Griffin Boyce transcribed 0.7K bytes: > Matthew Finkel wrote: > > This actually has very little to do with trust, and (as Roger said) > > these providers were chosen because of the difficulty of creating new > > accounts. > > Preventing bridge enumeration is a hard problem to solve, but I don't > think that limiting gettor to gmail/yahoo actually solves it. It is not > computationally difficult to pay for a few thousand yahoo addresses. > > What do you think about getting bridges via SMS? That is essentially *why* BridgeDB used to require either Gmail or Yahoo, because both email providers make accounts difficult to obtain via requiring SMS verification. I am never going to add SMS verification to BridgeDB. See my replies on the rest of this thread for why I refuse to continue coding up broken, half-assed, and non-privacy-preserving "solutions" to the verification-authentication problem which ultimately do no more than sweep the problem under someone else's rug. -- ââ isis agora lovecruft _________________________________________________________ GPG: 4096R/A3ADB67A2CDB8B35 Current Keys: https://blog.patternsinthevoid.net/isis.txt
Attachment:
signature.asc
Description: Digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk