Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Researchers Debut Proxy-Less Anonymity Service

CmdrTaco posted more than 3 years ago | from the you-can't-see-me dept.

Privacy 116

Trailrunner7 writes "As state-level censorship continues to grow in various countries around the globe in response to political dissent and social change, researchers have begun looking for news ways to help Web users get around these restrictions. Now, a group of university researchers has developed an experimental system called Telex that replaces the typical proxy architecture with a scheme that hides the fact that the users are even trying to communicate at all."

cancel ×

116 comments

Sorry! There are no comments related to the filter you selected.

Subject-Verb Agreement (1, Funny)

jdpars (1480913) | more than 3 years ago | (#36800470)

"users is" I'll let you guys figure it out for yourselves.

Re:Subject-Verb Agreement (1)

just_another_sean (919159) | more than 3 years ago | (#36800494)

"news ways" too. The typos are straight from TFA though.

Re:then.!! (1)

kakarote (2294232) | more than 3 years ago | (#36800862)

so what somebody also ask for converting your message to 5-bit code hole-punched into paper tape?

Re:anjaana-anjaani (1)

michiko (2270072) | more than 3 years ago | (#36800886)

dhimi-dhimi chalne lagi hain ab hawayen,, dhimi-dhimi khulne lagi hain aaj rahein,......... hai rakt hai rakt hai rakt hai.. tu hai to har lamha khoobsurat hai

Re:anjaana-anjaani (2)

cvtan (752695) | more than 3 years ago | (#36801376)

Worst punctuation I've ever seen.

Re:Subject-Verb Agreement (4, Funny)

davidbrit2 (775091) | more than 3 years ago | (#36800550)

They are practicing hiding the fact that they're trying to communicate. Almost had me fooled, too.

Re:Subject-Verb Agreement (1)

X0563511 (793323) | more than 3 years ago | (#36800662)

It's a quote. You are not obligated to correct it, and if you do, you must signify that you've done so.

Re:Subject-Verb Agreement (2, Informative)

geminidomino (614729) | more than 3 years ago | (#36800790)

That is why the [sic] notation exists, though, to make sure your pedantic readers know that it wasn't your screw-up.

Re:Subject-Verb Agreement (0)

robot_love (1089921) | more than 3 years ago | (#36802048)

Can I just do this to completely abdicate responsibility for my own grammar?

[sic]The following words are grammatically and syntactically flawless[/sic]

Re:Subject-Verb Agreement (0, Flamebait)

Paracelcus (151056) | more than 3 years ago | (#36802378)

These grammar Nazis all really wanted to be secretaries, so they could sit on the bosses lap and play with his Dictaphone!

Um. excuse me? (5, Insightful)

countertrolling (1585477) | more than 3 years ago | (#36800482)

The key innovation in Telex is that it uses "stations" installed at ISPs to recognize and reroute specially tagged requests from clients trying to reach censored sites.

Oh, right... We can fully expect our friendly ISPs to go along with this nice, convenient fully centralized 'service'... Pleeeze

Re:Um. excuse me? (1)

UnresolvedExternal (665288) | more than 3 years ago | (#36800534)

My thoughts exactly - doesn't seem like this one will fly...

Re:Um. excuse me? (4, Insightful)

mlts (1038732) | more than 3 years ago | (#36800696)

Even if they went along with this "service", all it takes is one of the Four Horsemen of the Infoclypse (as Tim May put it) to rear their ugly heads through the connection, and the ISP will either stop running the station, or make sure they have thorough logging.

Re:Um. excuse me? (5, Interesting)

gerddie (173963) | more than 3 years ago | (#36801052)

After reading TFA: They do not assume that your ISP has this "station", only some ISP. You tag your https request to some unblocked site by using public key code encryption to indicate that you want a secure anonymous connection. When your request packages are routed you might hit a router from an ISP who runs such a "station". This router may identify the tag and and if so, the "station" answers the request by setting up an encrypted between itself and the user (you) who can then use it like a proxy. In other words - the headline is wrong, because you still use a proxy, the only difference is that the IP of the doesn't need to be publicly known. Instead, you need to know the public key of a (group of) station(s) and hope that the traffic gets routes to pass through one of these.

Re:Um. excuse me? (1)

mlts (1038732) | more than 3 years ago | (#36801840)

True, but the traffic has to come from somewhere outgoing, and pretty much the ISP will be in hot water unless they have some address to cough up, be it a node previous in the chain, or an actual person. Same problem happens with TOR exit nodes, which is why there are so relatively few of them.

Re:Um. excuse me? (1)

njvack (646524) | more than 3 years ago | (#36801162)

Even if they went along with this "service", all it takes is one of the Four Horsemen of the Infoclypse

From what I've seen, two ponies and a small dog would probably be enough.

Re:Um. excuse me? (1, Funny)

PvtVoid (1252388) | more than 3 years ago | (#36801558)

Four Horsemen of the Infoclypse (as Tim May put it)

The 90's called: they want their paranoid meme back.

Re:Um. excuse me? (1)

Ed_Pinkley (881113) | more than 3 years ago | (#36802148)

Re:Um. excuse me? (0)

Anonymous Coward | more than 3 years ago | (#36800834)

The function of the "station" sounds strangely similar to the function of a proxy.

Re:Um. excuse me? (1)

Deadplant (212273) | more than 3 years ago | (#36802436)

yes, it *is* a proxy.
The innovation is the method of disguising the fact they you are using a proxy and removing the need for the user to manage access to the proxy.

Re:Um. excuse me? (1)

Kamiza Ikioi (893310) | more than 3 years ago | (#36801182)

What's the freaking point of all this just to avoid using proxy? At least you can mask the purpose of a proxy. This is advertising only 1 purpose.

Re:Um. excuse me? (1)

1s44c (552956) | more than 3 years ago | (#36802312)

Oh, right... We can fully expect our friendly ISPs to go along with this nice, convenient fully centralized 'service'... Pleeeze

Worse than that, the ISPs would have to perform deep packet analysis and attempt decryption on every HTTPS connection going though their core routers. Any design that depends on increasing CPU load on core routers by at least an order of magnitude just isn't going to work.

Also the system relies on ISPs, many of them, keeping the magic private key secret from whoever the censor is. That's much too risky to bet your freedom on.

Re:Um. excuse me? (1)

GameboyRMH (1153867) | more than 3 years ago | (#36802316)

They even put this punchline on their website:

The main idea behind Telex is to place anticensorship technology into the Internet's core network infrastructure, through cooperation from large ISPs.

BWAHAHAHA!

Re:Um. excuse me? (1)

1s44c (552956) | more than 3 years ago | (#36802390)

They even put this punchline on their website:

The main idea behind Telex is to place anticensorship technology into the Internet's core network infrastructure, through cooperation from large ISPs.

BWAHAHAHA!

... though massive expenditure on new equipment by large ISPs ...

BWAHAHAHA Indeed, this can't work.

Bad assumption (4, Interesting)

Anonymous Coward | more than 3 years ago | (#36800506)

The bad assumption is that government controlled ISPs in said censored nations won't make their own Telex nodes and just intercept traffic before it reaches the web at large. The really bad assumption is that other ISPs between the end user and the fake destination will have Telex nodes to do the dirty work. This method seems to be screaming MITM me.

Re:Bad assumption (5, Interesting)

mmmmbeer (107215) | more than 3 years ago | (#36800888)

I don't think just any node could interpret the message. It would be built specifically for the node they are using. It also doesn't imply anything about not using other security. The telex message could be (and probably should be) an encrypted communication, so the telex node would just know where it's going, not what it means.

Basically, all this does is allow any website to act as a proxy without being obvious that they're a proxy. It's an interesting idea, but I don't think it has any chance of working. Governments will identify possible nodes through either technological means or just good old "social engineering" (snitches) and simply shut off all access to those sites. Or they'll take it a step further and restrict all sites except for a whitelist.

Re:Bad assumption (1)

b0bby (201198) | more than 3 years ago | (#36800940)

That was my first thought too, but I think the fact that they use https connections to real websites, and that the boxes use a private key, should mean that the government box wouldn't work unless they got access to the private key. I'm still not sure if it would work well in practice, but at least this aspect shouldn't be a problem.

Re:Bad assumption (1)

Amouth (879122) | more than 3 years ago | (#36802286)

or they could be like most governments and have a trusted signing CA and just be a MITM for the SSL traffic.

Re:Bad assumption (2)

punit_r (1080185) | more than 3 years ago | (#36801104)

A different way to look at the assumption is, the guys who will be making and maintaining "telex" nodes will not sell them to any Government or ISP that censors the internet.

And the telex client software will change the public keys used to sign the encrypted requests periodically via some update mechanism. This will ensure that ISPs that had claimed to be anti-censorship earlier to get hold of telex boxes with private keys can not turn on their censor filters later and use the old telex boxes to intercept traffic.

Re:Bad assumption (1)

SEWilco (27983) | more than 3 years ago | (#36802318)

A different way to look at the assumption is, the guys who will be making and maintaining "telex" nodes will not sell them to any Government or ISP that censors the internet.

So I can't make a telex node -- some other guy has to do it? And if I can make a telex node, my unfavoritest governments can make thousands of them.

Re:Bad assumption (1)

hoggoth (414195) | more than 3 years ago | (#36802508)

> the guys who will be making and maintaining "telex" nodes will not sell them to any Government or ISP that censors the internet.

That won't work unless they also make it against their Usage Policy for totalitarian governments to use a third-party to purchase a "telex" node. Then it will be safe.

Re:Bad assumption (1)

undecim (1237470) | more than 3 years ago | (#36801596)

The idea is that the ISP providing the service is in a friendly country that hates censorship. They can connect to any website that goes through that ISP to use the Telex service.

"Telex" is old and still around. (2)

grub (11606) | more than 3 years ago | (#36800508)


I remember Telex ads from when I was a kid. Lo and behold, Telex is actually still around. [wikipedia.org]

Re:"Telex" is old and still around. (1)

Nethead (1563) | more than 3 years ago | (#36800644)

Yep, the old 910 NPA.

Re:"Telex" is old and still around. (1)

grub (11606) | more than 3 years ago | (#36800710)


Funny, the Wikipedia article also mentions TOR (Telex-on-Radio in this case).

Re:"Telex" is old and still around. (1)

Matheus (586080) | more than 3 years ago | (#36800650)

That and my first Windows-based dial-up client was called Telex. Trademark Infringement? ;-)

Re:"Telex" is old and still around. (1)

Matheus (586080) | more than 3 years ago | (#36800698)

Mod myself as parent down... My first *DOS*-based Dial-Up client. DOH!

Re:"Telex" is old and still around. (1)

vlm (69642) | more than 3 years ago | (#36800702)

That and my first Windows-based dial-up client was called Telex. Trademark Infringement? ;-)

No, it was probably called Telix

http://en.wikipedia.org/wiki/Telix [wikipedia.org]

If I recall correctly, its primary claim to fame in the 80s was having both a decent zmodem download client built in, and zmodem autostart. Also I liked its phonebook menu, which neatly held all the BBSes I called. And it had a nice redialer.

It was pretty much the ideal terminal program in the pre-windows era.

Procomm was about as good, and had a nicer scripting language, but they wanted a huge amount of money for it.

Re:"Telex" is old and still around. (1)

Nethead (1563) | more than 3 years ago | (#36801312)

Which the unix program minicom is closely based upon.

Re:"Telex" is old and still around. (0)

Anonymous Coward | more than 3 years ago | (#36801564)

Did you guys ever use Terminate? Aside from having an awesome name it supported ANSI Music :D

Re:"Telex" is old and still around. (0)

Anonymous Coward | more than 3 years ago | (#36801496)

It had the BEST autodialer/redialer.
I could make it call the bbs that ripped me off. Ring once. And hangup. Repeat in 7 seconds just after their modem went back on hook.
And let it run for 2 weeks till they gave me what i paid for.

Hey i was 12... It was my first denial of service attack.

Re:"Telex" is old and still around. (1)

Hartree (191324) | more than 3 years ago | (#36800794)

Digging down into the links on the discussion page of that article:

Apparently in some countries Telex has a legal status that other communications don't neccesarily have. I'm guessing it's been judged to be evidence of a contract since it is reasonably well authenticated.

eg: "We sent you a Telex ordering N tons of commodity Y by date X and received a confirmation from you." would be admissible in court as a signed contract.

