Comments (6)
Is this different from #57 (which should be addressed by #75)?
It addresses the problem with running all available experiments everytime it's run.
from centinel.
As per the discussion I had with @ben-jones, there are two things we could add to address this issue:
-
the installation package/script should ship a set of standard experiments (e.g. connectivity checking experiment that is not finger-printable and has to be run every time). These experiments are part of the package and are updated when centinel package is.
-
also, the centinel package should be shipped without any extra experiments installed. The experiments can be downloaded from the server once the informed consent process is completed. This will prevent clients from running experiments before consent is given.
from centinel.
Do we still want to do this? Note that we currently don't have a non-finger-printable connectivity test inside Centinel and no experiment is shipped with Centinel when installing pip package.
from centinel.
I don't think ping would be that big a deal, especially if we send traffic to a common target like 8.8.8.8. This type of traffic should be fairly common, so I wouldn't think it would be too fingerprintable.
from centinel.
I agree with you on the target. But what about frequency? It might end up having a pattern that is detectable.
from centinel.
I suppose that's true, though there are innumerable attacks that the censor could hit us with (e.g. see how many people request the same sites as us or see if anyone else connects to the same Tor bridge. Regardless, we should consider this in terms of a larger framework; every measurement gives us some information but costs us stealthiness. We could be perfectly stealthy and never measure, but then we wouldn't have useful data. For every primitive and measurement target (e.g. 8.8.8.8) we send traffic to, we are going to need to consider this tradeoff.
Informally, there may be a better way to do this, but I think that pings to 8.8.8.8 would be pretty stealthy. We could make the measurement more covert by randomly selecting a target from a list or choosing not to measure with some probability. We lose some information with each approach because we don't get consistent reachability measurements to the same place, but either would be more stealthy than constantly pinging 8.8.8.8.
from centinel.
Related Issues (20)
- pcap compression and copying should not happen in memory
- exception when freeing data
- opening new thread should delay+retry upon failure
- handle BeautifulSoup parsing exceptions
- add VPN-related info to VPN config files
- change the way VPN file names are chosen, use domain names to identify instead of IPs
- Tagged releases and changelog
- Real Time Testing with centinel HOT 1
- Update to Python 3 (and document Python 2 requirement)
- Add more timestamps to results
- Add UTC time to tests
- Cert pinning on client-server connection
- User Agent check
- TLS experiments needs to have SNI set by default
- IPv4 prefixes are added to IPv6 HOT 2
- filtering urls in our test list
- http tests need to honor Set-Cookie
- Replace bzip2 with zstd or lz4
- Control node's metadata is added with unknown reason
- Some clearence required on the way centinel program works and some queries on the way to add custom tools in it. HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from centinel.