diff --git a/guide.md b/guide.md index 27b77d8..34856ef 100644 --- a/guide.md +++ b/guide.md @@ -2095,6 +2095,14 @@ Please see [Appendix Y: Installing and using desktop Tor Browser]. - Snowflake +- **If your internet isn't censored**, consider running one of the bridge types to help the network! + + - Easy: Obsf4 - You can run your own Obsf4 easily with these instructions. + + - Medium: Snowflake - More about Snowflakes here. + + - Hard: Meek - This is the documentation. It's not as simple. + Personally, if you need to use a Bridge (this is not necessary for a non-hostile environment), you should pick a Meek-Azure. Those will probably work even if you are in China and want to bypass the Great Firewall. It is probably the best option to obfuscate your Tor activities if needed and Microsoft servers are usually not blocked. *Only available for Desktop Tor users: Recently, the Tor Project has made it incredibly simple to access Bridges with **Connection Assist**, and it is now automatically done in hostile or censored regions. Simply open the Tor Browser and the connection will be configured based on your needs on any hostile network. Previously, we had a list of options below this paragraph which were necessary to enable and configure bridges, but now that this is done automatically using [moat](https://support.torproject.org/glossary/moat/).* [[Archive.org]][1387] @@ -2165,7 +2173,15 @@ While the official Tor Browser is not yet available for iOS, there is an alterna - Snowflake - - (Meek-Azure is unfortunately not available on Onion Browser for iOS for some reason) + - (Meek-Azure is unfortunately not available on Onion Browser for iOS (See [commit 21bc18428](https://github.com/OnionBrowser/OnionBrowser/commit/21bc18428368224507b27ee58464ad352f4ec810) for more information.) + +- **If your internet isn't censored**, consider running one of the bridge types to help the network! + + - Easy: Obsf4 - You can run your own Obsf4 easily with these instructions. + + - Medium: Snowflake - More about Snowflakes here. + + - Hard: Meek - This is the documentation. It's not as simple. Personally, if you need to use a Bridge (this is not necessary for a non-hostile environment), you should pick a Snowflake one (since Meek-Azure bridges are not available). Those will probably work even if you are in China and want to bypass the Great Firewall. It is probably the best option you have on iOS. @@ -11699,17 +11715,17 @@ Each Virtual Machine is a sandbox. Remember the reasons for using them are to pr In some environments, your ISPs might be trying to prevent you from accessing Tor. Or accessing Tor openly might be a safety risk. -In those cases, it might be necessary to use Tor bridges to connect to the Tor network (see Tor Documentation [[Archive.org]][244] and Whonix Documentation [[Archive.org]][337]). +In those cases, it might be necessary to use Tor bridges to connect to the Tor network (see Tor Documentation [[Archive.org]][244] and Whonix Documentation [[Archive.org]][337]). Optionally, if you are able, you should (seriously!) consider running a bridge [[Archive.org]](https://web.archive.org/web/20220708014922/https://blog.torproject.org/run-tor-bridges-defend-open-internet/) yourself, as this would greatly help reduce the amount of censorship in the world. Bridges are special Tor entry nodes that are not listed on the Tor public directory. Some of those are running on people running the Snowflake Browser extension[^520] while others are running on various servers around the world. Most of those bridges are running some type of obfuscation method called obfs4[^521]. *Only available for Desktop Tor users: Recently, the Tor Project has made it incredibly simple to access Bridges with **Connection Assist**, and it is now automatically done in hostile or censored regions. Simply open the Tor Browser and the connection will be configured based on your needs on any hostile network. Previously, we had a list of options below this paragraph which were necessary to enable and configure bridges, but now that this is done automatically using [moat](https://support.torproject.org/glossary/moat/).* [[Archive.org]][1387] -Here is the definition from the Tor Browser Manual[^522]: "obfs4 makes Tor traffic look random and prevents censors from finding bridges by Internet scanning. obfs4 bridges are less likely to be blocked than its predecessor, obfs3 bridges". +Here is the definition from the Tor Browser Manual[^523]: "obfs4 makes Tor traffic look random and prevents censors from finding bridges by Internet scanning. obfs4 bridges are less likely to be blocked than its predecessor, obfs3 bridges". Some of those are called "Meek" bridges and are using a technique called "Domain Fronting" where your Tor client (Tails, Tor Browser, Whonix Gateway) will connect to a common CDN used by other services. To a censor, it would appear you are connecting to a normal website such as Microsoft.com. See for more information. -As per their definition from their manual[^523]: "meek transports make it look like you are browsing a major web site instead of using Tor. meek-azure makes it look like you are using a Microsoft web site". This is a type of "domain fronting" [^524]. +As per their definition from their manual: "meek transports make it look like you are browsing a major web site instead of using Tor. meek-azure makes it look like you are using a Microsoft web site". Snowflake bridges make it appear like your connections are phone calls to random internet users. This is a type of "domain fronting" [^524]. See ["domain fronting"](https://www.bamsoftware.com/papers/fronting/#sec:introduction) from the link in the previous paragraph for a detailed explanation of these types of secret "bridges". Lastly, there are also bridges called Snowflake bridges that rely on users running the snowflake extension in their browser to become themselves entry nodes. See [[Archive.org]][563]. @@ -13442,8 +13458,6 @@ Model-specific registers (MSRs) and their configuration bits can also be detecte [^521]: GitHub, Obfs4 Repository [[Archive.org]][1348] -[^522]: Tor Browser Manual, Pluggable Transport [[Archive.org]][1349] - [^523]: Tor Browser Manual, Pluggable Transport [[Archive.org]][1349] [^524]: Wikipedia, Domain Fronting [[Wikiless]][1350] [[Archive.org]][1351] @@ -15130,4 +15144,5 @@ Model-specific registers (MSRs) and their configuration bits can also be detecte [1385]: https://web.archive.org/web/20220516000616/https://officercia.mirror.xyz/WeAilwJ9V4GIVUkYa7WwBwV2II9dYwpdPTp3fNsPFjo [1386]: https://web.archive.org/web/20220720023429/https://leakuidatorplusteam.github.io/ [1387]: https://web.archive.org/web/20220801151048/https://support.torproject.org/glossary/moat/ + [1388]: https://web.archive.org/web/20220708014922/https://blog.torproject.org/run-tor-bridges-defend-open-internet/ [1389]: media/image59.png