In 2014, Domain Fronting became the newest obfuscation technique for covert, difficult to censor communication. Even today, the Meek Pluggable transport serves ~400GB of Tor traffic each day, at a cost of ~$3000/month. The basic technique is to make an HTTPS connection to the CDN directly, and then once the encryption has begun, make the… Continue reading Another Strike against Domain Fronting
Tag: Online
Video from my CCC talk last week is here.
First-party Google Analytics
Third party analytics services are suffering from the growing prevalence of ad blocking, tracking protection, and the trend of minimizing connections and requests. However, from a site owner perspective, receiving usage information remains important for measuring site growth. My expectation is that we are already on the curve where ads and tracking software will be… Continue reading First-party Google Analytics
Thoughts on China’s Updated Cyber-security Regulations
On Monday, China ratified an updated cybersecurity legislation that will enter effect next June. The policy regulates a number of aspects of the Chinese Internet: What data companies need to keep on domestic servers, the interaction between companies and the government, and the interaction between companies and Chinese users. Notably, when considering the impact on… Continue reading Thoughts on China’s Updated Cyber-security Regulations
Watch your PAC
In the last week at Blackhat / Defcon two groups looked deeply at one of the lesser known implementations of network policy called Proxy Autoconfig. (In particular, badWPAD by Maxim and Crippling HTTPS with unholy PAC by Safebreach.) Proxy AutoConfig (PAC) is a mechanism used by many organizations to configure an advanced policy for connecting… Continue reading Watch your PAC
Stunning
I’ve started to dive once again into the mess of connection establishment. Network address translation (NAT) is a reality today for most Internet users, and poses a significant hurdle in creating the user-user (or peer-peer) connections. NAT is the process used by your router to provide multiple internal (192.168.x.x) addresses that are all only visible… Continue reading Stunning
Satellite
I’m excited to present Satellite, a network measurement project I’ve been working on over the last couple years, at USENIX ATC next month. Satellite takes a look at understanding shared CDN behaviors and automatically detecting censorship by regularly querying open DNS resolvers around the world. For example, we can watch the trends in censorship in… Continue reading Satellite
I’m scheduled to give a talk at toorcamp next month about packet spoofing and SP^3.
Contextualizing RedStar OS
At the 2015 Chaos Communication Congress, Florian and Niklaus presented an analysis of Red Star OS 3.0, the system which leaked online a year ago. In their talk they provide technical backing for several observations about the system which have gained some press attention. The first is that the Operating System is designed without obvious… Continue reading Contextualizing RedStar OS
SP3
I started running a public sp3 server today. It’s a small side-project I’ve hacked together over the last couple weeks to make it easier for people to play with packet spoofing. The server works similarly to a public proxy, but with the trade-off that while it won’t send high-volumes of traffic, it will allow you… Continue reading SP3