Tor Project’s Anti-Censorship Team has made a groundbreaking announcement that promises to bolster the fight against internet censorship.
On the World Day Against Cyber Censorship occasion, the team proudly introduced WebTunnel, a revolutionary new type of Tor bridge.
This innovative technology is now available in the stable version of the Tor Browser, marking a significant advancement in censorship circumvention technology developed and maintained by The Tor Project.
Developing various types of bridges is crucial for enhancing Tor’s resilience against censorship efforts.
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :
AcuRisQ, that helps you to quantify risk accurately:
This is particularly pertinent as the world navigates through the 2024 global election megacycle, a period where the role of censorship circumvention technology becomes increasingly critical in safeguarding Internet Freedom.
For those who have ever contemplated becoming a Tor bridge operator to aid others in connecting to Tor, the introduction of WebTunnel presents an opportune moment to get involved.
Detailed requirements and instructions for running a WebTunnel bridge can be found on the Tor Community portal.
WebTunnel is a censorship-resistant pluggable transport designed to mimic encrypted web traffic (HTTPS), drawing inspiration from HTTP.
It operates by encapsulating the payload connection within a WebSocket-like HTTPS connection, making it appear to network observers as ordinary HTTPS (WebSocket) traffic.
This ingenious design allows WebTunnel to blend seamlessly with regular web traffic, enabling it to coexist with a website on the same network endpoint.
Consequently, when someone attempts to access the website at the shared network address, they will encounter the website’s content without indicating the hidden bridge (WebTunnel).
WebTunnel offers an effective alternative to obfs4 bridges for most Tor Browser users.
Unlike obfs4 and other fully encrypted traffic, which aim to be entirely distinct and unrecognizable, WebTunnel’s strategy of emulating well-known web traffic renders it more effective in environments with protocol-allower lists and a deny-by-default network policy.
In essence, WebTunnel traffic, by resembling HTTPS traffic—a permitted protocol—successfully bypasses censorship mechanisms that would otherwise reject unrecognized traffic.
Step 1: Acquiring a WebTunnel Bridge
Currently, WebTunnel bridges are exclusively distributed via the Tor Project Bridges website.
Plans include expanding distribution methods to include platforms like Telegram and Moat.
Users can obtain a WebTunnel bridge by visiting bridges, selecting “webtunnel” from the “Advanced Options” dropdown menu, solving a captcha, and copying the provided line.
Step 2: Setting Up Tor Browser
It is essential to note that WebTunnel bridges are incompatible with older versions of Tor Browser (12.5.x).
Users must download and install the latest version of Tor Browser for Desktop or Android.
After installation, users can add the bridge lines obtained in Step 1 through the Connection preferences window or by selecting the option to configure a bridge on Android devices.
Following these steps should enable a successful connection via WebTunnel.
The launch of WebTunnel by the Tor Project represents a significant leap forward in the ongoing battle against internet censorship.
As the global community continues to confront challenges to internet freedom, innovations like WebTunnel underscore the importance of continued vigilance and innovation in pursuing an open and accessible internet for all.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
It’s clear that a person’s reputation is increasingly influenced by their online presence, which spans…
Researchers identified a threat actor leveraging Google Search ads to target graphic design professionals, as…
Recent cyberattacks targeting critical infrastructure, including fuel management systems and water treatment facilities in Israel…
Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used open-source…
Recent cybersecurity research has uncovered a concerning trend where hackers are exploiting Microsoft Teams to…
Microsoft has announced that it is currently blocking an astounding 7,000 password attacks every second,…