On Wed, Oct 03, 2018 at 08:38:52AM +0000, ithor wrote:
> ever since TBB 8, there's the new moat way to obtain private obfs4 bridges
> through a CAPTCHA. In the following webpage it's stated meek is used in
> order to communicate with the Tor bridges database. Now, my question is :
> which ones ? In my country, domain fronting for Amazon and Google are
> unavailable, so the only meek_bridge still working is the meek_azure one,
> which isn't going to last.
It's not just your country. The meek bridge instances in the Google and Amazon
CDNs were shut down by the the corresponding companies. They did so supposedly
because it voilated their terms of use. They probably don't want to ruin their
relationships with totalitarian regimes. Unless all of the sudden Microsoft
decides that they want these good relationships as well and shut meek-azure
down, I see no reason to believe that it's not going to last. Meek should be
relatively hard to censor using a firewall.
> So what will happen when it will shut down ? What alternative solutions TBB
> will come up with?
There's still the good old bridges.torproject.org website as an alternative as
well as GetTor: https://gettor.torproject.org/
> Second question : how is the information concerning the private obfs4 bridge
> protected during the inquiry ?
Meek works by tunneling your data via TLS encryption from the CDN, in this
case Microsoft Azure. No adversary tapping your internet connection should be
able to retrieve the data.
--
OpenPGP Key: 47BC7DE83D462E8BED18AA861224DBD299A4F5F3
https://www.parckwart.de/pgp_key
Attachment:
signature.asc
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk