[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #31873 [Circumvention/BridgeDB]: Create new bridge distribution mechanisms

To: undisclosed-recipients: ;
Subject: [tor-bugs] #31873 [Circumvention/BridgeDB]: Create new bridge distribution mechanisms
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 26 Sep 2019 22:42:26 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 26 Sep 2019 18:42:38 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#31873: Create new bridge distribution mechanisms
----------------------------------------+-----------------------
     Reporter:  phw                     |      Owner:  (none)
         Type:  project                 |     Status:  new
     Priority:  High                    |  Milestone:
    Component:  Circumvention/BridgeDB  |    Version:
     Severity:  Normal                  |   Keywords:  s30-o23a1
Actual Points:                          |  Parent ID:  #31280
       Points:  20                      |   Reviewer:
      Sponsor:  Sponsor30-can           |
----------------------------------------+-----------------------
 BridgeDB currently has three bridge distribution mechanisms: Email, HTTPS,
 and moat. Email is problematic because its interaction mechanism is
 complicated, not everyone has a Gmail or Riseup address, and it's easy to
 crawl. HTTPS is problematic because bridges.torproject.org is blocked in
 most places that matter and our CAPTCHA is good at keeping out users
 (#29695) but not so good at keeping out bots (#31252). Moat remains
 relatively useful because it uses domain fronting but it still relies on a
 CAPTCHA to fight off bots.

 It's time to think about new and/or significantly improved bridge
 distribution methods. How can we get bridges into the hands of users while
 making it difficult for adversaries to get them all? How can we make
 BridgeDB's CAPTCHA more resistant against bots and easier for users?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31873>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #31549 [Core Tor/Tor]: Authorities should stop listing relays running pre-0.2.9, or running 0.3.0 through 0.3.4
Next by Author: Re: [tor-bugs] #31457 [Applications/Tor Browser]: disable per-installation profiles
Previous by thread: [tor-bugs] #31872 [Circumvention]: Write up process for distribution of private bridges
Next by thread: [tor-bugs] #31874 [Circumvention]: Automatically test the PTs of bridges
Index(es):
- Author
- Thread