Haven't seen this come through on NANOG yet:
http://arstechnica.com/tech-policy/news/2012/02/iran-reportedly-blocking-encrypted-internet-traffic.ars
Can anyone with the ability confirm that TCP/443 traffic from Iran has
stopped?
Haven't seen this come through on NANOG yet:
http://arstechnica.com/tech-policy/news/2012/02/iran-reportedly-blocking-encrypted-internet-traffic.ars
Can anyone with the ability confirm that TCP/443 traffic from Iran has
stopped?
Probably better than Iran doing man-in-the-middle...
Thanks,
Donald
Lauren scooped you on Privacy by about 6 minutes.
Cheers,
-- jra
correct, it's down in Iran,
A few of my contacts got back to me confirming this a few hours ago.
Yes I am from Iran and outgoing TCP/443 has been stoped
And in response
(quoting) :
“Basically, say you want to look like an XMPP chat instead of SSL,” he
writes to me, referring to a protocol for instant messaging as the
decoy for the encrypted SSL communications. “Obfsproxy should start
up, you choose XMPP, and obfsproxy should emulate XMPP to the point
where even a sophisticated [deep packet inspection] device cannot find
anything suspicious.”
Regards
Marshall
It is not accessible to with XMPP, yahoo google none of them is not accessible from Iran.
I have not try obfsproxy but as a ordinary connection we do not have https
FWIW: A colleague in Iran was able to connect to a server in the US
using HTTPS on a non-standard port (9999). It appears that the
Iranian government is not blocking TLS/HTTPS per se, but just port
443. So in principle, if there were just some HTTPS proxies using
non-standard ports, then people would be able to get out. At least
until (1) the addresses of the proxies become known to the regime, or
(2) they start blocking cross-border TLS altogether.
--Richard
Or applications (and providers) knew how to use SRV records...
AlanC