Obama: Americans back me on debt deal (-1)

Anonymous Coward | more than 3 years ago | (#36800532)

President Obama on Friday pointed to polls to argue that his proposal of a "balanced approach" on a debt deal - one that includes revenue increases as well as spending cuts - is what the American people want.

"My Republican friends have said that they're not willing to do revenues, and they have repeated that on several occasions," he told reporters at a news conference at the White House. "My hope, though, is that they're listening not just to lobbyists or special interests here in Washington, but they're also listening to the American people. Because it turns out, poll after poll, many done by your organizations, show that it's not just Democrats who think we need to take a balanced approach, it's Republicans as well."

A Gallup poll released Wednesday found that only 20 percent of Americans support a deal that only includes spending cuts, something Republicans have insisted on. Another 30 percent wanted a deal that was "mostly" spending cuts, and 32 percent wanted a deal split equally between spending cuts and tax increases. Eleven percent favored a deal that was mostly or all tax increases.

"The clear majority of Republican voters think that any deficit reduction package should have a balanced approach and should include some revenues," Mr. Obama said. "That's not just Democrats. That's the majority of Republicans." (That Gallup poll found that only one in four Republicans favor a deal that is only spending cuts.)

Re:Obama: Americans back me on debt deal (0)

captain_dope_pants (842414) | more than 3 years ago | (#36800560)

Shut up. (Yes, I know it's troll food).

Yeah (0)

Anonymous Coward | more than 3 years ago | (#36800552)

"The key innovation in Telex is that it uses "stations" installed at ISPs to recognize and reroute specially tagged requests from clients trying to reach censored sites. "

I can totally see how this will not work - at all.

i stopped reading after that (1)

decora (1710862) | more than 3 years ago | (#36800656)

although i am probably missing something.... but uhm. relying on your ISP to shield you from this stuff seems pointless.

Re:i stopped reading after that (1)

dave420 (699308) | more than 3 years ago | (#36801282)

You don't. You rely on one ISP between your dodgy ISP and the censored site you actually want to visit. If there's a friendly ISP on the route, you'll get your traffic diverted to the desired server, and if not, you'll get the traffic you actually requested (which is unblocked by the censoring government).

Re:Yeah (0)

Anonymous Coward | more than 3 years ago | (#36800722)

I read the story expecting to be interested in a scheme that might somehow best Tor for anonymity vs. ease of use. Instead I read this ridiculous crap about "friendly ISPs" handling anonymity for us... did no one involved with this project ever read about the NSA closet at AT&T in San Francisco pre-FISA immunity?

Worst. anonymity. ever.

Re:Yeah (0)

Anonymous Coward | more than 3 years ago | (#36801202)

That's because Telex doesn't provide anonymity, it provides censorship resistance.

In other news (1)

GameboyRMH (1153867) | more than 3 years ago | (#36802348)

Today a civil liberties advocate announced his invention of a police brutality reporting system, consisting of a special data recorder carried by police officers.

Re:Yeah (1)

1s44c (552956) | more than 3 years ago | (#36802432)

The key innovation is that those ISPs are expected to perform deep packet analysis and decryption on every HTTPS connection passing though them.

The costs in router upgrades would be incredible if this is even possible at all.

all we have to do (1)

Osgeld (1900440) | more than 3 years ago | (#36800564)

is install magic boxes in the same ISP that is cutting off information

and add on the fact that telex is a commercial service still in use and there you have it ... effin brilliant scheme guys

Re:all we have to do (2)

glop (181086) | more than 3 years ago | (#36800860)

Not the same ISPs. ANY ISP that is on the traceroute to uncensored websites allowing https.

And the local ISP won't even know there is anything special with the network traffic as this uses public steganography in encrypted data streams.

Only somebody who has the private key can know the data are "special". So the only remaining attacks on this are:
- steal a private key from a trusted organization
- spoof a private key (Bad people can create the "TRUSTME" service, get people to trust it and spy on them)
- block all https traffic to any ISP than does not want to help the spying government.

Owning the local ISP used by "TELEX" users does not accomplish anything so this is a definite improvement.

Dual use (0)

Anonymous Coward | more than 3 years ago | (#36800570)

Decrypt HTTPS en route? Are crazy? Get the government to replace your Telex client and keys with theirs and you're fucked. As an extension of that idea, let's play the paranoia game: They could be doing this right now!

Proxy-less (5, Insightful)

Anonymous Coward | more than 3 years ago | (#36800578)

Okay, so we rename the proxy a "station" and now we can call it proxy-less?

Re:Proxy-less (1)

1s44c (552956) | more than 3 years ago | (#36802480)

No. The names are not important but the difference is that anyone sniffing your traffic can't tell you are communicating with a 'station' at all.

Read the article, it's quite interesting and pretty short. It's also quite impossible due to cost and cooperation issues.

Looks like port knocking to me, just with params (2)

frith01 (1118539) | more than 3 years ago | (#36800584)

It would be easier to configure a web service which recognized X keyword searches from the same session to convert the session to a port forwarding ssh session to an appropriate proxy.

( google search on book, monkey, tuesday, and blue gets you ssh forwarded to privoxy.com, etc. )

your https connection stays to the main site, & it just forwards the data .

Re:Looks like port knocking to me, just with param (1)

gl4ss (559668) | more than 3 years ago | (#36800608)

isn't this just data masquerading? you'd still see bytes flowing, so how is it better than vpn or whatever?

Re:Looks like port knocking to me, just with param (1)

frith01 (1118539) | more than 3 years ago | (#36800694)

vpn requires local software / possibly alternate ports to initiate.

Proxies do not require local software, but have central points that can be blocked.

better method would be to have simple looking sites have "backdoors" that could be used to exit normal mode, and establish new session with hidden services.

Re:Looks like port knocking to me, just with param (1)

AJH16 (940784) | more than 3 years ago | (#36800774)

The difference is that it would not be dependent on the end point site supporting it (in which case the end point site would simply be blocked for supporting it). Instead, it moves the redirect down a level and makes it blend in with a normal HTTPS connection. When it passes over a Telex enabled router, it gets changed out and redirected. The primary problem I see with the system is that all a censor has to do is get the magic box on their own routers and suddenly they can see the traffic and tell where it is coming from. Also, having ISPs provide the service may be tricky. This seems like fairly useless technology unless the explanation was not very good.

Friendly countries (2)

sverrehu (22545) | more than 3 years ago | (#36800598)

"Friendly countries"; like, the USA?

Telex? (1)

Yvan256 (722131) | more than 3 years ago | (#36800614)

What's the point of naming it Telex [wikipedia.org] ? Are they trying to make it hard for end-users to find information about it or do they want the end-users searches to look anonymous with a known term?

Re:Telex? (2)

vlm (69642) | more than 3 years ago | (#36800752)

What's the point of naming it Telex [wikipedia.org] ? Are they trying to make it hard for end-users to find information about it or do they want the end-users searches to look anonymous with a known term?

The point is to signal that they're noobs hence not to be trusted with sensitive traffic.

I've got an idea, how about freenet and/or i2p? That might work. With namecoins for domain registration? Naah I'll never get that past the NiH filter.

My favorite part about freenet and i2p is "recently" at least on headless linux boxes, they could be installed together, but having made the mistake of being implemented in Java, one sort-required a very specific version of the official sun JRE and the other required another specific version of the openjdk runtime. Way to go, java guys, love that write-once run-everywhere ^H^H run-nowhere architecture.

Re:Telex? (1)

OzPeter (195038) | more than 3 years ago | (#36800764)

What's the point of naming it Telex [wikipedia.org] ? Are they trying to make it hard for end-users to find information about it or do they want the end-users searches to look anonymous with a known term?

I think that this answers your question (from TFS)

a scheme that hides the fact that the users is even trying to communicate at all.

Re:Telex? (3, Funny)

ribuck (943217) | more than 3 years ago | (#36801028)

What's the point of naming it Telex [wikipedia.org] ? ...

I think you might have missed the point. The freedom-friendly ISP routes the connection across the near-defunct Telex network, and therefore bypasses censorship.

Of course, the websites you browse only display upper-case characters and EBCDIC Art graphics.

Telex? (1)

Lawrence_Bird (67278) | more than 3 years ago | (#36800630)

I used to send my FX orders to Sydney, Tokyo and Sing by telex. You mean its made a come back? The new stealth: 110 baud!

A New, Better Scheme (1)

Anonymous Coward | more than 3 years ago | (#36800642)

I, Anonymous Coward, hereby debut my own, better scheme:

Each user utilizing this privacy filter simply asks their ISP, government, mail provider, OS manufacturer, neighbor, IT admin, etc. not to track them!

It's as simple as that!

Re:A New, Better Scheme (1)

ThePhilips (752041) | more than 3 years ago | (#36801742)

Why yes! Ingenious!

Most importantly we already have the (theoretical) framework in place - RFC 3514 [ietf.org] - it only needs minor extension with "PLZ_ANON" bit .

Re:A New, Better Scheme (1)

omnichad (1198475) | more than 3 years ago | (#36802016)

Ah, the FTC approach!

even more fear, even less real communication (-1)

Anonymous Coward | more than 3 years ago | (#36800646)

should not it be considered that the threats to all of us/our freedoms be removed, so we wouldn't be compelled to hide our sentiments, &/or the truth, about ANYTHING, including the origins of the hymenology council, & their sacred mission?

you call this 'weather'? much of our land masses world are going under water, or burning up, as we fail to consider anything at all that really matters, as we've been instructed that we must maintain our silence (our last valid right?), to continue our 'safety' from... mounting terror.

meanwhile, back at the raunch; there are exceptions? the unmentionable sociopath weapons peddlers are thriving in these times of worldwide sufferance? the royals? our self appointed murderous neogod rulers? all better than ok, thank..... us. their stipends/egos/disguises are secure, so we'll all be ok/not killed by mistaken changes in the MANufactured 'weather', or being one of the unchosen 'too many' of us, etc...?

                        truth telling & disarming are the only mathematically & spiritually correct options. read the teepeeleaks etchings. see you there?

                        diaperleaks group worldwide. thanks for your increasing awareness?

What prevents... (1)

Synerg1y (2169962) | more than 3 years ago | (#36800686)

The offending government from loading Telex, harvesting the end points and blocking those?

waste of time (0)

Anonymous Coward | more than 3 years ago | (#36800718)

With governments worldwide moving to radio intercepts of neural signals, such services will soon be a waste of resources. Unless they can come up with a masking service to prevent the reconstruction of human thoughts, this type of research is going nowhere and will only expose people.

Does it work by (0)

Anonymous Coward | more than 3 years ago | (#36800750)

converting your message to 5-bit code hole-punched into paper tape?

Re:Does it work by (1)

Lawrence_Bird (67278) | more than 3 years ago | (#36801760)

don't be dissing the paper tape! that saved a lot of re-typing!

Taco, whassa mattah wit you? (4, Insightful)

countertrolling (1585477) | more than 3 years ago | (#36800760)

As state-level censorship continues to grow..

FTA: Widespread ISP deployment might require incentives from governments.

Can you see the little flaw in this whole concept yet?

Re:Taco, whassa mattah wit you? (1)

Anonymous Coward | more than 3 years ago | (#36801392)

If there was One World Government, then yes. As it is, governments such as the United States have an interest in foiling the censorship efforts of other governments such as Iran or China. Thus, key state support to circumvent state-level censorship is hardly unreasonable, at least for a fairly large subset of state-level censorship that's out there.

Re:Taco, whassa mattah wit you? (1)

GameboyRMH (1153867) | more than 3 years ago | (#36802424)

So the Chinese would rely on US ISPs to read about Tiananmen Square, and Americans would rely on Chinese ISPs to find streams of sporting events?

Re:Taco, whassa mattah wit you? (1)

omnichad (1198475) | more than 3 years ago | (#36802044)

Other governments, I assume. The Internet is worldwide.

Not really proxy-less (1)

Anonymous Coward | more than 3 years ago | (#36800780)

If you have to have something running which will reroute the packets, isn't that effectively a proxy? This is just a different way of accessing the proxy. Not only that but the proxy needs to be running in the network path for the packet, when the routing isn't even guaranteed to be always the same. Would this even work outside a lab?

Seems like a great idea (0)

Anonymous Coward | more than 3 years ago | (#36800868)

I've tried anonymizers like TOR in the past, but the setup was convoluted and somewhat annoying. Proxies work, but they can slow things down quite a lot. If I could pay my ISP another $5 a month for anonymity and put the burden of managing it on them, I'm all for it!

