web stats

Using Tor Bridge to Avoid Getting Censored by Your Government

Taking a Piss

Well, it seems IRAN is being an idiot and it’s blocking all secure protocols such as SSL which basically means they can monitor HTTP traffic and they can block websites, thanks to this filter majority of the websites are not out of reach to Iranians. Simply put they can’t access Gmail. But that’s just part of the story, unfortunately Pakistan is doing the same thing, they’re not doing the whole SSL block campaign but they’re banning websites and telling users to complain to them about it which I would gladly do if it made any difference.

So, here is an e-mail that you should read:


In the last 48 hours a major campaign of filtering has started in Iran -
 it started slow and now appears to be that nearly all SSL/TLS traffic is
 blocked on a few major Iranian ISPs. Details are rather rough but we're
 working on some solutions - we've long had an ace up our sleeves for
 this exact moment in the arms race but it's perhaps come while the User
 Interface edges are a bit rough still.
Here's the deal - we need people to run Tor bridges but a special kind
 of Tor bridge, one that does a kind of traffic camouflaging - we call it
 an obfuscated bridge. It's not easy to set up just yet because we were
 not ready to deploy this for everyone yet; it lacks a lot of analysis
 and it might even only last for a few days at the rate the arms race is
 progressing, if you could call it progress.
There are highly technical instructions here:
Currently if you run such a bridge, you'll either need to manually tell
 us (via email to tor-assistants at torproject.org ) about it or you'll need
 to share these bridges with people you want to help directly. It's a
 pain and we're working on it.
Here's a bug report where we're working around the clock to get stuff
 going in a user friendly manner:
This kind of help is not for the technically faint of heart but it's
 absolutely needed for people in Iran, right now. It's likely that more
 than ~50,000 - ~60,000 Tor users may drop offline.
Watch this graph for an idea of the censorship impact of directly
 connecting Tor users:
Here's the same graph but for Tor bridge users in Iran:
We're working on easy to use client software and if you're in Iran or
 need one desperately, please email help at rt.torproject.org.We'll try to
 get you a working obfsproxy bridge address and working client software.
All the best,

I wanted to run a Tor Bridge on my system just to help everyone out but I am worried because I might get into some real trouble for it, plus I am on fiber with a static IP from time to time, it makes it easier for me to get in trouble, plus it’s not really that easy to setup a Tor bridge. It’s not that hard either if you’re used to Linux. I am thinking of using my VM and running Linux on it and then using the Virtual Ethernet Adapter and setting things up there but I would need to open my Firewall port and it’s still risky as hell for me. Plus, I don’t trust IRAN or Pakistan, considering what majority of them search, I am sure the service I offer will get abused.

But you should read the guide:

Obfsproxy Instructions

client torrc

Step 1: Install dependencies, obfsproxy, and Tor


You will need a C compiler (gcc), the autoconf and autotools build system, the git revision control system, pkg-config and libtool, libevent-2 and its headers, and the development headers of OpenSSL.

On Debian testing or Ubuntu oneiric, you could do:
# apt-get install autoconf autotools-dev gcc git pkg-config libtool libevent-2.0-5 libevent-dev libevent-openssl-2.0-5 libssl-dev

If you’re on a more stable Linux, you can either try our experimental backport libevent2 debs or build libevent2 from source.

Clone obfsproxy from its git repository:
$ git clone https://git.torproject.org/obfsproxy.git
The above command should create and populate a directory named ‘obfsproxy’ in your current directory.

Compile obfsproxy:
$ cd obfsproxy
$ ./autogen.sh && ./configure && make

Optionally, as root install obfsproxy in your system:
# make install

If you prefer not to install obfsproxy as root, you can instead just modify the Transport lines in your torrc file (explained below) to point to your obfsproxy binary.

You will need Tor or later.

Step 2a: If you’re the client…


First, you need to learn the address of a bridge that supports obfsproxy. If you don’t know any, try asking a friend to set one up for you. Then the appropriate lines to your tor configuration file:

UseBridges 1
Bridge obfs2
ClientTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed

Don’t forget to replace with the IP address and port that the bridge’s obfsproxy is listening on.
Congratulations! Your traffic should now be obfuscated by obfsproxy. You are done! You can now start using Tor.


Step 2b: If you’re the bridge…


Configure your Tor to be a bridge (e.g. by setting “ORPort 9001” and “BridgeRelay 1”). Then add this new line to your tor configuration file:

ServerTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed

Launch Tor using this configuration file. You can do this by using your favorite init script, or by pointing the Tor binary to the torrc file:


spawn tor

Next, find the TCP port opened by obfsproxy. Look in your log file for a line similar to this one:
bridge torrc
The last number, in this case 34545, is the TCP port number that your clients should point their obfsproxy to.

Congratulations! Tell your clients to point their obfsproxy to your IP address and to port 34545.


I know I should be more supportive regarding this but I just can’t be arsed about this, considering the type of Islamic idiots are there, I don’t think we will miss much, however if this happened to America, I might actually go out of my way to assist them.  You should probably read up on Tor and it’s nodes, it will greatly increase your chances of Internet survival. Oh and don’t trust anyone and stop using Facebook.

Leave a Reply