[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #7520 [BridgeDB]: Design and implement a social distributor for BridgeDB

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #7520 [BridgeDB]: Design and implement a social distributor for BridgeDB
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 22 Feb 2013 00:32:54 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 21 Feb 2013 19:33:03 -0500
In-reply-to: <046.fb791b46b2913853109d48e3bce9d132@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.fb791b46b2913853109d48e3bce9d132@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#7520: Design and implement a social distributor for BridgeDB
-------------------------+--------------------------------------------------
 Reporter:  aagbsn       |          Owner:     
     Type:  enhancement  |         Status:  new
 Priority:  normal       |      Milestone:     
Component:  BridgeDB     |        Version:     
 Keywords:  SponsorL     |         Parent:     
   Points:               |   Actualpoints:     
-------------------------+--------------------------------------------------

Comment(by arma):

 Replying to [comment:5 aagbsn]:
 > Alternately, we could extract yield entirely from the bridge-ips line by
 tracking users seen over time. This could be manipulated by a dishonest
 bridge operator, or an attacker who generates traffic to known bridges to
 boost their ranking and obtain more trust in this system.

 I think it's a really hard theoretical problem to distinguish 'real' usage
 from artificial usage added by an adversary who controls the country that
 we're trying to measure usage from.

 > I'm not sure what we can do about this. Are there other ways to estimate
 bridge usage without just trusting the bridge self-reporting?

 We could do spot checking from trusted users in-country, to make sure that
 the bridge remains reachable during the time that it's reporting high
 load. That's a variant of the reachability testing approaches from the
 blog post above.

 I should also note that Damon told me a year or so back that he wants to
 pick up the Proximax work and get some grants and some grad students to
 work on it. This ticket in particular sounds like it needs a few research
 papers written before we have a good handle on what we should deploy. In
 particular, one of the first things I'd want to see is a list of attacks
 on Proximax that aim to skew its results.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7520#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
Next by Author: [tor-bugs] #8305 [Metrics Website]: Need clearer colors on the metrics graphs
Previous by thread: Re: [tor-bugs] #7520 [BridgeDB]: Design and implement a social distributor for BridgeDB
Next by thread: Re: [tor-bugs] #7520 [BridgeDB]: Design and implement a social distributor for BridgeDB
Index(es):
- Author
- Thread