[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-project] Many bridges (22%) have nickname "ki"

To: tor-project@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-project] Many bridges (22%) have nickname "ki"
From: David Goulet <dgoulet@xxxxxxxxx>
Date: Tue, 20 Dec 2016 11:39:36 -0500
In-reply-to: <20161213212602.ohcqfoi5th2xi5ki@raoul>
List-id: "Moderated discussion list for tor contributors." <tor-project.lists.torproject.org>
References: <20161213183731.joecxvysgyodcn6d@happy.bamsoftware.com> <20161213211117.6ebbadd7@schwanenlied.me> <20161213212602.ohcqfoi5th2xi5ki@raoul>
Reply-to: tor-project@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-project" <tor-project-bounces@xxxxxxxxxxxxxxxxxxxx>

On 13 Dec (16:26:02), David Goulet wrote:
> On 13 Dec (21:11:17), Yawning Angel wrote:
> > On Tue, 13 Dec 2016 10:37:31 -0800
> > David Fifield <david@xxxxxxxxxxxxxxx> wrote:
> > 
> > > This is a bit of a followup to my earlier post on obfs4 bridges with
> > > formulaic nicknames:
> > > https://lists.torproject.org/pipermail/tor-project/2016-November/000809.html
> > > 
> > > 
> > > Those bridges are still there, but today I noticed a new weirdness:
> > > 756 bridges all having the nickname "ki". 756 is 21.8% of the total
> > > number, 3464. At the moment, "ki" far outnumbers every other
> > > nickname, apart from "Unnamed":
> > [snip]
> > 
> > Should both groups be dropped at the BridgeAuth or what?  As far as I
> > am aware, there is nothing that is doing Sybil detection at the Bridge
> > level, and I don't really think that's an arms race that's winnable
> > (even at the standard relay level, it feels like an uphill battle).
> > 
> > If I were to hypothesize, it's probably someone's botnet/malware or
> > something (in both cases), but that's just a guess and it could be
> > something either more nefarious, or more benign.
> 
> Yes, we should be safe here and reject those.
> 
> What's the procedure with the BridgeAuth? The dirauth-conf git repository
> isn't made for the bridge authority.

I want to bump this here btw.... I don't feel very comfortable with those
bridge still around so we should REALLY block them soon.

If I remember correctly, Roger told me on IRC that we either have to go
through the BridgeAuth directly with reject rules (unconfirmed) or we block
them on BridgeDB.

I need someone with knowledge here and Isis needs to be in the loop as she
basically run both service :).

Thanks!
David

> 
> Cheers!
> David
> 
> > 
> > Regards,
> > 
> > -- 
> > Yawning Angel
> > _______________________________________________
> > tor-project mailing list
> > tor-project@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project
> 



> _______________________________________________
> tor-project mailing list
> tor-project@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-project mailing list
tor-project@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

Follow-Ups:
- Re: [tor-project] Many bridges (22%) have nickname "ki"
  - From: Roger Dingledine

References:
- [tor-project] Many bridges (22%) have nickname "ki"
  - From: David Fifield
- Re: [tor-project] Many bridges (22%) have nickname "ki"
  - From: Yawning Angel
- Re: [tor-project] Many bridges (22%) have nickname "ki"
  - From: David Goulet

Prev by Author: Re: [tor-project] email interface for Trac: a proposal
Next by Author: Re: [tor-project] Many bridges (22%) have nickname "ki"
Previous by thread: Re: [tor-project] Many bridges (22%) have nickname "ki"
Next by thread: Re: [tor-project] Many bridges (22%) have nickname "ki"
Index(es):
- Author
- Thread