Sub-menu: Countermeasure

The Countermeasure sub-menu of TorBox v.0.4.0.
The Countermeasure sub-menu of TorBox v.0.4.0.

The primary purpose of this sub-menu is to offer a simple way of using OBFS4, Snowflake and Meek-Azure bridges. Bridges circumvent censorship, e.g., on networks where Tor guard nodes and Tor connection handshakes are blocked. They are providing an entry to the Tor network. Additionally, the implementation of pluggable transports makes it possible to disguise Tor traffic in such a way that an ISP, network, government, or other censors cannot detect the use of Tor. The traffic then looks like http or another protocol. However, because, in general, using bridges lowers the network speed, it is best only to use them if necessary. Meek-Azure and Snowflake are slower than OBFS4, why it is preferable to try first OBFS4 before activating Snowflake or Meek-Azure. 

  • OBFS4 makes Tor traffic look random
  • Snowflake is an improvement upon Flashproxy. It sends your traffic through WebRTC, a peer-to-peer protocol with built-in NAT punching
  • Meek uses a technique called “domain fronting” to send a message to a Tor relay in a way that is hard to block. Meek-Azure makes it look like you are browsing to Microsoft’s Azure server  instead of using Tor.

Snowflake and Meek-Azure are already configured and can be activated by pressing the enter key on menu entries 10 or 11. The activation of an OBFS4 bridge is a little bit more complex and can be done in three steps:

  1. Toggle the OBFS4 Bridge Mode from off to on (menu entry 2).
  2. Activate already configured OBFS4 bridges or add new OBFS4 bridges (menu entry 4 and 5).
  3. Restart Tor (menu entry 9). After restarting Tor, the process to build circuits could last for several minutes, depending on your network and the contacted bridge server! In the end, you should see “Bootstrapped 100% (done): Done”

There are already several OBFS4 Bridges ready to use in TorBox (see them with menu entry 3). Nevertheless, you probably have to add additional OBFS4 bridges. You have three ways to obtain OBFS4 bridges:

  1. Let TorBox catch and add a new bridge automatically (menu entry 4). Because we do not want to overload the Tor Bridge database unnecessarily with requests, this function only returns one bridge every 24 hours.
  2. Get them manually direct from the Tor Bridge database (chose “Advanced Options”, “obfs4” and press “Get Bridges”)
  3. Via email to [email protected], using an address from Gmail or Riseup with “get transport obfs4” in the body of the mail.

In the following, we look at all menu entries one by one:

  • Menu entry 1: All about OBFS4 bridges – read me first: This brief introduction is intended to help new users, in particular, understand and simplify the use of the Bridge feature within TorBox step-by-step. It is a summary of what has been written above.

  • Menu entry 2: Toggle OBFS4 Bridge Mode: You either can switch the Bridge Mode on or off. Activating the Bridge Mode is the first step of using OBFS4 bridges. With the bridges already included, you should at best be able to connect to the Tor network immediately after restarting Tor (menu entry 9). Otherwise, more bridges have to be requested and added (menu entry 5). Deactivating the Bridge Mode automatically restarts Tor.

  • Menu entry 3: List all xy bridges: This menu entry is quite self-explanatory. Each line is one OBFS4 Bridge and is listed as Number: IP:Port FingerprintStatus (name, certificate, packet size and timing obfuscation are not shown). The status of the OBFS4 bridge is only shown if Tor’s bridge database can be contacted. There are three possible states: online, offline, or doesn’t exist. You can even lookup more information with the Relay Search Tool on the Tor Metrics with a bridge’s fingerprint.

The elements of a bridge address
The elements of a bridge address

  • Menu entry 4: Add additional bridges: Another quite self-explanatory menu entry. OBFS4 bridges can either added automatically (one bridge every 24 hours) or manually. If manually added, the input box takes only one bridge address at a time. In other words: if you want to add three bridges, then the input box appears three times. If you’re going to add several bridges at once, then select menu entry 8.

