17 comments

[ 0.15 ms ] story [ 65.4 ms ] thread
I'd be interested to see their claim of untraceability tested somewhat. It's hard to believe this sort of traffic can't be profiled.
Well, a statistical analysis will be able to find the difference between browsing https gmail, and posting on Facebook / Twitter. And countries with internet filters may not have high standards of due process.

The other danger would be all offshore https sites getting blocked. Or a concerted effort to Man-in-the-middle all offshore https (assuming that doesn't already happen).

"The other danger would be all offshore https sites getting blocked."

Fine by me. "No benefits of the information access for your country unless you also allow dissenting opinions" would be quite a win for any project of this kind.

Fine by you until you find yourself living in such a country.
I know of at least one private university that MITMs every SSL connection. Doesn't seem lime it would be that hard to look for the Telex signature at that point.

Of course, the university is training everybody to click on "just trust this certificate", but that's a different issue.

Which one? Seems like a huge breach of trust, not to mention probably illegal as hell. Why does the dean need to know my credit card number?
Hmm, how exactly do you do that? Browsers are supposed to verify certificates
Just like enterprises, they get you to install their CA cert as a new trusted root and then they sign their own certs for each domain as they flow through. Corporate IT will just push it through AD or pre-configure it, I'd assume campus IT gets you to run an executable to install it. Since all the traffic will be signed by them you won't get very far without accepting their root.
Hmm, how exactly do you do that? Browsers are supposed to verify certificates
> "It would likely require support from nations that are friendly to the cause of a free and open Internet,"

There are none.

There may be none in this broad sense, but there are enough that would like to see, for example, all Chinese people be able to browse the web uncensored. These nations could simply not allow connections to be routed over their Telex nodes from IPs inside their own country. The whole scheme gets interesting when, as retaliation, the other country provides Telex nodes for the users in those same nations which help their people circumvent censorship. The result would be for everyone to be able to browse the web uncensored.

P.s. I don't like it when new projects reuse names of old technology because it adds confusion. (http://en.wikipedia.org/wiki/Telex)

> all Chinese people be able to browse the web uncensored.

No none. They want all Chinese people to be able to browse the web as censored by them rather than as censored by China.

They don't have to be friendly to an open Internet. You just have to phrase the proposal in terms of fighting commie-ism or islamofascism.
It won't be easy to get this thing going. It needs to have scale to be useful.

However, with the wave of FUD being raised against freedom in the internet (hackers, child porn, riots organized in social networks) such scale gets a lot harder.

And why couldn't this just be done in OpenVPN??? All that would be needed is the steno part...
Okay maybe I'm missing something but what prevents the censoring country from obtaining Telex station equipment and placing it on outbound links diverting Telex traffic before it makes it to the outside. Censoring country cab then block/tamper with the results and know that you have illegal Telex software. Signing your traffic doesn't seem to do much for deniability when the man shows up at your door.