HTTPT issueshttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues2022-08-30T18:25:45Zhttps://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/4Experiment with ways to add synthetic content to Web servers2022-08-30T18:25:45ZPhilipp Winterphw@torproject.orgExperiment with ways to add synthetic content to Web serversThis is a child issue of tpo/anti-censorship/pluggable-transports/httpt#1.
HTTPT relies on its "fronting" Web server to not look suspicious so that censors cannot find and block these Web servers easily. In other words: the index page o...This is a child issue of tpo/anti-censorship/pluggable-transports/httpt#1.
HTTPT relies on its "fronting" Web server to not look suspicious so that censors cannot find and block these Web servers easily. In other words: the index page of the Web server shouldn't say "This is a hidden HTTPT proxy." If we bundle a Web server with an HTTPT server (rather than assume that the HTTPT operator already runs a Web server), we need a way to create "natural-looking" Web content. [Section 3.2](https://censorbib.nymity.ch/pdf/Frolov2020b.pdf#page=3) of the HTTPT paper lists several options.
Another option would be to experiment with OpenAI's [GPT-3](https://github.com/elyase/awesome-gpt3) and see if we can use it to automatically generate, say, a blog. Let's use this issue to make progress.https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/1Add HTTPT as a pluggable transport to Tor Browser2022-08-30T18:25:52ZPhilipp Winterphw@torproject.orgAdd HTTPT as a pluggable transport to Tor BrowserThe FOCI'20 [HTTPT paper](https://censorbib.nymity.ch/#Frolov2020b) was the focus of [today's anti-censorship reading group](http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-09-10-15.58.html). HTTPT a great candidate for our ...The FOCI'20 [HTTPT paper](https://censorbib.nymity.ch/#Frolov2020b) was the focus of [today's anti-censorship reading group](http://meetbot.debian.net/tor-meeting/2020/tor-meeting.2020-09-10-15.58.html). HTTPT a great candidate for our next pluggable transport. This issue summarises what deployment could look like both for client and server.
### HTTPT Client
We could take the [existing client implementation](https://github.com/sergeyfrolov/httpt) and turn it into a new transport for obfs4proxy. In addition, @sergey mentioned that he wants to add Turbo Tunnel to HTTPT.
### HTTPT Server
The server side is a bit more complicated. There is a [server implementation](https://github.com/sergeyfrolov/httpt) that relies on a Web server forwarding traffic to it. The implementation is not yet ready to work in the context of Tor though. We have two options:
1. Let a Tor bridge spawn HTTPT, similar to how it spawns obfs4.
* The easiest way to go down that route would be to add an HTTPT server implementation (in addition to the client implementation, which we need anyway) to obfs4proxy.
* In addition to HTTPT, we will need a Web server and Web server content. In [Section 3.2](https://censorbib.nymity.ch/pdf/Frolov2020b.pdf#page=3), the HTTPT paper lists several options.
2. Operate HTTPT independently of a Tor bridge.
* This has the benefit that one can start an HTTPT proxy without running a Tor bridge.
* For HTTPT to make it into BridgeDB (or rather rdsys, our re-design), it will have to register itself because there won't be a Tor bridge. We currently don't have a mechanism for that but were planning on implementing one.
* For now, we could assume that HTTPT operators already have a Web server, and activate HTTPT by simply adding a forward rule to their Web server configuration. In the future, we may want to think about bundling a Web server with HTTPT, so operators that don't have a Web server already can easily spin up a new HTTPT instance.
* An open question is: what bridge should the HTTPT server connect to? We could set up a centralised and dedicated HTTPT bridge, similar to the one we have for Snowflake.
### TODO list
- [ ] Add Turbo Tunnel to HTTPT (tpo/anti-censorship/pluggable-transports/httpt#2).
- [ ] Add HTTPT client implementation to obfs4proxy (tpo/anti-censorship/pluggable-transports/httpt#3).
- [ ] Experiment with ways to add synthetic content to Web servers (tpo/anti-censorship/pluggable-transports/httpt#4).
- [x] Build an API that lets PTs register themselves to rdsys (tpo/anti-censorship/rdsys#4).
- [ ] Teach the HTTPT server to register itself to rdsys and use a centralised bridge to forward traffic to (https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/httpt/-/issues/5).
Let's use this issue to coordinate deployment and file child issues for more specific tasks. I'm also copying @cohosh, @dcf, @arma, and @sergey.Sponsor 96: Rapid Expansion of Access to the Uncensored Internet through Tor in China, Hong Kong, & Tibetshelikhooshelikhoo