Ethiopia’s spy agency – the Information Network Security Agency (INSA) — has stepped up surveillance and internet censorship. INSA has adopted Deep Packet Inspection (DPI) technology to eavesdrop, data mine, censor and intercept communications, according to the TOR Project.
Repressive governments such as China, Iran and Kazakhstan routinely employ DPI technology. Ethiopia’s spy agency conducts much of its surveillance through Ethio Telecom, the government monopoly that controls telephone and internet communications.
According to information security experts, Deep Packet Inspection allows a spy agency to “look inside all traffic from a specific IP address, pick out the HTTP traffic, then drill even further down to capture only traffic headed to and from Gmail, and can even reassemble e-mails as they are typed out by the user.”
TOR promotes an open network that helps users defend against a form of network surveillance that threatens personal freedom and privacy. TOR stopped working in Ethiopia on or around May 24, 2012.
Update: How to bypass the censorship
By Runa | The TOR Project
June 3. A few days ago, we published a blog post exposing the use of Deep Packet Inspection (DPI) to filter all Internet traffic in Ethiopia, including connections to the Tor network. We concluded that they are doing some sort of TLS fingerprinting, but had not been able to figure out exactly what they are fingerprinting on. Since then, we have managed to determine exactly how Ethiopia blocks Tor and we have developed a workaround. We will publish a full technical analysis very soon.
The long-term solution for Tor users in Ethiopia is to use the Obfsproxy Tor Browser Bundle. The bundles are, unfortunately, not up to date at the moment, but this is something we are working on (see #5937 for details). In the meantime, try using one of the following three bridges:
If the bridges are not working, or you have questions, send an email to email@example.com