Uh-huh... Riiight.... (1)

Karl Cocknozzle (514413) | more than 3 years ago | (#36800870)

And I also would like to sell you this bridge I recently acquired in Brooklyn. It's totally not the right time for me to be owning a bridge.

But seriously, who is going to trust this system? It creates an enormous incentive for intelligence agencies to infiltrate as many major ISPs as they have to in order to capture the traffic and/or compromise the keys--if they haven't already infiltrated the project to parallel develop a compromised version of the product that feeds the keys straight to the CIA so that their own "station" can intercept and decode "secret" messages. It would also create an enormous incentive for, say, an enterprising President to sell/trade data to our allies and/or creditors, in effect selling out freedom fighters.

They have to--power abhors anonymity. If they don't know whom to destroy, it makes the power they have useless.

Re:Uh-huh... Riiight.... (0)

Anonymous Coward | more than 3 years ago | (#36801098)

You can use Tor over Telex without needing to remove your tin foil hat.

At least ... (0)

Anonymous Coward | more than 3 years ago | (#36800926)

they've got their hearts in the right place, and ( especially by getting on /. ) they're making people think about the problem. This might even spark an idea in someone who creates a real solution.

Wrong threat model. (0)

Anonymous Coward | more than 3 years ago | (#36800986)

This is interesting, but in most of the world, net censorship is enabled by the hosting provider. The real threat is the collusion of ISPs and national governments.

The censorship that the ISPs employ can be really subtle: bandwidth caps prevent people from sharing their connections; traffic shaping rewards visitors to certain sites with fast downloads - and punishes visitors to other sites with slow downloads.

Also, this circumvention technology suggests a certain amount of "we, the good-guys" vs. "them, the bad-guys" thinking. In the real world, its more an issue of "we, the little guys" vs. "them, the big guys" and the ISPs are, by definition, the "big guys".

How often do the "big guys" (ISPs) conspire with the "little guys" (you and me) to defeat other "big guys" (National Governments) ?

Answer: The don't and the won't.

-S

Problem? (0)

Anonymous Coward | more than 3 years ago | (#36801008)

So, if a hostile ISP (Say, China) sets up a Telex Station that sits *very* close to the user's Telex client, said hostile ISP (Say, China) could siphon off these Telex requests to their own resources or simply block them. Or am I missing something?

Re:Problem? (1)

RoverDaddy (869116) | more than 3 years ago | (#36801458)

They need the private key to detect that the innocent looking request contains steganographically hidden data. So, perhaps you're not missing that much at all.

Teleks Telex With Telix Via Telax (0)

Anonymous Coward | more than 3 years ago | (#36801046)

We Teleks [wikipedia.org] connect to Telex [wikipedia.org] with Telix [wikipedia.org] through Telax [wikipedia.org] .

firewall rule would block this easily (1)

frith01 (1118539) | more than 3 years ago | (#36801086)

Host Request -> some site
---other telex site responds
request dest dns host range ! = remote site range
    **blocked**

If only HTTPS could be blocked... (1)

LowneWulf (210110) | more than 3 years ago | (#36801156)

... oh wait.

Re:If only HTTPS could be blocked... (1)

Issarlk (1429361) | more than 3 years ago | (#36801292)

No HTTPS = no commerce on the interweb.

Not. Gonna. Happen.

Re:If only HTTPS could be blocked... (1)

jfengel (409917) | more than 3 years ago | (#36802514)

In the West, certainly not. In China or Iran, however, I could see the government banning encrypted traffic. I'm a bit surprised they haven't already. At the very least, ban HTTPS and replace it with some other cryptosystem to which they hold the keys. It prevents them from foreign logins, but I thought they'd be OK with that.

Security of Anonymity (1)

DeeEff (2370332) | more than 3 years ago | (#36801280)

Somehow, I think nesting myself (needle) in a haystack (Tor network) would be safer than routing through set stations. At the end of the day, this sounds like dumbing down the tools we already have so common users can take advantage of them without learning the procedures. I wouldn't normally have a problem with protecting Anonymity, but I think in this case I'm going to say no. ISPs aren't going to bother with this, especially in countries and areas where governments have complete control over such matters. Besides, even if the ISPs did bother to set these up, the government would likely find a way to back-door this kind of service anyways. (re: PROTECT-IP act) Personally, I'll stick to the time tested plan of Chinese VPN + SSH and/or Tor. At the end of the day, you're better off learning these sorts of things and recognizing the amount of protection you ACTUALLY have, rather than assuming you're invincible. It's a good idea, I just doubt the implementation will match the drawing board.

