Signal's TLS Proxy Failed to Be Probing Resistant

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
hardware-buttons scrape-images linkedin-bot

Scout Monitoring - Free Django app performance insights with Scout Monitoring
Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
www.scoutapm.com
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • bbs

    Forum for discussing Internet censorship circumvention

  • Scout Monitoring

    Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

    Scout Monitoring logo

  • obfs4

    The obfourscator (Courtesy mirror)

    • While the authors of the most definitely didn't handle this well, I'd argue it's a pretty severe weakness and the tool shouldn't have been released in this state. Active probing has been observed in the wild [1] and pretty much all tooling in the space handles it in their threat model [2], so its naive to not consider it.

    I get why the signal team wanted something to use HTTPS, even networks with completely insane firewalls accept it and they get to reuse existing domain fronting code, but existing tools continues to viable in Iran and would have made much more sense in the circumstances.

    [1] https://blog.torproject.org/learning-more-about-gfws-active-...

    [2] https://github.com/Yawning/obfs4/blob/master/doc/obfs4-spec....

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Fingerprinting VPNs with Custom Router Firmware [pdf]

    1 project | news.ycombinator.com | 10 Jun 2024

  • Many Popular Censorship Circumvention Tools Deleted or Archived Since Nov 2023

    1 project | news.ycombinator.com | 16 Mar 2024

  • Many Popular Censorship Circumvention Tools Deleted or Archived Since 12/2023

    1 project | news.ycombinator.com | 13 Jan 2024

  • Fastly announces plans to block domain fronting in February 2024

    1 project | /r/blueteamsec | 25 Nov 2023

  • Many Popular Censorship Circumvention Tools Deleted or Archived since November 2, 2023

    1 project | /r/privacy | 23 Nov 2023