The big win here is co-locating tunnels on existing domains with real websites. If anyone has a site that would be willing to host a tunnel but doesn't want to run a full tor bridge, email me (in my profile) and I can help you configure your server to forward traffic to my bridge.
I’m an AppSec Engineer that works primarily on WebApps in eCommerce and none of this feels right to me.
I became very skeptical of the Tor project when I found out that the CEO of CMYRU (data broker /threat intelligence for governments and large corporations) was on the Tor board.
Privacy was incredibly hard 10 years ago, even harder 5 years ago, and it’s twice as hard today.
All of the sudden a solution comes out that makes it easier using what? Modern day web apps and browsers? The things that are like pulling teeth out of a pit bull to secure unless everything was diligently threat modeled from start to finish before a line of code was written?
If anyone has ever had the need to hide their IP address and be anonymous. It’s a real pain in the ass and takes a lot more OpSec then just using Tor.
This seems like it’s just opening the door for MITM attacks between the web app and the tunnel.
Your comment is baffling. You start off by expressing your displeasure at one of the board members, transition to talking about how privacy is "incredibly hard", and then vaguely implying that webtunnels have some sort of vulnerability? How are these related to each other?
I’m expressing that my opinion is that the Tor board may not have the public users best interest at heart.
I’m not implying that there is a vulnerability in WebTunnels. Just that the interface (Web Applications) is riddled with vulnerabilities and now less controlled. Compared to using something like the Tor Browser. WebApps are generally not open source.
Intelligence agencies abuse vulnerabilities. CEO of Intelligence agency is on board. Not saying they will directly do anything but it’s hard to argue that the particular board member is acting in the best interest of privacy and could be swaying descsions to favor intelligence gathering
>Just that the interface (Web Applications) is riddled with vulnerabilities and now less controlled
What makes you think that? Looking at the set up guide, it looks like on the server side it's just a websocket server that you add to a random path on your reverse proxy, and on the client side it's just a websocket client. I'm not sure how this is "riddled with vulnerabilities and now less controlled".
If I understand correctly, there is no way for them to differentiate traffic using this vs legitimate HTTPS traffic. In other words, if a large, legitimate website was also serving a webtunnel behind their reverse proxy, the censoring regime would have to block all traffic to that domain, legitimate or not.
You can run a webtunnel bridge behind Cloudflare. It also works behind AWS Cloudfront but that's just way too expensive if you don't get a reasonable rate from them like 99% reduction.
Welp, not surprised given it's bad for their business. Guess hence the timing of this webtunnel thing - afaik tor was using fastly at least for their snowflake thing.
Yes they can block the domain if they find out it's used by a webtunnel bridge. Bridges aren't public that's the whole point of bridges. They are basically unlisted relays.
If you want to setup your own details are here: https://community.torproject.org/relay/setup/webtunnel/