!New ? (0)

Anonymous Coward | more than 3 years ago | (#36801372)

As far as I can tell, you connect via HTTPS with "public-key steganography" indicating that the connection is this wacky-do-da Telex type and the machine you connect to is used as a staging platform (proxy) to connect to other anonymity services? What's new here that you can't do with stunnel?

This is absolutely idiotic. (1)

Alex Belits (437) | more than 3 years ago | (#36801554)

Idiotic in all possible ways -- the purpose, the name, the method, the announcement, and the results of application.

Only Web? (0)

Anonymous Coward | more than 3 years ago | (#36801848)

There are other services and protocols one would like to use Anonymously...

Umm, how does this work? (1)

BLKMGK (34057) | more than 3 years ago | (#36801914)

You're inside of an HTTPS connection and send spooky data that somehow this Telex box can see. How exactly can the Telex box see inside the HTTPS secured connection if the connection is supposed to be secured to this bogus back-end web site that's benign and not aware of the goofy stuff? Is this SSL connection somehow different than a normal one to these web sites and if so would that possibly make it stand out?

Crypto nerds (1)

SmallFurryCreature (593017) | more than 3 years ago | (#36802300)

Crypto nerds are like hippies but without that strong grasp of the realities of this world.

This "idea" relies on the fact that internet traffic is routed through several places on its way. They idea is that on one of these ways, the traffic will be read and if a magic bit is detected, it will re-route this traffic to somewhere else, making it possible to do a request for google.com with a magic bit set (which I can only presume is some magic bit that won't be bloody obvious for not fitting in the very well define protocol for http... oh https... you are doing a google.com request through https, no, that is not going to send up any red flags) and instead get the result from slashdot.org.

Of course, how the internet routes things is not set in stone and for big sites there are plenty of alternative routes, just hit google and you are likely to get a different ip each time with a ttl of 60 seconds. Of course smaller sites might have a more static route... for 1 user. In a country with different ISP's and multiple connections to the outside world, traffic might come in to the site from a number of directions.

This "idea" relies on a router to be present on all the routes that intercepts ALL traffic, parses it and sends it on to one destination or the other...

How do you get so many ISP's to do this violating every rule of the internet in the process?Just imagine if some ISP really did do this, send a request on to another destination then requested...

The problem with it all is simple, this is middle class white kids who live with the certainty of the existence of internet conspiracy theories trying to be clever.

Real oppressive regimes don't work like this. They simply block traffic, or just don't give people computers. If traffic is allowed any suspicious traffic won't get a careful analysis, they simple send some goons around and beat you, rape your sister and kill your parents until you confess, or not confess. Both are good. One way or another you will be a warning to others.

Only non-represive regimes can be circumvented by crypto-nerds. It is easy to hide your secret message from your mom because she frankly don't give a shit and just wishes retro-abortion was legal while she drowns her sorrows in cooking sherry.

Next up, darknet, because your isp will totally not notice if any traffic comes in on an unusual port. But I got plausible deniability (freenet)... yeah... that MIGHT (lawyers say it won't) work in a western civilization. That is because the west is more or less free. In Syria? They are digging mass graves that can be seen from space. They don't CARE. The more people know you died at their hands, the more will remain silent. Dictatorships are rarely overthrown, what gets overthrown is the sap left to clean up after the dictator wisely decided to call it quits by fleeing with his billions or dying.

Bogus (1)

xnpu (963139) | more than 3 years ago | (#36802474)

What an overly complex bogus system. It will require tons of ISP's to cooperate to get this to work. We might as well install an SSL proxy at the border and tell the Chinese the whole world is reachable over the proxy IP only. Take it or leave it.

Year after year we see all these awesome developments which probably cost a ton but I've never heard of one really taking off. Meanwhile the Chinese are simply using commercial VPN providers or brewing their own on $3/month VPS servers.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>