[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #4392 [Tor Bridge]: UpdateBridgesFromAuthority is problematic

To: undisclosed-recipients:;
Subject: [tor-bugs] #4392 [Tor Bridge]: UpdateBridgesFromAuthority is problematic
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Sat, 05 Nov 2011 02:12:16 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Nov 2011 22:12:28 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4392: UpdateBridgesFromAuthority is problematic
------------------------+---------------------------------------------------
 Reporter:  Sebastian   |          Owner:                  
     Type:  defect      |         Status:  new             
 Priority:  normal      |      Milestone:  Tor: unspecified
Component:  Tor Bridge  |        Version:                  
 Keywords:              |         Parent:                  
   Points:              |   Actualpoints:                  
------------------------+---------------------------------------------------
 When UpdateBridgesFromAuthority is set to 1, Tor makes a direct connection
 to Tonga to fetch the bridge descriptor referenced in the configuration,
 as long as it includes the fingerprint. This happens before even trying
 the bridge directly, so we definitely leak to censors that a) we're a tor
 client, trying to use bridges; and b) that we'll soon connect to a real
 bridge IP:port. Back when Tonga wasn't blocked, this seemed fine, but now
 that we have adversaries that actually pick up on the Tor handshake or
 network behavior and send active probes, this seems like a poor idea.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4392>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #4392 [Tor Bridge]: UpdateBridgesFromAuthority is problematic
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #4391 [- Select a component]: `GETINFO ns/all` doesn't return 'p' lines.
Next by Author: Re: [tor-bugs] #4391 [Tor Client]: `GETINFO ns/all` doesn't return 'p' lines.
Previous by thread: Re: [tor-bugs] #4391 [Tor Client]: `GETINFO ns/all` doesn't return 'p' lines.
Next by thread: Re: [tor-bugs] #4392 [Tor Bridge]: UpdateBridgesFromAuthority is problematic
Index(es):
- Author
- Thread