Well, a statistical analysis will be able to find the difference between browsing https gmail, and posting on Facebook / Twitter. And countries with internet filters may not have high standards of due process.
The other danger would be all offshore https sites getting blocked. Or a concerted effort to Man-in-the-middle all offshore https (assuming that doesn't already happen).
"The other danger would be all offshore https sites getting blocked."
Fine by me. "No benefits of the information access for your country unless you also allow dissenting opinions" would be quite a win for any project of this kind.
I know of at least one private university that MITMs every SSL connection. Doesn't seem lime it would be that hard to look for the Telex signature at that point.
Of course, the university is training everybody to click on "just trust this certificate", but that's a different issue.
Just like enterprises, they get you to install their CA cert as a new trusted root and then they sign their own certs for each domain as they flow through. Corporate IT will just push it through AD or pre-configure it, I'd assume campus IT gets you to run an executable to install it. Since all the traffic will be signed by them you won't get very far without accepting their root.
There may be none in this broad sense, but there are enough that would like to see, for example, all Chinese people be able to browse the web uncensored. These nations could simply not allow connections to be routed over their Telex nodes from IPs inside their own country.
The whole scheme gets interesting when, as retaliation, the other country provides Telex nodes for the users in those same nations which help their people circumvent censorship. The result would be for everyone to be able to browse the web uncensored.
It won't be easy to get this thing going. It needs to have scale to be useful.
However, with the wave of FUD being raised against freedom in the internet (hackers, child porn, riots organized in social networks) such scale gets a lot harder.
Okay maybe I'm missing something but what prevents the censoring country from obtaining Telex station equipment and placing it on outbound links diverting Telex traffic before it makes it to the outside. Censoring country cab then block/tamper with the results and know that you have illegal Telex software. Signing your traffic doesn't seem to do much for deniability when the man shows up at your door.
17 comments
[ 0.15 ms ] story [ 65.4 ms ] threadThe other danger would be all offshore https sites getting blocked. Or a concerted effort to Man-in-the-middle all offshore https (assuming that doesn't already happen).
Fine by me. "No benefits of the information access for your country unless you also allow dissenting opinions" would be quite a win for any project of this kind.
Of course, the university is training everybody to click on "just trust this certificate", but that's a different issue.
There are none.
P.s. I don't like it when new projects reuse names of old technology because it adds confusion. (http://en.wikipedia.org/wiki/Telex)
No none. They want all Chinese people to be able to browse the web as censored by them rather than as censored by China.
http://news.ycombinator.com/item?id=2790146
http://news.ycombinator.com/item?id=2775988
However, with the wave of FUD being raised against freedom in the internet (hackers, child porn, riots organized in social networks) such scale gets a lot harder.