anonymity struggle , whonix not working in new censored areas

nurmagoz · March 30, 2016, 12:52pm

in Arab Gulf atm , not just Tor connection blocked but even Tor project website is also closed.

so if u want to open TBB= not working

if u want to open Tor project website = not working

now if we come to whonix and how does it react to this blockage (Tor blockage) here r whonixcheck:-

and this is arm:-

if u look at arm u gonna c [27 duplicate hidden] , this message will not going to stay at 27 , but it will keep on increasing by time (it reached about 120 then i closed it because its non-stop).

now if someone want to add bridges by following this page:-

he need to go to Tor project website in order to add bridges , but Tor project website is closed! .

so how whonix going to provide bridges for their users ?

also now Tor project is providing TBB through emails , how about whonix ? r we going to provide whonix through emails if any country blocked whonix website ?

(i dunno yet , which bridges going to work if meek is not working)

what TBB is saying when it tries to connect in these areas/countries:-

TBB normal connection (no bridges):-

3/30/2016 11:52:53 AM.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:52:53 AM.100 [NOTICE] Opening Socks listener on 127.0.0.1:9150
3/30/2016 11:52:58 AM.000 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
3/30/2016 11:52:58 AM.000 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:52:58 AM.000 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
3/30/2016 11:53:12 AM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:53:12 AM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:53:12 AM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:53:12 AM.700 [NOTICE] Opening Socks listener on 127.0.0.1:9150
3/30/2016 11:53:12 AM.700 [NOTICE] Bootstrapped 5%: Connecting to directory server
3/30/2016 11:53:12 AM.700 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
3/30/2016 11:54:23 AM.100 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
3/30/2016 11:54:23 AM.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:54:23 AM.100 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
3/30/2016 11:54:26 AM.300 [NOTICE] Delaying directory fetches: DisableNetwork is set.

TBB with obfs4

3/30/2016 11:52:53 AM.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:52:53 AM.100 [NOTICE] Opening Socks listener on 127.0.0.1:9150
3/30/2016 11:52:58 AM.000 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
3/30/2016 11:52:58 AM.000 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:52:58 AM.000 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
3/30/2016 11:53:12 AM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:53:12 AM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:53:12 AM.700 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:53:12 AM.700 [NOTICE] Opening Socks listener on 127.0.0.1:9150
3/30/2016 11:53:12 AM.700 [NOTICE] Bootstrapped 5%: Connecting to directory server
3/30/2016 11:53:12 AM.700 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server
3/30/2016 11:54:23 AM.100 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
3/30/2016 11:54:23 AM.100 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:54:23 AM.100 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
3/30/2016 11:54:26 AM.300 [NOTICE] Delaying directory fetches: DisableNetwork is set.
3/30/2016 11:56:19 AM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:56:19 AM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:56:19 AM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:56:19 AM.900 [NOTICE] Opening Socks listener on 127.0.0.1:9150
3/30/2016 11:56:28 AM.200 [WARN] Proxy Client: unable to connect to 104.131.108.182:56880 (“general SOCKS server failure”)
3/30/2016 11:57:07 AM.900 [WARN] Proxy Client: unable to connect to 154.35.22.11:443 (“general SOCKS server failure”)
3/30/2016 11:57:08 AM.700 [WARN] Proxy Client: unable to connect to 83.212.101.3:41213 (“general SOCKS server failure”)
3/30/2016 11:57:23 AM.700 [WARN] Proxy Client: unable to connect to 109.105.109.147:13764 (“general SOCKS server failure”)
3/30/2016 11:57:24 AM.900 [WARN] Proxy Client: unable to connect to 154.35.22.13:443 (“general SOCKS server failure”)
3/30/2016 11:57:26 AM.400 [WARN] Proxy Client: unable to connect to 154.35.22.12:80 (“general SOCKS server failure”)
3/30/2016 11:57:26 AM.400 [WARN] Proxy Client: unable to connect to 198.245.60.50:443 (“general SOCKS server failure”)
3/30/2016 11:57:26 AM.400 [WARN] Proxy Client: unable to connect to 154.35.22.10:80 (“general SOCKS server failure”)
3/30/2016 11:57:26 AM.400 [WARN] Proxy Client: unable to connect to 109.105.109.165:10527 (“general SOCKS server failure”)
3/30/2016 11:57:26 AM.400 [WARN] Proxy Client: unable to connect to 192.99.11.54:443 (“general SOCKS server failure”)
3/30/2016 11:58:49 AM.000 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
3/30/2016 11:58:49 AM.000 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 11:58:49 AM.000 [NOTICE] Closing old Socks listener on 127.0.0.1:9150

TBB with meek-google

3/30/2016 12:03:01 PM.500 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 12:03:01 PM.500 [NOTICE] Opening Socks listener on 127.0.0.1:9150
3/30/2016 12:03:15 PM.900 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
3/30/2016 12:03:15 PM.900 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 12:03:15 PM.900 [NOTICE] Closing old Socks listener on 127.0.0.1:9150
3/30/2016 12:03:34 PM.400 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 12:03:34 PM.400 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 12:03:34 PM.400 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 12:03:34 PM.400 [NOTICE] Opening Socks listener on 127.0.0.1:9150
3/30/2016 12:06:50 PM.800 [NOTICE] Closing no-longer-configured Socks listener on 127.0.0.1:9150
3/30/2016 12:06:50 PM.800 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections.
3/30/2016 12:06:50 PM.800 [NOTICE] Closing old Socks listener on 127.0.0.1:9150

Ego · March 30, 2016, 2:01pm

Good day,

The Tor Project found a solution for such problems, simply send a mail to “bridges@bridges.torproject.org” with “get bridges” in it.

Why should the TBB and Whonix use different bridges? They use the same infrastructure called Tor.

Have a nice day,

Ego

nurmagoz · March 30, 2016, 2:13pm

The Tor Project found a solution for such problems, simply send a mail to “bridges@bridges.torproject.org” with “get bridges” in it.

yeah but its tor project , not whonix.

Why should the TBB and Whonix use different bridges? They use the same infrastructure called Tor.

not different bridges , i meant how whonix going to be available to the users if whonix website blocked as well ?

TBB = email Tor in order to get it
Bridges = email Tor in order to get it
whonix email who ?

Ego · March 30, 2016, 3:14pm

Have a nice day,

You do realize that Whonix uses technology provided by the Tor project?

You simply sent the mail I just proposed, use the bridges they sent you to connect to Tor over the TBB and then use that connection to connect to whonix.org.

Have a nice day,

Ego

nurmagoz · March 30, 2016, 6:26pm

You do realize that Whonix uses technology provided by the Tor project?

ofc , but i dunno i dont c it proper way to link whonix users to Tor project. even tho the main problem is Tor which is from tor project.

You simply sent the mail I just proposed, use the bridges they sent you to connect to Tor over the TBB and then use that connection to connect to whonix.org.

yeah but in this way , in order to get whonix links i should have TBB working then i go to whonix website and then download whonix over Tor connection ???

absolutely not good solution. we need to have our links on another place for example on github. like this:-

Ego · March 30, 2016, 6:39pm

Good day,

Yes, takes about five minuites more than simply accessing whonix.org via your “normal” browser to set this up and gain access to whonix.org via the TBB using bridges.

That’d lead to having to manage a multitude of sources (again), something we just changed a few weeks ago, as mentioned here: upcoming usability improvements that will hurt, TLS downloads, abolishing torrent downloads Using mirrors hosted by others also has its problems, as explained here: https://github.com/Whonix/Whonix/issues/96#issuecomment-183908968

Have a nice day,

Ego

Patrick · March 30, 2016, 7:14pm

Yes, there is obviously a lot room for improvements in all areas but scarcity of reliable funding and volunteers prevents providing them.

nurmagoz · March 30, 2016, 7:21pm

Yes, takes about five minuites more than simply accessing whonix.org via
your “normal” browser to set this up and gain access to whonix.org via
the TBB using bridges.

yes takes about 5 minutes (for me and u but let us just say 5 minutes) , but how many hours to download whonix with Tor+Bridges ? 3-4 hours maybe more ? we should consider that as well.

That’d lead to having to manage a multitude of sources (again), something we just changed a few weeks ago, as mentioned here: upcoming usability improvements that will hurt, TLS downloads, abolishing torrent downloads Using mirrors hosted by others also has its problems, as explained here: https://github.com/Whonix/Whonix/issues/96#issuecomment-183908968

if we just copy/paste our current links from whonix wiki to whonix github it will cost nothing right? nor a considered effort.

nurmagoz · March 30, 2016, 7:46pm

hmm correct , but making page in github within whonix does it cost any ?

