『轉』可插拔傳輸的近況和未來發展-tor代理技術討論

編註：本文是關於tor代理技術的一些討論，其中涉及到最新的obfs4、ScrambleSuit、Meek等，美博園轉載共網友參考。題目中｢-tor代理技術討論｣為編者所加。

Hello friends, this is a brief post on recent and upcoming developments of the Pluggable Transport world:

大家好，這是一篇簡短的帖子，關於 可插拔傳輸 的近況和未來發展。

1. What has happened / 發生了什麼事情

Here is what has been keeping us busy during the past few months:

下面是我們最近幾個月正在忙的事情：

1.1 TBB 3.6 / Tor瀏覽器套裝3.6

As many of you know, the TBB team recently released the Tor Browser Bundle 3.6 that features built-in PT support. This is great and has taken PT usage to new levels . Maaad props to the TBB team for all their work.

眾所周知，TBB小組最近發布了 Tor瀏覽器套裝3.6 ， 內置了PT(可插拔傳輸)功能，使用效果很好，使得PT的 利用率達到了新的水平 。TBB小組的工作獲得了大大大量的讚譽。

TBB-3.6 includes obfs3 and FTE by default. If the built-in bridges are blocked for you (this is the case at least in China), try getting some more bridges from BridgeDB (which also got renovated recently).

TBB-3.6默認包含了obfs3和FTE。如果內置的網橋被屏蔽了(至少在中國是這樣的)，請嘗試從 BridgDB(最近才修整過)獲得更多網橋 。

1.2 obfs2 deprecation / 放棄obfs2

We are in the process of deprecating the obfs2 pluggable transport.

我們正在逐步 放棄obfs2可插拔傳輸 。

This is because China blocks it using active probing, and because obfs3 is stictly better than obfs2. obfs3 can also be blocked using active probing, but China hasn』t implemented this yet (at least as far as we know). The new upcoming line of PTs (like scramblesuit and obfs4) should be able to defend more effectively against active probing.

這是因為中國使用主動探針技術阻止了obfs2，而且obfs3比obfs2好得多。儘管obfs3也能被主動探針技術所阻止，但是中國還沒有實現(至少就我們所知)。將要實現的PT技術(比如scramblesuit和obfs4)，將能更有效的防範主動探針技術。

1.3 Outgoing proxies and Pluggable Transports / 外出代理和可插拔傳輸

Yawning Angel et al. recently implemented outgoing proxy support for PTs . This means that soon our PTs will be able to connect to an outgoing proxy using the Socks5Proxy torrc option (or the corresponding proxy field in TBB).

Yawning Angel等人最近實現了 讓可插拔傳輸能使用外出代理 。這意味著很快我們的可插拔傳輸，就能連接到一個外出代理伺服器，使用torr配置文件中的Socks5Proxy選項(或者TBB中其他對應的代理選項)。

1.4 A Childs Garden Of Pluggable Transports / 可插拔傳輸的兒童樂園

David Fifield created refreshing visualizations of Pluggable Transports . Take a look; it might help you understand what these damned things are doing.

David Fifield創建了 令人耳目一新的、對可插拔傳輸的可視化效果 。一起來看看，它可以幫助你了解這些該死的東西在做什麼。

2. What will happen / 將要發生什麼

Now let』s take a look into the short-term future (a few months ahead) of Pluggable Transports:

現在我們來看看未來一段時間(幾個月內)可插拔傳輸的發展。

2.1 obfs4 and ScrambleSuit

Remember ScrambleSuit ? Guess what; we are thinking of not deploying it after all…

記得 ScrambleSuit 嗎？你猜怎麼著，我們正在考量到底不再部署它……

Don』t get me wrong, ScrambleSuit is great, but during the past two months Yawning has been developing a new transport called 『obfs4′ . obfs4 is like ScrambleSuit (with regards to features and threat model), but it』s faster and autofixes some of the open issues with scramblesuit ( #10887 , #11271 , …).

不要誤會我的意思，ScrambleSuit非常好，但是在過去的兩個月，Yawning已經開發了 新的obfs4傳輸模式 。obfs4很像ScrambleSuit(譬如特性和威脅模型)，但是更快，也自動修復了ScrambleSuit已知的一些問題( #10887 , #11271 , …)。

Since scramblesuit has not been entirely deployed yet, we thought that it would be a good idea to deploy obfs4 instead, and keep scramblesuit around as an emergency PT.

由於ScrambleSuit還沒有完全部署，我們在考量用obfs4來替換它，也許是個好主意，同時將ScrableSuit作為應急用的可插拔傳輸。

2.2 Meek

Meek is an exciting new transport by David Fifield. You can read all about it here: https://trac.torproject.org/projects/tor/wiki/doc/meek

Meek是David Fifield設計的一個激動人心的、新的傳輸模式。 請到這裡了解詳情 。

It』s basically a transport that (ab)uses Firefox to do SSL in a way that makes it look like Firefox but underneath it』s actually Tor. Very sneaky, and because it uses third-party services (like Google Appspot, Akamai, etc.) as proxies, the user does not need to input a bridge. Meek just works bridgeless and automagically.

基本上，Meek是冒用Firefox實現SSL握手的一種傳輸模式，這使得它看起來像是Firefox，而實際上卻是Tor在運作。非常的隱 蔽，因為它使用第三方的服務(比如Google AppSpot，Akamai等)作為代理，用戶不需要輸入網橋。Meek工作時無需網橋、自動化運作。

Help us by testing the latest bundles that David made: https://lists.torproject.org/pipermail/tor-qa/2014-June/000422.html

請參與測試 David製作的最新套裝 ，來幫助我們。

Also, since the recent Google block in China , Meek will not work with Google Appspot. However, other third-party services can be used instead of Appspot, so Meek does not lose its effectiveness.

另外，由於 中國最近對Google的封鎖 ，Meek將無法通過Google Appspot工作。然而，用其他第三方服務替代Appspot，這樣Meek仍然能保持有效。

2.3 PTs and IPv6

PTs are not very good at IPv6 yet. We identified some of the open issues and hopefully we will fix them too.

可插拔傳輸不能很好的適應IPv6環境。我們定位了一些問題( 問題1 、 問題二 、 問題三 )，希望能修復它。

And that』s that for now.

這就是所有要說的話了。

Till next time, enjoy life and give thanks and praises

期待下次再會，享受生活、常懷感恩和讚美之心。

(For what it』s worth, this was originally a post in the [tor-talk] mailing list:

https://lists.torproject.org/pipermail/tor-talk/2014-June/033296.html )

(最後，本文的原始來源是 tor-talk郵件列表 ，敬請關注)