Governments around the world heavily censor their citizens so that they cannot view certain types of content. The Tor Project announces WebTunnel, a new feature inspired by an HTTP proxy. Unlike proxying, however, WebTunnel makes it more difficult to block Tor connections by mixing that traffic with HTTPS encrypted web traffic. In other words, WebTunnel hides what could be censored traffic.
The idea is simple: since blocking HTTPS traffic would also block the majority of traffic to web servers around the world, WebTunnel connections must also be allowed. This allows users to bypass censorship within networks that enforce protocol allowlists and deny policies by default.
According to the Tor Project announcement, “WebTunnel is so similar to ordinary web traffic that it can coexist with a website on the same network endpoint, i.e. the same domain, same address IP and the same port. This coexistence allows a standard traffic reverse proxy to route both regular web and WebTunnel traffic to their respective application servers. Therefore, when someone tries to visit the website at the shared network address, it simply perceives the content of the website address and does not notice the existence of a secret bridge (WebTunnel).
WebTunnel is like a coin sorting machine
The Tor Project compares WebTunnel to obfs4 bridges, and explains that the tool can be used as an alternative for most Tor browser users. The difference between the two is that WebTunnel’s method of imitating HTTPS web traffic makes it more efficient in certain scenarios.
The organization compares WebTunnel to a coin sorting machine: “Traditionally, such a machine checks whether the coin matches a known shape and lets it pass if it does, or rejects it if it does not In the case of unknown, fully encrypted traffic, as demonstrated by the research “How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic”, which does not match any specific form, it would be subject to censorship. In our coin analogy, not only must the coin not match the form of a known blocked protocol, but it must also match an authorized form recognized, otherwise it would be rejected.
The process of using the WebTunnel bridge is simple:
- Navigate to https://bridges.torproject.org/options in your browser.
- In “Advanced Options”, select “webtunnel” from the drop-down menu, then click “Get Bridges”.
- Solve the required captcha.
- Copy the bridge line to your clipboard.
- Open the Tor browser and go to the connection preferences window.
- Click Add Bridge Manually and paste the bridge line from step 4.
- Close the bridge dialog box and click Connect.
You can learn more about WebTunnel in the Tor Project announcement.
Source: “ZDNet.com”