[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible
#12536: BridgeDB e-mails should be encrypted when possible
----------------------+----------------------
Reporter: andrea | Owner: isis
Type: defect | Status: new
Priority: normal | Milestone:
Component: BridgeDB | Version:
Keywords: | Actual Points:
Parent ID: | Points:
----------------------+----------------------
Looks like the opposition is using BridgeDB e-mails to enumerate bridges:
{{{
/**
* Database Tor bridge information extracted from confirmation emails.
*/
fingerprint('anonymizer/tor/bridge/email') =
email_address('bridges@xxxxxxxxxxxxxx')
and email_body('https://bridges.torproject.org/' : c++
extractors: {{
bridges[] =
/bridge\s([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}):?([0-9]{2,4}?[^0-9])/;
}}
init: {{
xks::undefine_name("anonymizer/tor/torbridges/emailconfirmation");
}}
main: {{
static const std::string SCHEMA_OLD = "tor_bridges";
static const std::string SCHEMA_NEW = "tor_routers";
static const std::string FLAGS = "Bridge";
if (bridges) {
for (size_t i=0; i < bridges.size(); ++i) {
std::string address = bridges[i][0] + ":" + bridges[i][1];
DB[SCHEMA_OLD]["tor_bridge"] = address;
DB.apply();
DB[SCHEMA_NEW]["tor_ip"] = bridges[i][0];
DB[SCHEMA_NEW]["tor_port_or"] = bridges[i][1];
DB[SCHEMA_NEW]["tor_flags"] = FLAGS;
DB.apply();
}
xks::fire_fingerprint("anonymizer/tor/directory/bridge");
}
return true;
}});
// END_DEFINITION
}}}
(from http://daserste.ndr.de/panorama/xkeyscorerules100.txt)
There should be a way users requesting bridges can supply a PGP key to
which the response should be encrypted.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12536>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs