[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] anonymity: bridge users vs. entry guard users

woar zitte?

On Sat, May 26, 2012 at 8:03 AM, Roger Dingledine <arma@xxxxxxx> wrote:
> On Fri, May 25, 2012 at 06:07:35PM +0200, proper@xxxxxxxxxxxxxxx wrote:
>> If I understand correctly, a bridge will be used as the first of three hops.
> Yes. See also Item #2 on
> https://blog.torproject.org/blog/research-problems-ten-ways-discover-tor-bridges
> including proposal 188:
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/188-bridge-guards.txt
>> While users in non-censored areas can will use a certain amount of entry guards, users in censored areas get only three bridges per mail.
>> The entry guard users are more unlikely to suffer from unstable (goes
>>offline) entry guards and blocking is also no issue. I read, that 80%
>>of all bridges are blocked.
> Bridges are basically not blocked at all outside of China. In China,
> Tor is currently blocked by protocol. See Philipp Winter's "How China
> Is Blocking Tor", as well as
> https://blog.torproject.org/blog/knock-knock-knockin-bridges-doors
> (Pluggable transports like obfsproxy continue to work fine in China.)
>> Therefore I think it's safe to assume that
>>2 of 3 bridges, bridgedb gives out to users, are already blocked. And
>>over time probable also that bridge will get blocked and the user has
>>to request new bridges.
>> That means, that bridge users rotate their first hops more often than
>>entry guard users. Is that true?
> Depends how much they care to use Tor. Rotation in the bridge case is
> manual, and rotation in the entry guard case is automated.
>> If that is true, that also means, that bridge users are sufficiently
>>more vulnerable to attacks, which are circumvented by entry guards?
> They're probably more vulnerable, but I don't know if I'd say
> "sufficiently". There are a lot of attacks to balance. I would worry
> just as much about "most bridge users don't know the identity fingerprint
> of their bridge":
> https://trac.torproject.org/projects/tor/ticket/2764
> https://trac.torproject.org/projects/tor/ticket/4624
> https://blog.torproject.org/blog/different-ways-use-bridge
> and I'd probably worry even more about "there are different requirements
> to get the Guard flag than there are to sign up as a bridge":
> https://blog.torproject.org/blog/research-problem-better-guard-rotation-parameters
> http://cacr.uwaterloo.ca/techreports/2012/cacr2012-11.pdf
> Seems to me that the current bridge approach is unmanageable, because we
> need more varied bridge addresses, better transports, better distribution
> strategies, etc:
> https://blog.torproject.org/blog/bridge-distribution-strategies
> https://blog.torproject.org/blog/strategies-getting-more-bridge-addresses
> https://blog.torproject.org/blog/research-problems-ten-ways-discover-tor-bridges
> https://blog.torproject.org/blog/research-problem-five-ways-test-bridge-reachability
> https://blog.torproject.org/blog/obfsproxy-next-step-censorship-arms-race
> Stay tuned to http://freehaven.net/anonbib/ for more.
> --Roger
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
tor-talk mailing list