[metrics-bugs] #23958 [Metrics/Onionoo]: Onionoo not fetching the bridge descriptor correctly?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Oct 24 01:00:07 UTC 2017
#23958: Onionoo not fetching the bridge descriptor correctly?
-----------------------------+------------------------------
Reporter: dgoulet | Owner: metrics-team
Type: defect | Status: new
Priority: Very High | Milestone:
Component: Metrics/Onionoo | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------+------------------------------
Comment (by dcf):
Replying to [comment:9 dcf]:
> I'm pretty sure that this is the case for all the Tor Browser default
bridges, and it's because we ask the bridge operators to block their
ORPort from outside access. This is to prevent reachability tests from
succeeding, and so keep the default bridges out of BridgeDB.
See for instance this thread about the addition of zipfelmuetze and
griinchux:
https://lists.torproject.org/pipermail/tor-
project/2017-August/001369.html
In addition, it is best if you use a firewall to block the bridge's
regular ORPort (while leaving the obfs4 port unblocked). Blocking the
bridge's ORPort is a hack to prevent the bridge from being included in
BridgeDB, which eliminates a couple of ways a censor might discover and
block the bridge: 1) by enumerating BridgeDB, and 2) by fingerprinting
plain-Tor connections to the bridge's IP address (made by users who
discovered the plain-Tor port through BridgeDB).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23958#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the metrics-bugs
mailing list