls, and won’t have a means to access “sensitive” content, censored by a country’s ruling regime.
For the Tor network to properly work, the list of Tor relays always needs to be public, which also allows oppressive countries to block the relays any time they wish.
Pluggable Transports hide Tor traffic
Since the practice of state-level Internet censorship has been gaining ground, the Tor Project has published a blog post today, revealing a hidden feature that’s been available in the Tor Browser for years.
Called(PT), these are special tools inside the Tor Browser package that take regular Web traffic and disguise it as innocuous protocols, where authorities rarely look.
These PTs connect to special relays, called PT bridges that relay the Tor traffic to its destination. The Tor Project is asking the community for help, requesting users to host PT bridges as well, not only regular Tor relays.
Currently, the Tor Browser supports four PT types and is working on adding three more.
|Is a transport with the same features as ScrambleSuit but utilizing Dan Bernstein’s elligator2 technique for public key obfuscation, and the ntor protocol for one-way authentication. This results in a faster protocol.||Go||Yawning Angel|
(recommended for Chinese users)
|Is a transport that uses HTTP for carrying bytes and TLS for obfuscation. Traffic is relayed through a third-party server (Google App Engine). It uses a trick to talk to the third party so that it looks like it is talking to an unblocked server.||Go||David Fifield|
|Format-Transforming Encryption (FTE)||It transforms Tor traffic to arbitrary formats using their language descriptions. See the.||Python/C++||Kevin Dyer|
|ScrambleSuit||Is a pluggable transport that protects against follow-up probing attacks and is also capable of changing its network fingerprint (packet length distribution, inter-arrival times, etc.).||Python||Philipp Winter|
|It transforms Tor traffic flows so they look like Skype Video||C++||Ian Goldberg|
|It aims to provide a packet-based (rather than connection-based) DPI-resistant protocol.||Python||Brandon Wiley|