![]() But its efforts were full of legal and practical holes. ![]() In 2010, the Federal Communications Commission (FCC) attempted to combat these threats with a set of Open Internet rules. It's a principle that's faced many threats over the years, such as ISPs forging packets to tamper with certain kinds of traffic or slowing down or even outright blocking protocols or applications. The fix was to simply write a larger expiration time on the certificates, so our certs have more plausible expiry times.Network neutrality-the idea that Internet service providers (ISPs) should treat all data that travels over their networks fairly, without improper discrimination in favor of particular apps, sites or services-is a principle that must be upheld to protect the future of our open Internet. In this case, the characteristic of Tor's SSL handshake they looked at was the expiry time for our SSL session certificates: we rotate the session certificates every two hours, whereas normal SSL certificates you get from a certificate authority typically last a year or more. How did the filter work technically? Tor tries to make its traffic look like a web browser talking to an https web server, but if you look carefully enough you can tell some differences. Fortunately, the fix is on the relay side: that means once enough relays and bridges upgrade, the many tens of thousands of Tor users in Iran will resume being able to reach the Tor network, without needing to change their software. Thanks to help from a variety of friends around the world, we quickly discovered how they were blocking it and released a new version of Tor that isn't blocked. Yesterday morning (in our timezones - that evening, in Iran), Iran added a filter rule to their border routers that recognized Tor traffic and blocked it. On September 14th, the TOR project changed its code so that it wasn't blocked anymore. On September 13th, the Iranian government began blocking The Onion Router (TOR), a system for evading network censorship. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |