

New anti-censorship scheme could make it impossible to block individual sites - Garbage
http://www.eurekalert.org/pub_releases/2011-08/uom-nas081011.php

======
MatthewPhillips
> "It would likely require support from nations that are friendly to the cause
> of a free and open Internet,"

There are none.

~~~
mgw
There may be none in this broad sense, but there are enough that would like to
see, for example, all Chinese people be able to browse the web uncensored.
These nations could simply not allow connections to be routed over their Telex
nodes from IPs inside their own country. The whole scheme gets interesting
when, as retaliation, the other country provides Telex nodes for the users in
those same nations which help their people circumvent censorship. The result
would be for everyone to be able to browse the web uncensored.

P.s. I don't like it when new projects reuse names of old technology because
it adds confusion. (<http://en.wikipedia.org/wiki/Telex>)

~~~
njharman
> all Chinese people be able to browse the web uncensored.

No none. They want all Chinese people to be able to browse the web as censored
by them rather than as censored by China.

------
iwwr
I'd be interested to see their claim of untraceability tested somewhat. It's
hard to believe this sort of traffic can't be profiled.

~~~
wisty
Well, a statistical analysis _will_ be able to find the difference between
browsing https gmail, and posting on Facebook / Twitter. And countries with
internet filters may not have high standards of due process.

The other danger would be all offshore https sites getting blocked. Or a
concerted effort to Man-in-the-middle _all_ offshore https (assuming that
doesn't already happen).

~~~
SoftwareMaven
I know of at least one private university that MITMs every SSL connection.
Doesn't seem lime it would be that hard to look for the Telex signature at
that point.

Of course, the university is training everybody to click on "just trust this
certificate", but that's a different issue.

~~~
Vitaly
Hmm, how exactly do you do that? Browsers are supposed to verify certificates

~~~
trotsky
Just like enterprises, they get you to install their CA cert as a new trusted
root and then they sign their own certs for each domain as they flow through.
Corporate IT will just push it through AD or pre-configure it, I'd assume
campus IT gets you to run an executable to install it. Since all the traffic
will be signed by them you won't get very far without accepting their root.

------
jahmed
Okay maybe I'm missing something but what prevents the censoring country from
obtaining Telex station equipment and placing it on outbound links diverting
Telex traffic before it makes it to the outside. Censoring country cab then
block/tamper with the results and know that you have illegal Telex software.
Signing your traffic doesn't seem to do much for deniability when the man
shows up at your door.

------
diego_moita
It won't be easy to get this thing going. It needs to have scale to be useful.

However, with the wave of FUD being raised against freedom in the internet
(hackers, child porn, riots organized in social networks) such scale gets a
lot harder.

------
theguvernor
And why couldn't this just be done in OpenVPN??? All that would be needed is
the steno part...

------
gojomo
A bit of previous discussion of 'Telex':

<http://news.ycombinator.com/item?id=2790146>

<http://news.ycombinator.com/item?id=2775988>

