Hey, guys!
What do you think about the Tor browser?
To me it seems like it's going to become a necessity for doing research on-line sooner or later. Chinese Internet censorship has gotten quite severe in the last few years (they've banned Wikipedia *again* recently, and quite a few VPNs have stopped working), so has the Turkish (Wikipedia has been banned for years now there), and the destructive laws similar to SOPA and PIPA will soon be implemented in the European Union, and it's hard to predict what kind of effect it's going to have. Wikipedia is probably safe in the EU, but it's hard to tell whether Britannica is safe, yet alone if the blogs and free hosting services are safe. I don't think the Croatian right-wing media is exaggerating the situation here (maybe a little, they seem to be implying it's going to happen now, when it probably will happen, but after a few years).
So, I think there are two important questions about the Tor browser:
1. Is Tor going to last longer than the VPNs as a censorship circumvention method? To me it seems like Tor is going to last as long as Microsoft wants it to. If Microsoft prevents domain fronting and prevents its VPS-es to be used as Tor bridges, Tor as we know it is over. Google, Amazon and Cloudflare have already done that, but, as far as I can see, Microsoft puts slightly more effort into protecting free speech and anonymity on-line. Since GitHub has been acquired by Microsoft, Microsoft can also decide to delete the source code of Tor from GitHub, thereby making making the development and downloading Tor harder, but there is no indication it will do that. VPNs will work as long as ISPs aren't willing to block them, they are, as far as I am aware, as easy to block as an ordinary website is. So I think Tor is going to last for longer.
2. Does using the "meek-azure" protocol really make it impossible for ISPs to see that you are using Tor? Of course, using ordinary Tor (or, for that sake, a VPN) makes it impossible for your ISP and/or government to see which websites you are visiting, but they can see that you are using Tor or VPN and suppose you are engaging in illegal activities. My understanding is that using "meek-azure" protocol makes connecting to the Tor network, from the perspective of the ISP, indistinguishable from connecting to some Microsoft server to, for instance, download JQuery or something else hosted on it. The only shortcoming is that it is significantly slower to connect to the Tor network that way. However, once you've connected to it that way, you can perhaps get the IP addresses of some obfs4 proxies, which are way faster than meek-azure, but that brings us to the third question:
3. Does using the "obfs4" protocol really make it impossible for your ISP to see that you are using Tor? And my guess is that it actually doesn't. The ISP can see that you are connecting to some unknown server using an unknown and cyphered protocol. In "obfs2", the ISP can see that it's indeed a Tor server by closely examining the TLS. In "obfs3", it can see it's a Tor server if it attempts to communicate with it, and it responds in a way typical for a Tor server. If you are using the "obfs4" protocol, it can't easily prove you are using Tor, but you are at least suspicious then.
Let's hear your thoughts!
What do you think about the Tor browser?
To me it seems like it's going to become a necessity for doing research on-line sooner or later. Chinese Internet censorship has gotten quite severe in the last few years (they've banned Wikipedia *again* recently, and quite a few VPNs have stopped working), so has the Turkish (Wikipedia has been banned for years now there), and the destructive laws similar to SOPA and PIPA will soon be implemented in the European Union, and it's hard to predict what kind of effect it's going to have. Wikipedia is probably safe in the EU, but it's hard to tell whether Britannica is safe, yet alone if the blogs and free hosting services are safe. I don't think the Croatian right-wing media is exaggerating the situation here (maybe a little, they seem to be implying it's going to happen now, when it probably will happen, but after a few years).
So, I think there are two important questions about the Tor browser:
1. Is Tor going to last longer than the VPNs as a censorship circumvention method? To me it seems like Tor is going to last as long as Microsoft wants it to. If Microsoft prevents domain fronting and prevents its VPS-es to be used as Tor bridges, Tor as we know it is over. Google, Amazon and Cloudflare have already done that, but, as far as I can see, Microsoft puts slightly more effort into protecting free speech and anonymity on-line. Since GitHub has been acquired by Microsoft, Microsoft can also decide to delete the source code of Tor from GitHub, thereby making making the development and downloading Tor harder, but there is no indication it will do that. VPNs will work as long as ISPs aren't willing to block them, they are, as far as I am aware, as easy to block as an ordinary website is. So I think Tor is going to last for longer.
2. Does using the "meek-azure" protocol really make it impossible for ISPs to see that you are using Tor? Of course, using ordinary Tor (or, for that sake, a VPN) makes it impossible for your ISP and/or government to see which websites you are visiting, but they can see that you are using Tor or VPN and suppose you are engaging in illegal activities. My understanding is that using "meek-azure" protocol makes connecting to the Tor network, from the perspective of the ISP, indistinguishable from connecting to some Microsoft server to, for instance, download JQuery or something else hosted on it. The only shortcoming is that it is significantly slower to connect to the Tor network that way. However, once you've connected to it that way, you can perhaps get the IP addresses of some obfs4 proxies, which are way faster than meek-azure, but that brings us to the third question:
3. Does using the "obfs4" protocol really make it impossible for your ISP to see that you are using Tor? And my guess is that it actually doesn't. The ISP can see that you are connecting to some unknown server using an unknown and cyphered protocol. In "obfs2", the ISP can see that it's indeed a Tor server by closely examining the TLS. In "obfs3", it can see it's a Tor server if it attempts to communicate with it, and it responds in a way typical for a Tor server. If you are using the "obfs4" protocol, it can't easily prove you are using Tor, but you are at least suspicious then.
Let's hear your thoughts!
![[Image: s-l640.jpg]](https://i.ebayimg.com/images/g/DjAAAOSwpIhe1HCM/s-l640.jpg)
![[Image: nL4L1haz_Qo04rZMFtdpyd1OZgZf9NSnR9-7hAWT...dc2a24480e]](https://external-preview.redd.it/nL4L1haz_Qo04rZMFtdpyd1OZgZf9NSnR9-7hAWTNVY.jpg?width=216&crop=smart&auto=webp&s=7b11e8b38bea0eacc8797fc971574ddc2a24480e)
