Créer un compteSe connecter

Recherches récentes

Aucune recherche récente

Options de recherche

Disponible uniquement lorsque vous êtes connecté.
mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

589
comptes actifs

mastouille.fr: À proposAnnuaire des profilsPolitique de confidentialité

Mastodon: À proposTélécharger l’applicationRaccourcis clavierVoir le code sourcev4.3.4

#webtunnel

0 message0 participant0 message aujourd’hui
Suite du fil
Public
AS 396507

Just a friendly reminder that @torproject needs more volunteers to run #WebTunnel bridges.

If you're a #fediverse admin, you can safely run a WebTunnel bridge behind your Nginx web server in order to help people access the open internet.

community.torproject.org/relay

community.torproject.orgTor Project | WebTunnel BridgeDefend yourself against tracking and surveillance. Circumvent censorship. | WebTunnel Bridge
#privacy#censorship#anonymity
Public
AS 396507

Recently we upgraded our #Tor #obfs4 bridge relay from Ubuntu 22.04 to 24.04. Unfortunately we missed a permissions issue with obfs4 that changed with the upgrade. This kept Tor in a restart loop and prevented anyone from using the bridges. This has been corrected.

This were the errors:

[warn] Server managed proxy encountered a method error. (obfs4 listen tcp 23.129.64.90:443: bind: permission denied)

[warn] Managed proxy '/usr/bin/obfs4proxy' was spawned successfully, but it didn't launch any pluggable transport listeners!

We also have a #WebTunnel bridge that was not affected since it's on the disobey.net server.

emeraldonion.org/bridges/

emeraldonion.orgBridgesEmerald Onion hosted Tor bridges
Public
Gus

#38c3 #tor We are calling on the Tor community and the Internet freedom community to help us scale up WebTunnel bridges.

If you've ever thought about running a Tor bridge, now is the time.

As a token of our appreciation for your volunteer work, we're offering a Tor t-shirt to operators who run 5 or more #WebTunnel bridges.

blog.torproject.org/call-for-w

blog.torproject.orgTor in Russia: A call for more WebTunnel bridges | Tor ProjectAs the Russian government intensifies its grip on the internet, censorship circumvention tools like Tor are more critical than ever. Here's the latest on Tor censorship in Russia and how you can help by running WebTunnel bridges.
A répondu dans un fil de discussion
Public
Kevin Karhan :verified:

@ActuallyAubrey That depends on the juristiction in question, the plan & provider in question as well as used hardware in question.

  • In case of even remotely suspected #Stalkerware I do recommend to get personally-owned, controlled, secured and hidden hardware to enable unsurveiled comms.

Consider telephony & SMS inherently & unfixably insecure.

  • If in doubt get a new Android with an anonymous prepaid SIM that has affordable data options and use @torproject / #TorBrowser and #Orbot with #TorBridges on ports 80 & 443 which use #meek & #webtunnel transports, so any surveiling party will only see non-suspicious HTTPS traffic.

OFC a maliciously configured CPE/Router can log & report all pachets that travel through, but #DNS & #HTTP or any unencrypted comms are susceptible.

Suite du fil
Public
Tor 中文指南

虽然这是非常技术化的问题,但我们还是希望普通用户能够知晓。

不过话说回来,即使 #WebTunnel 网桥存在这样一个问题,使得它容易被识别和封锁,却不代表它有安全问题。

大家可能都知道 #Tor 浏览器的工作原理:它会在你的设备与目标网站之间建立一道安全连接,这个连接包含三个中继(如图)。第一个叫“守卫节点”,第二个叫“中间节点”,第三个叫“出口节点”。

守卫节点知道你的真实 IP,但不知道目标网站是什么;中间节点既不知道你的真实 IP,也不知道目标网站是什么;出口节点知道目标网站是什么,但不知道你的真实 IP。

如果不使用任何网桥,Tor 会给你随机分配一个守卫节点。如果使用 WebTunnel 网桥,就由 WebTunnel 作为守卫节点。网桥的作用也就在这里,它并不做更多的事。

总之,即使 WebTunnel 存在上述问题,大家也仍然可以放心使用。

Suite du fil
Public
Tor 中文指南

一位网友kishinsagi在Twitter上指出 #WebTunnel 网桥可能容易被识别和封锁:

1. 网桥的TLS Client Hello长度是317字节,而正常浏览器流量的长度是517-650字节。前者相比被普遍认为是正常流量的后者短很多,暴露了Go普遍使用的TLS库不规范的短板。

2. 大多数用于WebTunnel网桥的服务器普遍使用网页服务器程序未配置出现的默认页面(如NGINX),并没有任何伪装,审查机构会认为连接的目的不明,很容易会发现。

一位 #Tor 团队的开发者在Twitter回应:

1. 现在在伊朗已经有了根据Go语言的TLS指纹的封锁。目前考虑的改进方式就是利用uTLS库来伪装客户端的指纹,虽然说还没有时间来具体的实现。根据在V2Ray中的uTLS的选项的效果来看,uTLS确实可以解决在伊朗的对Go语言的ClientHello特征的封锁。

2. 至于伪装网站的内容,目前能从官方的网桥分发平台上得到的代理配置,均可以通过改变自己的IP后枚举来获得,因此反检测水平的短板并不在于伪装网站的内容。如果是私有网桥的话,大概可以由用户自行改进网站的内容。

Public
Tor 中文指南

2024年3月。#Tor 团队正式发布 #WebTunnel 网桥。

3月12日是“世界反对网络审查日”。Tor 团队在这一天正式发布 WebTunnel 网桥。这种网桥特别针对那些网络审查非常严厉的地区(肯定包括中国)。WebTunnel 网桥让你的 Tor 流量看上去像是普通的 https 流量,更不容易被识别和封锁。

使用 WebTunnel 网桥的步骤:

1. 使用普通浏览器访问 bridges.torproject.org/options 在“Advanced Options”部分的下拉菜单里选择 WebTunnel,然后点击“Get Bridges”,填写一串验证码之后,就能得到一个 WebTunnel 地址。

2. Tor 浏览器桌面版添加网桥的位置是:【设置】→【连接】→【网桥】→【添加新网桥】→【手动添加网桥】。复制前面得到的网桥地址,把它完整地粘贴在这里,点击“确认”即可。

3. Tor 浏览器 Android 版添加网桥的位置是:齿轮图标→【设定网桥中继】→【手动输入一个网桥中继地址】。在弹出的窗口里,粘贴上面的网桥地址即可。

bridges.torproject.orgLe Projet Tor | Confidentialité et liberté sur InternetDéfendez-vous contre le suivi à la trace et la surveillance. Contournez la censure.
Public
Redhotcyber

Tor a tutta Privacy! I nuovi bridge WebTunnel sfidano la censura online!

Gli sviluppatori del #progetto #Tor hanno annunciato il lancio di una nuova funzionalità: i bridge #WebTunnel, che funzionano su un #proxy #HTTPT resistente al rilevamento e consentono al traffico Tor di mescolarsi meglio con il normale traffico #HTTPS.

#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

redhotcyber.com/post/tor-a-tut

Red Hot Cyber · Tor a tutta Privacy! I nuovi bridge WebTunnel sfidano la censura online!Scopri l'ultima innovazione del Tor Project: i bridge WebTunnel, progettati per migliorare la privacy online mascherando il traffico Tor come HTTPS.
Public *
Markus Korporal

Der vom @torproject neu entwickelte #WebTunnel lässt den über Tor verschlüsselten Datenverkehr strukturell wie normales, unverdächtiges Surfen im Netz aussehen.

Dadurch eignet sich der WebTunnel gerade für Regionen, in denen das Umgehen von Internetsperren empfindliche Strafen nach sich zieht.
Das sind wirklich gute Nachrichten!

blog.torproject.org/introducin

blog.torproject.orgHiding in plain sight: Introducing WebTunnel | Tor ProjectWe're celebrating the World Day Against Cyber Censorship by officially announcing WebTunnel, a new type of Tor bridge designed to assist users in heavily censored regions to connect to the Tor network. Available now in the stable version of Tor Browser.
Public
Benjamin Carr, Ph.D. 👨🏻‍💻🧬

#Tor’s new #WebTunnel bridges mimic #HTTPS traffic to evade #censorship
WebTunnel is inspired by #HTTPT probe-resistant #proxy, but takes a different approach mimicking HTTPS. Since blocking HTTPS would also block the vast majority of connections to #webservers, the WebTunnel connections will also be permitted, effectively circumventing censorship in network environments with protocol allow lists and deny-by-default policies.
bleepingcomputer.com/news/secu

ExplorerFlux en direct
À propos