  • Menu entries 5-7: With these menu entries, you can manage your OBFS4 bridges by either activate, deactivate or remove them in three ways: all based on a specific status of the bridge or only selected. For example, you could activate all bridges, deactivate only the offline ones, and remove bridge #3 and #5. The number is based on the list of bridges (menu entry 3).

An example of a list of bridges.
An example of a list of bridges.
  • Menu entry 8: Enter the advanced configuration editor: This loads the Tor configuration file into a textual editor. You should know what you are doing before you change anything in the configuration file — here, you can break your TorBox. If you are unsure, then contact us. Did you something wrong? You can always overwrite this configuration with the default one, stored in ~/torbox/etc/tor/. After changing the configuration, use the following commands in the editor: CTRL-O followed with an ENTER to save the changes. CTRL-X to exit the editor.

  • Menu entry 9: Restart Tor – check if it is working: Activating the OFS4 Bridge Mode doesn’t automatically restart Tor. After configuring your OBFS4 bridges (if necessary) and activating them, you have to restart Tor with that menu entry — that’s the final step. Please be patient! It can take up to 5 minutes for Tor to be ready for connections. Usually, any error messages can be ignored, just wait! You should see “Bootstrapped 100%: Done” at the end. Press CTRL-C to leave the log.

    This menu entry can also be used as a troubleshooter, regardless of the Bridge Mode. This could be necessary, i.e., if Tor doesn’t work as expected and therefore you want to restart it. If you want only to check the log file without restarting Tor, then use menu entry 3 in the main menu.
The advanced configuration editor
The advanced configuration editor

  • Menu entry 10: This activates Snowflake and restarts Tor. Tor Statistics (and probably some other tools) will not work under Snowflake. Using that menu entry again deactivates Snowflake. Snowflake usage is steadily increasing, reaching around 300-400 users by mid-March.

  • Menu entry 11: This activates Meek-Azure and restarts Tor. Tor Statistics (and probably some other tools) will not work under Meek-Azure. Using that menu entry again deactivates Meek Azure. Meek Azur’s daily load fluctuates greatly and can range from 2,500 to 10,000 users. In comparison: around 40,000 users use obfs4 bridges every day. The utilization is more balanced.

  • Menu entry 12: This menu entry will connect the TorBox to a VPN so that the local network data from the command prompt is routed through the VPN. However, this menu entry will not restart Tor, and your client network data will still be routed through Tor using the interface highlighted in the main menu. This is useful if your ISP censors the network traffic so that TorBox cannot update Tor or TorBox. If you want to route Tor through VPN, please, use entry 9 in the main menu.

    Before using this menu entry, please ensure that one or more *.ovpn – files are in the ~/openvpn directory so that TorBox can execute OpenVPN with that file.

    Using that menu entry again deactivates the VPN connection, and the local network data from the command prompt is routed through your Internet provider without a VPN (default). However, this menu entry will not restart. Client network data will always be routed through Tor.

  • Menu entry 13: Countermeasure against a disconnection when idle feature: Certain Internet provider (usually at airports, in hotels, coffee houses, etc.) disconnect the network connection after a particular time of inactivity. In this case, the Tor statistics (main menu entry 1) no longer shows any data transfer. Usually, after about 15 seconds, errors in communication with the Tor network appear. This menu entry activates / deactivates a recurring Ping to google.com to prevent disconnection by an Internet provider with an activated “disconnect when idle feature”.

• • •

Problems and questions

  • Can I use TorBox and VPN together? –> see here.
  • I’m connected to a public wireless network; everything works as expected. However, every x minutes, the connection to the wireless network stops completely, and I have to repeat the entire login procedure. What could be the reason? –> see here.
  • I saw that TorBox is using Google’s and Cloudflare’s DNS server as well as google.com to test connectivity? Can’t you change it to xyz.dns –> see here.