[tbb-bugs] #23136 [Applications/Tor Launcher]: moat integration (fetch bridges for the user)

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 27 21:14:37 UTC 2018 

#23136: moat integration (fetch bridges for the user)
--------------------------------------------+------------------------------
 Reporter:  mcs                             |          Owner:  brade
     Type:  defect                          |         Status:  needs_review
 Priority:  Very High                       |      Milestone:
Component:  Applications/Tor Launcher       |        Version:
 Severity:  Normal                          |     Resolution:
 Keywords:  TorBrowserTeam201802R, ux-team  |  Actual Points:
Parent ID:  #24689                          |         Points:
 Reviewer:                                  |        Sponsor:  Sponsor4
--------------------------------------------+------------------------------

Comment (by mcs):

 Replying to [comment:58 antonela]:
 > !GeKo, I can see your concerns described at 4) on comment:49.
 >
 > What does happen when the user has more than one old successful bridge
 connection? Will the bridges alreadyobtainedbe shown on a list?

 There is only one service that can be used to obtain bridges: BridgeDB.
 Therefore, there will only ever be one button. The idea of referring to it
 as "torproject.org" is to communicate to users that a network conversation
 will happen and that the bridge info is coming from the Tor Project. After
 someone successfully obtains some bridges from BridgeDB, the bridge info
 is inserted and the button gets a new label (we can decide what the new
 label should be). The UI would look something like this:
 {{{
  [ ] Select a built-in bridge [i]
  [X] Request a bridge
        obfs4 1.2.3.4 fingerprint...
        obfs4 1.2.3.5 fingerprint...
        obfs4 1.2.3.6 fingerprint...
        [Request a New Bridge…]

  [ ] Provide a bridge I know
 }}}
 > For first time users, is the double verification also needed? Could they
 have any network leak?

 I think we should require a click on the button on all cases (for
 consistency, and to be safe). In other words, I am convinced by gk's
 argument in comment:49 point 4).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23136#comment:59>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list