Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Google Unveils Tools to Access Web From Repressive Countries | TIME.com

Roger Dingledine arma at mit.edu
Mon Oct 21 22:36:48 PDT 2013


On Mon, Oct 21, 2013 at 10:25:48AM -0700, Yosem Companys wrote:
> The most ambitious product launch is uProxy, a new Web browser
> extension that uses peer-to-peer technology to let people around the
> world provide each other with a trusted Internet connection.

It's a shame that designs like this still blur the line so much between
"censorship-resistant transport" and "proxy back-end."

If these folks have a cool "we use xmpp through google's servers to
reach the proxy" transport, wouldn't it be even better if they publish
that part, in a modular way, so other tools (like vpn providers, or Tor)
can reuse that transport if they want to get its properties?

And in the other direction, if their users want some more security
properties on the proxy side, wouldn't it be better if their volunteers
could choose to glue this transport onto some other back-end (like vpn
providers, or Tor)?

We've been making great progress lately in the academic world at having
researchers split the problem so the transport can focus on being hard to
block and then the proxy side can focus on providing whatever security
properties it wants. In the Tor world we call it pluggable transports,
but the engineers here will recognize the term 'modularity'.

> ?It?s completely encrypted and there?s
> no way for the government to detect what?s happening because it just
> looks like voice traffic or chat traffic.

Can somebody remind me of the State Dept quote, long ago, about
Haystack? That was a different guy though right? And surely this time
they're doing it right, with a comprehensive design document and threat
model, open source, etc before the publicity splash?

To aim for a more productive tone, I'd like to echo what Eric said
but with a crucially different slant: the more *reuable and testable
components*, the merrier. The key is to grow the space in terms of how we
understand what works, what doesn't work anymore (or never did), and what
options we have for making mash-ups of these components. Otherwise it's
just yet another brief flame with its big publicity push, no well-written
code behind it, no change to our understanding of how to solve the
problem / what problems to solve, and no re-usable parts left behind.

--Roger




More information about the liberationtech mailing list