grarpamp transcribed 1.2K bytes: > This thread talk of only gmail and yahoo, but i also believe > outlook (hotmail) will no longer create usable accounts [1] > (ie not via tor, but perhaps via clearnet?) without requiring > phone. [Truly you mean to say 'phone' tech when you say > prevent multiple or hard to create/abuse. But it is cheap enemical > solution against people.] And yahoo now require phone > to create. I wish there was not bridges mail service to anyone > then, so we do not endorse preference to these phone collecting > people. Or open to all instead. > > Embed a bridge in the webpage sometimes, in twitter, in > blog, in git, in tpo.org/bridge/blah, make all kind of captcha > and delay, telnet, slideshow, hidden service. All different > and more rings. > > Do we underestimate the social net in oppressed > that gives them awareness of tor, and to obtain binary > and share bridge info in the first place? Or that oppressor > will not burn $cheap govt SIM and IP army to get and block > bridges from gmail to @getbridges? > > This is difficult. > > [1] that you can actually send mail from instead of > just play in. Thanks, I'm aware of the difficulties. I don't think a SIM card is the epitome of Sybil-proof authentication. Purchasing Yahoo emails accounts (phone verified!), as noted on ticket #11340, costs $0.005 a piece. A SIM card doesn't prove you're a unique human any more than 0.001 Satoshi proves you're human or solving N CAPTCHAs proves you're human. I am increasingly convinced that the only way to determine if a human is a unique human is to ask said human's friends. As you can imagine, doing this without retaining a social graph of users is quite a non-trivial task. And FWIW, the system most of us want to see implemented for bridge distribution doesn't exactly have the most implementable cryptography. [0] :/ Though perhaps you missed what I mentioned earlier: You can use Riseup now. They don't require a phone, and I consider their form of social verification to be the most secure way to authenticate strangers in any currently-deployed system. It's got what activist groups have required for years to combat snitches and feds AFK: convince a few real people that you're a trustworthy friend, or convince a live human that you're useful and not a parasite of some sort. There's no other proof-of-work system which is effective against the state-level adversaries we aim to fight. They've got more money, more guns, more CPU, more RAM, more Bitcoin, and more everything than us, except friends. [0]: https://people.torproject.org/~isis/papers/rBridge:%20User%20Reputation%20based%20Tor%20Bridge%20Distribution%20with%20Privacy%20Preservation.copy%20with%20notes.pdf -- ââ isis agora lovecruft _________________________________________________________ GPG: 4096R/A3ADB67A2CDB8B35 Current Keys: https://blog.patternsinthevoid.net/isis.txt
Attachment:
signature.asc
Description: Digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk