Opened 3 months ago

Closed 2 months ago

Last modified 5 weeks ago

#25137 closed task (fixed)

Tor blocked in UAE

Reported by: mwolfe Owned by: dcf
Priority: Medium Milestone:
Component: Obfuscation/Censorship analysis Version:
Severity: Normal Keywords: censorship block ae
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

On 1 Jan, I was unable to connect to a site I often use with Tor. It got 75% loaded and stopped. After 2 hours, I figured out the UAE had started blocking Tor, and switched to obfs4. This worked until today at midnight. So I switched to meek, which worked. I connected to one yahoo mail account, finished, closed Tor before switching to my other yahoo mail account (I don't want yahoo to know they're both me). Tor only loaded 25%. It downloaded the network consensus, but could not load the network consensus. I closed Tor and tried meek-Amazon and meek-azure, but always, Tor could not load the network consensus. So I switched to Openvpn, and was able to use Tor in normal mode, without a bridge. (Of course, I had to reset my computer clock to match the VPN address). Does anyone know how the UAE is blocking Tor so that it cannot load the network status, and what I can do about it (in case they figure out how to block Openvpn).

Child Tickets

Change History (45)

comment:1 Changed 3 months ago by mwolfe

After 3 hours, Tor now opens in the UAE without a VPN. I still need meek to connect to any websites, but the problem of the network consensus not loading has gone away. And, with meek easy to connect, I seem to be able to use Tor again.

Not clear why, 4 hours ago, the network consensus could be accessed, but could not load, and now it loads without any problem.

comment:2 in reply to:  1 Changed 3 months ago by Dbryrtfbcbhgf

Replying to mwolfe:

After 3 hours, Tor now opens in the UAE without a VPN. I still need meek to connect to any websites, but the problem of the network consensus not loading has gone away. And, with meek easy to connect, I seem to be able to use Tor again.

Not clear why, 4 hours ago, the network consensus could be accessed, but could not load, and now it loads without any problem.

Save some local obfs4 bridges on your device so you can access Tor in case it is blocked again.
go here and fill out the captcha.
https://bridges.torproject.org/bridges?transport=obfs4

comment:3 Changed 2 months ago by cypherpunks

Can you also test out the Snowflake pluggable transport to see if it works? It's available only on Linux and Mac OS in the alpha builds of the Tor Browser, which you can pick-up here: https://www.torproject.org/projects/torbrowser.html.en#downloads-alpha It seems to also be faster than meek-amazon.

Last edited 2 months ago by cypherpunks (previous) (diff)

comment:4 Changed 2 months ago by cypherpunks

Component: - Select a componentObfuscation/Censorship analysis
Owner: set to dcf

comment:5 Changed 2 months ago by dcf

Keywords: censorship block ae added

This is a small bump in bridge users, mostly obfs4, in the past few days.

https://metrics.torproject.org/userstats-relay-country.html?start=2017-11-08&end=2018-02-06&country=ae&events=off link

https://metrics.torproject.org/userstats-bridge-country.html?start=2017-11-08&end=2018-02-06&country=ae link

https://metrics.torproject.org/userstats-bridge-country.html?start=2017-11-08&end=2018-02-06&country=ae link

However that bump needs to put in context. I don't think the stats from the UAE are completely reliable, because of anomalies that began in 2017. (See the entries with places=ae at doc/MetricsTimeline#Unknown). I'm pretty sure that the relay users graph is bogus, and that there are not really 300,000 users. The bridge user count has been messed up in the past as well.

https://metrics.torproject.org/userstats-relay-country.html?start=2017-01-01&end=2018-02-06&country=ae&events=off link

https://metrics.torproject.org/userstats-bridge-country.html?start=2017-01-01&end=2018-02-06&country=ae link

https://metrics.torproject.org/userstats-bridge-combined.html?start=2017-01-01&end=2018-02-06&country=ae link

Last edited 2 months ago by dcf (previous) (diff)

comment:6 Changed 2 months ago by cypherpunks

I'm pretty sure that the relay users graph is bogus, and that there are not really 300,000 users

With spikes on every Friday

comment:7 in reply to:  6 ; Changed 2 months ago by cypherpunks

Replying to cypherpunks:

I'm pretty sure that the relay users graph is bogus, and that there are not really 300,000 users

With spikes on every Friday

Can't tell that from looking at shorter and more accurate ranges.

BTW I said this back then on irc but no one seemed to care: it seems that one of their ISPs (is it the only one? It's probably named Etisalat IIRC) had/still has some ports open that most other ISPs in the world had blocked to protect their customers, this is without a shred of doubt a botnet.

comment:8 in reply to:  1 Changed 2 months ago by dcf

Replying to mwolfe:

After 3 hours, Tor now opens in the UAE without a VPN. I still need meek to connect to any websites, but the problem of the network consensus not loading has gone away.

This is strange--if you are able to download the network consensus, then you should also be able to connect to websites through Tor. (Unless there is some very unusual traffic pattern–based blocking, but that is unlikely.) I wonder if this was not actually blocking, but some temporary network error, or perhaps slowness caused by the ongoing DDoS attack?

mwolfe, if you don't mind saying, what is your ISP? (According to Wikipedia, there are only 2: Etisalat and du.)

comment:9 in reply to:  7 ; Changed 2 months ago by dcf

Replying to cypherpunks:

Replying to cypherpunks:

I'm pretty sure that the relay users graph is bogus, and that there are not really 300,000 users

With spikes on every Friday

Can't tell that from looking at shorter and more accurate ranges.

If you want to look more precisely, you can download the CSV file that makes the graph.
https://metrics.torproject.org/stats/clients.csv
https://metrics.torproject.org/stats.html#clients
The column you want is clients, which is the second to last.

$ grep ,relay,ae, clients.csv
...
2018-01-29,relay,ae,,,222127,451790,315812,77
2018-01-30,relay,ae,,,200043,424856,336896,78
2018-01-31,relay,ae,,,210268,369871,407466,80
2018-02-01,relay,ae,,,257323,398240,445036,78
2018-02-02,relay,ae,,,289167,485726,493804,80
2018-02-03,relay,ae,,,215267,444106,390208,81
2018-02-04,relay,ae,,,193048,382601,363009,85
2018-02-05,relay,ae,,,203610,398592,361683,56

If you zoom in far enough on the graphs, there are grid lines for each week. The lines fall on Mondays, so yes, it looks like the spikes on on Fridays. I'm not sure if/how that's affected by time zones (i.e. I think the graphs count Friday in UTC, not in the UAE time zone).

BTW I said this back then on irc but no one seemed to care: it seems that one of their ISPs (is it the only one? It's probably named Etisalat IIRC) had/still has some ports open that most other ISPs in the world had blocked to protect their customers, this is without a shred of doubt a botnet.

Thanks for this information. I didn't know that. Do you know what the port numbers are, or any additional information? If so, please add it to the table at doc/MetricsTimeline#Unknown. (Seems like there should be a ticket for the UAE anomalies, but

comment:10 in reply to:  9 Changed 2 months ago by cypherpunks

Replying to dcf:

Thanks for this information. I didn't know that. Do you know what the port numbers are, or any additional information? If so, please add it to the table at doc/MetricsTimeline#Unknown. (Seems like there should be a ticket for the UAE anomalies, but

Took a bit of DDG search but I finally found the article that was talking about that: https://www.bleepingcomputer.com/news/security/nearly-one-million-systems-provide-guest-smb-access-most-are-linux/

There are 2,306,820 devices connected to the Internet at the moment that feature open ports for SMB services, the same protocol that was used to infect hundreds of thousands of computers with the WannaCry ransomworm a month ago.

Of these, 42%, or nearly 970,000, provide "guest" access, meaning anyone can access data shared via the SMB file-sharing protocol without needing to provide authentication. [...] Samba itself is also plagued by a vulnerability called SambaCry that affects all Samba installations released in the past seven years. This flaw has been used to take over Linux servers with open SMB ports and install cryptocurrency miners. [...] Matherly points out that almost half of the devices that have Samba SMB guest access enabled are located on the network of Etisalat, a large ISP in UAE.

comment:11 Changed 2 months ago by mwolfe

The UAE has two ISPs: Etisalat and du. When Dubai created free zones, it set up its own ISP, du, which had no blocks at all. Then the President in Abu Dhabi ordered all ISPs to report to the Telecommunications Regulatory Authority, or TRA, and all must block whatever TRA says. So the two are basically identical (owned by different sheikhs). On 1 Jan, the TRA ordered Tor blocked. This happened before (several years ago, and I have an old ticket on it), then Tor was unblocked, and now it's reblocked. But obsf4 gets around the block, except for 3 hours 3 days ago. I tried meek, and that worked for about 30 minutes, then I closed Tor, and when I tried to restart, it could access the network but could not load the network. If there was a DDoS then, that would explain it. Not Etisalat (my ISP) or the TRA, but the DDoS, since, after 3 hours, obfs4 started working again.

