[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #31873 [Circumvention/BridgeDB]: Create new bridge distribution mechanisms



#31873: Create new bridge distribution mechanisms
----------------------------------------+-----------------------
     Reporter:  phw                     |      Owner:  (none)
         Type:  project                 |     Status:  new
     Priority:  High                    |  Milestone:
    Component:  Circumvention/BridgeDB  |    Version:
     Severity:  Normal                  |   Keywords:  s30-o23a1
Actual Points:                          |  Parent ID:  #31280
       Points:  20                      |   Reviewer:
      Sponsor:  Sponsor30-can           |
----------------------------------------+-----------------------
 BridgeDB currently has three bridge distribution mechanisms: Email, HTTPS,
 and moat. Email is problematic because its interaction mechanism is
 complicated, not everyone has a Gmail or Riseup address, and it's easy to
 crawl. HTTPS is problematic because bridges.torproject.org is blocked in
 most places that matter and our CAPTCHA is good at keeping out users
 (#29695) but not so good at keeping out bots (#31252). Moat remains
 relatively useful because it uses domain fronting but it still relies on a
 CAPTCHA to fight off bots.

 It's time to think about new and/or significantly improved bridge
 distribution methods. How can we get bridges into the hands of users while
 making it difficult for adversaries to get them all? How can we make
 BridgeDB's CAPTCHA more resistant against bots and easier for users?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31873>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs