[tor-bugs] #4771 [BridgeDB]: bridgedb should make clearer in its logs which addresses it knows are from bulk-exitlist
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Mar 30 01:51:51 UTC 2015
#4771: bridgedb should make clearer in its logs which addresses it knows are from
bulk-exitlist
--------------------------+--------------------------------------------
Reporter: arma | Owner: isis
Type: defect | Status: needs_review
Priority: minor | Milestone:
Component: BridgeDB | Version:
Resolution: | Keywords: isis2015Q1Q2, isisExB, isisExC
Actual Points: | Parent ID:
Points: |
--------------------------+--------------------------------------------
Comment (by isis):
Replying to [comment:16 isis]:
> Replying to an email from Robert Ransom:
> > Replying to [comment:15 isis]:
> > > This fixes the issue with confusing logging, and also fixes the
issue that changing your Tor exit gets you different bridges.
> >
> > That was intentional, and (at least back in 2011) arma/Roger
considered it a good feature.
> >
> > At least it should spread out the load due to honest users who obtain
bridges by HTTPS-over-Tor better than serving the same small set to all
HTTPS-over-Tor bridge users.
>
> Ah, that is a good point! But it also means that the whole subhashring
for Tor users can be super easily scraped, meaning that if a user in China
has already gotten their Tor working, and then they ask for bridges over
Tor, they'll likely get bridges that are already blocked. :(
If we want to spread out the load more, we could do something like
`int(ip) % 4` and put that into the HMACed data, in order to split the
Tor/proxy users into four groups, with separate bridges for each one. That
would still make it impossible to get the whole subhashring in one go.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4771#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list