DEF CON 30 - Roger Dingledine - How Russia is trying to block Tor

DEFCONConference
DEFCONConference
63,621
0
Published 2022-10-20
In December 2021, some ISPs in Russia started blocking Tor's website,
along with protocol-level (DPI) and network-level (IP address) blocking to
try to make it harder for people in Russia to reach the Tor network. Some
months later, we're now at a steady-state where they are trying to find
new IP addresses to block and we're rotating IP addresses to keep up.

In this talk I'll walk through what steps the Russian censors have taken,
and how we reverse engineered their attempts and changed our strategies
and our software. Then we'll discuss where the arms race goes from here,
what new techniques the anti-censorship world needs if we're going to
stay ahead of future attacks, and what it means for the world that more
and more countries are turning to network-level blocking as the solution
to their political problems.
All Comments (21)
  • @csvscs
    Legendary and thankless work!
  • @DoingFedTime
    This was a great talk, that's my bald head at the bottom left of the podium.
  • @eyadkourdi2325
    I love how he talked at the start about Syria blocking TLS, a Syrian previous media activist, used TOR all through 2011 and 2012, got arrested by the Syrian regime intelligence and all what they accused me of is "having suspicious internet activities" but then I got released, I do remember emailing the TOR project for a specific question (I wanted a port forwarding recommendation for live streams using my android phone to stream a protest) and they were very very helpful and literally kept talking to me not just about this question, but also giving my tips specifically for my case use of TOR, can't that you enough guys! and please consider to run a node if u can it helps ppl (and don't use bridges if u don't need to please!)
  • @uis246
    Do you remember that Futurama episode where Hermes contested document based on wrong number of stamps? Basically that's what happened in Russia.
  • @terragame5836
    41:22 - "I think Russia has already blocked Facebook, but next it's gonna be, like, Linkedin" - nope, it's blocked already, in fact. Had been even earlier than Facebook, if I recall correctly
  • @billyblackburn864
    i tried to start reading through the tor docs, boy is it thorough, I dont know if I'll ever be able to fully grasp it
  • @Matthias53787
    What is the SALMON / LOX stuff he mentioned about decentralized trust / reputation? I can't find anything about it online.
  • @goldnutter412
    30:25 uncertainty is certain We might be about to get occupied, max uncertainty in the people with something to lose ? some subset of people in the moment need to do something. Move some Bitcoin out of the country ? send a message about relocation ? not willing to hang around. Clear to everyone shit is not going to be good. Whatever it was, significant change of some sort was the only priority for this subset of people and their circumstances. Relatively small group, other countries would have drastically different stats.. some would see sustained and perhaps S curve adoption, civil war possibilities etc etc Fascinating, amazing presentation
  • @Waitwhat469
    mTLS should be considered for the bridges, then maybe you can give out keys instead of just addresses, if a good key isn't provided, just ignore it and give a different webpage.
  • @austinmurphy9074
    Maybe TOR use spiked in Ukraine during the Russian invasion because Russian military uses TOR in some of their application/devices?
  • @kevincameron192
    This dude has the exact cadence of Jeff Goldblum 👌
  • @RomanDvoryadkin
    One of the reason of huge spike in Tor connections from Ukraine during first weeks of the russian invasion, that many hacktivists uses Tor for DDoS of the russian propaganda sites, financial and logistic infrastructure. But usage of Tor turned out to be ineffective, so different measures were taken later.
  • @haudiweg
    Does snowflake works for ipv6 only? Ipv4 cg-nat