Combined flash proxy + pyobfsproxy browser bundles

Please help us test new experimental bundles that have flash proxy and pyobfsproxy enabled by default.

Flash proxy is a transport that uses proxies running in web browsers as access points into Tor. pyobfsproxy is a Python implementation of the obfsproxy modular transport that makes network traffic look unlike normal Tor traffic. Both of these technologies make it harder to block access to Tor. If you previously used the obfsproxy bundle, please upgrade to this bundle, which in addition to flash proxy has new obfsproxy bridges.

Flash proxy works differently than other pluggable transports, and you need to take extra steps to make it work. In particular, you will probably need to configure port forwarding in order to receive connections from browser proxies. There are instructions and hints on how to do that at this page: flash proxy howto.

These bundles contain fresh obfs2 bridge addresses, which may work for you if the bridges in the obfsproxy bundle are blocked. The bundles also includes an experimental obfs3 bridge—obfs3 is a new protocol designed to be harder to identify than the previous obfs2. If even these new bridges become blocked, you can find your own obfs2 bridges.

We are looking for feedback on how the bundles work. Please leave comments on the flash proxy usability wiki page or ticket #7824 with your experience, good or bad.

There are other ways you can help beyond testing the bundles. One is to run a bridge with pyobfsproxy. Another is to put the flash proxy badge on your web site or blog, or add it to your Wikipedia profile. If you want your browser to continue to be a proxy after a switch to an opt-in model, click the “Yes” button on the options page.

It works, great! even with lower latency than tor-bundle (for google services)

here (Iran), in some days we have problem in tor bandwidth. repeatedly drop to zero and Tor Bandwidth Usage seems like denticulate! graph. Its really tedious

http://anonymos.earthsociety.org/wordpress/2012/08/warning-tor-network-is-compromised/

Is this true?

what a joke!

"Earth Society"?

Looks more like the _Flat_ Earth Society....

http://anonymos.earthsociety.org/wordpress/features/

"Firewall forces all traffic except HTTPS through Tor or I2P"

!!!
"Firefox 6 – web browser"

!!!

Two questions/concerns with flash proxy:

1. Is it not trivially easy for a censor to block the facilitator? It seems that this is no more robust against censorship than the current bridge method.

2. Defaulting to opt-out is risky, legally and ethically. We are in essence turning unsuspecting web users into proxies without their knowledge or consent. How is this ok?

Indeed. I also have some concerns regarding the opt-out / opt-in 'default' for the FlashProxy badges.

However, I've started to implement dedicated FlashProxy badge pages on some of my domains... cookierequired parameter = Yes for now though.

See: http://proxy.primeoptic.net/flashproxy.php as an example.

I'm testing a simple html meta tag auto page refresh time of 15 mins currently. As the developer thought that it would be interesting. Apparently the 'default' is set to 1 day.

...

I guess that the xeronet Torrc might become increasingly more useful for some Tor Browser Bundle users...

If its going to be 'slower' overall to reach the Tor network via FlashProxy / obfsproxy etc. Then it might be considered beneficial to some Tor users if the network is 'faster' once it is reached, despite it being suggested that our 'default' config. does carry the risk of an increased 'fingerprint' for Tor users.

I've started testing our own config. as it will be interesting to apply a percentage figure on that perceived 'risk' vs 'performance'...

See: http://xeronet.primeoptic.net/tor/torrc.php

(https using a 4096 bit CAcert.org SSL Cert. on most xeronet domains)

xeronet / gho.st - Flash Proxy web badge pages;

http://www.xeronet-proxy.org/flashproxy.php

http://www.xeronet-proxy.net/flashproxy.php

http://www.xeronet-proxy.biz/flashproxy.php

http://www.xeronet-proxy.com/flashproxy.php

http://www.xeronet-proxy.info/flashproxy.php

http://x.gho.st (Free Short URLs + Flash Proxy)

Thank you.

hi.thanks for this release.which command we must send to bridges@torproject.org email for receive this bundle?thanks.

repeat:how we can get this bundle from email?which command required?

Support was added for this. If you send an empty mail to gettor you will get the new list of commands that also include obfsproxy. For example, "obfs-windows" will get you the obfsproxy TBB for windows.

gettor [at] torproject [dot] org ?

Yes

Following a few days of slow work, tor is stopped working in Iran. It could be another "governmental attempt" to the access of Iranians to internet.
From the logs... bootstrapped is not going far than 25%

The bundle referenced here should work, in Iran, right now.

What about your bandwidth?
Maybe you must give it more time!

hi.i am from iran.it word better than other normal bundle but like this error message is appear
Jan 19 15:09:17.120 [Warning] Proxy Client: unable to connect to 208.79.90.242:55564 ("server rejected connection")

You can ignore this warning. It just means that one of the ten bridges in the bundle is down currently.

Hey

No problem using tor from iran? Isn't the government actively monitoring tor users/might get you in trouble for using tor?

They might as well actively monitor all citizens between the ages of 15 and 50. Maybe they are, but using Tor doesn't make you unusual in Iran.

hi again.i am from iran!.some relay in network maps is from iran!it is secure or is a trap?!please check and tell us if possible.thanks

There are lots of users from Iran. A few of them sign up as relays. It's not a problem.

(Also, the relays are tiny, so basically nobody uses them anyway.)

after these report no anymore Iranian relay can be found on the list.they all disappeared!

I've tried latest versions of tor browser bundle and obfs, but both of them are not working anymore in Iran. SAD, SAD, SAD
All of the experts out here! please find a solution !!

hi again.i reported some iranian relay on the tor network
you do not publish my comment and i guess it is for security reason.

now i will send you the details of this relays that i can see here:
some relay have a fake name torland1 .this is secure for use or it is a trap to monitor our traffic that is directed from their relays?!

****

TorLand1 (Online)
Location: Iran
IP Address: 2.190.53.135
Bandwidth: 7.00 KB/s
Uptime: 13 hours 4 mins 38 secs
Last Updated: 2013-01-24 09:37:07 GMT

Unnamed (Online)
Location: Iran
IP Address: 37.255.53.94
Bandwidth: 0 B/s
Uptime: 10 hours 58 mins 9 secs
Last Updated: 2013-01-24 11:39:18 GMT

hp4530ipc (Online)
Location: Iran
IP Address: 178.157.41.99
Bandwidth: 4.00 KB/s
Uptime: 11 hours 3 mins 44 secs
Last Updated: 2013-01-24 11:37:26 GMT

Unnamed (Online)
Location: Iran
IP Address: 178.251.214.97
Bandwidth: 8.00 KB/s
Uptime: 11 hours 25 mins 27 secs
Last Updated: 2013-01-24 11:17:00 GMT

default (Online)
Location: Iran
IP Address: 2.178.85.226
Bandwidth: 11.00 KB/s
Uptime: 10 hours 59 mins 14 secs
Last Updated: 2013-01-24 11:43:44 GMT

OrbotRelay (Online)
Location: Iran
IP Address: 94.139.185.72
Bandwidth: 20.00 KB/s
Uptime: 11 hours 58 mins 33 secs
Last Updated: 2013-01-24 10:45:31 GMT

OrbotRelay (Online)
Location: India
IP Address: 223.190.134.217
Bandwidth: 20.00 KB/s
Uptime: 11 hours 18 mins 13 secs
Last Updated: 2013-01-24 11:26:03 GMT

I dont know where to post this but there's a serious problem with it.wikipedia.org and net neutrality:

https://it.wikipedia.org/wiki/Wikipedia:Richieste_agli_amministratori/gennaio_2013#Problema_tecnico:_Collegandosi_da_IP_e.2Fo_browser_diversi_le_versioni_delle_pagine_sono_diverse_.28non_vengono_aggiornate.29

It appears that if i connect through Tor to that some page i modified on the italian wikipedia those changes are not visible when i load that pages via Tor (or other browsers) i only get the older versions but if i click on modify/view_source of the wiki page i can see that the source of that wiki article contains the changes.

still the "this page was last modified on " message shows the _previous_ version and the wiki article is not showing me the _real_ article but the one of the previous version.

Is there some kind of DPI implemented in Italy that make users think to be changing the wiki pages when instead the pages are never changed? or is it a wikipedia server problem?

I also noticed that if i use plain firefox and then change the page contents when i'm logged using my registered username i can then see the article updated. But if i get a new ip (reset my internet connection) and then visit the page via elinks (on linux) _without_ doing the login (aka anonymous) i dont see the page changed, i see only the previous version.

It's like when i login on wikipedia Italia the net 'sees' that i'm me and so it shows me "my version of the page" .

It also seems like the User Agent (of my normal firefox ) trigger this change (UA + my IP network identifies me).

Am i the only one experiencing similar problem? is this part of some government filter in Italy ?

thanks
OccupyTheFactories (wikipedia italia user)

note ---^^^^ i'm using only the https version of wikipedia Italia.

how can i log in to tor for cakerecipies by Silk road..Grtz. Incognito!!

hi i m very problem for installing flashplayer on tor ? so plz tell me easy way to install flashplayer on tor

It is not advisable to use flashplayer can give away your true IP address that's why it's disabled by default.

I am user in China, my internet connections is ASDL+router.
Even after configuring port forwarding, the flashproxy does not work, it stops at parsing GEOip.
I have to use ofbs2 proxy and delete "ClientTransportPlugin websocket exec flashproxy-client --register :0 :9000".

It has any effect in china since 28,Jan.
In message log:
[Notice] Bootstrapped 10%: Finishing handshake with directory server.

Tor Obfsproxy Browser(2.4.7-alpha-1 ) may has lost effectiveness in china since 27,Jan. it cannot be in use to change the obfsproxy.

see the log:
[Notice] Bootstrapped 10%: Finishing handshake with directory server.

Thanks for your hard work,it works fine.
----a man from china

[Warning] We were supposed to connect to bridge 'an IPv6 address comes from bridges.torproject.org' using pluggable transport 'bridge', but we can't find a pluggable transport proxy supporting 'bridge'. This can happen if you haven't provided a ClientTransportPlugin line, or if your pluggable transport proxy stopped running.

what happened, I have set up my torrc file to ClientTransportPlugin websocket exec flashproxy-client --register :0 :9000 -6, what is wrong?

It cannot even get started in the UAE. It stops at binding GEOIP and remains there.

Important note for Win xp users who have had difficulty running this package. Usually freezing at --> [Notice] Parsing GEOIP IPv4 file .\Data\Tor\geoip.
Goto control panel\Add or Remove Programs\Add/Remove windows programs making sure Network services is ticked. Select details making sure UPnP User interface is ticked. Tick and Install if necessary........
After several xp installs i have noticed this not enabled by default?
Many thks excellent package hope this helps.

"Goto control panel\Add or Remove Programs\Add/Remove windows programs making sure Network services is ticked. Select details making sure UPnP User interface is ticked. Tick and Install if necessary........"

This hasn't resolved the issue for me, Tor still gets as far as reporting that it is Parsing GEOIP IPv4 file but goes no further. The control panel itself has not frozen, it is still responding to user interaction and I can stop and restart Tor - though the status shows as "Starting" indefinately.

Is it an issue with that file or process, or has that stage completed and it is the next step in the process that is causing the problem?

I'm trying Tor v0.2.4.7-alpha (git-e46e1ed1bc50ad24) running on Windows XP with Libevent 2.0.21-stable and OpenSSL 1.0.1c.

OS is XP Pro SP 3.

I was running the previous version of the Tor-obfs bundle without an issue. I made the noob mistake if deleting the old folder and replacing it with this, instead of giving myself a way to rollback!

Thanks.. Thanks.. Thanks.. guyz, I am v. grateful to the Tor Team, especially the flash proxy. Guess I was looking for something like this for a long time.

Can I make a request?? Could you look into incorporating torrent support in the future?? It would be the ultimate Pkg - Anon encrypted Proxy
-> BROWSER (WITH FLASH) + MAIL (TorBirdy) + TORRENT CLIENT...

Come on, Tor <==> Torrents??

Torrenting over Tor is a bad idea, See https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea

Sorry to be a killjoy and a spoilsport, but the "obfsproxy.exe" file is nothing but a CONFIRMED TROJAN... For those of you who do not wish to believe it or find this funny, please go here:

https://www.virustotal.com/en/file/b9c9357a2923520fbcecd1044e0aa58a323d4d3c94c08799415b61c0cfbe31b6/analysis/1361218309/

OR scan obfsproxy.exe with any of the following antivirus tools: McAfee Stinger, Trend Micro Housecall, Antiy-AVL, TheHacker or VBA32.

So much for FREE ANONYMITY... LONG LIVE FREEDOM

Hi,

thanks for the report.

We investigated this report and found out that all Python tools (obfsproxy.exe, flashproxy-client.exe, etc.) in the latest bundles raise antivirus flags. This hinted that something is wrong with pyinstaller (the tool we use to create .exe out of Python scripts). We proceeded by preparing a Python "hello world" program, transforming it into an .exe using pyinstaller, and passing it to virustotal: Virustotal found the exact same viruses it found in obfsproxy.exe.

That meant that something weird is going on with pyinstaller. If you google for "pyinstaller swrort" ('swrort' is the name of the virus reported by some antiviruses), you will find many developers wondering the same thing.

After some more googling, we found a bug report in the pyinstaller bug tracker (www.pyinstaller.org/ticket/603) where the pyinstaller developers are also curious on why this is happening. They decided that the bootloader they selected for their .exe is getting flagged as a virus and they still don't know why (www.pyinstaller.org/ticket/671).

Yesterday they fixed the issue in their latest development branch (https://github.com/pyinstaller/pyinstaller/pull/38). As soon as there is a new pyinstaller release, we should create new python executables and release new bundles.

Thanks for your detailed reply. Was a little worried at the delay... Waiting for the subsequent versions of py exe's, in the meanwhile wondering whether the TOR-flash-proxy fairy-tale was just that... Too good to be true...

This is known that money can make people independent. But how to act when somebody does not have cash? The only one way is to get the loans or just financial loan.

hi.there is any new security upgrade for this version? i see the warning when tor started! but after i enter the download section i do not see any new update.
it is a fake message or Iranian govern to ??

What anonymity and what freedom, when even comments / posts need to be whetted, analyzed, moderated and then approved.

In China, I tested flashproxy in XP sp3 and WIN7 network environment of ADSL+router.
Flashproxy can fetch new bridge in WIN7, but the new bridge is very slow.
In XP sp3, flshproxy can not work. In task manager, flashproxy-client.exe appears for only seconds, flashproxy-reg-email.exe and flashproxy-reg-http.exe never appear.

I wonder if any uPNP configuration problem happens in my XP sp3 system.

I created a ticket to check why flash proxy is not working on Windows XP: #8319.
It will help if you can get a log from flashproxy-client. To do this, edit the torrc file and add
--log flashproxy-client.txt
to the flashproxy-client line. There are more instructions at https://trac.torproject.org/projects/tor/wiki/FlashProxyHowto#Troublesho....

Not working in XP SP3. Even with UPnP ticked. Freezed @ [Notice] Parsing GEOIP IPv4 file .\Data\Tor\geoip. Windows firewall blocks flashproxy-client.exe and even after unblocking, it does not appear in task manager and tor status freezes just on showing "Starting".I guess there is some bug with win xp and windows firewall.

pls refer to https://trac.torproject.org/projects/tor/ticket/8319

hi dear
the new version that u call "tor-flashproxy-pyobfsproxy-browser-2.4.7-alpha-1_en-US" does not work in iran or maybe just me. But the version " tor-obfsproxy-browser-2.4.7-alpha-1_en-US " work correctly. plz help maybe new version have problem with firewall
best reg
ladan

Hi hamwatan
Folder barname ra pak kon kamel v dubare unpack kon tor ra
hads mizanam bridga ra pak karde bashi ya momkene portet ra isp baste bashe

In XP sp3,

2013-03-05 10:54:18 flashproxy-reg-email: Failed to register: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
2013-03-05 10:54:18 flashproxy-reg-email exited with status 1.

Is their a mirror for this. I need the mac version but the link is blocked/won't load. Thanks

Please help me verify the signature of this package. I can verify all other tor signatures except for tor-pluggable-transports-browser-gnu-linux-x86_64-2.4.11-alpha-1-dev-en-US.tar.gz.asc. The reason given by GPG is that there are multiple signatures. How can I import and verify multiple signatures? Also there is no mention of who signs for this and other obfsproxy packages in the signature page at https://www.torproject.org/docs/verifying-signatures.html.en

"There is a security update available for the Tor Browser Bundle"
This is what I see with this bundle as with the Tor itself but I do not know how to upgrade because there is no update for this specific bundle.

There is a security update available for the Tor Browser Bundle. This is what I see on open but I cannot update bundle with the other one. I think you should update this bundle too in order to not be confused

downloaded and installed Tor browser bundle and then the Obfsproxy on windows 7, desktop Dell company computer 5 days ago. Network provider firewall and company Sonic wall in copany Cisco router were bypassed and was able to surf the net and open all sites. Thank you. Middle east.

installed the Tor browser and the Obfsproxy on Dell desktop Windows 7 company computer. It bypassed the network provider firewall and the company's Sonic wall in Cisco router, and was able to open all sites anonymously. Thank you. Middle east

Syndicate content Syndicate content