Friday is the weekly holiday, which is the reason there's a spike. My physician told me about Tor in 2000, and I've been using it ever since. There are about 6 million people here, and almost all use the Internet daily, so 100,000 Tor users could be possible.

Mostly, torproject.org is blocked, but since I downloaded Tor before it was blocked, no problem until they started doing more to block Tor. Now, of course, it's a drop down menu item if the regular obfs4 or meek work. If they don't, you sent me 3 bridges that are harder to find, so thanks.

If there's anything I can help with, please ask. I used to use the unencrypted e-mail I check several times a day, but then decided that wasn't very smart, so now I use encrypted e-mail, which I only check once a day. The encrypted e-mail refuses to allow use from more than one country unless you give it a mobile it can check and see if you're you, so I set up Tor on one computer to always say I'm in the US, so it doesn't ask for my mobile number, and I only check that e-mail once a day.

comment:12 Changed 2 months ago by cypherpunks

Thanks for the useful information @mwolfe. Can you try out what was suggested in the 3rd comment?

Last edited 2 months ago by cypherpunks (previous) (diff)

comment:13 Changed 2 months ago by mwolfe

The bug tracker sends me an e-mail every time someone adds a comment, but I can't reply to the e-mail, I have to log in. I should probably check the bug tracker from the Macintosh side. As it is, I know a comment has been added only when I check my e-mail on the Windows side.

My e-mail account is set up to fake a US address, since it requires me to give them my mobile number if I log in from a different country. So my non-local e-mail (to places like Tor, which is banned here) is running in Windows 10 (easier to set Exit {us} in Windows than on the Mac).

Right now, I'm in Windows 10, but I'll try Snowflake when I'm back on my Mac. I've already downloaded 8.01, but I didn't notice Snowflake. I'll look later tonight and let you know if it works.

comment:14 Changed 2 months ago by mwolfe

I am now on my Mac using Snowflake. Works.

Of course, whatever was blocking obsf4 4 days ago went away about two or three hours after I reported it (using a VPN). However, this is just to let you know that Snowflake works here, as does obsf4 and meek now. Not at all clear what was blocking Tor with meek enabled four days ago. Your DDoS theory is probably correct.

comment:15 in reply to:  11 Changed 2 months ago by dcf

Replying to mwolfe:

On 1 Jan, the TRA ordered Tor blocked. This happened before (several years ago, and I have an old ticket on it), then Tor was unblocked, and now it's reblocked.

Do you have a reference for the block order of 1 Jan? I looked at https://www.tra.gov.ae/en/services-and-activities/regulation/details.aspx#documents but didn't find it.

Mostly, torproject.org is blocked, but since I downloaded Tor before it was blocked, no problem until they started doing more to block Tor. Now, of course, it's a drop down menu item if the regular obfs4 or meek work. If they don't, you sent me 3 bridges that are harder to find, so thanks.

There's also a few other ways to download the software when the torproject.org web site is blocked. You can send an email to gettor@…. You can also download from GitHub: https://github.com/TheTorProject/gettorbrowser.

comment:16 Changed 2 months ago by dcf

Resolution: fixed
Status: newclosed
Type: defecttask

This seems resolved, so I'm closing the ticket. mwolfe and cypherpunks, thanks for your help. Go ahead and leave further comments or reopen the ticket if you have additional information.

comment:17 Changed 2 months ago by mwolfe

I go by empirical evidence. Official announcements are intended to look good. They started blocking Skype, and that may have blocked Tor. I have no idea how they are blocking Skype now. Before, they blocked access to skype.com, so no one here could download the program without Tor or a VPN. Those who could go somewhere that skype.com was not blocked could bring back a copy that worked. Now skype.com is not blocked, so anyone can download Skype, but it doesn't work.

Tor was working fine on 31 Dec and needed a bridge on 1 Jan, so one deduces that they started blocking it, with or without an announcement. It's also hard to know what they would have called the rule. It must not be named 'Tor', but some other name. I have no idea what they might call it, and I couldn't find it, either.

comment:19 Changed 2 months ago by mwolfe

Thanks for the link to gulfnews. I read that article. The new policy is that one must rent Botim from the TRA for $30 a month. My cousin is 93, knows how to use Skype, and does not want to learn Botim. I tried a free VPN, but it didn't work. And, if one uses a credit card for a VPN, the bank will report the credit card charge to the government.

Since, many years ago, they blocked Tor for a few days then unblocked it, I tried again with 'My ISP blocks Tor' unchecked. Tor loaded. I tried to view a site. It had a hard time downloading. Speed was limited to 16K. Normally, the site downloads at 400K - 1M. After 5 minutes, it was still loading. I tried trac.torproject.org. Again, it started to load, but after 5 minutes, was still loading with the Tor start page still visible.

So I think the block is part of the block of Skype. Tor is (mis)identified as a way to do VOIP and so is choked, not blocked. I could read the New York Times, but today's paper would take until next week to load. One can still type over Skype, but not talk, so the anti-VOIP is based on identifying VOIP and choking the traffic, not blocking it.

Fortunately, ofps4, meek, and Snowflake circumvent the choke.

comment:20 Changed 2 months ago by cypherpunks

So I think the block is part of the block of Skype. Tor is (mis)identified as a way to do VOIP and so is choked, not blocked.

Tor is choked for TLS sessions with public relays. TLS connections to randomly scanned private bridges is not limited. TLS protocol (non tor specific) is detected by content of segments. Except some destination ports like 443, which is probably always choked.

comment:21 Changed 2 months ago by cypherpunks

GET / HTTP/1.1
Host: some.blocked.site

HTTP/1.1 403 Forbidden
Expires: Sat, 01 Jan 2000 11:11:11 GMT
Server: Protected by WireFilter 8000 (DSO-WF01-FB01)
Accept-Ranges: bytes
Content-Length: 341
Connection: close
Content-Type: text/html

<title>Blocked URL</title>
<!-- -->
<!-- Padding to disable MSIE and Chrome Custom Response -->
<!-- Padding to disable MSIE and Chrome Custom Response -->
<!-- Padding to disable MSIE and Chrome Custom Response -->
<!-- -->
<iframe frameborder='0' width='100%' height='100%' src='http://proxy.emirates.net.ae/'>This page is blocked</iframe>

comment:22 Changed 2 months ago by mwolfe

On 18 Feb 2018, obsf4 stopped working. Tor loads, but can't connect to anything. Fortunately, snowflake connects.

I'm not sure if, when obsf4 loads but cannot connect, I can just change to snowflake, or if, having changed to snowflake, I have to restart.

Since this was a temporary problem in January, I've tried for two days, and obsf4 has not been able to connect, but snowflake does connect.

comment:23 in reply to:  22 Changed 2 months ago by cypherpunks

Replying to mwolfe:

On 18 Feb 2018, obsf4 stopped working. Tor loads, but can't connect to anything. Fortunately, snowflake connects.

I'm not sure if, when obsf4 loads but cannot connect, I can just change to snowflake, or if, having changed to snowflake, I have to restart.

Since this was a temporary problem in January, I've tried for two days, and obsf4 has not been able to connect, but snowflake does connect.

By obfs4 you mean the default bridges in the Tor Browser and not those that you can get at https://bridges.torproject.org/bridges?transport=obfs4, right?

comment:24 Changed 2 months ago by cypherpunks

On 18 Feb 2018, obsf4 stopped working. Tor loads, but can't connect to anything.

alives built-in, via DSO-WF02-FB02:
[NOTICE] new bridge descriptor 'Azadi' (fresh)
[NOTICE] new bridge descriptor 'griinchux' (fresh)
[NOTICE] new bridge descriptor 'LeifEricson' (fresh)
[NOTICE] new bridge descriptor 'Lisbeth' (fresh)
[NOTICE] new bridge descriptor 'zipfelmuetze' (fresh)

others:
[WARN] Proxy Client: unable to connect to xx.xx.xx.xx:xxxx ("general SOCKS server failure")

comment:25 Changed 2 months ago by cypherpunks

alives built-in

Randomly handshakes and chokes later.

comment:26 Changed 2 months ago by mwolfe

Yes, I just go to Tor Network Setting and select either obsf4 (doesn't work) or snowflake (works), I haven't selected 'Provide a bridge I know' since snowflake works.

comment:27 Changed 8 weeks ago by mwolfe

On Sat 24 Feb 18, at about 4 pm GMT, Snowflake flaked out in the UAE. Working fine at 3:30 pm GMT, unable to connect at 4 pm. Meek still works. I have not tried bridges from bridges.torproject.org. I downloaded 3, but always try the menu items first. obfs4 is now blocked, and snowflake seems to be blocked, but Meek works. If Meek stops, I'll try the private bridges.

comment:28 in reply to:  27 Changed 8 weeks ago by cypherpunks

Replying to mwolfe:

On Sat 24 Feb 18, at about 4 pm GMT, Snowflake flaked out in the UAE. Working fine at 3:30 pm GMT, unable to connect at 4 pm. Meek still works. I have not tried bridges from bridges.torproject.org. I downloaded 3, but always try the menu items first. obfs4 is now blocked, and snowflake seems to be blocked, but Meek works. If Meek stops, I'll try the private bridges.

Are you really sure that Snowflake is blocked? Some notes however: 1) snowflake is still experimental, and there's a bug with it where it reaches 100% CPU usage and , that may lead in some cases to it stopping working, 2) there is still a very low number of people who run snowflake bridges, 3) since snowflake is essentially WebRTC maybe they're actually blocking as well other WebRTC traffic? 4) can you access the snowflake domain front, i.e. www.google.com?

comment:29 in reply to:  27 ; Changed 8 weeks ago by cypherpunks

Replying to mwolfe:

On Sat 24 Feb 18, at about 4 pm GMT, Snowflake flaked out in the UAE. Working fine at 3:30 pm GMT, unable to connect at 4 pm. Meek still works. I have not tried bridges from bridges.torproject.org. I downloaded 3, but always try the menu items first. obfs4 is now blocked, and snowflake seems to be blocked, but Meek works. If Meek stops, I'll try the private bridges.

Well it doesn't work even for me, so no worries, the censors still have no clue about snowflake ;)

Finishing handshake with first hop. (DONE; DONE; count 1; recommendation warn; host 2B280B23E1107BB62ABFC40DDCC8824814F80A72 at 0.0.3.0:1)
[warn] 1 connections have failed:
[warn]  1 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE

Edit: It's working again, thanks dcf!

Last edited 8 weeks ago by cypherpunks (previous) (diff)

comment:30 in reply to:  29 Changed 8 weeks ago by dcf

Replying to cypherpunks:

Well it doesn't work even for me, so no worries, the censors still have no clue about snowflake ;)

It's working for me just now (using the command-line client, I didn't test in Tor Browser).

tor -f torrc.local SOCKSPort auto

torrc.local contains:

UseBridges 1
ClientTransportPlugin snowflake exec ./client -url https://snowflake-reg.appspot.com/ -front www.google.com -ice stun:stun.l.google.com:19302 -log snowflake.log
Bridge snowflake 0.0.3.0:1

I upgraded and restarted the bridge a few hours ago, and the transport plugin didn't start back up immediately, so that may be why you weren't able to connect.

comment:31 Changed 8 weeks ago by mwolfe

Looks like that was it. Snowflake is working now. I guess Snowflake has limited redundancy, so when you restart the bridge, I'm cut off until the bridge is fully operational.

Fortunately, when Snowflake was down, Meek was up.

comment:32 Changed 5 weeks ago by mwolfe

Update.

Today, I got Tor 8.a3 and it worked without any bridges. I wasn't sure if the UAE stopped blocking Tor, or if 8.a3 fixed the problem, so I tried one of my old Tor 7.a and it could not load the network without meek, while 8.a3 can load without any bridges.

comment:33 in reply to:  32 ; Changed 5 weeks ago by dcf

Replying to mwolfe:

Today, I got Tor 8.a3 and it worked without any bridges. I wasn't sure if the UAE stopped blocking Tor, or if 8.a3 fixed the problem, so I tried one of my old Tor 7.a and it could not load the network without meek, while 8.a3 can load without any bridges.

Hmm, maybe it has to do with the new directory authority bastet, which got added in Tor Browser 7.0.10 (2017-11-14) and 7.5a8 (2017-11-15), and had an IPv6 address added in Tor Browser 7.0.11 and 7.5a9 (2017-12-09). The existing directory authority Longclaw also changed its IP address in Tor Browser 7.0.10/7.5a8.

If the censors are only blocking directory authorities, such a change may have caught them off guard. If it's not that, I'm not sure what it could be.

