[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5028 [Ooni]: Tor bridge scanning
#5028: Tor bridge scanning
---------------------+------------------------------------------------------
Reporter: hellais | Owner: runa
Type: project | Status: assigned
Priority: normal | Milestone: Sponsor F: March 15, 2012
Component: Ooni | Version:
Keywords: | Parent:
Points: | Actualpoints:
---------------------+------------------------------------------------------
Comment(by ioerror):
Replying to [comment:33 karsten]:
> Replying to [comment:32 ioerror]:
> > The deliverable is being driven by a sponsorship item. However, the
circumstances have since changed - active probing in China means that
blocking happens in a different, additive, set of ways. Some IPs are on a
blocklist, some are added by their behavior; thus any scan to a real
bridge with a tcp connection will merely tell us that the bridge is not on
the block list but any attempt to use it will almost certainly result in
an active probe that in turn will probably block the bridge. Any result
from the TCP connect scan will be either 0) possibly confirmation that the
IP is blocked 1) a false negative where we believe the bridge is unblocked
or 2) we will cause the bridge to be discovered and then actually blocked.
> >
> > So why risk it? Because a funder has a line item? It seems like we
should be smarter than that and not be so hung up on line items that we
created before the environment changed.
> >
> > Thus, my point was to be both humorous and also to be blunt - doing a
scan of bridges may simply result in those bridges being instantly blocked
or just as likely, I think the data will be inconclusive.
>
> I think I understand your concerns. But that doesn't mean it's
impossible to obtain "some sort of automated ground truth of bridge
reachability from some countries" which is what we promised in the
deliverable.
We already have that ground truth, don't we?
Obfu bridges are generally reachable, tls bridges are generally blocked
either before we test or by confirmation with a follow up probe. Has that
changed? Are we doing a scan of the obfu bridges? Or just the normal
HTTPS/TLS bridges?
> The TCP scan of HTTPS bridges may not be the best approach, but it's the
best we have right now. At least so far I only heard "oh noes, don't do
it," not "here's a better way to deliver what we promised, and we can do
it within 3 days." Until I hear the latter I'll stick with the approach
we have. I don't know if the results will be conclusive, but I sure want
to find out.
My suggestion is to deliver the news that we know without impacting the
resources which are scarce. The fact that the ground truth is now "active
probing" is really quite a thing! If that is indeed still happening, of
course.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5028#comment:36>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs