[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor 0.2.2.14-alpha is out
Sorry. Here is a clarification: our http and email bots "worked" well. We have stopped those bots for quite a while and have no plan to make them run again. I also realized email distribution is necessary for some people. So a challenge-response mechanism can be necessary too against bots. However, the challenge-response mechanism should be able to tell bots from humans. Otherwise, the bots can still send email, read email and analyze the email for bridges.
On Tue, Jul 20, 2010 at 10:52 AM, Xinwen Fu <xinwenfu@xxxxxxxxx>
We have implemented the http and email bots, which are working well
without much human labor work.
I'd recommend CATCHA to be implemented on the bridge http server. The email server should have at least a challenge-response mechanism. However, this challenge-response mechanism helps only a little bit. Maybe we should not have the email distribution mechanism if decent CATCHA is used on the http server?
On Mon, Jul 19, 2010 at 5:17 AM, <andrew@xxxxxxxxxxxxxx>
On Mon, Jul 19, 2010 at 12:12:48AM +0800, moses.mason@xxxxxxxxx wrote 1.0K bytes in 27 lines about:
: Could you guys add a CAPTCHA test for the bridges page
This is on the short-term todo list. However, it's been told to us that
humans are crawling the bridges, not bots. In particular, China is
crawling the https and smtp pools by human interaction, not bots.
Stopping the bots is a fine idea as well. I believe captchas are easy
to break by automated analysis already, but we'll find out when we roll
out a captcha on bridges.torproject.org.
The Tor Project