I just added entries related to the above to the metrics timeline:

doc/MetricsTimeline?action=diff&version=239&old_version=237

comment:34 Changed 5 weeks ago by cypherpunks

If it's not that, I'm not sure what it could be.

Fresh Guard.

comment:35 Changed 5 weeks ago by mwolfe

On 14 Mar 2018, I found that Tor 8.a could connect in the UAE without a bridge. On 15 Mar 2018 sometime between 11 am - 1 pm GST, Tor without a bridge could not even load, and only loads with Meek or Snowflake. So whatever Tor 8.a did that managed to get around the block without a bridge got fixed. But Meek and Snowflake still work.

Many thanks for keeping Tor going.

comment:36 in reply to:  35 ; Changed 5 weeks ago by dcf

Replying to mwolfe:

On 14 Mar 2018, I found that Tor 8.a could connect in the UAE without a bridge. On 15 Mar 2018 sometime between 11 am - 1 pm GST, Tor without a bridge could not even load, and only loads with Meek or Snowflake. So whatever Tor 8.a did that managed to get around the block without a bridge got fixed. But Meek and Snowflake still work.

Many thanks for keeping Tor going.

Thanks for the info.

OONI has a test that would tell us which, if any, of the directory authorities are blocked. Unfortunately, there are not very many results from the UAE. Only 27 since September 2017, and only 1 so far this year.
https://api.ooni.io/api/v1/files?probe_cc=AE&since=2017-09-01&test_name=tcp_connect

If it's safe for you to do so, you could install OONI on your computer or phone. The only tests you have to run are vanilla_tor and tor_bridge_reachability (might be called tcp_connect, I'm not sure how it appears in the interface). I can't promise to analyze the results soon, but they may turn out to be handy to have.
https://ooni.torproject.org/install/

comment:37 in reply to:  33 Changed 5 weeks ago by teor

Replying to dcf:

Replying to mwolfe:

Today, I got Tor 8.a3 and it worked without any bridges. I wasn't sure if the UAE stopped blocking Tor, or if 8.a3 fixed the problem, so I tried one of my old Tor 7.a and it could not load the network without meek, while 8.a3 can load without any bridges.

Hmm, maybe it has to do with the new directory authority bastet, which got added in Tor Browser 7.0.10 (2017-11-14) and 7.5a8 (2017-11-15), and had an IPv6 address added in Tor Browser 7.0.11 and 7.5a9 (2017-12-09). The existing directory authority Longclaw also changed its IP address in Tor Browser 7.0.10/7.5a8.

If the censors are only blocking directory authorities, such a change may have caught them off guard. If it's not that, I'm not sure what it could be.

I just added entries related to the above to the metrics timeline:

doc/MetricsTimeline?action=diff&version=239&old_version=237

Since 0.2.8, Tor clients haven't relied on directory authorities to bootstrap. Instead, they use doc/FallbackDirectoryMirrors.

The new set of fallback directory mirrors we added in December wasn't in many tor releases until recently. So maybe it wasn't blocked until recently.

comment:38 in reply to:  36 ; Changed 5 weeks ago by mwolfe

OONI has a test that would tell us which, if any, of the directory authorities are blocked. Unfortunately, there are not very many results from the UAE. Only 27 since September 2017, and only 1 so far this year.
https://api.ooni.io/api/v1/files?probe_cc=AE&since=2017-09-01&test_name=tcp_connect

If it's safe for you to do so, you could install OONI on your computer or phone. The only tests you have to run are vanilla_tor and tor_bridge_reachability (might be called tcp_connect, I'm not sure how it appears in the interface). I can't promise to analyze the results soon, but they may turn out to be handy to have.
https://ooni.torproject.org/install/

I downloaded the ooni installation packages and installed, then it said, 'Warning. ooni might be illegal in your country. You could be jailed, fined, and beaten. Do you understand all the risks? Type "yes"

At that point, given the laws here, I hit C

This place has lots of laws against things like Tor, but the nice thing about Tor is it's hard for them to know I'm using it. ooni warns that there are many ways they can tell I'm using it, and I got scared. It said repressive places can use the ooni published data to track down users.

comment:39 in reply to:  38 Changed 5 weeks ago by dcf

Replying to mwolfe:

At that point, given the laws here, I hit ^C

No problem, stay safe.

Note: See TracTickets for help on using tickets.