Patrick · March 30, 2016, 7:55pm

It does.

figure out if they are okay with the file sizes
figure out if they are okay with the traffic generated
take time to manually upload
or better figure out how to automate uploading
or somehow figure out how to download from whonix.org and mirror to github
maintenance, checking all of that works
user support

Ego · March 31, 2016, 9:35am

Good day,

Regarding that, I have to say that yes, downloading over a bridge takes its time and depends on a bit of luck in regards to having a fast route (sometimes I get 200 KB/sec, sometimes only 50 KB/sec according to Arm). However, we need to keep in mind that this, while taking some time, is a one time commitment and a necessary evil, as well as the fact that in many cases Tor isn’t impacting speed as bad as other aspects of the connection, like the providing server.

Have a nice day,

Ego

anon36816226 · April 1, 2016, 6:20pm

Hi ,

Could you please try I2P there if its not Dangerous for you ?
I would like to know if they block I2P Reseed URLs and or Homepage.
Maybe if we get lucky with I2P we could figure some way to go from there if Tor is blocked

nurmagoz · April 1, 2016, 6:33pm

im already using I2P , till now I2P is working good. but the message always saying “network: firewalled”, tho not effecting any of I2P activities.

American agencies till now didnt focus to block I2P , because its not yet used in widely from IS.

(if u think UAE ppl blocking Tor connection = ofcourse not , they r stupid. but its a work of agencies mostly from USA but sure in cooperation with UK,France,Germany,India agencies).

but i dont think there is anyway to block I2P connection because its P2P connection , am i right ? they can only block I2P clearnet website.

human · April 1, 2016, 7:20pm

maybe you can access Tor project website with proxies / socks 5 or with webproxies.

anon36816226 · April 2, 2016, 4:19am

Not totaly right , I2P needs to Reseed via some URL so if these get blocked ,it fails to connect and find new peers .
I hope you know that the agencys are not blocking Tor because of the IS . States do this to control their citizen.
Problem
Reaction
Solution

Patrick · April 2, 2016, 3:15pm

It only means, that you do not have a functional port forwarding that allows unsolicited incoming connections.

When i2p is running in Whonix-Workstation there is probably no way to fix this. (Explained on the i2p wiki page.)
When running i2p on Whonix-Gateway or another VM is NATed. Therefore the first port forwarding would be required from the host to the VM.
And even creating a port forwarding from the router to the computer is for most users a huge challenge. (Sometimes impossible because unsupported by provides. [example: 3G shared IP that are NATed by default])
I wouldn’t worry about it unless you deeply care about supporting the i2p network. In that case learn how to get port forwarding working for i2p running on the host first. It’s more of a router and i2p rather than Whonix question…

HulaHoop · April 2, 2016, 5:14pm

You don’t need port forwarding if its running on the UDP transport. You need to set your I2P router to run in hidden mode and as running behind an NAT firewall.

With basic blocking techniques you will be able to get thru. If they run DPI that looks for I2P protocol specifically you won’t be able to connect. I2P could get Tor’s pluggable transports at some point.

anon36816226 · April 2, 2016, 5:53pm

It would be better not to be a participating Router , if your Router isn’t running 24/7 and this would require more RAM that it would not be acceptable for the normal user .
If you care about the I2P Network its far better to install it on a dedicated machine running I2P or setup a hosted Server

https://geti2p.net/en/get-involved/roadmap
Initial work planned for 0.9.27 July 2016
i guess its going to get delayed due to the missing manpower but its on the todo

nurmagoz · April 4, 2016, 3:07am

I hope you know that the agencys are not blocking Tor because of the IS . States do this to control their citizen.
Problem
Reaction
Solution

well do u think a country located more than 6000 thousand mile away would care about another country in the middle east just to solve their citizen problems ? come on …

@Patrick @HulaHoop = thnx for the clarification

Initial work planned for 0.9.27 July 2016

@goldstein awesome news thnx.

(tho i have a design in mind which is this one:-
the ultimate anonymity tree (theory))