Re: [Tails-dev] todo/network_fingerprint

Delete this message

Reply to this message
Autore: intrigeri
Data:  
To: The Tails public development discussion list
Oggetto: Re: [Tails-dev] todo/network_fingerprint
Hi,

adrelanos wrote (02 Jul 2013 23:04:43 GMT) :
> As per "[Tails-dev] documentation contribution process too
> bureaucratic?", I'd prefer just to create todo discussion page, [...]
> [Using git patches for this kind of stuff, for me, takes more time than
> editing like three or four such chapters.


Whatever you prefer (and that actually can be reviewed and merged
without too much silly efforts), but please propose changes to the
*source* of the page, not to the rendered output. One does not submit
binary patches to the *compiled* Linux kernel, and there are good
reasons for this :)

>>> If the censorship circumvention option (implemented as bridge mode) or
>>> possible future Tails detection protection option is enabled, we want
>>> the network fingerprint detection resistance, at least to the extend,
>>> that it beats DPI boxes at least as good as the censorship circumvention
>>> tool (implemented using pluggable transports) does.
>>
>> OK, this paragraph can certainly be used somewhere in this document,
>> but the section you're patching is about distinguishing Tails users
>> from other Tor users, so I doubt censorship circumvention fits right
>> in there.


> Then I must have got something wrong. This was in response too:


>>> What is also open to decide for you, is whether you like to improve the
>>> network fingerprint (from ISP perspective) when these problems start
>>> having real world impacts (censors start censoring based on Tails
>>> network fingerprint) or precautionary.
>> I think we're trying to be proactive about making it harder to detect
>> Tails users who use bridge mode. <snip>


> I think fingerprinting and distinguishing Tails users from other Tor
> users is interconnected a lot.


Sure. Perhaps that's a good enough reason to re-purpose the whole
section. But still, one can't tell in the introduction that it's about
one thing, and then talk (surprise!) about the other. See what I mean?

>>> And there https://tails.boum.org/contribute/design/Time_syncing
>>> /#index5h1 I'd remove:
>>
>>> "Tails developers still need to think thoroughly of these questions: are
>>> such fingerprinting possibilities a serious problem? What kind of
>>> efforts and compromise should be made to prevent these?"
>>
>> I don't understand why. Did we decide that the "Tor restart on
>> startup" thing is a non-issue? It seems contradictory with the stated
>> goal of defeating DPI.


> I was mostly refering to "Tails developers still need to think
> thoroughly of these questions" - I think these questions are, with the
> new design decision (should this become one), answered. In meaning of,
> "you don't have to think through it anymore, since this has been answered".


I don't think so, but perhaps I missed something.
What's the answer to these questions, then?

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc